Ir ao conteúdo
  • Cadastre-se
Regras do Clube do Hardware

Notebook travando e extremamente lento !

WoodStockz

Por WoodStockz
em Casos resolvidos

 Compartilhar

Posts recomendados

WoodStockz
 

WoodStockz

Postado
Postado

Pessoal, meu notebook está muito lento e travando rotineiramente ... fica parecendo q ele está executando alguma operação de processamento de dados muito pesada ! Demorei cerca de 4 horas apenas para conseguir fazer esse post. Também esta demorando muito para inicializar e algumas vezes trava nesse processo. Ontem depois de umas 3-4 horas de insistência ele até começou fluir melhor com alguns congelamentos esporádicos. Acredito q tenha algum vírus q esteja comprometendo o processamento de dados e travando o sistema ...  Agradeço a ajuda ! Abraços

ZA-Scan.txt

Link para o comentário
Compartilhar em outros sites
  • Analista de Segurança
Elias Pereira
 

Elias Pereira

Postado
  • Analista de Segurança
Postado

@WoodStockz

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento p2p/toŕŕent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!


Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA
 

Caso não consiga realizar os passos abaixo em modo normal, reinicie seu computador em MODO SEGURO e execute nesse modo.

 

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

 

ETAPA 1

 

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em image.png

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

 

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

 

ETAPA 2

 

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Link para o comentário
Compartilhar em outros sites
WoodStockz
 

WoodStockz

Postado
  • Autor
Postado

Olá Elias, obrigado pela ajuda ! Fiquei mais de 15 horas pra conseguir fazer esse procedimento =(

Está bem difícil de trabalhar e fazer qualquer atividade no notebook. Foram gerados 4 logs q colo abaixo. 

 

 

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-06-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-05-2021
# Duration: 00:22:29
# OS:       Windows 8.1 Single Language
# Scanned:  31986
# Detected: 24


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.InstallCore        HKCU\Software\csastats
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{518b33ae-375d-712d-6742-d1fe0400268d}
PUP.Optional.ProductSetup.A     HKCU\Software\PRODUCTSETUP
PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
PUP.Optional.SearchManager      HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F

***** [ Chromium (and derivatives) ] *****

PUP.Optional.SearchManager      Search Manager - nahhmpbckpgdidfnmfkfgiflpjijilce
PUP.Optional.SearchManager      Search Manager - pilplloabdedfmialnfchjomjmpjcoej

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} 
Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B} 
Preinstalled.SamsungEasyDisplayManager   Folder   C:\ProgramData\SAMSUNG\EASY DISPLAY MANAGER 
Preinstalled.SamsungSAgent   Folder   C:\Program Files\SAMSUNG\S AGENT 
Preinstalled.SamsungSAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10CE5214-0543-430F-BA91-5C94C4EF7281} 
Preinstalled.SamsungSAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SAgent 
Preinstalled.SamsungSAgent   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0052BF58-5307-4F7D-A379-8F4EC9212FA8} 
Preinstalled.SamsungSAgent   Task   C:\Windows\System32\Tasks\SAGENT 
Preinstalled.SamsungSettings   Folder   C:\Program Files (x86)\SAMSUNG\SETTINGS 
Preinstalled.SamsungSettings   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE525979-92A6-4F50-ACEB-039AB774C35D} 
Preinstalled.SamsungSettings   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Settings 
Preinstalled.SamsungSettings   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9} 
Preinstalled.SamsungSettings   Task   C:\Windows\System32\Tasks\SETTINGS 
Preinstalled.SamsungUpdate   Folder   C:\Program Files (x86)\SAMSUNG\SW UPDATE 
Preinstalled.SamsungUpdate   Folder   C:\ProgramData\SAMSUNG\SW UPDATE 

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
 

______________________________________________________________________________________

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-06-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-05-2021
# Duration: 00:00:11
# OS:       Windows 8.1 Single Language
# Cleaned:  24
# Awaiting reboot:2
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{518b33ae-375d-712d-6742-d1fe0400268d}
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

Deleted       Search Manager - nahhmpbckpgdidfnmfkfgiflpjijilce
Deleted       Search Manager - pilplloabdedfmialnfchjomjmpjcoej

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted       Preinstalled.SamsungEasyDisplayManager   Folder   C:\ProgramData\SAMSUNG\EASY DISPLAY MANAGER
Deleted       Preinstalled.SamsungSAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10CE5214-0543-430F-BA91-5C94C4EF7281}
Deleted       Preinstalled.SamsungSAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SAgent
Deleted       Preinstalled.SamsungSAgent   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}
Deleted       Preinstalled.SamsungSAgent   Task   C:\Windows\System32\Tasks\SAGENT
Deleted       Preinstalled.SamsungSettings   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE525979-92A6-4F50-ACEB-039AB774C35D}
Deleted       Preinstalled.SamsungSettings   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Settings
Deleted       Preinstalled.SamsungSettings   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}
Deleted       Preinstalled.SamsungSettings   Task   C:\Windows\System32\Tasks\SETTINGS
Deleted       Preinstalled.SamsungUpdate   Folder   C:\Program Files (x86)\SAMSUNG\SW UPDATE
Deleted       Preinstalled.SamsungUpdate   Folder   C:\ProgramData\SAMSUNG\SW UPDATE
Needs Reboot  Preinstalled.SamsungSAgent   Folder   C:\Program Files\SAMSUNG\S AGENT
Needs Reboot  Preinstalled.SamsungSettings   Folder   C:\Program Files (x86)\SAMSUNG\SETTINGS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed   C:\Program Files (x86)\SAMSUNG\SETTINGS
Cleaning failed   C:\Program Files\SAMSUNG\S AGENT

*************************

AdwCleaner[S00].txt - [3923 octets] - [05/07/2021 14:26:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

 

_______________________________________________________________________________________

~ ZHPCleaner v2021.7.3.308 by Nicolas Coolman (2021/07/03)
~ Run by Iuri (Administrator)  (05/07/2021 16:46:09)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\Iuri\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Iuri\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Single Language, 64-bit  (Build 9600)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (21)


---\\  Scheduled automatic tasks. (1)
FOUND task: [Adobe Flash Player Updater] [C:\WINDOWS\Tasks\Adobe Flash Player Updater.job]  =>Riskware.FlashPlayer


---\\  Explorer ( File, Folder) (89)
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce  =>SUP.Optional.SearchManager
FOUND file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>ChromiumPreference
FOUND file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences    =>ChromiumPreference
FOUND file: C:\Windows\Tasks\Adobe Flash Player Updater.job    =>Riskware.FlashPlayer
FOUND file: C:\Users\Iuri\AppData\Local\winzipper.bak    =>.SUP.TaiwanShuiMu
FOUND file: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico]  =>HackTool.KMSpico
FOUND file: C:\Program Files\KMSpico\DevComponents.DotNetBar2.dll [DevComponents.com - DevComponents.DotNetBar]  =>HackTool.KMSpico
FOUND file: C:\Program Files\KMSpico\KMSELDI.exe [@ByELDI - KMS GUI ELDI]  =>HackTool.KMSpico
FOUND file: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS]  =>HackTool.KMSpico
FOUND file: C:\Program Files\KMSpico\unins000.dat    =>HackTool.KMSpico
FOUND file: C:\Program Files\KMSpico\unins000.exe [ - Setup/Uninstall]  =>HackTool.KMSpico
FOUND file: C:\Program Files\KMSpico\Vestris.ResourceLib.dll [Vestris Inc. - ResourceLib]  =>HackTool.KMSpico
FOUND file: C:\Program Files\KMSpico\WinDivert.dll    =>HackTool.KMSpico
FOUND folder: C:\Program Files\KMSpico\cert  =>HackTool.KMSpico
FOUND folder: C:\Program Files\KMSpico\driver  =>HackTool.KMSpico
FOUND folder: C:\Program Files\KMSpico\icons  =>HackTool.KMSpico
FOUND folder: C:\Program Files\KMSpico\logs  =>HackTool.KMSpico
FOUND folder: C:\Program Files\KMSpico\scripts  =>HackTool.KMSpico
FOUND folder: C:\Program Files\KMSpico\sounds  =>HackTool.KMSpico
FOUND folder: C:\Program Files\KMSpico\TokensBackup  =>HackTool.KMSpico
FOUND folder: C:\Program Files\KMSpico  =>HackTool.KMSpico
FOUND folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico  =>HackTool.KMSpico
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0220ea8d7a914515  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0838efc6f832f82c  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0c2a2f52c9600c56  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1b49f3fc915f04f1  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1bde5b6e3efb2000  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1bf91bbd51f058cf  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1e1d4abc159cf512  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign211c241aa481c5c5  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign30705b68034b5d93  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3392a19f3c2c7188  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign36e28cf847f3d37e  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3841bbd91c319d79  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign39648ad5d742d776  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3d5e8ed0e13f21cd  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign52bd8f10631b1b69  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign52eb84d2e43f78a0  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign56c8297f1e4907ad  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign5c6b9a1386a58075  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign6748377ec59221cf  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign69103d2ed17f19e5  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign6e93aba834f86fe4  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign71b6b47790ce8457  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign7550caa7e410419c  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign772902d1bc029718  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign7765b1f9cceb0183  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign776d3f7ccdd1d808  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign798caa2d94b46d08  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign830e4d67810aaa42  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign92cc9b8272b6a8fa  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign96922b6ee3f86cf6  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign9d10fbe0e16076a5  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsign9dc921772016eea6  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna0bacca210ec24d5  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna2a624feff94aa98  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna3ed2ace7e91c05a  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna45c81899703956a  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna8b20a0c1af4af61  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignaf50d54c38609187  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb308cb22db5ef61f  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb76c0e63b576c5cb  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb93e0e2f34a4b414  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignc4e145ea9643d0fa  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignd845cf5fc3fda09a  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigne7299cb0dac1806b  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsigne914a2d7012e1c02  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf073f38956d24389  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf2381d0c41869696  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf6aaf55dc527f679  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignfb560bf984d08714  =>.SUP.Temporary
FOUND folder: C:\Users\Iuri\AppData\Local\Tempzxpsignfec171a2fad3c62e  =>.SUP.Temporary
FOUND folder: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
FOUND folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime  =>Riskware.QuickTime
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\_metadata  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin\icons  =>SUP.Optional.SearchManager
FOUND folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor  =>SUP.Optional.SearchManager


---\\  Registry ( Key, Value, Data) (7)
FOUND key: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce []  =>SUP.Optional.SearchManager
FOUND key: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce []  =>SUP.Optional.SearchManager
FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5E89C403-F5FF-48DF-9CAB-DAB9E92AC702}\\DhcpNameServer [Bad : 138.117.179.2 138.117.179.6]  =>Hijacker.Browser
FOUND data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 138.117.179.2 138.117.179.6]  =>Hijacker.Browser
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico]  =>HackTool.KMSpico
FOUND key: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater []  =>Riskware.FlashPlayer
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI [Adobe Systems Incorporated]  =>Riskware.FlashPlayer


---\\  Summary of the elements found (8)
https://nicolascoolman.eu/forum/Topic/flashplayer-logiciel-a-risque-riskware/  =>Riskware.FlashPlayer
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>SUP.Optional.SearchManager
https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/  =>ChromiumPreference
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.TaiwanShuiMu
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/  =>HackTool.KMSpico
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.Temporary
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/  =>Hijacker.Browser


---\\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK


---\\ Statistics
~ Items scanned : 185635
~ Items found : 167
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17


---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of search in 05h14mn16s

---\\  Reports (0)
ZHPCleaner-[S]-05072021-22_00_25.txt

 

_____________________________________________________________________________________

 

~ ZHPCleaner v2021.7.3.308 by Nicolas Coolman (2021/07/03)
~ Run by Iuri (Administrator)  (05/07/2021 22:22:30)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Iuri\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Iuri\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Single Language, 64-bit  (Build 9600)


---\\  Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (0)
~ No malicious or unnecessary items found.


---\\  Hosts file (1)
~ The hosts file is legitimate (21)


---\\  Scheduled automatic tasks. (1)
DELETED task: [Adobe Flash Player Updater] [C:\WINDOWS\Tasks\Adobe Flash Player Updater.job (Not File) ]  =>Riskware.FlashPlayer


---\\  Explorer ( File, Folder) (235)
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>Préférences Chromium
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences    =>Préférences Chromium
MOVED file: C:\Windows\Tasks\Adobe Flash Player Updater.job    =>Riskware.FlashPlayer
MOVED file: C:\Users\Iuri\AppData\Local\winzipper.bak    =>.SUP.TaiwanShuiMu
MOVED file: C:\Windows\SECOH-QAD.dll    =>HackTool.KMSpico
MOVED file: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\2bfc185be71f44cd73ac81511fc1f5a5.woff    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\AmpSearchServiceLocalList.json    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\b495e340f4ef8924fea0284c1bf9e7ac.woff    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\background.html    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\background.v0.0.1.min.js    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\client.v0.0.1.min.js    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\common.js.v0.0.1.min.js    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\e_.json    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\e5d3501d500d07b0a1e952b0f8a81d78.woff    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\index.html    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\manifest.json    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\responseConfig.json    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\_metadata\verified_contents.json    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\bundle.v0.0.1.min.css    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts\HelveticaNeueLT-Roman.woff    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts\HelveticaNeue-Thin.otf    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts\neue.woff    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts\neue-bold.woff    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\_enhanced_google.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\_gmx_large.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\alot.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\angle-arrow-down.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\bing.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\bing_large.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\bluesky-bg.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\brush.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\bt.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\clock.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\cloud.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\cupcake-bg.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\desk-bg.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\doodle.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\down.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\enhanced_google.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\eyeglass.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\eyeglass_transparent.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films-bg.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\gmx_large.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\google.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\google_large.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\hero-bg.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\just-the-box.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\just-the-box-empty.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\mountain-bg.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\pointer2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\radio-selected.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\radio-unselected.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sea-bg.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\search-D7D7D7.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\search-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\settings.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\smallMagnifier.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\star.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\star-unselected.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\todoc.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\toggle-off.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\toggle-on.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\topdf.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\transparent_img.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\yahoo.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\yahoo.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\yahoo_large.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\yandex.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\close-FF8A5A.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\collection-9B9B9B.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\collection-FF691E.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\doc-icon-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\error-FF691E.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\pdf-2-doc-9B9B9B.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\pdf-2-doc-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\pdf-icon-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\success-FF8A5A.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\tab-arrow-FF691E.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter\upload-FF691E.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\amazon.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\amazon-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\close.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\enlarge-000000-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\enlarge-FFCA00-000000.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\hulu.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\hulu-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\minimize-000000-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\netflix.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\netflix-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\refresh-FFFFFF-000000.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\shrink-FFCA00-000000.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\shuffle-000000.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\shuffle-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\vudu.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films\vudu-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\128.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\16.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\48.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\close.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\favicon.ico    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons\trends.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\bing-maps-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\from-to-icon-8881FF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\google-maps-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\location-icon-8881FF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\search-4A4A4A.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\search-8881FF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\switch-8881FF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\tab-arrow-8881FF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\whereto-logo-8881FF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps\whereto-logo-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\aliexpress.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\aliexpress_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\amazon.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\amazon_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\booking.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\booking_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\ebay.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\ebay_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\expedia.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\expedia_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\facebook.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\facebook_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\gmail.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\gmail_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\google-translate-icon-FFFFFF.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\gtranslte.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\pinterest.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\pinterest_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\twitter.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\twitter_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\wix.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\wix_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\yahoo.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\yahoo_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\youtube.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails\youtube_tile_v2.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles\DOC-to-PDF.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles\PDF-to-DOC.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles\Translation.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles\View-PDF.jpg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\01d.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\01n.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\02d.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\02n.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\03d.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\03n.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\04d.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\04n.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\09d.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\09n.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\10d.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\10n.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\11d.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\11n.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\13d.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\13n.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\50d.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather\50n.svg    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin\icons\16.png    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor\md5.min.js    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor\react-dom.min.js    =>SUP.Optional.SearchManager
MOVED file: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor\react-with-addons.min.js    =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce  =>SUP.Optional.SearchManager
MOVED folder: C:\Program Files\KMSpico  =>HackTool.KMSpico
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico  =>HackTool.KMSpico
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0220ea8d7a914515  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0838efc6f832f82c  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign0c2a2f52c9600c56  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1b49f3fc915f04f1  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1bde5b6e3efb2000  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1bf91bbd51f058cf  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign1e1d4abc159cf512  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign211c241aa481c5c5  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign30705b68034b5d93  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3392a19f3c2c7188  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign36e28cf847f3d37e  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3841bbd91c319d79  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign39648ad5d742d776  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign3d5e8ed0e13f21cd  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign52bd8f10631b1b69  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign52eb84d2e43f78a0  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign56c8297f1e4907ad  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign5c6b9a1386a58075  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign6748377ec59221cf  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign69103d2ed17f19e5  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign6e93aba834f86fe4  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign71b6b47790ce8457  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign7550caa7e410419c  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign772902d1bc029718  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign7765b1f9cceb0183  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign776d3f7ccdd1d808  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign798caa2d94b46d08  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign830e4d67810aaa42  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign92cc9b8272b6a8fa  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign96922b6ee3f86cf6  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign9d10fbe0e16076a5  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsign9dc921772016eea6  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna0bacca210ec24d5  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna2a624feff94aa98  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna3ed2ace7e91c05a  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna45c81899703956a  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigna8b20a0c1af4af61  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignaf50d54c38609187  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb308cb22db5ef61f  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb76c0e63b576c5cb  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignb93e0e2f34a4b414  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignc4e145ea9643d0fa  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignd845cf5fc3fda09a  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigne7299cb0dac1806b  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsigne914a2d7012e1c02  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf073f38956d24389  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf2381d0c41869696  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignf6aaf55dc527f679  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignfb560bf984d08714  =>.SUP.Temporary
MOVED folder: C:\Users\Iuri\AppData\Local\Tempzxpsignfec171a2fad3c62e  =>.SUP.Temporary
MOVED folder: C:\Program Files (x86)\QuickTime  =>Riskware.QuickTime
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime  =>Riskware.QuickTime
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\_metadata  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\fonts  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\converter  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\films  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\icons  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\maps  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\sitesThumbnails  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\tiles  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\content\images\weather  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\skin\icons  =>SUP.Optional.SearchManager
MOVED folder: C:\Users\Iuri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.4.53_0\vendor  =>SUP.Optional.SearchManager


---\\  Registry ( Key, Value, Data) (7)
DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5E89C403-F5FF-48DF-9CAB-DAB9E92AC702}\\DhcpNameServer [Bad : 138.117.179.2 138.117.179.6]  =>Hijacker.Browser
DELETED data: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 138.117.179.2 138.117.179.6]  =>Hijacker.Browser
DELETED key*: HKCU\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce []  =>SUP.Optional.SearchManager
DELETED key*: [X64] HKLM\SOFTWARE\Google\Chrome\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce []  =>SUP.Optional.SearchManager
DELETED key*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico]  =>HackTool.KMSpico
DELETED key^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater []  =>Riskware.FlashPlayer
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI [Adobe Systems Incorporated]  =>Riskware.FlashPlayer


---\\  Summary of the elements found (8)
https://nicolascoolman.eu/forum/Topic/flashplayer-logiciel-a-risque-riskware/  =>Riskware.FlashPlayer
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>Préférences Chromium
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.TaiwanShuiMu
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/  =>HackTool.KMSpico
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/  =>SUP.Optional.SearchManager
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/  =>.SUP.Temporary
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/  =>Riskware.QuickTime
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/  =>Hijacker.Browser


---\\  Other deletions. (1)
~ Registry Keys Tracing deleted (1)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK
~ The system has been restarted.


---\\ Statistics
~ Items scanned : 1925
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 9/17


---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of clean in 00h03mn43s

---\\  Reports (2)
ZHPCleaner-[S]-05072021-22_00_25.txt
ZHPCleaner-[R]-05072021-22_26_13.txt
 

Link para o comentário
Compartilhar em outros sites
  • Analista de Segurança
Elias Pereira
 

Elias Pereira

Postado
  • Analista de Segurança
Postado

@WoodStockz

 

Os procedimentos acima você fez em modo NORMAL ou SEGURO?

 

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop)

roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em image.png
  • Clique em SCAN
  • Clique no primeiro START "Standard Scan (recommended)" e aguarde o scan...
  • Clique no botão RESULTS
  • Clique na opção REPORT e em EXPORT e selecione a opção Text file...
  • Salve o arquivo na area de trabalho com o nome roguekiller_report

Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Link para o comentário
Compartilhar em outros sites
WoodStockz
 

WoodStockz

Postado
  • Autor
Postado

@Elias Pereira estou tentando fazer o procedimento e não consegui ainda. Estava dando erro na instalação do RogueKiller no modo normal.

E até agora não consegui reiniciar o notebook em modo de segurança pra testar se conseguiria instalar dessa forma 

 

Acontece o mesmo erro no modo de segurança ..ilustrado na foto abaixo ! 

P_20210706_165512_1.jpg

Link para o comentário
Compartilhar em outros sites
  • Analista de Segurança
Elias Pereira
 

Elias Pereira

Postado
  • Analista de Segurança
Postado

@WoodStockz

 

você vai ter que verificar se tem problema no HD ou memoria antes de continuarmos a analise.

 

Sugiro também, se tu conseguir, que faça backup dos teus dados.

 

Pode criar um pendrive bootavel com a ISO do windows baixado do site da microsoft e verificar por erros no HD.

https://www.microsoft.com/en-us/software-download/windows8ISO

 

Para a reparação, tente os passos do link abaixo.

https://www.techtudo.com.br/dicas-e-tutoriais/noticia/2014/03/como-reparar-o-windows-8-e-corrigir-erros-que-prejudicam-o-computador.html

Link para o comentário
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novas respostas.
 Compartilhar
Ir à lista de tópicos

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

Mais

×
×
  • Criar novo...