Ir ao conteúdo
  • Cadastre-se

Navegador abrindo abas de um site chamado "iq option"


Posts recomendados

 Ola. estou tendo o seguinte problema em minha maquina: frequentemente meu navegador abre abas de um site "iq option". Não só o navegador (Opera), como também meu dst3 (software p usar controle de ps3). Fiz um scan com o ZA-Scan

 


ZA-Scan V1.0.0.6 Updated 03-May-2018(Online Version)
Tool run by User on 02/01/2021 at  1:53:36,59.
Microsoft Windows 10 Pro 10.0.18363  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\AppData\Local\Temp\Rar$EXa0.448\ZA-Scan.exe [Z-Analyse Scan]

==== Running Processes ======================

D:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\Program Files (x86)\Origin\OriginWebHelperService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\SysWOW64\notepad.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Users\User\AppData\Local\Temp\ZAScan.exe

==== Services(whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [asComSvc] - ASUS Com Service - c:\program files (x86)\asus\axsp\1.01.02\atkexcomsvc.exe
R2 - [ClickToRunSvc] - Microsoft Office Click-to-Run Service - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe
R2 - [Ds3Service] - SCP DS3 Service - c:\users\user\desktop\scpserver\bin\scpservice.exe
R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
R2 - [LogiRegistryService] - Logitech Gaming Registry Service - c:\program files\logitech gaming software\drivers\aposervice\logiregistryservice.exe
R2 - [MSSQL$SQLEXPRESS] - SQL Server (SQLEXPRESS) - c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\sqlservr.exe
R2 - [NvContainerLocalSystem] - NVIDIA LocalSystem Container - c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe
R2 - [NVDisplay.ContainerLocalSystem] - NVIDIA Display Container LS - c:\program files\nvidia corporation\display.nvcontainer\nvdisplay.container.exe
R2 - [Origin Web Helper Service] - Origin Web Helper Service - c:\program files (x86)\origin\originwebhelperservice.exe
R2 - [SgrmBroker] - System Guard Runtime Monitor Broker - c:\windows\system32\sgrmbroker.exe
R2 - [SQLWriter] - SQL Server VSS Writer - c:\program files\microsoft sql server\90\shared\sqlwriter.exe
R2 - [WinDefend] - Serviço Windows Defender Antivirus - c:\programdata\microsoft\windows defender\platform\4.18.2011.6-0\msmpeng.exe
R2 - [WsAppService] - Wondershare Application Framework Service - c:\program files (x86)\wondershare\waf\2.4.3.233\wsappservice.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [SecurityHealthService] - Serviço de Segurança do Windows - c:\windows\system32\securityhealthservice.exe
R3 - [WdNisSvc] - Serviço de Inspeção de Rede do Windows Defender Antivirus - c:\programdata\microsoft\windows defender\platform\4.18.2011.6-0\nissrv.exe
S2 - [edgeupdate] - Serviço Microsoft Edge Update (edgeupdate) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe
S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe
S3 - [BEService] - BattlEye Service - c:\program files (x86)\common files\battleye\beservice.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [diagnosticshub.standardcollector.service] - Serviço Coletor de Padrões de Hub de Diagnóstico da Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe
S3 - [Disc Soft Ultra Bus Service] - Disc Soft Ultra Bus Service - c:\program files\daemon tools ultra\discsoftbusserviceultra.exe
S3 - [EasyAntiCheat] - EasyAntiCheat - c:\program files (x86)\easyanticheat\easyanticheat.exe
S3 - [edgeupdatem] - Serviço Microsoft Edge Update (edgeupdatem) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [FvSvc] - NVIDIA FrameView SDK service - c:\program files\nvidia corporation\frameviewsdk\nvfvsdksvc_x64.exe
S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\11\intel 32\idrivert.exe
S3 - [MicrosoftEdgeElevationService] - Microsoft Edge Elevation Service - c:\program files (x86)\microsoft\edge\application\87.0.664.66\elevation_service.exe
S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [Origin Client Service] - Origin Client Service - c:\program files (x86)\origin\originclientservice.exe
S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [perceptionsimulation] - Serviço de Simulação de Percepção do Windows - c:\windows\system32\perceptionsimulation\perceptionsimulationservice.exe
S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe
S3 - [Rockstar Service] - Rockstar Game Library Service - c:\program files\rockstar games\launcher\rockstarservice.exe
S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe
S3 - [Sense] - Serviço Proteção Avançada contra Ameaças do Windows Defender - c:\program files\windows defender advanced threat protection\mssense.exe
S3 - [SensorDataService] - Serviço de Dados de Sensor - c:\windows\system32\sensordataservice.exe
S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe
S3 - [spectrum] - Serviço de Percepção do Windows - c:\windows\system32\spectrum.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TieringEngineService] - Gerenciamento de Camadas de Armazenamento - c:\windows\system32\tieringengineservice.exe
S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe
S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - Adaptador de Desempenho WMI - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe
S4 - [AppVClient] - Microsoft App-V Client - c:\windows\system32\appvclient.exe
S4 - [MSSQLServerADHelper100] - SQL Active Directory Helper Service - c:\program files\microsoft sql server\100\shared\sqladhlp.exe
S4 - [SQLAgent$SQLEXPRESS] - SQL Server Agent (SQLEXPRESS) - c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\sqlagent.exe
S4 - [SQLBrowser] - SQL Server Browser - c:\program files (x86)\microsoft sql server\90\shared\sqlbrowser.exe
S4 - [ssh-agent] - OpenSSH Authentication Agent - c:\windows\system32\openssh\ssh-agent.exe
S4 - [UevAgentService] - Serviço de User Experience Virtualization - c:\windows\system32\agentservice.exe
S4 - [uhssvc] - Microsoft Update Health Service - c:\program files\microsoft update health tools\uhssvc.exe

==== Drivers(whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]


==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-4006089852-4110230597-2082904234-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"DAEMON Tools Ultra Automount"="C:\Program Files\DAEMON Tools Ultra\DTAgent.exe -autorun"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"com.blitz.app"="C:\Users\User\AppData\Local\Programs\Blitz\Blitz.exe --autostart"
"com.squirrel.Teams.Teams"="C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe --processStart Teams.exe --process-start-args --system-initiated"
"MobalyticsHQ.DesktopApp"="C:\Users\User\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe"
"OneDrive"="C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Lightshot"="C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"DAEMON Tools Ultra Automount"="C:\Program Files\DAEMON Tools Ultra\DTAgent.exe -autorun"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"com.blitz.app"="C:\Users\User\AppData\Local\Programs\Blitz\Blitz.exe --autostart"
"com.squirrel.Teams.Teams"="C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe --processStart Teams.exe --process-start-args --system-initiated"
"MobalyticsHQ.DesktopApp"="C:\Users\User\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe"
"OneDrive"="C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"S.T.R.I.K.E.3"="C:\Program Files\Mad Catz\S.T.R.I.K.E.3\STRIKE3_Profiler.exe"
"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"SecurityHealth"="%windir%\system32\SecurityHealthSystray.exe "

==== Startup Folders ======================

2017-11-10 01:24:23    301    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\fcbd.bat

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player NPAPI Notifier" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_pepper.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\AMHelper" ["D:\AntiMalware\AntiMalware.exe"]
"C:\WINDOWS\SysNative\tasks\AMSkipUAC" ["D:\AntiMalware\AntiMalware.exe"]
"C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe]
"C:\WINDOWS\SysNative\tasks\CCleaner Update" [C:\Program Files\CCleaner\CCUpdate.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe]
"C:\WINDOWS\SysNative\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe]
"C:\WINDOWS\SysNative\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" ["C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"]
"C:\WINDOWS\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe]
"C:\WINDOWS\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe]
"C:\WINDOWS\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe]
"C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe]
"C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe]
"C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe]
"C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-4006089852-4110230597-2082904234-1001" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Opera GX scheduled Autoupdate 1599083412" [D:\launcher.exe]
"C:\WINDOWS\SysNative\tasks\Rerun Warsaw's CoreFixer" [C:\WINDOWS\TEMP\is-5LEKG.tmp\corefixer.exe]
"C:\WINDOWS\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{12F8CDF7-AF2B-4CA3-B121-B04C968D6F6A}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe]
"C:\WINDOWS\SysNative\tasks\S-1-5-21-4006089852-4110230597-2082904234-1001\DataSenseLiveTileTask" [%SystemRoot%\System32\DataUsageLiveTileTask.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\z85s7nfe.default
- Bilmetro - %ProfilePath%\extensions\{09d09f49-3615-4cf3-ad57-a6cc924f29e8}.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\z85s7nfe.default
05F8076F203068FFBB03102CBBA33D9C    - C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll -    Java(TM) Platform SE 8 U271
E8E768BA50C91D62E7E87B6B7D2DAA07    - C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npdeployJava1.dll -    Java Deployment Toolkit 8.0.2710.9
22C00F56EB698A1A0AC49FBB47BB97B2    - C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL -    Microsoft Office


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Slides - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Docs - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Sheets - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Social Book Post Manager - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae
Google Drive App Launcher - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Chrome Web Store Payments - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll

==== EOF on 02/01/2021 at  1:56:04,84 ======================

 

 Agradeço se alguém puder dispor de seu tempo para me dar uma ajudinha.

Link para o post
Compartilhar em outros sites
  • Analista de Segurança

@andrekuni

 

Por favor, atente para o seguinte:

  • Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento p2p/toŕŕent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Respeite a ordem das instruções passadas;
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!


Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA
 

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

 

ETAPA 1

 

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em image.png

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

 

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

 

ETAPA 2

 

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

  • Curtir 1
Link para o post
Compartilhar em outros sites

@Elias Pereira 

 ADW Cleaner

 

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build:    10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-05-2021
# Duration: 00:00:00
# OS:       Windows 10 Pro
# Cleaned:  2
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\User\AppData\Local\Tencent
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Not Deleted   C:\Users\User\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete IFEO
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Hosts File
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10370 octets] - [31/12/2020 18:31:33]
AdwCleaner[C00].txt - [8897 octets] - [31/12/2020 18:31:58]
AdwCleaner[S01].txt - [1737 octets] - [01/01/2021 23:53:05]
AdwCleaner[C01].txt - [1871 octets] - [01/01/2021 23:53:55]
AdwCleaner[S02].txt - [1859 octets] - [02/01/2021 00:03:35]
AdwCleaner[C02].txt - [2131 octets] - [02/01/2021 00:03:50]
AdwCleaner[S03].txt - [1981 octets] - [02/01/2021 01:01:34]
AdwCleaner[C03].txt - [2253 octets] - [02/01/2021 01:06:39]
AdwCleaner[S04].txt - [2103 octets] - [02/01/2021 01:43:23]
AdwCleaner[C04].txt - [2375 octets] - [02/01/2021 01:43:39]
AdwCleaner[S05].txt - [2225 octets] - [05/01/2021 09:00:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

 

ZHP CLeaner

~ ZHPCleaner v2021.1.2.266 by Nicolas Coolman (2021/01/02) ~ Run by User (Administrator) (05/01/2021 09:17:25) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Repair ~ Report : C:\Users\User\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\User\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 18363) ---\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. (ADS) ---\ Services (0) ~ No malicious or unnecessary items found. (Service) ---\ Browser internet (0) ~ No malicious or unnecessary items found. (Browser) ---\ Hosts file (1) ~ The hosts file is legitimate (40) ---\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. (Task) ---\ Explorer ( File, Folder) (4) MOVED file: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences =>Préférences Chromium MOVED file: C:\Users\Public\Desktop\ScpToolkit Settings Manager.lnk =>PUP.Optional.SettingsManager MOVED folder: C:\Program Files (x86)\Skillbrains =>SUP.Optional.Skillbrains ---\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. (Register) ---\ Summary of the elements found (3) https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>PUP.Optional.SettingsManager https://nicolascoolman.eu/2019/01/sup-skillbrains =>SUP.Optional.Skillbrains ---\ Other deletions. (6) ~ Registry Keys Tracing deleted (6) ~ Remove the old reports ZHPCleaner. (0) ---\ Result of repair ~ Repair carried out successfully ~ Mozilla Firefox OK ~ Internet Explorer OK ~ Opera Stable OK ---\ Statistics ~ Items scanned : 2024 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/16 ---\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ End of clean in 00h00mn20s ---\ Reports (4) ZHPCleaner-[R]-02012021-01_38_43.txt ZHPCleaner-[S]-02012021-01_34_26.txt ZHPCleaner-[S]-05012021-09_13_34.txt ZHPCleaner-[R]-05012021-09_17_45.txt

Link para o post
Compartilhar em outros sites
  • Analista de Segurança

@andrekuni

 

Faça o download do RogueKiller by Tigzy, e salve na sua área de trabalho (Desktop)

roguekiller.exe (x64) << link

  • Feche todos os programas
  • Execute o RogueKiller.exe.
    ** Usuários do Windows Vista, Windows 7, 8, 8.1 e Windows 10:Clique com o direito sobre o arquivo rogueKiller.exe, depois clique em image.png
  • Clique em SCAN
  • Clique no primeiro START "Standard Scan (recommended)" e aguarde o scan...
  • Clique no botão RESULTS
  • Clique na opção REPORT e em EXPORT e selecione a opção Text file...
  • Salve o arquivo na area de trabalho com o nome roguekiller_report

Atente para abrir o arquivo, copiar e colar todo o conteúdo na sua próxima resposta

Link para o post
Compartilhar em outros sites
  • Elias Pereira alterou o título para Navegador abrindo abas de um site chamado "iq option"

@Elias Pereira

 

Roguekiller_report 

 

RogueKiller Anti-Malware V14.8.2.0 (x64) [Dec 28 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : User [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210103_083432, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2021/01/06 10:30:56 (Duration : 00:07:43)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-5LEKG.tmp\corefixer.exe [/norerun] -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> XX - Software
  [PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\UCBrowser -- N/A -> Found
  [PUP.Gen1 (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\Tencent -- N/A -> Found
  [PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] (X86) HKEY_LOCAL_MACHINE\Software\UCBrowser -- N/A -> Found
  [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\.DEFAULT\Software\OCS -- N/A -> Found
  [PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\.DEFAULT\Software\UCBrowser -- N/A -> Found
  [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-4006089852-4110230597-2082904234-1001\Software\OCS -- N/A -> Found
  [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-4006089852-4110230597-2082904234-1001\Software\Tencent -- N/A -> Found
  [PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-4006089852-4110230597-2082904234-1001\Software\UCBrowser -- N/A -> Found
  [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-18\Software\OCS -- N/A -> Found
  [PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-18\Software\UCBrowser -- N/A -> Found
>>>>>> O4 - Run
  [Suspicious.Path (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-4006089852-4110230597-2082904234-1001\Software\Microsoft\Windows\CurrentVersion\Run|MobalyticsHQ.DesktopApp -- C:\Users\User\AppData\Local\Programs\mobalytics-desktop\Mobalytics Desktop.exe (missing) -> Found
>>>>>> O87 - Firewall
  [PUP.Popcorn (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{568A2508-EF46-4D95-90F8-2DAA3ADFA6B8}C:\users\user\appdata\local\popcorn-time\popcorn-time.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\user\appdata\local\popcorn-time\popcorn-time.exe|Name=popcorn-time.exe|Desc=popcorn-time.exe|Defer=User| (C:\users\user\appdata\local\popcorn-time\popcorn-time.exe) (missing) -> Found
  [PUP.Popcorn (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{181BACA0-707D-4CF5-8ACF-883B4A8A0E1D}C:\users\user\appdata\local\popcorn-time\popcorn-time.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\user\appdata\local\popcorn-time\popcorn-time.exe|Name=popcorn-time.exe|Desc=popcorn-time.exe|Defer=User| (C:\users\user\appdata\local\popcorn-time\popcorn-time.exe) (missing) -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.Gen1 (Potentially Malicious)] (folder) Tencent -- C:\Users\User\AppData\Roaming\Tencent -> Found
[PUP.Gen1 (Potentially Malicious)] (folder) Tencent -- C:\Users\User\AppData\Local\Tencent -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

 :D

Link para o post
Compartilhar em outros sites
  • Analista de Segurança

@andrekuni

 

Por gentileza, não coloque os logs dentro de uma tag spoiler. Pode postar normalmente como editei acima seus posts. Obrigado!

 

Execute novamente o RogueKiller e apos o scan, marque as entradas e as remova.

 

Poste o conteúdo do log de remoção, como acima.

Link para o post
Compartilhar em outros sites

@Elias Pereira juro q pensei ter respondido no mesmo dia, acho q fechei o navegador sem clicar p enviar 

 

RogueKiller Anti-Malware V14.8.2.0 (x64) [Dec 28 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : User [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20210103_083432, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2021/01/06 10:48:56 (Duration : 00:07:43)
Switches : -minimize

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] \Rerun Warsaw's CoreFixer -- C:\WINDOWS\TEMP\is-5LEKG.tmp\corefixer.exe (/norerun) -> Deleted
[PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\UCBrowser --  -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Tencent --  -> Deleted
[PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\UCBrowser --  -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\.DEFAULT\Software\OCS --  -> Deleted
[PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\.DEFAULT\Software\UCBrowser --  -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-4006089852-4110230597-2082904234-1001\Software\OCS --  -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-4006089852-4110230597-2082904234-1001\Software\Tencent --  -> Deleted
[PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-21-4006089852-4110230597-2082904234-1001\Software\UCBrowser --  -> Deleted
[PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-18\Software\OCS --  -> Deleted
[PUP.UCBrowser|PUP.Gen1 (Potentially Malicious)] HKEY_USERS\S-1-5-18\Software\UCBrowser --  -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_USERS\S-1-5-21-4006089852-4110230597-2082904234-1001\Software\Microsoft\Windows\CurrentVersion\Run|MobalyticsHQ.DesktopApp -- [%localappdata%\Programs\mobalytics-desktop\Mobalytics Desktop.exe] -> Deleted
[PUP.Popcorn (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{568A2508-EF46-4D95-90F8-2DAA3ADFA6B8}C:\users\user\appdata\local\popcorn-time\popcorn-time.exe -- [%localappdata%\popcorn-time\popcorn-time.exe] -> Deleted
[PUP.Popcorn (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{181BACA0-707D-4CF5-8ACF-883B4A8A0E1D}C:\users\user\appdata\local\popcorn-time\popcorn-time.exe -- [%localappdata%\popcorn-time\popcorn-time.exe] -> Deleted
[PUP.Gen1 (Potentially Malicious)] Tencent -- %_User_appdata%\Tencent -> Deleted
  => GlobalMgr.db -- C:\Users\User\AppData\Roaming\Tencent\DESKUP~1\GLOBAL~1.DB -> Deleted
  => DeskUpdate -- C:\Users\User\AppData\Roaming\Tencent\DESKUP~1 -> Deleted
  => Logs -- C:\Users\User\AppData\Roaming\Tencent\Logs -> Deleted
  => data_0 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\data_0 -> Deleted
  => data_1 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\data_1 -> Deleted
  => data_2 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\data_2 -> Deleted
  => data_3 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\data_3 -> Deleted
  => f_000003 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000003 -> Deleted
  => f_000004 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000004 -> Deleted
  => f_000005 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000005 -> Deleted
  => f_000006 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000006 -> Deleted
  => f_000007 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000007 -> Deleted
  => f_000008 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000008 -> Deleted
  => f_000009 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000009 -> Deleted
  => f_00000a -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00000a -> Deleted
  => f_00000b -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00000b -> Deleted
  => f_00000c -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00000c -> Deleted
  => f_00000d -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00000d -> Deleted
  => f_00000e -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00000e -> Deleted
  => f_00000f -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00000f -> Deleted
  => f_000010 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000010 -> Deleted
  => f_000011 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000011 -> Deleted
  => f_000012 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000012 -> Deleted
  => f_000013 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000013 -> Deleted
  => f_000014 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000014 -> Deleted
  => f_000015 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000015 -> Deleted
  => f_000016 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000016 -> Deleted
  => f_000017 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000017 -> Deleted
  => f_000018 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000018 -> Deleted
  => f_000019 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000019 -> Deleted
  => f_00001a -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00001a -> Deleted
  => f_00001b -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00001b -> Deleted
  => f_00001c -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00001c -> Deleted
  => f_00001d -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00001d -> Deleted
  => f_00001e -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00001e -> Deleted
  => f_00001f -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00001f -> Deleted
  => f_000020 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000020 -> Deleted
  => f_000021 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000021 -> Deleted
  => f_000022 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000022 -> Deleted
  => f_000023 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000023 -> Deleted
  => f_000024 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000024 -> Deleted
  => f_000025 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000025 -> Deleted
  => f_000026 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000026 -> Deleted
  => f_000027 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000027 -> Deleted
  => f_000028 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000028 -> Deleted
  => f_000029 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000029 -> Deleted
  => f_00002a -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00002a -> Deleted
  => f_00002b -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00002b -> Deleted
  => f_00002c -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00002c -> Deleted
  => f_00002d -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00002d -> Deleted
  => f_00002e -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00002e -> Deleted
  => f_00002f -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00002f -> Deleted
  => f_000030 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000030 -> Deleted
  => f_000031 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000031 -> Deleted
  => f_000032 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000032 -> Deleted
  => f_000033 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000033 -> Deleted
  => f_000034 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000034 -> Deleted
  => f_000035 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000035 -> Deleted
  => f_000036 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000036 -> Deleted
  => f_000037 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000037 -> Deleted
  => f_000038 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000038 -> Deleted
  => f_000039 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000039 -> Deleted
  => f_00003a -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00003a -> Deleted
  => f_00003b -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00003b -> Deleted
  => f_00003c -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00003c -> Deleted
  => f_00003d -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00003d -> Deleted
  => f_00003e -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00003e -> Deleted
  => f_00003f -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00003f -> Deleted
  => f_000040 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000040 -> Deleted
  => f_000041 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000041 -> Deleted
  => f_000042 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000042 -> Deleted
  => f_000043 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000043 -> Deleted
  => f_000044 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000044 -> Deleted
  => f_000045 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000045 -> Deleted
  => f_000046 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000046 -> Deleted
  => f_000047 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000047 -> Deleted
  => f_000048 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000048 -> Deleted
  => f_000049 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000049 -> Deleted
  => f_00004a -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00004a -> Deleted
  => f_00004b -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00004b -> Deleted
  => f_00004c -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00004c -> Deleted
  => f_00004d -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00004d -> Deleted
  => f_00004e -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00004e -> Deleted
  => f_00004f -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00004f -> Deleted
  => f_000050 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000050 -> Deleted
  => f_000051 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000051 -> Deleted
  => f_000052 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000052 -> Deleted
  => f_000053 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000053 -> Deleted
  => f_000054 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000054 -> Deleted
  => f_000055 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000055 -> Deleted
  => f_000056 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000056 -> Deleted
  => f_000057 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000057 -> Deleted
  => f_000058 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000058 -> Deleted
  => f_000059 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000059 -> Deleted
  => f_00005a -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00005a -> Deleted
  => f_00005b -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00005b -> Deleted
  => f_00005c -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00005c -> Deleted
  => f_00005d -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00005d -> Deleted
  => f_00005e -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00005e -> Deleted
  => f_00005f -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00005f -> Deleted
  => f_000060 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000060 -> Deleted
  => f_000061 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000061 -> Deleted
  => f_000062 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000062 -> Deleted
  => f_000063 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000063 -> Deleted
  => f_000064 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000064 -> Deleted
  => f_000065 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000065 -> Deleted
  => f_000066 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000066 -> Deleted
  => f_000067 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000067 -> Deleted
  => f_000068 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000068 -> Deleted
  => f_000069 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000069 -> Deleted
  => f_00006a -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00006a -> Deleted
  => f_00006b -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00006b -> Deleted
  => f_00006c -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00006c -> Deleted
  => f_00006d -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00006d -> Deleted
  => f_00006e -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00006e -> Deleted
  => f_00006f -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00006f -> Deleted
  => f_000070 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000070 -> Deleted
  => f_000071 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000071 -> Deleted
  => f_000072 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000072 -> Deleted
  => f_000073 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000073 -> Deleted
  => f_000074 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000074 -> Deleted
  => f_000075 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000075 -> Deleted
  => f_000076 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000076 -> Deleted
  => f_000077 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000077 -> Deleted
  => f_000078 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000078 -> Deleted
  => f_000079 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000079 -> Deleted
  => f_00007a -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00007a -> Deleted
  => f_00007b -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00007b -> Deleted
  => f_00007c -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00007c -> Deleted
  => f_00007d -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00007d -> Deleted
  => f_00007e -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_00007e -> Deleted
  => f_000080 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000080 -> Deleted
  => f_000081 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000081 -> Deleted
  => f_000084 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000084 -> Deleted
  => f_000086 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000086 -> Deleted
  => f_000088 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000088 -> Deleted
  => f_000089 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\f_000089 -> Deleted
  => index -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache\index -> Deleted
  => Cache -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cache -> Deleted
  => Cookies -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\Cookies -> Deleted
  => Cookies-journal -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\COOKIE~1 -> Deleted
  => Databases.db -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\DATABA~1\DATABA~1.DB -> Deleted
  => Databases.db-journal -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\DATABA~1\DATABA~1.DB- -> Deleted
  => databases -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\DATABA~1 -> Deleted
  => https_syzs.qq.com_0.localstorage -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\LOCALS~1\HTTPS_~1.LOC -> Deleted
  => https_syzs.qq.com_0.localstorage-journal -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\LOCALS~1\HTTPS_~2.LOC -> Deleted
  => Local Storage -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\LOCALS~1 -> Deleted
  => QuotaManager -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\QUOTAM~1 -> Deleted
  => QuotaManager-journal -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\QUOTAM~2 -> Deleted
  => 60a0e9571246d2e3_0 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1\C08997~1\EFD1AC~1\60A0E9~1 -> Deleted
  => 99aa1516ccb06ca9_0 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1\C08997~1\EFD1AC~1\99AA15~1 -> Deleted
  => c57077f0d7bb1dd8_0 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1\C08997~1\EFD1AC~1\C57077~1 -> Deleted
  => index -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1\C08997~1\EFD1AC~1\index -> Deleted
  => the-real-index -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1\C08997~1\EFD1AC~1\INDEX-~1\THE-RE~1 -> Deleted
  => index-dir -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1\C08997~1\EFD1AC~1\INDEX-~1 -> Deleted
  => efd1ac17-3ce1-46cf-a4be-115a91976d5d -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1\C08997~1\EFD1AC~1 -> Deleted
  => index.txt -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1\C08997~1\index.txt -> Deleted
  => c0899715ea30fceaa5ccebb2ef31c375f13220ac -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1\C08997~1 -> Deleted
  => CacheStorage -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\CACHES~1 -> Deleted
  => 000003.log -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\Database\000003.log -> Deleted
  => CURRENT -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\Database\CURRENT -> Deleted
  => LOCK -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\Database\LOCK -> Deleted
  => LOG -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\Database\LOG -> Deleted
  => LOG.old -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\Database\LOG.old -> Deleted
  => MANIFEST-000001 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\Database\MANIFE~1 -> Deleted
  => Database -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\Database -> Deleted
  => 2cc80dabc69f58b6_0 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\SCRIPT~1\2CC80D~1 -> Deleted
  => 2cc80dabc69f58b6_1 -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\SCRIPT~1\2CC80D~2 -> Deleted
  => index -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\SCRIPT~1\index -> Deleted
  => the-real-index -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\SCRIPT~1\INDEX-~1\THE-RE~1 -> Deleted
  => index-dir -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\SCRIPT~1\INDEX-~1 -> Deleted
  => ScriptCache -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1\SCRIPT~1 -> Deleted
  => Service Worker -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\SERVIC~1 -> Deleted
  => Visited Links -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1\VISITE~1 -> Deleted
  => tbs_cache -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1\TBS_CA~1 -> Deleted
  => WebkitCache -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1\WEBKIT~1 -> Deleted
  => MobileGamePC -- C:\Users\User\AppData\Roaming\Tencent\MOBILE~1 -> Deleted
  => AOWKCheck.dat -- C:\Users\User\AppData\Roaming\Tencent\TXGAME~1\BSODRE~1\AOWKCH~1.DAT -> Deleted
  => BSODReport -- C:\Users\User\AppData\Roaming\Tencent\TXGAME~1\BSODRE~1 -> Deleted
  => TxGameAssistant -- C:\Users\User\AppData\Roaming\Tencent\TXGAME~1 -> Deleted
  => SSOTemp -- C:\Users\User\AppData\Roaming\Tencent\TXSSO\SSOTemp -> Deleted
  => TXSSO -- C:\Users\User\AppData\Roaming\Tencent\TXSSO -> Deleted
[PUP.Gen1 (Potentially Malicious)] Tencent -- %localappdata%\Tencent -> Deleted
  => tbs.log -- C:\Users\User\AppData\Local\Tencent\BROWSI~1\GFTBSW~1\tbs.log -> Deleted
  => GFTBSWebCtrl -- C:\Users\User\AppData\Local\Tencent\BROWSI~1\GFTBSW~1 -> Deleted
  => BrowsingService -- C:\Users\User\AppData\Local\Tencent\BROWSI~1 -> Deleted
 

Link para o post
Compartilhar em outros sites
  • Analista de Segurança

@andrekuni

 

  1. Clique no menu Iniciar, e após isso clique com o botão direito do mouse sob Este computador e selecione a opção Propriedades.
  2. Em Propriedades, selecione a opção Configurações avançadas do sistema.
  3. Vá na aba Proteção do Sistema, e em Restauração do Sistema, vá na opção Criar.
    fce2f587-5556-456b-93d4-00966ae7f59d
  4. Depois basta seguir as instruções em tela, para criar seu ponto de restauração.
    OBS: Lembre-se de colocar um nome de fácil entendimento para uma posterior restauração a partir deste ponto.

Pressione as teclas Windows conheca-atalhos-de-teclado-para-dominar-o-windows-8-2.jpg + R e digite: msconfig 
- Clique na guia Serviços, marque a opção Ocultar todos os serviços Microsoft e depois clique em Desativar tudo
- Clique na guia Inicialização de Programas e clique em Abrir Gerenciador de Tarefas
- Clique com o botão direito em cada entrada da inicialização e clique em Desabilitar/Desativar.

Volte para a tela de Configurações do Sistema e clique em Aplicar e depois em OK

Siga as mensagens ate que seja solicitado a reiniciar.Após isso me informe se os problemas em relação a malwares ainda persistem.

Link para o post
Compartilhar em outros sites

@Elias Pereira Boa noite , fiz hje todos os procedimentos citados em sua ultima manifestação. Após a reinicialização da máquina abri o software do controle de ps4 e continua aparecendo a pagina da iq option, porém o meu navegador padrão (opera) nao abriu nenhuma pagina do tipo. Obrigado pela atenção e perdão pela minha demora em realizar os procedimentos e a responder o post.

Link para o post
Compartilhar em outros sites
  • Analista de Segurança
13 horas atrás, andrekuni disse:

Após a reinicialização da máquina abri o software do controle de ps4 e continua aparecendo a pagina da iq option

É algo relacionado a esse software. Pode ser cache. O ideal é remove-lo com o Revo Uninstaller.

 

Siga os procedimentos do link abaixo:

http://www.tecmundo.com.br/1133-como-usar-o-revo-uninstaller.htm

 

Use o modo "Advanced" para remover.

 

Após a remoção reinicie seu computador e verifique se o programa em questào permanece instalado. Poste os resultados.

Link para o post
Compartilhar em outros sites
  • Analista de Segurança
Em 15/01/2021 às 22:55, andrekuni disse:

Só mais uma pergunta, que software, pago ou não, você recomenda para proteção?

Dá uma olhada no link abaixo. É um comparativo de vários antivírus.

https://www.av-comparatives.org/tests/performance-test-april-2020/

Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisa ser um usuário para fazer um comentário

Criar uma conta

Crie uma nova conta em nossa comunidade. É fácil!

Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.

Entrar agora

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Aprenda a ler resistores e capacitores

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!