Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14428 usuários registrados
O último usuário registrado atende pelo nome de RS_Computadores

Os nossos membros postaram um total de 35112 mensagens em 3557 assuntos
Últimos assuntos
» Notebook Travando!
por RS_Computadores Hoje à(s) 10:37

Quem está conectado
2 usuários online :: Nenhum usuário registrado, Nenhum Invisível e 2 Visitantes :: 1 Motor de busca

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Setembro 2017
SegTerQuaQuiSexSabDom
    123
45678910
11121314151617
18192021222324
252627282930 

Calendário Calendário

Palavras chave


Aparece "Attention Required! Cloudflare" em alguns sites ...

Página 2 de 3 Anterior  1, 2, 3  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Qua 29 Out 2014, 22:17


  • Boa Noite! Nilson Machado da Siva

  • Aborte e vamos por outra ferramenta.

  • Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... by Swearware )
  • Salve-o no desktop! ( Área de trabalho! )
  • Ps: Desabilite seu antivírus,antispywares e/ou firewall. ( Menos o do Windows! )
  • Feche algum programa/arquivo que esteja aberto.
  • Feche,também,seu navegador! ( IE,Firefox,Opera ou Google Chrome )
  • Ps: Esteja conectado(a) à Internet. << Importante!
  • É preciso estar logado no sistema com privilégios de administrador.
  • Execute ComboFix.exe,com um duplo clique.

    [Você precisa estar registrado e conectado para ver esta imagem.]

  • Surgindo alguma mensagem de erro,execute ComboFix.exe em Modo de Segurança com rede.
  • Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. 
  • Abrir-se-á a janela Auto Scan
  • Aguarde a finalização de todas as Etapas.
  • Durante o scan,evite utilizar o mouse ou teclado!
  • Concluindo,poste: C:\ComboFix.txt 

    "Tentativa de operaçao ilegal em uma chave do Registro marcada para exclusão."

  • Ao ocorrer este erro,basta reiniciar o computador!
  • "ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão de analistas de segurança."

  • Abs!
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Qua 29 Out 2014, 23:32

ComboFix 14-10-29.01 - Nilson Machado 29/10/2014 23:00:27.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.3005.1715 [GMT -2:00]
Executando de: c:\users\Nilson Machado\Desktop\ComboFix_2.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
c:\windows\Fonts\HOTTAMLI.TTF
c:\windows\msdownld.tmp
c:\windows\system32\Config.ini
c:\windows\system32\Icons
c:\windows\system32\Icons\Command.ico
c:\windows\system32\Icons\Communicator.ico
c:\windows\system32\Icons\Engineering.ico
c:\windows\system32\Icons\Enterprise.ico
c:\windows\system32\Icons\Iowa State Police.ico
c:\windows\system32\Icons\Kelvin.ico
c:\windows\system32\Icons\Life Sciences.ico
c:\windows\system32\Icons\Medical Tricorder.ico
c:\windows\system32\Icons\Medical.ico
c:\windows\system32\Icons\Phaser.ico
c:\windows\system32\Icons\Starfleet Academy Ring.ico
c:\windows\system32\Icons\Starfleet Instructor.ico
c:\windows\system32\Icons\Starfleet Pin.ico
c:\windows\system32\Icons\Tricorder.ico
c:\windows\system32\Icons\Uhura's Earpiece.ico
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-09-28 to 2014-10-30 ))))))))))))))))))))))))))))
.
.
2014-10-30 01:14 . 2014-10-30 01:18 -------- d-----w- c:\users\Nilson Machado\AppData\Local\temp
2014-10-30 01:14 . 2014-10-30 01:14 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2014-10-30 01:14 . 2014-10-30 01:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-29 23:33 . 2014-10-29 23:43 181064 ----a-w- c:\windows\PSEXESVC.EXE
2014-10-29 23:33 . 2014-10-29 23:33 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
2014-10-29 16:28 . 2014-10-29 16:28 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-10-29 16:16 . 2014-10-29 19:17 -------- d-----w- c:\users\Nilson Machado\AppData\Roaming\ZHP
2014-10-29 16:16 . 2014-10-29 16:28 -------- d-----w- c:\program files\ZHPDiag
2014-10-29 16:13 . 2014-10-29 16:12 6860008 ----a-w- C:\ZHPDiag2.exe
2014-10-29 14:55 . 2014-10-29 14:55 220784 ----a-w- c:\program files\Mozilla Firefox\sandboxbroker.dll
2014-10-27 19:57 . 2014-10-27 19:57 -------- d-----w- C:\zoek_backup
2014-10-27 19:21 . 2014-10-27 19:21 -------- d-----w- c:\windows\ERUNT
2014-10-23 17:23 . 2012-10-03 18:14 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-10-23 17:22 . 2014-10-23 17:22 -------- d-----w- c:\program files\iPod
2014-10-23 17:22 . 2014-10-23 17:23 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-10-23 17:22 . 2014-10-23 17:23 -------- d-----w- c:\program files\iTunes
2014-10-23 17:21 . 2014-10-23 17:21 -------- d-----w- c:\program files\Bonjour
2014-10-16 13:18 . 2014-10-16 13:18 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-16 13:17 . 2014-10-16 13:17 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-16 13:17 . 2014-10-16 13:17 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-16 13:14 . 2014-10-16 13:14 4922368 ----a-w- c:\windows\system32\mstscax.dll
2014-10-16 13:14 . 2014-10-16 13:14 37376 ----a-w- c:\windows\system32\tsgqec.dll
2014-10-16 13:14 . 2014-10-16 13:14 2744320 ----a-w- c:\windows\system32\rdpcorets.dll
2014-10-16 13:14 . 2014-10-16 13:14 269312 ----a-w- c:\windows\system32\aaclient.dll
2014-10-16 13:14 . 2014-10-16 13:14 1050112 ----a-w- c:\windows\system32\mstsc.exe
2014-10-16 13:13 . 2014-10-16 13:13 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-10-16 13:13 . 2014-10-16 13:13 523264 ----a-w- c:\windows\system32\termsrv.dll
2014-10-16 13:13 . 2014-10-16 13:13 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-10-16 13:13 . 2014-10-16 13:13 304128 ----a-w- c:\windows\system32\winlogon.exe
2014-10-16 13:13 . 2014-10-16 13:13 184320 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-10-16 13:13 . 2014-10-16 13:13 17408 ----a-w- c:\windows\system32\credssp.dll
2014-10-16 13:13 . 2014-10-16 13:13 157696 ----a-w- c:\windows\system32\winsta.dll
2014-10-16 13:13 . 2014-10-16 13:13 130048 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-10-16 13:09 . 2014-10-16 13:09 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-16 13:04 . 2014-10-16 13:04 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-16 13:04 . 2014-10-16 13:04 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-16 13:04 . 2014-10-16 13:04 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-15 08:55 . 2014-10-01 06:19 115240 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2014-10-07 17:42 . 2014-10-07 17:42 -------- d-----w- c:\programdata\NannyMania
2014-10-04 18:38 . 2014-10-04 18:38 519680 ----a-w- c:\windows\system32\qdvd.dll
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-30 01:16 . 2013-07-10 20:34 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2014-10-17 00:44 . 2013-07-10 21:22 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-17 00:44 . 2013-07-10 21:21 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-24 00:02 . 2014-09-24 00:02 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-15 12:06 . 2013-07-10 21:01 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-09-12 22:45 . 2014-09-12 22:45 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-12 22:45 . 2014-09-12 22:45 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-12 22:39 . 2014-09-12 22:39 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-12 22:39 . 2014-09-12 22:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-12 22:29 . 2014-09-12 22:29 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-09 01:24 . 2014-09-27 07:30 8806800 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F9B5297-CEE8-48A7-B7C0-7E3F742AA262}\mpengine.dll
2014-09-04 04:11 . 2014-09-04 04:11 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-09-04 04:11 . 2014-09-04 04:11 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-08-30 19:46 . 2014-08-30 19:46 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-25 23:06 . 2014-08-25 23:06 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-25 23:06 . 2014-08-25 23:06 730048 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-08-25 23:06 . 2014-08-25 23:06 219072 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-08-25 23:06 . 2014-08-25 23:06 107520 ----a-w- c:\windows\system32\cdd.dll
2014-08-25 23:05 . 2014-08-25 23:05 337408 ----a-w- c:\windows\system32\msihnd.dll
2014-08-25 23:05 . 2014-08-25 23:05 1805824 ----a-w- c:\windows\system32\authui.dll
2014-08-25 23:05 . 2014-08-25 23:05 101824 ----a-w- c:\windows\system32\consent.exe
2014-08-25 23:04 . 2014-08-25 23:04 99480 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-25 23:04 . 2014-08-25 23:04 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-25 23:04 . 2014-08-25 23:04 619672 ----a-w- c:\windows\system32\icardagt.exe
2014-08-25 23:04 . 2014-08-25 23:04 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-15 03:12 . 2011-03-28 21:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-08-30 19:38 752960 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-19 21:28 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 10:02 23008 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2013-04-17 3573624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-10-24 172088]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-01 4085896]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-06-05 12021464]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-10-24 173624]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-10-24 138808]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-10-15 157480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoAutoUpdate"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
"NoAutoUpdate"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^Nilson Machado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk]
path=c:\users\Nilson Machado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.8.8.1435.lnk
backup=c:\windows\pss\PC App Store Uninstall 3.8.8.1435.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
2014-08-22 16:56 2281248 ----a-w- c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-10-11 15:05 60712 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 17:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2014-03-04 09:19 3696912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2013-04-17 06:14 3573624 ----a-r- c:\program files\Internet Download Manager\IDMan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
2014-04-21 18:50 1596736 ----a-w- c:\program files\IObit\IObit Malware Fighter\IMF.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsmqIntCert]
2010-11-20 12:19 152064 ----a-w- c:\windows\System32\mqrt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 06:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
2007-09-02 16:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2009-05-05 18:01 1466368 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
2009-08-12 18:06 662016 ----a-w- c:\windows\vsnp2uvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2uvc]
2012-02-23 12:29 322560 ----a-w- c:\program files\Common Files\SNP2UVC\tsnp2uvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2014-08-04 23:06 1430864 ----a-w- c:\users\Nilson Machado\AppData\Roaming\uTorrent\updates\3.4.2_32785.exe
.
2;2 iprip;RIP de Escuta;c:\windows\System32\svchost.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
R3 BHipsEx;Baidu HipsEx Driver;c:\windows\System32\drivers\BHipsEx.sys [x]
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys [x]
R3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys [2006-07-04 53921]
R3 PCFApiUtil;PCFApiUtil;c:\program files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2013-11-19 32288]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2013-11-19 20944]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-07-14 1343400]
R3 WMSVC;Serviço de Gerenciamento da Web;c:\windows\system32\inetsrv\wmsvc.exe [2009-07-14 9728]
R4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2013-03-23 21480]
R4 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [2014-01-24 342336]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-03-01 161384]
R4 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 Bhbase;Baidu Hook Base;c:\windows\System32\drivers\Bhbase.sys [2014-03-11 47456]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 18624]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-07-19 779536]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-07-19 414520]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-18 243128]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2014-08-18 893216]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-07-19 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-07-19 67824]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-07-19 71944]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-06-17 242216]
S2 ftpsvc;Microsoft FTP Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2014-10-01 115240]
S2 NfsClnt;Client for NFS;c:\windows\system32\nfsclnt.exe [2010-11-20 52736]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 NfsRdr;Redirecionador do Client for NFS;c:\windows\system32\drivers\nfsrdr.sys [2010-11-20 201728]
S3 PsxDrv;PsxDrv;c:\windows\system32\drivers\psxdrv.sys [2009-07-13 9216]
S3 RpcXdr;Open RPC do Server for NFS (ONCRPC);c:\windows\system32\drivers\rpcxdr.sys [2010-11-20 87040]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-06-06 693464]
.
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
ftpsvc REG_MULTI_SZ ftpsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
ipripsvc REG_MULTI_SZ iprip
LPDService REG_MULTI_SZ LPDSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-29 17:01 1089352 ----a-w- c:\program files\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-10-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-10 00:44]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-10 22:03]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-10 22:03]
.
.
------- Scan Suplementar -------
.
uStart Page = [Você precisa estar registrado e conectado para ver este link.]
uInternet Settings,ProxyOverride = *.local
IE: &Enviar para o OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Fazer o download de todos os links usando o IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Fazer o download usando o IDM - c:\program files\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 201.251.58.190 8.8.8.8
FF - ProfilePath - c:\users\Nilson Machado\AppData\Roaming\Mozilla\Firefox\Profiles\pc8o1i1a.default-1401401241470\
FF - prefs.js: browser.startup.homepage - [Você precisa estar registrado e conectado para ver este link.]
FF - prefs.js: keyword.URL - [Você precisa estar registrado e conectado para ver este link.]
.
- - - - ORFÃOS REMOVIDOS - - - -
.
MSConfigStartUp-Advanced SystemCare 6 - c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe
MSConfigStartUp-msnmsgr - c:\program files\Windows Live\Messenger\msnmsgr.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\SecuROM\License information*]
"datasecu"=hex:4b,90,29,a2,35,e3,12,13,1a,14,21,6d,1d,24,55,8c,0f,1a,66,f9,92,
fd,f5,29,24,c6,47,22,52,14,86,e8,f7,b9,88,88,b2,db,7a,33,79,60,d2,80,78,ed,\
"rkeysecu"=hex:d8,b3,6f,c8,c5,a4,b4,ee,b0,0c,41,37,45,36,46,e1
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):6a,c5,fa,fb,ef,8d,c6,a8,23,2d,6c,2f,2d,05,42,10,31,6f,b9,e9,6c,
fb,0c,c7,1f,f0,94,9a,b5,9d,c7,27,f6,4b,33,71,67,d1,dc,05,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b6,60,37,44,7a,f0,4b,91,26,c6,e8,97,29,c6,c4,5c,95,4e,34,d9,2d,
52,bb,1a,00,ef,06,9b,47,ea,c8,b1,3a,7f,a6,40,e6,83,f4,2c,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001_Classes\CLSID\{847cea7d-a4dd-4881-b305-f18ae19aa074}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000db
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,75,07,18,dd,fb,11,42,94,27,b7,99,0d,2a,ba,05,1a,a2,02,c9,3e,9b,f9,\
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001_Classes\CLSID\{cb666bb0-ba1e-4234-951f-3b9f422d132d}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000121
"Therad"=dword:00000015
"SpecVersion"=dword:000000db
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\psxss.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\IObit\Smart Defrag 3\SmartDefrag.exe
c:\program files\IObit\Advanced SystemCare 7\Monitor.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CISVC.EXE
c:\program files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\windows\system32\mqsvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\mqtgsvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Tempo para conclusão: 2014-10-29 23:23:19 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-10-30 01:23
.
Pré-execução: 140.180.115.456 bytes disponíveis
Pós execução: 140.059.123.712 bytes disponíveis
.
- - End Of File - - 3DEA9805507C6A96AC4B0254120A73AE
A36C5E4F47E84449FF07ED3517B43A31
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Qui 30 Out 2014, 03:13

Bom Dia! Nilson Machado da Siva

> Desinstale:

c:\program files\IObit\IObit Malware Fighter <<

c:\program files\IObit\Advanced SystemCare 7 <<


> Selecione e copie,o conteúdo que está no "Código",para o Bloco de Notas.
> Salve-o,no desktop,com o nome: CFScript << Texto!

Código:
SecCenter::
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]

Folder::
c:\program files\IObit
c:\program files\IObit\IObit Uninstaller
c:\program files\IObit\IObit Malware Fighter
c:\program files\IObit\Advanced SystemCare 7

File::
c:\windows\System32\drivers\Bhbase.sys 
c:\windows\System32\drivers\BHipsEx.sys
c:\windows\System32\drivers\BprotectEx.sys
c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe 
c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe
c:\program files\IObit\IObit Malware Fighter\IMF.exe
c:\program files\IObit\Advanced SystemCare 7\Monitor.exe
c:\program files\IObit\Advanced SystemCare 7\ASCService.exe 
c:\program files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys 
c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe 

Driver::
BHipsEx
BprotectEx
PCFApiUtil
UrlFilter
FileMonitor
IMFservice
Bhbase
AdvancedSystemCareService7
FoxitCloudUpdateService

> Ps: Desabilite,temporariamente,seu antivírus.
> Ps: Não utilizem este script em outra máquina!
> Arraste,o CFScript.txt para o ícone/interior do ComboFix.
> Veja a demonstração!

[Você precisa estar registrado e conectado para ver esta imagem.]

> Atenda à solicitação,que deverá surgir,para rodar o ComboFix.
> Ps: Faça o arraste,até surgir essa solicitação! ( janela )
> Caso apareça alguma mensagem para atualizar a ferramenta,clique Sim!
> Concluindo,poste: C:\ComboFix.txt <<

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Qui 30 Out 2014, 10:39

ComboFix 14-10-29.01 - Nilson Machado 30/10/2014 10:07:14.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.3005.1878 [GMT -2:00]
Executando de: c:\users\Nilson Machado\Desktop\ComboFix_2.exe
Comandos utilizados :: c:\users\Nilson Machado\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys"
"c:\program files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"c:\program files\IObit\Advanced SystemCare 7\ASCService.exe"
"c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe"
"c:\program files\IObit\Advanced SystemCare 7\Monitor.exe"
"c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys"
"c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys"
"c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys"
"c:\program files\IObit\IObit Malware Fighter\IMF.exe"
"c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe"
"c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll"
"c:\windows\System32\drivers\Bhbase.sys"
"c:\windows\System32\drivers\BHipsEx.sys"
"c:\windows\System32\drivers\BprotectEx.sys"
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 6\BrowerProtect\ASCUrlScanner.dll
c:\program files\IObit\Driver Booster\AUpdate.exe
c:\program files\IObit\Driver Booster\AutoUpdate.exe
c:\program files\IObit\Driver Booster\Database\Backup\Drivers.db
c:\program files\IObit\Driver Booster\Database\Drivers.db
c:\program files\IObit\Driver Booster\Database\Games.db
c:\program files\IObit\Driver Booster\Database\Update\db_upd00.incpk
c:\program files\IObit\Driver Booster\Database\Update\db_upd01.incpk
c:\program files\IObit\Driver Booster\Database\Update\db_upd02.incpk
c:\program files\IObit\Driver Booster\Database\Update\db_upd03.incpk
c:\program files\IObit\Driver Booster\Database\Version.dll
c:\program files\IObit\Driver Booster\Download\aud_win7_8_8.1_6.0.1.7183_vista_78b2.dbz
c:\program files\IObit\Driver Booster\Download\aud_win7_8_8.1_6.0.1.7183_vista_78b2.dbz.dat
c:\program files\IObit\Driver Booster\Download\driver_win7_7080_03212014_32.dbz
c:\program files\IObit\Driver Booster\Download\sp63598_distill.dbz
c:\program files\IObit\Driver Booster\Download\sp63598_distill.dbz.dat
c:\program files\IObit\Driver Booster\DpInst\x64\dpinst.exe
c:\program files\IObit\Driver Booster\DpInst\x86\dpinst.exe
c:\program files\IObit\Driver Booster\DriverBooster.exe
c:\program files\IObit\Driver Booster\DrvInstall\DbzInst.dll
c:\program files\IObit\Driver Booster\DrvInstall\DIFxAPI32.dll
c:\program files\IObit\Driver Booster\DrvInstall\DIFxAPI64.dll
c:\program files\IObit\Driver Booster\DrvInstall\DpInstX32.exe
c:\program files\IObit\Driver Booster\DrvInstall\DpInstX64.exe
c:\program files\IObit\Driver Booster\DrvInstall\DrvInstall.exe
c:\program files\IObit\Driver Booster\EULA.rtf
c:\program files\IObit\Driver Booster\FixPlugin.exe
c:\program files\IObit\Driver Booster\Freeware\Check.dll
c:\program files\IObit\Driver Booster\Freeware\Driver_Booster_FreeSoftwareDownloader.exe
c:\program files\IObit\Driver Booster\Help.html
c:\program files\IObit\Driver Booster\History.txt
c:\program files\IObit\Driver Booster\Images\backups-icon.jpg
c:\program files\IObit\Driver Booster\Images\backups-screen.jpg
c:\program files\IObit\Driver Booster\Images\cloud-icon.jpg
c:\program files\IObit\Driver Booster\Images\driver-details.jpg
c:\program files\IObit\Driver Booster\Images\feedback-icon.jpg
c:\program files\IObit\Driver Booster\Images\feedback-screen.jpg
c:\program files\IObit\Driver Booster\Images\google-icon.jpg
c:\program files\IObit\Driver Booster\Images\installation-tips.jpg
c:\program files\IObit\Driver Booster\Images\like-icon.jpg
c:\program files\IObit\Driver Booster\Images\main-screen.jpg
c:\program files\IObit\Driver Booster\Images\main-screen2.jpg
c:\program files\IObit\Driver Booster\Images\more-settings-icon.jpg
c:\program files\IObit\Driver Booster\Images\more-settings.jpg
c:\program files\IObit\Driver Booster\Images\reboot.jpg
c:\program files\IObit\Driver Booster\Images\restore-icon.jpg
c:\program files\IObit\Driver Booster\Images\restore-screen.jpg
c:\program files\IObit\Driver Booster\Images\scan-drivers-latest.jpg
c:\program files\IObit\Driver Booster\Images\scan-outdated-found.jpg
c:\program files\IObit\Driver Booster\Images\scanning-screen.jpg
c:\program files\IObit\Driver Booster\Images\settings-drivers.jpg
c:\program files\IObit\Driver Booster\Images\settings-ignored.jpg
c:\program files\IObit\Driver Booster\Images\settings-network.jpg
c:\program files\IObit\Driver Booster\Images\settings-recommend.jpg
c:\program files\IObit\Driver Booster\Images\settings-scan.jpg
c:\program files\IObit\Driver Booster\Images\settings.jpg
c:\program files\IObit\Driver Booster\Images\skin-icon.jpg
c:\program files\IObit\Driver Booster\Images\skin-screen.jpg
c:\program files\IObit\Driver Booster\Images\update-drivers.jpg
c:\program files\IObit\Driver Booster\Images\update-process.jpg
c:\program files\IObit\Driver Booster\IObitDownloader.exe
c:\program files\IObit\Driver Booster\Language\Albanian.lng
c:\program files\IObit\Driver Booster\Language\Arabic.lng
c:\program files\IObit\Driver Booster\Language\Belarusian.lng
c:\program files\IObit\Driver Booster\Language\Bulgarian.lng
c:\program files\IObit\Driver Booster\Language\ChineseSimp.lng
c:\program files\IObit\Driver Booster\Language\ChineseTrad.lng
c:\program files\IObit\Driver Booster\Language\Croatian.lng
c:\program files\IObit\Driver Booster\Language\Czech.lng
c:\program files\IObit\Driver Booster\Language\Danish.lng
c:\program files\IObit\Driver Booster\Language\Dutch.lng
c:\program files\IObit\Driver Booster\Language\English.lng
c:\program files\IObit\Driver Booster\Language\Finnish.lng
c:\program files\IObit\Driver Booster\Language\French.lng
c:\program files\IObit\Driver Booster\Language\German.lng
c:\program files\IObit\Driver Booster\Language\Greek.lng
c:\program files\IObit\Driver Booster\Language\Hebrew.lng
c:\program files\IObit\Driver Booster\Language\Hungarian.lng
c:\program files\IObit\Driver Booster\Language\Italian.lng
c:\program files\IObit\Driver Booster\Language\Japanese.lng
c:\program files\IObit\Driver Booster\Language\Korean.lng
c:\program files\IObit\Driver Booster\Language\Mongolian.lng
c:\program files\IObit\Driver Booster\Language\Nepali.lng
c:\program files\IObit\Driver Booster\Language\Polish.lng
c:\program files\IObit\Driver Booster\Language\Portuguese (PT-BR).lng
c:\program files\IObit\Driver Booster\Language\Portuguese (PT-PT).lng
c:\program files\IObit\Driver Booster\Language\Romanian.lng
c:\program files\IObit\Driver Booster\Language\Russian.lng
c:\program files\IObit\Driver Booster\Language\Serbian (Cyrillic).lng
c:\program files\IObit\Driver Booster\Language\Serbian (Latin).lng
c:\program files\IObit\Driver Booster\Language\Slovak.lng
c:\program files\IObit\Driver Booster\Language\Slovenian.lng
c:\program files\IObit\Driver Booster\Language\Spanish.lng
c:\program files\IObit\Driver Booster\Language\Swedish.lng
c:\program files\IObit\Driver Booster\Language\Thai.lng
c:\program files\IObit\Driver Booster\Language\Turkish.lng
c:\program files\IObit\Driver Booster\Language\Ukrainian.lng
c:\program files\IObit\Driver Booster\Language\Vietnamese.lng
c:\program files\IObit\Driver Booster\LatestNews\imagenews.png
c:\program files\IObit\Driver Booster\LatestNews\LatestNews.ini
c:\program files\IObit\Driver Booster\LocalData\Config.ini
c:\program files\IObit\Driver Booster\LocalData\Ignore.ini
c:\program files\IObit\Driver Booster\LocalData\Installed.lst
c:\program files\IObit\Driver Booster\madbasic_.bpl
c:\program files\IObit\Driver Booster\maddisAsm_.bpl
c:\program files\IObit\Driver Booster\madexcept_.bpl
c:\program files\IObit\Driver Booster\MakeSFX.exe
c:\program files\IObit\Driver Booster\Promote.exe
c:\program files\IObit\Driver Booster\Register.dll
c:\program files\IObit\Driver Booster\rtl120.bpl
c:\program files\IObit\Driver Booster\Scheduler.exe
c:\program files\IObit\Driver Booster\SetupHlp.exe
c:\program files\IObit\Driver Booster\Skin\black.rcc
c:\program files\IObit\Driver Booster\Skin\public.rcc
c:\program files\IObit\Driver Booster\Skin\white.rcc
c:\program files\IObit\Driver Booster\SkipUacExec.exe
c:\program files\IObit\Driver Booster\SkipUacTask.exe
c:\program files\IObit\Driver Booster\SQLite3.dll
c:\program files\IObit\Driver Booster\SysRest.dll
c:\program files\IObit\Driver Booster\TaskMgr.dll
c:\program files\IObit\Driver Booster\unins000.dat
c:\program files\IObit\Driver Booster\unins000.exe
c:\program files\IObit\Driver Booster\unins000.msg
c:\program files\IObit\Driver Booster\Update\Database\Update\db_upd00.incpk.dat
c:\program files\IObit\Driver Booster\Update\Database\Update\db_upd01.incpk.dat
c:\program files\IObit\Driver Booster\Update\Database\Update\db_upd02.incpk.dat
c:\program files\IObit\Driver Booster\Update\Update.ini
c:\program files\IObit\Driver Booster\UpdateDB.exe
c:\program files\IObit\Driver Booster\vcl120.bpl
c:\program files\IObit\Driver Booster\vclx120.bpl
c:\program files\IObit\Driver Booster\WebRes.dll
c:\program files\IObit\Driver Booster\Zip.dll
c:\program files\IObit\IObit Malware Fighter\license.dat
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2014-08-03-22-38 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2014-08-04-20-08 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2014-08-05-21-02 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2014-08-06-09-13 .txt
c:\program files\IObit\IObit Malware Fighter\log\realtime\realtime_2014-08-06-19-58 .txt
c:\program files\IObit\IObit Malware Fighter\log\scan\scan_2013-07-27-20-09 .txt
c:\program files\IObit\IObit Malware Fighter\log\scan\scan_2013-08-17-23-47 .txt
c:\program files\IObit\IObit Malware Fighter\log\scan\scan_2013-08-18-00-26 .txt
c:\program files\IObit\IObit Malware Fighter\log\scan\scan_2013-09-13-20-22 .txt
c:\program files\IObit\IObit Malware Fighter\log\scan\scan_2014-06-05-20-19 .txt
c:\program files\IObit\IObit Malware Fighter\Quarantine Zone\info.db
c:\program files\IObit\IObit Malware Fighter\Quarantine Zone\jwwynjhh
c:\program files\IObit\IObit Uninstaller\NewUpdater-iu.exe
c:\program files\IObit\IObit Uninstaller\SendBugReportNew.exe
c:\program files\IObit\IObit Uninstaller\taskmgr.dll
c:\program files\IObit\IObit Uninstaller\UninstallExplorer32_1.dll
c:\program files\IObit\IObit Uninstaller\UninstallPromote_1.exe
c:\program files\IObit\LiveUpdate\Language\Arabic.lng
c:\program files\IObit\LiveUpdate\Language\Belarusian.lng
c:\program files\IObit\LiveUpdate\Language\ChineseSimp.lng
c:\program files\IObit\LiveUpdate\Language\ChineseTrad.lng
c:\program files\IObit\LiveUpdate\Language\Czech.lng
c:\program files\IObit\LiveUpdate\Language\Danish.lng
c:\program files\IObit\LiveUpdate\Language\Dinka.lng
c:\program files\IObit\LiveUpdate\Language\Dutch.lng
c:\program files\IObit\LiveUpdate\Language\English.lng
c:\program files\IObit\LiveUpdate\Language\Finnish.lng
c:\program files\IObit\LiveUpdate\Language\Flemish.lng
c:\program files\IObit\LiveUpdate\Language\French.lng
c:\program files\IObit\LiveUpdate\Language\German.lng
c:\program files\IObit\LiveUpdate\Language\Greek.lng
c:\program files\IObit\LiveUpdate\Language\Hebrew.lng
c:\program files\IObit\LiveUpdate\Language\Hungarian.lng
c:\program files\IObit\LiveUpdate\Language\Indonesia.lng
c:\program files\IObit\LiveUpdate\Language\Italian.lng
c:\program files\IObit\LiveUpdate\Language\Japanese.lng
c:\program files\IObit\LiveUpdate\Language\Korean.lng
c:\program files\IObit\LiveUpdate\Language\Latvian.lng
c:\program files\IObit\LiveUpdate\Language\Malayalam.lng
c:\program files\IObit\LiveUpdate\Language\Polish.lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-BR).lng
c:\program files\IObit\LiveUpdate\Language\Portuguese(PT-PT).lng
c:\program files\IObit\LiveUpdate\Language\Romanian.lng
c:\program files\IObit\LiveUpdate\Language\Russian.lng
c:\program files\IObit\LiveUpdate\Language\Serbian (cyrillic).lng
c:\program files\IObit\LiveUpdate\Language\Serbian (latin).lng
c:\program files\IObit\LiveUpdate\Language\Slovak.lng
c:\program files\IObit\LiveUpdate\Language\Slovenian.lng
c:\program files\IObit\LiveUpdate\Language\Spanish.lng
c:\program files\IObit\LiveUpdate\Language\Swedish.lng
c:\program files\IObit\LiveUpdate\Language\Turkish.lng
c:\program files\IObit\LiveUpdate\Language\Ukrainian.lng
c:\program files\IObit\LiveUpdate\Language\Vietnamese.lng
c:\program files\IObit\LiveUpdate\LiveUpdate.exe
c:\program files\IObit\LiveUpdate\LiveUpdate.log
c:\program files\IObit\LiveUpdate\LiveUpdateSrvUpt.log
c:\program files\IObit\LiveUpdate\ProductStatistics.dll
c:\program files\IObit\LiveUpdate\ProductUpt.log
c:\program files\IObit\LiveUpdate\system.ini
c:\program files\IObit\LiveUpdate\update\update.spt
c:\program files\IObit\Smart Defrag 3\ActionCenterDownloader.exe
c:\program files\IObit\Smart Defrag 3\AutoUpdate.exe
c:\program files\IObit\Smart Defrag 3\Database\PriTemp.dbd
c:\program files\IObit\Smart Defrag 3\drivers\win7_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\win7_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\drivers\win7_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\win7_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\drivers\win8_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\win8_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\drivers\win8_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\win8_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\drivers\wlh_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\wlh_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\drivers\wlh_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\wlh_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\drivers\wnet_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\wnet_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\drivers\wnet_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\wnet_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\drivers\wxp_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\wxp_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\drivers\wxp_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 3\drivers\wxp_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 3\EULA.rtf
c:\program files\IObit\Smart Defrag 3\Extension\IObitSmartDefragExtension_x64.dll
c:\program files\IObit\Smart Defrag 3\Extension\IObitSmartDefragExtension_x86.dll
c:\program files\IObit\Smart Defrag 3\Help\EULA.rtf
c:\program files\IObit\Smart Defrag 3\Help\img\actioncenter.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\automaticdefrag.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\boottimedefrag.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\boottimedefragconfigure.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\diskcleanup.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\excludelist.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\functionstate.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\iconlike.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\iconmore.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\iconskin.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\mainscreen.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\mapcolor.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\report.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\settings-main.jpg
c:\program files\IObit\Smart Defrag 3\Help\img\settings.jpg
c:\program files\IObit\Smart Defrag 3\Help\Index.html
c:\program files\IObit\Smart Defrag 3\Language\Arabic.lng
c:\program files\IObit\Smart Defrag 3\Language\ChineseSimp.lng
c:\program files\IObit\Smart Defrag 3\Language\ChineseTrad.lng
c:\program files\IObit\Smart Defrag 3\Language\Croatian.lng
c:\program files\IObit\Smart Defrag 3\Language\Czech.lng
c:\program files\IObit\Smart Defrag 3\Language\Danish.lng
c:\program files\IObit\Smart Defrag 3\Language\Dinka.lng
c:\program files\IObit\Smart Defrag 3\Language\Dutch.lng
c:\program files\IObit\Smart Defrag 3\Language\English.lng
c:\program files\IObit\Smart Defrag 3\Language\Finnish.lng
c:\program files\IObit\Smart Defrag 3\Language\Flemish.lng
c:\program files\IObit\Smart Defrag 3\Language\French.lng
c:\program files\IObit\Smart Defrag 3\Language\German.lng
c:\program files\IObit\Smart Defrag 3\Language\Greek.lng
c:\program files\IObit\Smart Defrag 3\Language\Hindi.lng
c:\program files\IObit\Smart Defrag 3\Language\Hungarian.lng
c:\program files\IObit\Smart Defrag 3\Language\Indonesia.lng
c:\program files\IObit\Smart Defrag 3\Language\Italian.lng
c:\program files\IObit\Smart Defrag 3\Language\Japanese.lng
c:\program files\IObit\Smart Defrag 3\Language\Korean.lng
c:\program files\IObit\Smart Defrag 3\Language\Malayalam.lng
c:\program files\IObit\Smart Defrag 3\Language\Polish.lng
c:\program files\IObit\Smart Defrag 3\Language\Portuguese(PT-BR).lng
c:\program files\IObit\Smart Defrag 3\Language\Portuguese(PT-PT).lng
c:\program files\IObit\Smart Defrag 3\Language\Romanian.lng
c:\program files\IObit\Smart Defrag 3\Language\Russian.lng
c:\program files\IObit\Smart Defrag 3\Language\Serbian (Cyrillic).lng
c:\program files\IObit\Smart Defrag 3\Language\Serbian (Latin).lng
c:\program files\IObit\Smart Defrag 3\Language\Slovak.lng
c:\program files\IObit\Smart Defrag 3\Language\Slovenian.lng
c:\program files\IObit\Smart Defrag 3\Language\Spanish.lng
c:\program files\IObit\Smart Defrag 3\Language\Swedish.lng
c:\program files\IObit\Smart Defrag 3\Language\Thai.lng
c:\program files\IObit\Smart Defrag 3\Language\Turkish.lng
c:\program files\IObit\Smart Defrag 3\Language\Ukrainian.lng
c:\program files\IObit\Smart Defrag 3\Language\Vietnamese.lng
c:\program files\IObit\Smart Defrag 3\LatestNews\LatestNews.ini
c:\program files\IObit\Smart Defrag 3\NtfsData.dll
c:\program files\IObit\Smart Defrag 3\rtl120.bpl
c:\program files\IObit\Smart Defrag 3\sdcore.dll
c:\program files\IObit\Smart Defrag 3\SDDriverMgr.dll
c:\program files\IObit\Smart Defrag 3\SDInit.exe
c:\program files\IObit\Smart Defrag 3\sdlib.dll
c:\program files\IObit\Smart Defrag 3\SDReport\SmartDefragReport.html
c:\program files\IObit\Smart Defrag 3\Skins\Black\black.rcc
c:\program files\IObit\Smart Defrag 3\Skins\Black\color_setting.ini
c:\program files\IObit\Smart Defrag 3\Skins\Black\deepanalyze.png
c:\program files\IObit\Smart Defrag 3\Skins\Black\icon_correct_s.ico
c:\program files\IObit\Smart Defrag 3\Skins\Black\icon_error_s.ico
c:\program files\IObit\Smart Defrag 3\Skins\Black\mask.png
c:\program files\IObit\Smart Defrag 3\Skins\Blue\blue.rcc
c:\program files\IObit\Smart Defrag 3\Skins\Blue\color_setting.ini
c:\program files\IObit\Smart Defrag 3\Skins\Blue\deepanalyze.png
c:\program files\IObit\Smart Defrag 3\Skins\Blue\icon_correct_s.ico
c:\program files\IObit\Smart Defrag 3\Skins\Blue\icon_error_s.ico
c:\program files\IObit\Smart Defrag 3\Skins\Blue\mask.png
c:\program files\IObit\Smart Defrag 3\Skins\White\color_setting.ini
c:\program files\IObit\Smart Defrag 3\Skins\White\deepanalyze.png
c:\program files\IObit\Smart Defrag 3\Skins\White\icon_correct_s.ico
c:\program files\IObit\Smart Defrag 3\Skins\White\icon_error_s.ico
c:\program files\IObit\Smart Defrag 3\Skins\White\mask.png
c:\program files\IObit\Smart Defrag 3\Skins\White\white.rcc
c:\program files\IObit\Smart Defrag 3\SmartDefrag.exe
c:\program files\IObit\Smart Defrag 3\sqlite3.dll
c:\program files\IObit\Smart Defrag 3\taskMgr.dll
c:\program files\IObit\Smart Defrag 3\unins000.dat
c:\program files\IObit\Smart Defrag 3\unins000.exe
c:\program files\IObit\Smart Defrag 3\unins000.msg
c:\program files\IObit\Smart Defrag 3\UninstallPromote.exe
c:\program files\IObit\Smart Defrag 3\Update History.txt
c:\program files\IObit\Smart Defrag 3\Update\freeware.ini
c:\program files\IObit\Smart Defrag 3\Update\LastCheck.Ini
c:\program files\IObit\Smart Defrag 3\Update\Update.ini
c:\program files\IObit\Smart Defrag 3\Update\UpdateHistory.ini
c:\program files\IObit\Smart Defrag 3\vcl120.bpl
c:\program files\IObit\Smart Defrag 3\vclx120.bpl
c:\program files\IObit\Smart Defrag 3\webres.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCBrowserProtection.safariextz
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome.manifest
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\ascsurfingprotection.xul
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\imagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\languagemgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\popbox.css
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\protectpage.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\searchresultmgr.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\chrome\content\urlbaricon.js
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\icon.png
c:\program files\IObit\Surfing Protection\BrowerProtect\ascsurfingprotection@iobit.com\install.rdf
c:\program files\IObit\Surfing Protection\BrowerProtect\ASCUrlScanner.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\manifest.json
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\background.html
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\background.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Ex.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\popup.html
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\popup.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\tips.js
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\warning.bak
c:\program files\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\warning.js
c:\program files\IObit\Surfing Protection\BrowerProtect\BrowserProtect.oex
c:\program files\IObit\Surfing Protection\BrowerProtect\errorpage.html
c:\program files\IObit\Surfing Protection\BrowerProtect\images\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\icon_gray.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_tip_details.gif
c:\program files\IObit\Surfing Protection\BrowerProtect\images\ie_wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\images\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\manifest.json
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\ASCPlugin_Protect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\background.html
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\background.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Ex.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\asc.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\popbox_btn_close.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\popbox_btn_ok.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\risk_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\safe_logo.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\tip_details.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\window_risk.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\window_safe.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\Img\wraningBg.png
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\popup.html
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\popup.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\tips.js
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.bak
c:\program files\IObit\Surfing Protection\BrowerProtect\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\Plugin\warning.js
c:\program files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\NPASCSafariPluginProtect.dll
c:\program files\IObit\Surfing Protection\BrowerProtect\Safari_baidu_script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\script.js
c:\program files\IObit\Surfing Protection\BrowerProtect\SPAD_script.js
c:\program files\IObit\Surfing Protection\Database\ASCSpecialUrl.db
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0429
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0603
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_0720
c:\program files\IObit\Surfing Protection\Database\base_safe_browse_1116
c:\program files\IObit\Surfing Protection\Database\base_upt_add
c:\program files\IObit\Surfing Protection\Database\spupdate.utp
c:\program files\IObit\Surfing Protection\DownErrorConfig.txt
c:\program files\IObit\Surfing Protection\Extensions.plist
c:\program files\IObit\Surfing Protection\Language\Arabic.lng
c:\program files\IObit\Surfing Protection\Language\Belarusian.lng
c:\program files\IObit\Surfing Protection\Language\ChineseSimp.lng
c:\program files\IObit\Surfing Protection\Language\ChineseTrad.lng
c:\program files\IObit\Surfing Protection\Language\Czech.lng
c:\program files\IObit\Surfing Protection\Language\Dutch.lng
c:\program files\IObit\Surfing Protection\Language\English.lng
c:\program files\IObit\Surfing Protection\Language\Finnish.lng
c:\program files\IObit\Surfing Protection\Language\Hungarian.lng
c:\program files\IObit\Surfing Protection\Language\Japanese.lng
c:\program files\IObit\Surfing Protection\Language\Korean.lng
c:\program files\IObit\Surfing Protection\Language\Polish.lng
c:\program files\IObit\Surfing Protection\Language\Portuguese(PT-BR).lng
c:\program files\IObit\Surfing Protection\Language\Romanian.lng
c:\program files\IObit\Surfing Protection\Language\Russian.lng
c:\program files\IObit\Surfing Protection\Language\Serbian (cyrillic).lng
c:\program files\IObit\Surfing Protection\Language\Serbian (latin).lng
c:\program files\IObit\Surfing Protection\Language\Slovenian.lng
c:\program files\IObit\Surfing Protection\Language\Spanish.lng
c:\program files\IObit\Surfing Protection\Language\Swedish.lng
c:\program files\IObit\Surfing Protection\Language\Turkish.lng
c:\program files\IObit\Surfing Protection\Language\Vietnamese.lng
c:\program files\IObit\Surfing Protection\PluginInstall.exe
c:\program files\IObit\Surfing Protection\Preferences
c:\program files\IObit\Surfing Protection\SPInit.log
c:\program files\IObit\Surfing Protection\SPUpdate.exe
c:\program files\IObit\Surfing Protection\sqlite3.dll
c:\program files\IObit\Surfing Protection\unins000.dat
c:\program files\IObit\Surfing Protection\unins000.exe
c:\program files\IObit\Surfing Protection\unins000.msg
c:\program files\IObit\Surfing Protection\Update\Update.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BHBASE
-------\Legacy_BPROTECTEX
-------\Legacy_PCFAPIUTIL
-------\Legacy_URLFILTER
-------\Service_Bhbase
-------\Service_BHipsEx
-------\Service_BprotectEx
-------\Service_FoxitCloudUpdateService
-------\Service_PCFApiUtil
-------\Service_LiveUpdateSvc
-------\Service_LiveUpdateSvc
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-09-28 to 2014-10-30 ))))))))))))))))))))))))))))
.
.
2014-10-30 12:21 . 2014-10-30 12:26 -------- d-----w- c:\users\Nilson Machado\AppData\Local\temp
2014-10-30 12:21 . 2014-10-30 12:21 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2014-10-30 12:21 . 2014-10-30 12:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-30 12:21 . 2014-10-30 12:21 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2014-10-30 11:57 . 2014-10-30 11:57 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-10-29 23:33 . 2014-10-29 23:43 181064 ----a-w- c:\windows\PSEXESVC.EXE
2014-10-29 23:33 . 2014-10-29 23:33 -------- d-----w- C:\Tweaking.com_Windows_Repair_Logs
2014-10-29 16:28 . 2014-10-29 16:28 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-10-29 16:16 . 2014-10-29 19:17 -------- d-----w- c:\users\Nilson Machado\AppData\Roaming\ZHP
2014-10-29 16:16 . 2014-10-29 16:28 -------- d-----w- c:\program files\ZHPDiag
2014-10-29 16:13 . 2014-10-29 16:12 6860008 ----a-w- C:\ZHPDiag2.exe
2014-10-29 14:55 . 2014-10-29 14:55 220784 ----a-w- c:\program files\Mozilla Firefox\sandboxbroker.dll
2014-10-27 19:57 . 2014-10-27 19:57 -------- d-----w- C:\zoek_backup
2014-10-27 19:21 . 2014-10-27 19:21 -------- d-----w- c:\windows\ERUNT
2014-10-23 17:23 . 2012-10-03 18:14 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-10-23 17:22 . 2014-10-23 17:22 -------- d-----w- c:\program files\iPod
2014-10-23 17:22 . 2014-10-23 17:23 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-10-23 17:22 . 2014-10-23 17:23 -------- d-----w- c:\program files\iTunes
2014-10-23 17:21 . 2014-10-23 17:21 -------- d-----w- c:\program files\Bonjour
2014-10-16 13:18 . 2014-10-16 13:18 2363904 ----a-w- c:\windows\system32\msi.dll
2014-10-16 13:17 . 2014-10-16 13:17 67072 ----a-w- c:\windows\system32\packager.dll
2014-10-16 13:17 . 2014-10-16 13:17 2379264 ----a-w- c:\windows\system32\win32k.sys
2014-10-16 13:14 . 2014-10-16 13:14 4922368 ----a-w- c:\windows\system32\mstscax.dll
2014-10-16 13:14 . 2014-10-16 13:14 37376 ----a-w- c:\windows\system32\tsgqec.dll
2014-10-16 13:14 . 2014-10-16 13:14 2744320 ----a-w- c:\windows\system32\rdpcorets.dll
2014-10-16 13:14 . 2014-10-16 13:14 269312 ----a-w- c:\windows\system32\aaclient.dll
2014-10-16 13:14 . 2014-10-16 13:14 1050112 ----a-w- c:\windows\system32\mstsc.exe
2014-10-16 13:13 . 2014-10-16 13:13 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-10-16 13:13 . 2014-10-16 13:13 523264 ----a-w- c:\windows\system32\termsrv.dll
2014-10-16 13:13 . 2014-10-16 13:13 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-10-16 13:13 . 2014-10-16 13:13 304128 ----a-w- c:\windows\system32\winlogon.exe
2014-10-16 13:13 . 2014-10-16 13:13 184320 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2014-10-16 13:13 . 2014-10-16 13:13 17408 ----a-w- c:\windows\system32\credssp.dll
2014-10-16 13:13 . 2014-10-16 13:13 157696 ----a-w- c:\windows\system32\winsta.dll
2014-10-16 13:13 . 2014-10-16 13:13 130048 ----a-w- c:\windows\system32\rdpcorekmts.dll
2014-10-16 13:09 . 2014-10-16 13:09 372736 ----a-w- c:\windows\system32\rastls.dll
2014-10-16 13:04 . 2014-10-16 13:04 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-16 13:04 . 2014-10-16 13:04 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-16 13:04 . 2014-10-16 13:04 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-15 08:55 . 2014-10-01 06:19 115240 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2014-10-07 17:42 . 2014-10-07 17:42 -------- d-----w- c:\programdata\NannyMania
2014-10-04 18:38 . 2014-10-04 18:38 519680 ----a-w- c:\windows\system32\qdvd.dll
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-30 12:23 . 2013-07-10 20:34 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2014-10-17 00:44 . 2013-07-10 21:22 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-10-17 00:44 . 2013-07-10 21:21 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-24 00:02 . 2014-09-24 00:02 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-15 12:06 . 2013-07-10 21:01 231568 ------w- c:\windows\system32\MpSigStub.exe
2014-09-12 22:45 . 2014-09-12 22:45 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-12 22:45 . 2014-09-12 22:45 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-12 22:39 . 2014-09-12 22:39 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-12 22:39 . 2014-09-12 22:39 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-12 22:29 . 2014-09-12 22:29 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-09 01:24 . 2014-09-27 07:30 8806800 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F9B5297-CEE8-48A7-B7C0-7E3F742AA262}\mpengine.dll
2014-09-04 04:11 . 2014-09-04 04:11 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-09-04 04:11 . 2014-09-04 04:11 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
2014-08-30 19:46 . 2014-08-30 19:46 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-25 23:06 . 2014-08-25 23:06 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-25 23:06 . 2014-08-25 23:06 730048 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-08-25 23:06 . 2014-08-25 23:06 219072 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-08-25 23:06 . 2014-08-25 23:06 107520 ----a-w- c:\windows\system32\cdd.dll
2014-08-25 23:05 . 2014-08-25 23:05 337408 ----a-w- c:\windows\system32\msihnd.dll
2014-08-25 23:05 . 2014-08-25 23:05 1805824 ----a-w- c:\windows\system32\authui.dll
2014-08-25 23:05 . 2014-08-25 23:05 101824 ----a-w- c:\windows\system32\consent.exe
2014-08-25 23:04 . 2014-08-25 23:04 99480 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-25 23:04 . 2014-08-25 23:04 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-25 23:04 . 2014-08-25 23:04 619672 ----a-w- c:\windows\system32\icardagt.exe
2014-08-25 23:04 . 2014-08-25 23:04 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-15 03:12 . 2011-03-28 21:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-19 21:28 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 10:02 23008 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2013-04-17 3573624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-10-24 172088]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-01 4085896]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-06-05 12021464]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-10-24 173624]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-10-24 138808]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-10-15 157480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoAutoUpdate"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
"NoAutoUpdate"= 1 (0x1)
.
[HKLM\~\startupfolder\C:^Users^Nilson Machado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PC App Store Uninstall 3.8.8.1435.lnk]
path=c:\users\Nilson Machado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PC App Store Uninstall 3.8.8.1435.lnk
backup=c:\windows\pss\PC App Store Uninstall 3.8.8.1435.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-10-11 15:05 60712 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 17:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2014-03-04 09:19 3696912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2013-04-17 06:14 3573624 ----a-r- c:\program files\Internet Download Manager\IDMan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsmqIntCert]
2010-11-20 12:19 152064 ----a-w- c:\windows\System32\mqrt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 06:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
2007-09-02 16:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2010-11-20 12:17 1174016 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2009-05-05 18:01 1466368 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
2009-08-12 18:06 662016 ----a-w- c:\windows\vsnp2uvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2uvc]
2012-02-23 12:29 322560 ----a-w- c:\program files\Common Files\SNP2UVC\tsnp2uvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2014-08-04 23:06 1430864 ----a-w- c:\users\Nilson Machado\AppData\Roaming\uTorrent\updates\3.4.2_32785.exe
.
2;2 iprip;RIP de Escuta;c:\windows\System32\svchost.exe [x]
R3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys [2006-07-04 53921]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-07-14 1343400]
R3 WMSVC;Serviço de Gerenciamento da Web;c:\windows\system32\inetsrv\wmsvc.exe [2009-07-14 9728]
R4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-03-01 161384]
R4 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 18624]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-07-19 779536]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-07-19 414520]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-18 243128]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-07-19 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-07-19 67824]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-07-19 71944]
S2 ftpsvc;Microsoft FTP Service;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2014-10-01 115240]
S2 NfsClnt;Client for NFS;c:\windows\system32\nfsclnt.exe [2010-11-20 52736]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 NfsRdr;Redirecionador do Client for NFS;c:\windows\system32\drivers\nfsrdr.sys [2010-11-20 201728]
S3 PsxDrv;PsxDrv;c:\windows\system32\drivers\psxdrv.sys [2009-07-13 9216]
S3 RpcXdr;Open RPC do Server for NFS (ONCRPC);c:\windows\system32\drivers\rpcxdr.sys [2010-11-20 87040]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-06-06 693464]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
ftpsvc REG_MULTI_SZ ftpsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
ipripsvc REG_MULTI_SZ iprip
LPDService REG_MULTI_SZ LPDSVC
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-29 17:01 1089352 ----a-w- c:\program files\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2014-10-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-10 00:44]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-10 22:03]
.
2014-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-10 22:03]
.
.
------- Scan Suplementar -------
.
uStart Page = [Você precisa estar registrado e conectado para ver este link.]
mStart Page = [Você precisa estar registrado e conectado para ver este link.]
mSearch Bar = [Você precisa estar registrado e conectado para ver este link.]
uInternet Settings,ProxyOverride = *.local
IE: &Enviar para o OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Fazer o download de todos os links usando o IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Fazer o download usando o IDM - c:\program files\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 201.251.58.190 8.8.8.8
FF - ProfilePath - c:\users\Nilson Machado\AppData\Roaming\Mozilla\Firefox\Profiles\pc8o1i1a.default-1401401241470\
FF - prefs.js: browser.startup.homepage - [Você precisa estar registrado e conectado para ver este link.]
FF - prefs.js: keyword.URL - [Você precisa estar registrado e conectado para ver este link.]
.
- - - - ORFÃOS REMOVIDOS - - - -
.
AddRemove-Driver Booster_is1 - c:\program files\IObit\Driver Booster\unins000.exe
AddRemove-IObit Surfing Protection_is1 - c:\program files\IObit\Surfing Protection\unins000.exe
AddRemove-Smart Defrag 3_is1 - c:\program files\IObit\Smart Defrag 3\unins000.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\SecuROM\License information*]
"datasecu"=hex:4b,90,29,a2,35,e3,12,13,1a,14,21,6d,1d,24,55,8c,0f,1a,66,f9,92,
fd,f5,29,24,c6,47,22,52,14,86,e8,f7,b9,88,88,b2,db,7a,33,79,60,d2,80,78,ed,\
"rkeysecu"=hex:d8,b3,6f,c8,c5,a4,b4,ee,b0,0c,41,37,45,36,46,e1
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):6a,c5,fa,fb,ef,8d,c6,a8,23,2d,6c,2f,2d,05,42,10,31,6f,b9,e9,6c,
fb,0c,c7,1f,f0,94,9a,b5,9d,c7,27,f6,4b,33,71,67,d1,dc,05,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b6,60,37,44,7a,f0,4b,91,26,c6,e8,97,29,c6,c4,5c,95,4e,34,d9,2d,
52,bb,1a,00,ef,06,9b,47,ea,c8,b1,3a,7f,a6,40,e6,83,f4,2c,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001_Classes\CLSID\{847cea7d-a4dd-4881-b305-f18ae19aa074}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000db
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,75,07,18,dd,fb,11,42,94,27,b7,99,0d,2a,ba,05,1a,a2,02,c9,3e,9b,f9,\
.
[HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001_Classes\CLSID\{cb666bb0-ba1e-4234-951f-3b9f422d132d}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000121
"Therad"=dword:00000015
"SpecVersion"=dword:000000db
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\windows\system32\psxss.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CISVC.EXE
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Google\Update\1.3.25.5\GoogleCrashHandler.exe
c:\windows\system32\mqsvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\mqtgsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Tempo para conclusão: 2014-10-30 10:30:39 - Máquina reiniciou
ComboFix-quarantined-files.txt 2014-10-30 12:30
ComboFix2.txt 2014-10-30 01:23
.
Pré-execução: 139.560.091.648 bytes disponíveis
Pós execução: 139.497.099.264 bytes disponíveis
.
- - End Of File - - D19367551B05C97480A5CF981175A1AC
A36C5E4F47E84449FF07ED3517B43A31
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Qui 30 Out 2014, 11:24

Bom Dia! Nilson Machado da Siva

< MicrosoftFixit50267.msi >

> Baixe e execute este Fix it
>
> Vamos remover as ferramentas que foram utilizadas na desinfecção!

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... de Xplode )

[Você precisa estar registrado e conectado para ver esta imagem.]

> Estando na página,clique em Download Now
> Salve-a em um local conveniente! ( desktop! )
> Feche aplicativos que estejam abertos.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Remover ferramentas de desinfecção
> Criar backup do registro
> Limpar pontos da restauração do sistema

> Com estas caixinhas marcadas,clique Executar!
> Reinicie o computador ao concluir!

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... by OldTimer Tools )

> Salve-o no desktop! 
> Duplo clique em OTL.exe >> Executar ou [Você precisa estar registrado e conectado para ver esta imagem.]

> Ps: Tendo dificuldades ao executar OTL.exe,delete o arquivo e baixe-o daqui ou aqui.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Configure a ferramenta,segundo a screenshot!
> Em "Exame Extra do Registro",assinale "Nenhum".

SAVEMBR:0
*crack* /s 
*keygen* /s 
*serial* /s 
*AutoKMS* /s
*loader* /s
*netsvcs*
*msconfig*
*activex*
*drivers32*
%SYSTEMDRIVE%\*.*
%APPDATA%\Local\*.
%APPDATA%\*.exe /s
%APPDATA%\*.
%systemdrive%\drivers\*.exe
%USERPROFILE%\AppData\Local\*.*
%USERPROFILE%\AppData\Roaming\*.*
%systemroot%\*. /mp /s
%systemroot%\system32\*.ini
%systemroot%\Tasks\*.*
%systemroot%\system32\tasks\*.* /s /64
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\drivers\*.* /90
%systemroot%\assembly\tmp\*.* /S /MD5
%systemroot%\assembly\temp\*.* /S /MD5
%systemroot%\assembly\GAC\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%systemroot%\assembly\GAC_64\*.* /S /MD5
%systemroot%\system32\config\systemprofile\AppData\Local\*.*
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*
%systemdrive%\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.*
%systemdrive%\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.* 
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s

> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as em Meus Documentos ou desktop,com o nome scan. << Texto!
> Clique na área "Exames Personalizados/Correções".

[Você precisa estar registrado e conectado para ver esta imagem.] 

> Clique em Ok para procurar um arquivo com exame personalizado.
> Clique "Abrir". ( scan.txt )

[Você precisa estar registrado e conectado para ver esta imagem.] 

> Após colar as informações na área branca,clique em [Você precisa estar registrado e conectado para ver esta imagem.] 

> Concluindo,poste o relatório: OTL.txt << Link ao relatório!

> Para enviar,acesse: < [Você precisa estar registrado e conectado para ver esta imagem.] >

> Maiores informações: < |Link| >

Abs!
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Qui 30 Out 2014, 12:16

Bom dia Joram,

Não consigo baixar o (OTL.exe), nenhuma opção. Já tentei nos outros navegadores (internet explorere e google chome) aparece a mesma informação: Aparece "Attention Required! Cloudflare".
o que fazer? scratch
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Qui 30 Out 2014, 12:24

Nilson Machado da Siva escreveu:Bom dia Joram,

Não consigo baixar o (OTL.exe), nenhuma opção. Já tentei nos outros navegadores (internet explorere e google chome) aparece a mesma informação: Aparece "Attention Required! Cloudflare".
o que fazer? scratch
Boa Tarde! Nilson Machado da Siva


< OTL >

> Baixe-o daqui.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Qui 30 Out 2014, 12:33

Mesma informação...

Aparece "Attention Required! Cloudflare".
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Qui 30 Out 2014, 13:43

Nilson Machado da Siva escreveu:Mesma informação...

Aparece "Attention Required! Cloudflare".
Ok! Nilson Machado da Siva

< OTL >

> Tente por este link!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Qui 30 Out 2014, 16:22

http://cjoint.com/?DJEtvZlpD6z
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Qui 30 Out 2014, 17:13

Boa Tarde! Nilson Machado da Siva

> Execute a OTL.exe.
> Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" ) 

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\NILSON~1\AppData\Local\Temp\catchme.sys -- (catchme)
IE - HKLM\..\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:63411;https=127.0.0.1:63411
IE - HKU\S-1-5-21-3910295586-3319728892-1321434080-1001\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-3910295586-3319728892-1321434080-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKU\S-1-5-21-3910295586-3319728892-1321434080-1001\..\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB} : "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKU\S-1-5-21-3910295586-3319728892-1321434080-1001\..\SearchScopes\Web: "URL" = [Você precisa estar registrado e conectado para ver este link.]
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
[2014/08/30 17:38:32 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Nilson Machado\AppData\Roaming\mozilla\Firefox\Profiles\6658hlf3.default\extensions\ascsurfingprotection@iobit.com
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014/10/30 12:46:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Baidu
[2014/01/15 03:15:14 | 000,167,784 | ---- | C] (Baidu, Inc.) -- C:\ProgramData\FileSplitUpLoad.dll
[2014/10/30 10:25:57 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.old
[2013/12/26 19:21:26 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2013/12/26 19:21:26 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2013/12/26 19:21:26 | 000,000,000 | ---D | M] -- C:\Users\DefaultAppPool\AppData\Roaming\IObit
[2014/07/13 02:13:00 | 000,000,000 | ---D | M] -- C:\Users\Nilson Machado\AppData\Roaming\Baidu Security
[2014/06/05 21:26:25 | 000,000,000 | ---D | M] -- C:\Users\Nilson Machado\AppData\Roaming\IObit
[2014/08/14 15:17:18 | 001,711,392 | ---- | M] (IObit) -- C:\Users\Nilson Machado\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2014/06/05 21:26:25 | 000,000,000 | ---D | M] -- C:\Users\Nilson Machado\AppData\Roaming\IObit
[2014/08/31 19:09:40 | 000,000,640 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog00.sqm
[2014/09/08 15:16:40 | 000,000,640 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog01.sqm
[2014/09/22 13:58:41 | 000,000,640 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog02.sqm
[2014/09/26 09:34:57 | 000,000,640 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog03.sqm
[2014/10/01 19:08:07 | 000,000,640 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog04.sqm
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:373E1720

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable"=dword:00000000

:Files
netsh winsock reset catalog /c
ipconfig /flushdns /c
ipconfig /renew /c

:commands
[emptytemp]
[purity] 
[resethosts] 
[Reboot]


> Clique no botão Consertar.
> Aguarde a conclusão!
> O computador vai reiniciar! 
> Ao surgir,novamente,clique "Executar". 

[Você precisa estar registrado e conectado para ver esta imagem.]

> Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar.
> Poste o relatório: C:\_OTL\MovedFiles\*.log 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Qui 30 Out 2014, 17:44

All processes killed
========== OTL ==========
Error: No service named VGPU was found to stop!
Service\Driver key VGPU not found.
File System32\drivers\rdvgkmd.sys not found.
Error: No service named tsusbhub was found to stop!
Service\Driver key tsusbhub not found.
File system32\drivers\tsusbhub.sys not found.
Error: No service named Synth3dVsc was found to stop!
Service\Driver key Synth3dVsc not found.
File System32\drivers\synth3dvsc.sys not found.
Error: No service named catchme was found to stop!
Service\Driver key catchme not found.
File C:\Users\NILSON~1\AppData\Local\Temp\catchme.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABCD0123-1234-5678-ABCD-0123456789AB}\ not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Internet Explorer\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABCD0123-1234-5678-ABCD-0123456789AB}\ not found.
Registry key HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ not found.
Folder C:\Users\Nilson Machado\AppData\Roaming\mozilla\Firefox\Profiles\6658hlf3.default\extensions\ascsurfingprotection@iobit.com\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Folder C:\Users\Public\Documents\Baidu\ not found.
File C:\ProgramData\FileSplitUpLoad.dll not found.
File C:\Windows\System32\drivers\etc\hosts.old not found.
Folder C:\Users\Default\AppData\Roaming\IObit\ not found.
Folder C:\Users\Default User\AppData\Roaming\IObit\ not found.
Folder C:\Users\DefaultAppPool\AppData\Roaming\IObit\ not found.
Folder C:\Users\Nilson Machado\AppData\Roaming\Baidu Security\ not found.
Folder C:\Users\Nilson Machado\AppData\Roaming\IObit\ not found.
File C:\Users\Nilson Machado\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe not found.
Folder C:\Users\Nilson Machado\AppData\Roaming\IObit\ not found.
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog00.sqm not found.
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog01.sqm not found.
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog02.sqm not found.
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog03.sqm not found.
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog04.sqm not found.
Unable to delete ADS C:\ProgramData\TEMP:373E1720 .
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\"ProxyEnable"|dword:00000000 /E : value set successfully!
========== FILES ==========
< netsh winsock reset catalog /c >
Cat logo Winsock redefinido com ˆxito.
Reinicie o computador para concluir a redefini‡Æo.
C:\Users\Nilson Machado\Desktop\cmd.bat deleted successfully.
C:\Users\Nilson Machado\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Configura‡Æo de IP do Windows
Libera‡Æo do Cache do DNS Resolver bem-sucedida.
C:\Users\Nilson Machado\Desktop\cmd.bat deleted successfully.
C:\Users\Nilson Machado\Desktop\cmd.txt deleted successfully.
< ipconfig /renew /c >
Configura‡Æo de IP do Windows
Nenhuma opera‡Æo pode ser executada em ConexÆo de Rede sem Fio 2 enquanto a
m¡dia estiver desconectada.
Nenhuma opera‡Æo pode ser executada em ConexÆo local enquanto a
m¡dia estiver desconectada.
Adaptador de Rede sem Fio ConexÆo de Rede sem Fio 2:
Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :
Adaptador de Rede sem Fio ConexÆo de Rede sem Fio:
Sufixo DNS espec¡fico de conexÆo. . . . . . :
Endere‡o IPv6 de link local . . . . . . . . : fe80::e99f:aae3:2880:5406%12
Endere‡o IPv4. . . . . . . . . . . . . . . : 192.168.1.106
M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
Gateway PadrÆo. . . . . . . . . . . . . . . : 192.168.1.20
Adaptador Ethernet ConexÆo local:
Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :
C:\Users\Nilson Machado\Desktop\cmd.bat deleted successfully.
C:\Users\Nilson Machado\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Classic .NET AppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Nilson Machado
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 212379372 bytes
->Google Chrome cache emptied: 9406515 bytes
->Flash cache emptied: 59484 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Todos os Usuários

User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3294 bytes
RecycleBin emptied: 7304943 bytes

Total Files Cleaned = 219,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 10302014_173207

Files\Folders moved on Reboot...
C:\Users\Nilson Machado\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Qui 30 Out 2014, 17:48

Boa tarde Joram,
O meu pc está estranho com varias propagandas nas paginas... varias mesmo chega a irritar. por que cera? esta ficando vulnerável?
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Qui 30 Out 2014, 17:52

Nilson Machado da Siva escreveu:Boa tarde Joram,
O meu pc está estranho com varias propagandas nas paginas... varias mesmo chega a irritar. por que cera? esta ficando vulnerável?
Boa Tarde! Nilson Machado da Siva

> Execute,novamente,AdwCleaner para verificar se houve reinfecção.

> Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.] > ( ... par Xplode )
>
> Ou daqui: < AdwCleaner >
> Ao acessar,clique em "Download Now".
>
> Salve-o no desktop!

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Clique direito em adwcleaner.exe,e escolha sua execução como administrador.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Ps: Dê início ao scan,clicando em "Examinar". 

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Ao concluir,clique "Limpar" >> Ok >> Ok >> Ok.
> Copie o log ou clique "Relatório".
> Poste: < C:\AdwCleaner\AdwCleaner[S0].txt > 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Qui 30 Out 2014, 20:49

# AdwCleaner v3.311 - Relatório criado 30/10/2014 às 20:43:23
# Atualizado 30/09/2014 por Xplode
# Sistema Operacional : Windows 7 Ultimate Service Pack 1 (32 bits)
# Usuário : Nilson Machado - CELTACOMPANY
# Executando de : C:\Users\Nilson Machado\Desktop\adwcleaner_3.311.exe
# Opção : Limpar

***** [ Serviços ] *****


***** [ Arquivos / Pastas ] *****


***** [ Tarefas ] *****


***** [ Atalhos ] *****


***** [ Registro ] *****

Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

***** [ Navegadores ] *****

-\\ Internet Explorer v10.0.9200.17116


-\\ Mozilla Firefox v33.0.2 (x86 pt-BR)

[ Arquivo : C:\Users\Nilson Machado\AppData\Roaming\Mozilla\Firefox\Profiles\6658hlf3.default\prefs.js ]


[ Arquivo : C:\Users\Nilson Machado\AppData\Roaming\Mozilla\Firefox\Profiles\pc8o1i1a.default-1401401241470\prefs.js ]


-\\ Google Chrome v38.0.2125.111

[ Arquivo : C:\Users\Nilson Machado\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deletedo [Search Provider] : [Você precisa estar registrado e conectado para ver este link.]

*************************

AdwCleaner[R0].txt - [1277 octets] - [30/10/2014 20:39:37]
AdwCleaner[S0].txt - [1191 octets] - [30/10/2014 20:43:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1251 octets] ##########
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Qui 30 Out 2014, 21:47

Joram,

Continua qualquer pagina que abro, um monte de propagandas...
Não estava assim...
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Qui 30 Out 2014, 23:57

Nilson Machado da Siva escreveu:Joram,

Continua qualquer pagina que abro, um monte de propagandas...
Não estava assim...
Boa Noite! Nilson Machado da Silva

> Dê um reset no seu Modem,desconectando-o da alimentação da rede elétrica por uns 10 minutos,depois reconecte-o novamente. Verifique se houve alguma melhora.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Sex 31 Out 2014, 00:50

melhorou...E quanto o ("Attention Required! Cloudflare") continua...mesma coisa....Com tantos processos estamos próximo de uma solução? já estamos na 4°pagina...

.... Editando para acrescentar informações de relevância!

###
---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF98F657-DA10-4043-9F36-006B2429E1D1}: DhcpNameServer = 201.251.58.190 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF98F657-DA10-4043-9F36-006B2429E1D1}: DhcpNameServer = 201.251.58.190 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{BF98F657-DA10-4043-9F36-006B2429E1D1}: DhcpNameServer = 201.251.58.190 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.251.58.190 8.8.8.8
###

[Você precisa estar registrado e conectado para ver esta imagem.]
----
----
Creio ter identificado a causa do seu impedimento à certos endereços! Pois os sites acessados executam a proteção CloudFlare,e possuindo Lista negra para domínios que consideram maliciosos,podem bloquear alguns IPs

[Você precisa estar registrado e conectado para ver esta imagem.]

Mas o serviço,costuma dispor Captcha que vc deve utilizar para poder ter acesso ao site,que pode ou não,configurar seu IP em uma WhiteList ao servidor que utilizam. 
Para isso,deverás enviar email ou MP ao administrador do site que impede ou bloqueia seu IP. Eu lhe aconselharia a mudar seu DHCPNameServer no Modem e PC,pois a maioria desses sites que possuem o CloudFlare,são estrangeiros e vc poderia encontrar dificuldades na comunicação do problema.

Maiores informações,acesse: WPTOTAL
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Sex 31 Out 2014, 20:46

Boa noite Joram,

E quanto a solução do problema...Mesmo que os resultados das outras tarefas executadas...O teu ultimo "post" é muito técnico. Tem algo mais a ser realizado, pois outros tópicos houveram solução para este mesmo problema.
Aguardo...
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Sex 31 Out 2014, 21:11


  • Boa Noite! Nilson Machado da Siva

  • Baixe: < RogueKiller > ( ... by Adlice Software ) ( 32 bits version )

  • Baixe: < [Você precisa estar registrado e conectado para ver esta imagem.]  > ( ... by Adlice Software ) ( 64 bits version )

  • Salve-o no desktop! [Você precisa estar registrado e conectado para ver esta imagem.]

  • Feche aplicativos que estejam abertos!
  • Execute RogueKiller.exe e aceite a Eula,caso solicite!
  • Se o "Filtro SmartScreen" bloquear o anti-malware,clique em "Mais informações" >> "Executar de qualquer maneira"

[Você precisa estar registrado e conectado para ver esta imagem.] 

  • Aguarde a finalização de seu Pre-scan,que se inicia automáticamente.

[Você precisa estar registrado e conectado para ver esta imagem.]

  • Dê início ao diagnóstico,clicando no botão "Verificar". 
  • Poste o relatório ao concluir: RKreport[1].txt

  • A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Sab 01 Nov 2014, 01:37

RogueKiller V10.0.4.0 [Oct 29 2014] por Adlice Software
mail : [Você precisa estar registrado e conectado para ver este link.]
Feedback : [Você precisa estar registrado e conectado para ver este link.]
Site : [Você precisa estar registrado e conectado para ver este link.]
Blog : [Você precisa estar registrado e conectado para ver este link.]

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Iniciou : Modo normal
Usuário : Nilson Machado [Administrador]
Modo : Escanear -- Data : 11/01/2014 01:32:33

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 24 ¤¤¤
[PUP] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} -> Encontrado
[PUM.Proxy] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Encontrado
[PUM.Proxy] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Encontrado
[PUM.Proxy] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:63411;https=127.0.0.1:63411 -> Encontrado
[PUM.Proxy] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:63411;https=127.0.0.1:63411 -> Encontrado
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : [Você precisa estar registrado e conectado para ver este link.] -> Encontrado
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : [Você precisa estar registrado e conectado para ver este link.] -> Encontrado
[PUM.HomePage] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Internet Explorer\Main | Start Page : [Você precisa estar registrado e conectado para ver este link.] -> Encontrado
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : [Você precisa estar registrado e conectado para ver este link.] -> Encontrado
[PUM.SearchPage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : [Você precisa estar registrado e conectado para ver este link.] -> Encontrado
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : [Você precisa estar registrado e conectado para ver este link.] -> Encontrado
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Internet Explorer\Main | Search Page : [Você precisa estar registrado e conectado para ver este link.] -> Encontrado
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : [Você precisa estar registrado e conectado para ver este link.] -> Encontrado
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 201.251.58.190 8.8.8.8 [(Unknown Country?) (XX)] -> Encontrado
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 201.251.58.190 8.8.8.8 [(Unknown Country?) (XX)] -> Encontrado
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 201.251.58.190 8.8.8.8 [(Unknown Country?) (XX)] -> Encontrado
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BF98F657-DA10-4043-9F36-006B2429E1D1} | DhcpNameServer : 201.251.58.190 8.8.8.8 [(Unknown Country?) (XX)] -> Encontrado
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BF98F657-DA10-4043-9F36-006B2429E1D1} | DhcpNameServer : 201.251.58.190 8.8.8.8 [(Unknown Country?) (XX)] -> Encontrado
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{BF98F657-DA10-4043-9F36-006B2429E1D1} | DhcpNameServer : 201.251.58.190 8.8.8.8 [(Unknown Country?) (XX)] -> Encontrado
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Encontrado
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Encontrado
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Encontrado
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Encontrado
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Encontrado

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 0 ¤¤¤

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-00ZAT0 ATA Device +++++
--- User ---
[MBR] 0884db8b3aa7598a32f14c98846e2c2d
[BSP] 42720c49f43f7827d553ac594b436d74 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 305143 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_10312014_231414.log
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Sab 01 Nov 2014, 02:03

Bom Dia! Nilson Machado da Siva

> Execute a ferramenta RogueKiler e na guia Registro,marque todas as caixinhas e clique Deletar.
> Poste o relatório!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Sab 01 Nov 2014, 20:56

RogueKiller V10.0.4.0 [Oct 29 2014] por Adlice Software
mail : [Você precisa estar registrado e conectado para ver este link.]
Feedback : [Você precisa estar registrado e conectado para ver este link.]
Site : [Você precisa estar registrado e conectado para ver este link.]
Blog : [Você precisa estar registrado e conectado para ver este link.]

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Iniciou : Modo normal
Usuário : Nilson Machado [Administrador]
Modo : Deletar -- Data : 11/01/2014 20:54:48

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 24 ¤¤¤
[PUP] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} -> ERROR [2]
[PUM.Proxy] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 0 -> Substituído (0)
[PUM.Proxy] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 0 -> Substituído (0)
[PUM.Proxy] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:63411;https=127.0.0.1:63411 -> ERROR [0]
[PUM.Proxy] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:63411;https=127.0.0.1:63411 -> ERROR [2]
[PUM.HomePage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : [Você precisa estar registrado e conectado para ver este link.] -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : [Você precisa estar registrado e conectado para ver este link.] -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Internet Explorer\Main | Start Page : [Você precisa estar registrado e conectado para ver este link.] -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : [Você precisa estar registrado e conectado para ver este link.] -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Page : [Você precisa estar registrado e conectado para ver este link.] -> Substituído (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : [Você precisa estar registrado e conectado para ver este link.] -> Substituído (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Internet Explorer\Main | Search Page : [Você precisa estar registrado e conectado para ver este link.] -> Substituído (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : [Você precisa estar registrado e conectado para ver este link.] -> Substituído (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : [(Unknown Country?) (XX)] -> Substituído ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : [(Unknown Country?) (XX)] -> Substituído ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : [(Unknown Country?) (XX)] -> Substituído ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BF98F657-DA10-4043-9F36-006B2429E1D1} | DhcpNameServer : [(Unknown Country?) (XX)] -> Substituído ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BF98F657-DA10-4043-9F36-006B2429E1D1} | DhcpNameServer : [(Unknown Country?) (XX)] -> Substituído ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{BF98F657-DA10-4043-9F36-006B2429E1D1} | DhcpNameServer : [(Unknown Country?) (XX)] -> Substituído ()
[PUM.StartMenu] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 1 -> Substituído (1)
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Substituído (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Substituído (0)
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Substituído (0)
[PUM.DesktopIcons] HKEY_USERS\S-1-5-21-3910295586-3319728892-1321434080-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Substituído (0)

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤

¤¤¤ Navegadores : 0 ¤¤¤

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD3200BEVT-00ZAT0 ATA Device +++++
--- User ---
[MBR] 0884db8b3aa7598a32f14c98846e2c2d
[BSP] 42720c49f43f7827d553ac594b436d74 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 305143 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_10312014_231414.log - RKreport_SCN_11012014_013233.log - RKreport_SCN_11012014_205126.log - RKreport_DEL_11012014_205414.log
RKreport_DEL_11012014_205444.log
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por joram em Sab 01 Nov 2014, 23:41

Boa Noite! Nilson Machado da Siva

> Execute a ferramenta OTL.exe.
> Copie estas informações que estão no Código,para o campo clipboard da ferramenta. ( "Exames Personalizados/Correções" )

Código:
:OTL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.251.58.190 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF98F657-DA10-4043-9F36-006B2429E1D1}: DhcpNameServer = 201.251.58.190 8.8.8.8

:Files
ipconfig /flushdns /c

:Commands
[resethosts]
[emptytemp]
[Reboot]

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Clique em Consertar >> Aguarde!
> O computador vai reiniciar!
> Clique em "Executar". 
> Poste o relatório: C:\_OTL\MovedFiles\*.log 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3723
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Nilson Machado da Siva em Dom 02 Nov 2014, 09:23

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BF98F657-DA10-4043-9F36-006B2429E1D1}\\DhcpNameServer| /E : value set successfully!
========== FILES ==========
< ipconfig /flushdns /c >
Configura‡Æo de IP do Windows
Libera‡Æo do Cache do DNS Resolver bem-sucedida.
C:\Users\Nilson Machado\Desktop\cmd.bat deleted successfully.
C:\Users\Nilson Machado\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Classic .NET AppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Nilson Machado
->Temp folder emptied: 20720657 bytes
->Temporary Internet Files folder emptied: 3046 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 179112392 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1427 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Todos os Usuários

User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 134170 bytes
RecycleBin emptied: 17526370 bytes

Total Files Cleaned = 207,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11022014_090727

Files\Folders moved on Reboot...
C:\Users\Nilson Machado\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
avatar
Nilson Machado da Siva
Iniciante
Iniciante

Mensagens : 33
Reputação : 0
Data de inscrição : 27/10/2014

Voltar ao Topo Ir em baixo

Re: Aparece "Attention Required! Cloudflare" em alguns sites ...

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 2 de 3 Anterior  1, 2, 3  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum