Flux RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Social bookmarking

Social bookmarking Digg  Social bookmarking Delicious  Social bookmarking Reddit  Social bookmarking Stumbleupon  Social bookmarking Slashdot  Social bookmarking Yahoo  Social bookmarking Google  Social bookmarking Blinklist  Social bookmarking Blogmarks  Social bookmarking Technorati  

Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking

Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking

Estatísticas
Temos 14443 usuários registrados
O último usuário registrado atende pelo nome de Caio Flavio

Os nossos membros postaram um total de 35198 mensagens em 3565 assuntos
Últimos assuntos
» Notebook lento, acho que está com virus
por joram Ontem à(s) 18:38

Quem está conectado
1 usuário online :: Nenhum usuário registrado, Nenhum Invisível e 1 Visitante

Nenhum

O recorde de usuários online foi de 108 em Qui 15 Maio 2014, 21:18
Buscar
 
 

Resultados por:
 


Rechercher Busca avançada

Novembro 2017
SegTerQuaQuiSexSabDom
  12345
6789101112
13141516171819
20212223242526
27282930   

Calendário Calendário


como remover Attention required! CloudFlare

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Ir em baixo

como remover Attention required! CloudFlare

Mensagem por Thais Olino em Dom 02 Nov 2014, 17:55

Quando eu tento acessar alguns sites aparece One more step
Please complete the security check to access, como faço para remover ? já tentei varias coisas mas não deu certo Sad

Meu relatório do Hijackthis


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:04:43, on 02/11/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Positivo Informática\Positivo Experience\Positivo Backup\PositivoSmartBackup.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Thais\Downloads\HijackThis (1).exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [StartUpManagerPositivo] C:\Program Files\Positivo Informática\Gerenciador de Inicialização Positivo\ManagerWindows.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] "C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe" -auto -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Serviço do Positivo Experience (AppManagerService) - Positivo Informática S.A. - C:\Program Files\Positivo Informática\Positivo Experience\Positivo Experience\PositivoExperienceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Baidu MoboMarket Service (BASSVC) - Baidu, Inc. - C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\bassvc.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe

--
End of file - 6645 bytes
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Dom 02 Nov 2014, 18:07

Thais Olino escreveu:Quando eu tento acessar alguns sites aparece One more step
Please complete the security check to access, como faço para remover ? já tentei varias coisas mas não deu certo Sad
Boa Tarde! Thais Olino

> Isso está tornando-se uma praga,pois vários casos já vieram aqui,mas não vejo a postagem em outros Fóruns brasileiros
A ferramenta Francesa MyHosts,poderia resolver...mas os desenvolvedores bloquearam o download para o nosso país e,somente,disponibilizando para a França.
###
###

< [Você precisa estar registrado e conectado para ver esta imagem.] >  

> Poste o log do HijackThis,segundo a [Você precisa estar registrado e conectado para ver este link.].

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Dom 02 Nov 2014, 18:18

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:04:43, on 02/11/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Positivo Informática\Positivo Experience\Positivo Backup\PositivoSmartBackup.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Thais\Downloads\HijackThis (1).exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Você precisa estar registrado e conectado para ver este link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [StartUpManagerPositivo] C:\Program Files\Positivo Informática\Gerenciador de Inicialização Positivo\ManagerWindows.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Baidu PC Faster 4.0.0.0] "C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe" -auto -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Serviço do Positivo Experience (AppManagerService) - Positivo Informática S.A. - C:\Program Files\Positivo Informática\Positivo Experience\Positivo Experience\PositivoExperienceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Baidu MoboMarket Service (BASSVC) - Baidu, Inc. - C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\bassvc.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
O23 - Service: Baidu PC Faster Service 4.0.0.0 (PCFasterSvc_{PCFaster_4.0.0.0}) - Baidu Inc. - C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe

--
End of file - 6645 bytes
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Dom 02 Nov 2014, 19:36

Boa Noite! Thais Olino

< [Você precisa estar registrado e conectado para ver este link.] >

> Vá a esta página e utilize o Fix it ali proposto.
>
> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by Adlice Software ) ( 32 bits version )

> Baixe: < [Você precisa estar registrado e conectado para ver este link.]  > ( ... by Adlice Software ) ( 64 bits version )

> Salve-o no desktop! [Você precisa estar registrado e conectado para ver esta imagem.]

> Feche aplicativos que estejam abertos!
> Execute RogueKiller.exe e aceite a Eula,caso solicite!
> Se o "Filtro SmartScreen" bloquear o anti-malware,clique em "Mais informações" >> "Executar de qualquer maneira"

[Você precisa estar registrado e conectado para ver este link.] 

> Aguarde a finalização de seu Pre-scan,que se inicia automáticamente.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Dê início ao diagnóstico,clicando no botão "Verificar". 
> Poste o relatório ao concluir: RKreport[1].txt

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Dom 02 Nov 2014, 23:15

RogueKiller V10.0.4.0 [Oct 29 2014] por Adlice Software
mail : [Você precisa estar registrado e conectado para ver este link.]
Feedback : [Você precisa estar registrado e conectado para ver este link.]
Site : [Você precisa estar registrado e conectado para ver este link.]
Blog : [Você precisa estar registrado e conectado para ver este link.]

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Iniciou : Modo normal
Usuário : Thais [Administrador]
Modo : Escanear -- Data : 11/02/2014 23:14:39

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 3 ¤¤¤
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\msahci (\SystemRoot\system32\drivers\msahci.sys) -> Encontrado
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Encontrado
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Encontrado

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 44 (Driver: Carregado) ¤¤¤
[SSDT:Addr(Hook.SSDT)] NtAlertResumeThread[13] : Unknown @ 0x864ae398
[SSDT:Addr(Hook.SSDT)] NtAlertThread[14] : Unknown @ 0x864ae430
[SSDT:Addr(Hook.SSDT)] NtAllocateVirtualMemory[19] : Unknown @ 0x864fbea0
[SSDT:Addr(Hook.SSDT)] NtAlpcConnectPort[22] : Unknown @ 0x864884a0
[SSDT:Addr(Hook.SSDT)] NtAssignProcessToJobObject[43] : Unknown @ 0x86524bf0
[SSDT:Addr(Hook.SSDT)] NtCreateMutant[74] : Unknown @ 0x86524f80
[SSDT:Addr(Hook.SSDT)] NtCreateSymbolicLinkObject[86] : Unknown @ 0x865249e8
[SSDT:Addr(Hook.SSDT)] NtCreateThread[87] : Unknown @ 0x864ecda8
[SSDT:Addr(Hook.SSDT)] NtCreateThreadEx[88] : Unknown @ 0x86524a90
[SSDT:Addr(Hook.SSDT)] NtDebugActiveProcess[96] : Unknown @ 0x86524c88
[SSDT:Addr(Hook.SSDT)] NtDuplicateObject[111] : Unknown @ 0x864eb650
[SSDT:Addr(Hook.SSDT)] NtFreeVirtualMemory[131] : Unknown @ 0x864ae920
[SSDT:Addr(Hook.SSDT)] NtImpersonateAnonymousToken[145] : Unknown @ 0x864ae268
[SSDT:Addr(Hook.SSDT)] NtImpersonateThread[147] : Unknown @ 0x864ae300
[SSDT:Addr(Hook.SSDT)] NtLoadDriver[155] : Unknown @ 0x86212eb0
[SSDT:Addr(Hook.SSDT)] NtMapViewOfSection[168] : Unknown @ 0x864ae868
[SSDT:Addr(Hook.SSDT)] NtOpenEvent[177] : Unknown @ 0x86524f08
[SSDT:Addr(Hook.SSDT)] NtOpenProcess[190] : Unknown @ 0x864ecd60
[SSDT:Addr(Hook.SSDT)] NtOpenProcessToken[191] : Unknown @ 0x864fbf28
[SSDT:Addr(Hook.SSDT)] NtOpenSection[194] : Unknown @ 0x86524dd8
[SSDT:Addr(Hook.SSDT)] NtOpenThread[198] : Unknown @ 0x8653d940
[SSDT:Addr(Hook.SSDT)] NtProtectVirtualMemory[215] : Unknown @ 0x86524b48
[SSDT:Addr(Hook.SSDT)] NtQueueApcThread[269] : Unknown @ 0x86524940
[SSDT:Addr(Hook.SSDT)] NtQueueApcThreadEx[270] : Unknown @ 0x86524898
[SSDT:Addr(Hook.SSDT)] NtResumeThread[304] : Unknown @ 0x864ae4c8
[SSDT:Addr(Hook.SSDT)] NtSetContextThread[316] : Unknown @ 0x864ae690
[SSDT:Addr(Hook.SSDT)] NtSetInformationProcess[333] : Unknown @ 0x864ae728
[SSDT:Addr(Hook.SSDT)] NtSetSystemInformation[350] : Unknown @ 0x86524d20
[SSDT:Addr(Hook.SSDT)] NtSuspendProcess[366] : Unknown @ 0x86524e70
[SSDT:Addr(Hook.SSDT)] NtSuspendThread[367] : Unknown @ 0x864ae560
[SSDT:Addr(Hook.SSDT)] NtTerminateProcess[370] : Unknown @ 0x86503c28
[SSDT:Addr(Hook.SSDT)] NtTerminateThread[371] : Unknown @ 0x864ae5f8
[SSDT:Addr(Hook.SSDT)] NtUnmapViewOfSection[385] : Unknown @ 0x864ae7d0
[SSDT:Addr(Hook.SSDT)] NtWriteVirtualMemory[399] : Unknown @ 0x864ae9a8
[ShwSSDT:Addr(Hook.Shadow)] NtUserAttachThreadInput[318] : Unknown @ 0x877a4448
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetAsyncKeyState[402] : Unknown @ 0x877af438
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetKeyboardState[434] : Unknown @ 0x877be928
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetKeyState[436] : Unknown @ 0x87729bf8
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetRawInputData[448] : Unknown @ 0x877fc7b8
[ShwSSDT:Addr(Hook.Shadow)] NtUserMessageCall[490] : Unknown @ 0x877fe320
[ShwSSDT:Addr(Hook.Shadow)] NtUserPostMessage[508] : Unknown @ 0x877fe7a0
[ShwSSDT:Addr(Hook.Shadow)] NtUserPostThreadMessage[509] : Unknown @ 0x877fe718
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWindowsHookEx[585] : Unknown @ 0x877c5248
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWinEventHook[588] : Unknown @ 0x86bc36e0

¤¤¤ Navegadores : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] rnr9snkd.default : user_pref("browser.startup.homepage", "google.com"); -> Encontrado

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: ST500DM002-1BC142 ATA Device +++++
--- User ---
[MBR] 6178561f03b753ccde5bd4b5ffb7757a
[BSP] 677b7306694d0d7dacd4dfdf802ff172 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 20482048 | Size: 466938 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Multi Flash Reader USB Device +++++
Error reading User MBR! ([15] O dispositivo não está pronto. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Não há suporte para o pedido. )
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Seg 03 Nov 2014, 00:07

Boa Noite! Thais Olino

> Abra a ferramenta RogueKiller.
> Na guia Registro,marque as caixinhas e clique Deletar.
> Poste o relatório!

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by OldTimer )

> Salve-o no desktop ou C:\.
> Duplo-clique em OTS.exe.
> Ps: Para Windows Vista ou 7,dê clique direito e execute OTS.exe como administrador.

[Você precisa estar registrado e conectado para ver este link.] 

> Na opção "Additional Scans",clique em "Extras".
> Marque,também,as caixinhas:

[] Reg - NetSvcs
[] File - Lop Check

[Você precisa estar registrado e conectado para ver esta imagem.]

> Para SO 64 bits,marque a caixinha!

> Em "Basic Scans",marque a caixinha: Skip Microsoft

> Verifique: [Você precisa estar registrado e conectado para ver esta imagem.] & [Você precisa estar registrado e conectado para ver esta imagem.]

Código:
%systemdrive%\*.*
%systemdrive%\drivers\*.exe
%systemroot%\system32\drivers\*.* /90
%programfiles%\*.*
%localappdata%\*.exe
%localappdata%\*.txt
%localappdata%\*.ini
%localappdata%\*.dll
%localappdata%\*.dat
%userprofile%\*.exe
%userprofile%\*.txt
%userprofile%\*.ini
%userprofile%\*.dll
%userprofile%\*.dat /30
%appdata%\*.*
%systemroot%\system32\tasks\*.*
%windir%\tasks\*.*
HKLM\System\CCS\Services\Tcpip\Parameters
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT

[Você precisa estar registrado e conectado para ver esta imagem.]

> Copie e cole estas informações que estão no Código,para o campo "Custom Scans".
> À seguir,clique em [Você precisa estar registrado e conectado para ver esta imagem.] 

> Ao concluir,abrir-se-á o Bloco de Notas,com o relatório. ( OTS.txt )
> Poste-o em sua resposta!
> Acesse para isso! ( [Você precisa estar registrado e conectado para ver este link.] ou [Você precisa estar registrado e conectado para ver este link.] )

Abs!
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 02:15

RogueKiller V10.0.4.0 [Oct 29 2014] por Adlice Software
mail : [Você precisa estar registrado e conectado para ver este link.]
Feedback : [Você precisa estar registrado e conectado para ver este link.]
Site : [Você precisa estar registrado e conectado para ver este link.]
Blog : [Você precisa estar registrado e conectado para ver este link.]

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Iniciou : Modo normal
Usuário : Thais [Administrador]
Modo : Deletar -- Data : 11/03/2014 02:14:21

¤¤¤ Processos : 0 ¤¤¤

¤¤¤ Registro : 0 ¤¤¤

¤¤¤ Tarefas : 0 ¤¤¤

¤¤¤ Arquivos : 0 ¤¤¤

¤¤¤ Arquivos de hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 12 (Driver: Carregado) ¤¤¤
[SSDT:Addr(Hook.SSDT)] NtAlpcConnectPort[22] : Unknown @ 0x86460510
[SSDT:Addr(Hook.SSDT)] NtLoadDriver[155] : Unknown @ 0x861f5178
[ShwSSDT:Addr(Hook.Shadow)] NtUserAttachThreadInput[318] : Unknown @ 0x8766dad0
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetAsyncKeyState[402] : Unknown @ 0x87654668
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetKeyboardState[434] : Unknown @ 0x8765dc08
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetKeyState[436] : Unknown @ 0x84c51d68
[ShwSSDT:Addr(Hook.Shadow)] NtUserGetRawInputData[448] : Unknown @ 0x86ba8130
[ShwSSDT:Addr(Hook.Shadow)] NtUserMessageCall[490] : Unknown @ 0x875f7898
[ShwSSDT:Addr(Hook.Shadow)] NtUserPostMessage[508] : Unknown @ 0x8761f548
[ShwSSDT:Addr(Hook.Shadow)] NtUserPostThreadMessage[509] : Unknown @ 0x86251230
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWindowsHookEx[585] : Unknown @ 0x864821d8
[ShwSSDT:Addr(Hook.Shadow)] NtUserSetWinEventHook[588] : Unknown @ 0x876947b8

¤¤¤ Navegadores : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] rnr9snkd.default : user_pref("browser.startup.homepage", "google.com"); -> Não selecionado

¤¤¤ Verificação da MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 6178561f03b753ccde5bd4b5ffb7757a
[BSP] 677b7306694d0d7dacd4dfdf802ff172 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10000 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 20482048 | Size: 466938 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: +++++
Error reading User MBR! ([15] O dispositivo não está pronto. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Não há suporte para o pedido. )


============================================
RKreport_DEL_11032014_014922.log - RKreport_DEL_11032014_014943.log - RKreport_SCN_11022014_231439.log - RKreport_SCN_11032014_014847.log
RKreport_SCN_11032014_021331.log
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 02:42

< [Você precisa estar registrado e conectado para ver este link.] >

/!\ Vai aqui o relatório hospedado em Cjoint.com /!\

Grato!
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Seg 03 Nov 2014, 08:32

Bom Dia! Thais Olino

[Você precisa estar registrado e conectado para ver esta imagem.]

> Desinstale: < Baidu PC Faster
> Caso tenha instalado o Baidu PC Faster,vá em: C:\Program Files (x86)\Baidu Security\Baidu Antivirus\Uninstal <<
> Clique "Uninstal".
> Confirme seu desejo de desinstalar o PC Faster.
>
> Abra a ferramenta OTS.

Código:
[Unregister Dlls]
[Processes - Safe List]
YY -> pcfastersvc.exe -> C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
YY -> cleanerenginesvc.exe -> C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\CleanerEngineSvc.exe
YY -> bassvc.exe -> C:\Arquivos de Programas\Baidu Security\MoboMarket\1.2.8.3351\bassvc.exe
YY -> bas_helper.exe -> C:\Arquivos de Programas\Baidu Security\MoboMarket\1.2.8.3351\bas_helper.exe
YY -> pcftray.exe -> C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe
[Modules - No Company Name]
YY -> skiax.dll -> C:\Arquivos de Programas\Baidu Security\MoboMarket\1.2.8.3351\skiax.dll
[Win32 Services - Safe List]
YY -> (PCFasterSvc_{PCFaster_4.0.0.0}) Baidu PC Faster Service 4.0.0.0 [Auto | Running] -> C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe
YY -> (BASSVC) Baidu MoboMarket Service [Auto | Running] -> C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\bassvc.exe
YY -> (AdobeARMservice) Adobe Acrobat Update Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
[Driver Services - Safe List]
YY -> (BprotectEx) Baidu ProtectEx [Kernel | System | Running] -> C:\Windows\System32\drivers\BprotectEx.sys
YY -> (PCFApiUtil) PCFApiUtil [Kernel | On_Demand | Running] -> C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys
YY -> (Bhbase) Baidu Hook Base [Kernel | Boot | Running] -> C:\Windows\System32\drivers\Bhbase.sys
[Registry - Safe List]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YN -> "Locked" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> "Baidu PC Faster 4.0.0.0" -> C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe ["C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe" -auto -start]
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2380202607-3760370192-3880593022-1000] > -> HKEY_USERS\S-1-5-21-2380202607-3760370192-3880593022-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
YN -> \\"NoLowDiskSpaceChecks" -> [1]
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet
YN -> /pagefile -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
YN -> "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck]
[Registry - Additional Scans - Safe List]
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
YN -> \Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type]
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
YN -> Baidu PC Faster 4.0.0.0 -> Baidu PC Faster
YN -> ZHPDiag_is1 -> ZHPDiag 2014
[Files/Folders - Created Within 30 Days]
NY -> ZHP -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
NY -> ZHPDiag -> C:\ZHPDiag
NY -> ZHP -> C:\Users\Thais\AppData\Roaming\ZHP
NY -> Baidu -> C:\ProgramData\Baidu
NY -> Baidu -> C:\Users\Public\Documents\Baidu
NY -> Bhbase.sys -> C:\Windows\System32\drivers\Bhbase.sys
NY -> BprotectEx.sys -> C:\Windows\System32\drivers\BprotectEx.sys
NY -> Baidu PC Faster -> C:\Users\Thais\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
NY -> Baidu PC Faster -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
NY -> Baidu Security -> C:\Users\Thais\AppData\Roaming\Baidu Security
NY -> Baidu Security -> C:\Users\Public\Documents\Baidu Security
NY -> Baidu Security -> C:\ProgramData\Baidu Security
NY -> Baidu Security -> C:\Program Files\Baidu Security
NY -> 6 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp
NY -> 1 C:\Users\Thais\Documents\*.tmp files -> C:\Users\Thais\Documents\*.tmp
[Files/Folders - Modified Within 30 Days]
NY -> ZHPFix.lnk -> C:\Users\Thais\Desktop\ZHPFix.lnk
NY -> ZHPDiag.lnk -> C:\Users\Thais\Desktop\ZHPDiag.lnk
NY -> Baidu WiFi Hotspot.lnk -> C:\Users\Thais\Desktop\Baidu WiFi Hotspot.lnk
NY -> 6 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp
NY -> 1 C:\Users\Thais\Documents\*.tmp files -> C:\Users\Thais\Documents\*.tmp
[Files - No Company Name]
NY -> ZHPFix.lnk -> C:\Users\Thais\Desktop\ZHPFix.lnk
NY -> ZHPDiag.lnk -> C:\Users\Thais\Desktop\ZHPDiag.lnk
NY -> Baidu WiFi Hotspot.lnk -> C:\Users\Thais\Desktop\Baidu WiFi Hotspot.lnk
[Custom Scans]
NY -> Baidu PC Faster Service -> C:\Windows\system32\tasks\Baidu PC Faster Service
NY -> Baidu PC Faster Update -> C:\Windows\system32\tasks\Baidu PC Faster Update
[Custom Items] 
[reboot]
[Empty Temp Folders] 
[CreateRestorePoint]
> Cole estas informações que estão no Código,para o campo: "Paste Fix Here"

[Você precisa estar registrado e conectado para ver esta imagem.]

> Clique em Run Fix >> Aguarde!
> Terminando,poste o relatório: C:\_OTS\MovedFiles\OTS.txt 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 11:44

All Processes Killed
[Processes - Safe List]
No active process named pcfastersvc.exe was found!
File C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe not found.
No active process named cleanerenginesvc.exe was found!
C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\CleanerEngineSvc.exe moved successfully.
Process bassvc.exe killed successfully!
C:\Arquivos de Programas\Baidu Security\MoboMarket\1.2.8.3351\bassvc.exe moved successfully.
No active process named bas_helper.exe was found!
C:\Arquivos de Programas\Baidu Security\MoboMarket\1.2.8.3351\bas_helper.exe moved successfully.
No active process named pcftray.exe was found!
File C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe not found.
[Modules - No Company Name]
[Win32 Services - Safe List]
Error: No service named PCFasterSvc_{PCFaster_4.0.0.0} was found to stop!
Service\Driver key PCFasterSvc_{PCFaster_4.0.0.0} not found.
File C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\PCFasterSvc.exe not found.
Service BASSVC stopped successfully!
Service BASSVC deleted successfully!
File C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\bassvc.exe not found.
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe moved successfully.
[Driver Services - Safe List]
Error: Unable to stop service BprotectEx!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BprotectEx deleted successfully.
File C:\Windows\System32\drivers\BprotectEx.sys not found.
Service PCFApiUtil stopped successfully!
Service PCFApiUtil deleted successfully!
File C:\Arquivos de Programas\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys not found.
Error: Unable to stop service Bhbase!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bhbase deleted successfully.
C:\Windows\System32\drivers\Bhbase.sys moved successfully.
[Registry - Safe List]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Baidu PC Faster 4.0.0.0 not found.
File C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFTray.exe not found.
Registry value HKEY_USERS\S-1-5-21-2380202607-3760370192-3880593022-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoLowDiskSpaceChecks deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
[Registry - Additional Scans - Safe List]
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\VistaSp1 scheduled to be deleted on reboot.
[Files/Folders - Created Within 30 Days]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP folder moved successfully.
C:\ZHPDiag\ZHPFix\Quarantine folder moved successfully.
C:\ZHPDiag\ZHPFix folder moved successfully.
C:\ZHPDiag folder moved successfully.
C:\Users\Thais\AppData\Roaming\ZHP\Quarantine folder moved successfully.
C:\Users\Thais\AppData\Roaming\ZHP folder moved successfully.
C:\ProgramData\Baidu\AndroidStoreI18N\Driver folder moved successfully.
C:\ProgramData\Baidu\AndroidStoreI18N\DeviceCache folder moved successfully.
C:\ProgramData\Baidu\AndroidStoreI18N folder moved successfully.
C:\ProgramData\Baidu folder moved successfully.
C:\Users\Public\Documents\Baidu\Common\I18N folder moved successfully.
C:\Users\Public\Documents\Baidu\Common folder moved successfully.
C:\Users\Public\Documents\Baidu folder moved successfully.
File C:\Windows\System32\drivers\Bhbase.sys not found!
File C:\Windows\System32\drivers\BprotectEx.sys not found!
File C:\Users\Thais\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster not found!
File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster not found!
C:\Users\Thais\AppData\Roaming\Baidu Security\Android Store\1.2.8.3351 folder moved successfully.
C:\Users\Thais\AppData\Roaming\Baidu Security\Android Store folder moved successfully.
C:\Users\Thais\AppData\Roaming\Baidu Security folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav\Dump\5.0.4.90711 folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav\Dump\5.0.4.89009 folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav\Dump\4.1.1.80737 folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav\Dump folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Bav folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Android Store\1.2.8.3351\Dump folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Android Store\1.2.8.3351 folder moved successfully.
C:\Users\Public\Documents\Baidu Security\Android Store folder moved successfully.
C:\Users\Public\Documents\Baidu Security folder moved successfully.
C:\ProgramData\Baidu Security\RpData folder moved successfully.
C:\ProgramData\Baidu Security\MoboMarket\RpData folder moved successfully.
C:\ProgramData\Baidu Security\MoboMarket folder moved successfully.
C:\ProgramData\Baidu Security folder moved successfully.
C:\Program Files\Baidu Security\PC Faster\4.0.0.0 folder moved successfully.
C:\Program Files\Baidu Security\PC Faster folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\UsbDriver\universal_adb_x86\i386 folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\UsbDriver\universal_adb_x86 folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\UsbDriver folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\update folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\skin\bas_helper\skin\mainframe folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\skin\bas_helper\skin folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\skin\bas_helper folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\skin folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\I18N\Font folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\I18N\1057\skin folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\I18N\1057 folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\I18N\1046\skin folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\I18N\1046 folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\I18N\1033\skin folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\I18N\1033 folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\I18N folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\Data\Temp folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351\Data folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket\1.2.8.3351 folder moved successfully.
C:\Program Files\Baidu Security\MoboMarket folder moved successfully.
C:\Program Files\Baidu Security\Baidu Antivirus folder moved successfully.
C:\Program Files\Baidu Security folder moved successfully.
C:\Program Files\GUM3ED4.tmp\GoogleCrashHandler.exe deleted successfully.
C:\Program Files\GUM3ED4.tmp\GoogleCrashHandler64.exe deleted successfully.
C:\Program Files\GUM3ED4.tmp\GoogleUpdateBroker.exe deleted successfully.
C:\Program Files\GUM3ED4.tmp\GoogleUpdateComRegisterShell64.exe deleted successfully.
C:\Program Files\GUM3ED4.tmp\GoogleUpdateHelper.msi deleted successfully.
C:\Program Files\GUM3ED4.tmp\GoogleUpdateOnDemand.exe deleted successfully.
C:\Program Files\GUM3ED4.tmp\GoogleUpdateSetup.exe deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdate.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_am.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ar.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_bg.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_bn.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ca.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_cs.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_da.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_de.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_el.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_en.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_es-419.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_es.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_et.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_fa.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_fi.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_fil.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_fr.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_gu.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_hi.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_hr.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_hu.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_id.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_is.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_it.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_iw.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ja.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_kn.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ko.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_lt.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_lv.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ml.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_mr.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ms.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_nl.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_no.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_pl.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ro.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ru.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_sk.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_sl.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_sr.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_sv.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_sw.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ta.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_te.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_th.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_tr.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_uk.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_ur.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_vi.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\npGoogleUpdate3.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\psmachine.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\psmachine_64.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\psuser.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp\psuser_64.dll deleted successfully.
C:\Program Files\GUM3ED4.tmp folder deleted successfully.
C:\Program Files\GUMB894.tmp\GoogleCrashHandler.exe deleted successfully.
C:\Program Files\GUMB894.tmp\GoogleCrashHandler64.exe deleted successfully.
C:\Program Files\GUMB894.tmp\GoogleUpdate.exe deleted successfully.
C:\Program Files\GUMB894.tmp\GoogleUpdateBroker.exe deleted successfully.
C:\Program Files\GUMB894.tmp\GoogleUpdateHelper.msi deleted successfully.
C:\Program Files\GUMB894.tmp\GoogleUpdateOnDemand.exe deleted successfully.
C:\Program Files\GUMB894.tmp\GoogleUpdateSetup.exe deleted successfully.
C:\Program Files\GUMB894.tmp\goopdate.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_am.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ar.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_bg.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_bn.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ca.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_cs.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_da.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_de.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_el.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_en.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_es-419.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_es.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_et.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_fa.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_fi.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_fil.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_fr.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_gu.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_hi.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_hr.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_hu.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_id.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_is.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_it.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_iw.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ja.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_kn.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ko.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_lt.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_lv.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ml.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_mr.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ms.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_nl.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_no.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_pl.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ro.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ru.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_sk.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_sl.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_sr.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_sv.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_sw.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ta.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_te.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_th.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_tr.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_uk.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_ur.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_vi.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Program Files\GUMB894.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Program Files\GUMB894.tmp\npGoogleUpdate3.dll deleted successfully.
C:\Program Files\GUMB894.tmp\psmachine.dll deleted successfully.
C:\Program Files\GUMB894.tmp\psuser.dll deleted successfully.
C:\Program Files\GUMB894.tmp folder deleted successfully.
C:\Program Files\GUMF112.tmp\GoogleCrashHandler.exe deleted successfully.
C:\Program Files\GUMF112.tmp\GoogleCrashHandler64.exe deleted successfully.
C:\Program Files\GUMF112.tmp\GoogleUpdate.exe deleted successfully.
C:\Program Files\GUMF112.tmp\GoogleUpdateBroker.exe deleted successfully.
C:\Program Files\GUMF112.tmp\GoogleUpdateComRegisterShell64.exe deleted successfully.
C:\Program Files\GUMF112.tmp\GoogleUpdateHelper.msi deleted successfully.
C:\Program Files\GUMF112.tmp\GoogleUpdateOnDemand.exe deleted successfully.
C:\Program Files\GUMF112.tmp\GoogleUpdateSetup.exe deleted successfully.
C:\Program Files\GUMF112.tmp\goopdate.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_am.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ar.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_bg.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_bn.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ca.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_cs.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_da.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_de.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_el.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_en.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_es-419.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_es.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_et.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_fa.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_fi.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_fil.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_fr.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_gu.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_hi.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_hr.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_hu.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_id.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_is.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_it.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_iw.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ja.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_kn.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ko.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_lt.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_lv.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ml.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_mr.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ms.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_nl.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_no.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_pl.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ro.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ru.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_sk.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_sl.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_sr.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_sv.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_sw.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ta.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_te.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_th.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_tr.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_uk.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_ur.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_vi.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Program Files\GUMF112.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Program Files\GUMF112.tmp\npGoogleUpdate3.dll deleted successfully.
C:\Program Files\GUMF112.tmp\psmachine.dll deleted successfully.
C:\Program Files\GUMF112.tmp\psmachine_64.dll deleted successfully.
C:\Program Files\GUMF112.tmp\psuser.dll deleted successfully.
C:\Program Files\GUMF112.tmp\psuser_64.dll deleted successfully.
C:\Program Files\GUMF112.tmp folder deleted successfully.
C:\Program Files\GUT3ED5.tmp deleted successfully.
C:\Program Files\GUTB895.tmp deleted successfully.
C:\Program Files\GUTF161.tmp deleted successfully.
C:\Users\Thais\Documents\0824172144.tmp deleted successfully.
[Files/Folders - Modified Within 30 Days]
C:\Users\Thais\Desktop\ZHPFix.lnk moved successfully.
C:\Users\Thais\Desktop\ZHPDiag.lnk moved successfully.
File C:\Users\Thais\Desktop\Baidu WiFi Hotspot.lnk not found!
[Files - No Company Name]
File C:\Users\Thais\Desktop\ZHPFix.lnk not found!
File C:\Users\Thais\Desktop\ZHPDiag.lnk not found!
File C:\Users\Thais\Desktop\Baidu WiFi Hotspot.lnk not found!
[Custom Scans]
File/Folder C:\Windows\system32\tasks\Baidu PC Faster Service not found.
File/Folder C:\Windows\system32\tasks\Baidu PC Faster Update not found.
Cannot create restore point. Unable to start RPC service!
< End of fix log >
OTS by OldTimer - Version 3.1.47.2 fix logfile created on 11032014_113506

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\VistaSp1 scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Baidu PC Faster 4.0.0.0\ not found.
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Seg 03 Nov 2014, 12:24

Boa Tarde! Thais Olino

> Abra a ferramenta OTS,e clique "CleanUp". 
> Aguarde a desinstalação!
>
> Baixe: < [Você precisa estar registrado e conectado para ver este link.] > ( ... by OldTimer Tools )

> Clique em Salvar! 

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Salve-o no desktop! 

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Duplo clique em OTL.exe 

> Clique Executar

< [Você precisa estar registrado e conectado para ver esta imagem.] >

> Execute a OTL,em seu rápido escaneamento. ( Verificação rápida )
> Ps: Para Windows 7,clique direito e execute-o como "Administrador".
> Copie e poste o relatório. ( C:\_OTL\MovedFiles\xxxx2014_xxxxxx.log )
> Poste,também,o relatório "Extras". 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 12:49

OTL logfile created on: 03/11/2014 12:40:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thais\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 0,45 Gb Available Physical Memory | 23,18% Memory free
3,87 Gb Paging File | 2,27 Gb Available in Paging File | 58,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 356,46 Gb Free Space | 78,17% Space Free | Partition Type: NTFS

Computer Name: THAIS-PC | User Name: Thais | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/11/03 12:38:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thais\Desktop\OTL.exe
PRC - [2014/11/02 17:34:25 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Arquivos de Programas\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014/10/31 17:36:20 | 005,223,016 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\avastui.exe
PRC - [2014/10/23 11:31:27 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/10/23 11:31:20 | 003,192,344 | ---- | M] (Avast Software) -- C:\Arquivos de Programas\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
PRC - [2014/10/22 02:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Arquivos de Programas\Google\Chrome\Application\chrome.exe
PRC - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/10/01 11:09:20 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/06/17 23:51:32 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\osk.exe
PRC - [2012/11/23 00:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011/10/05 09:41:16 | 000,046,592 | ---- | M] (Positivo Informática S.A.) -- C:\Arquivos de Programas\Positivo Informática\Positivo Experience\Positivo Experience\PositivoExperienceService.exe
PRC - [2011/09/24 16:16:54 | 005,861,376 | ---- | M] (Positivo Informática S.A.) -- C:\Arquivos de Programas\Positivo Informática\Positivo Experience\Positivo Backup\PositivoSmartBackup.exe
PRC - [2011/07/07 12:29:24 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/04/16 22:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Arquivos de Programas\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
PRC - [2011/03/28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/12/06 23:13:14 | 000,397,312 | ---- | M] () -- C:\Arquivos de Programas\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009/10/30 16:48:42 | 000,348,160 | ---- | M] (AVerMedia) -- C:\Arquivos de Programas\Common Files\AVerMedia\Service\AVerRemote.exe


========== Modules (No Company Name) ==========

MOD - [2014/10/23 11:31:28 | 038,561,576 | ---- | M] () -- C:\Arquivos de Programas\AVAST Software\Avast\libcef.dll
MOD - [2014/10/22 02:04:57 | 008,910,664 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014/10/22 02:04:51 | 001,042,760 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
MOD - [2014/10/22 02:04:49 | 000,211,272 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome\Application\38.0.2125.111\libegl.dll
MOD - [2014/10/22 02:04:48 | 001,681,224 | ---- | M] () -- C:\Arquivos de Programas\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2014/10/15 19:42:35 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\3063abda312516739bc808360071bad9\System.Xml.Linq.ni.dll
MOD - [2014/10/15 19:41:42 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\e3641fa3359f37ad12c84183ce765093\System.Core.ni.dll
MOD - [2014/10/15 19:41:39 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\99cdfef98595ed91f14936cf52a49c54\System.Management.ni.dll
MOD - [2014/10/15 19:38:14 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll
MOD - [2014/10/15 19:37:47 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll
MOD - [2014/10/15 19:37:34 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/15 19:37:26 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/15 19:37:21 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/15 19:37:16 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll
MOD - [2014/10/15 19:37:07 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/15 19:37:05 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/12 01:48:17 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2011/04/12 02:46:55 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_pt-BR_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010/11/12 21:34:31 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_pt-BR_b77a5c561934e089\mscorlib.resources.dll


========== Services (SafeList) ==========

SRV - [2014/11/01 21:42:28 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/10/23 11:31:27 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/10/23 11:31:20 | 003,192,344 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV - [2014/10/11 10:53:22 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/09/18 22:50:15 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/05/27 02:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/05 13:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Arquivos de Programas\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/10/05 09:41:16 | 000,046,592 | ---- | M] (Positivo Informática S.A.) [Auto | Running] -- C:\Arquivos de Programas\Positivo Informática\Positivo Experience\Positivo Experience\PositivoExperienceService.exe -- (AppManagerService)
SRV - [2011/04/16 22:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe -- (NIS)
SRV - [2011/03/28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/02/15 01:59:26 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Arquivos de Programas\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/14 01:30:50 | 000,249,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/11/20 19:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010/09/22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Arquivos de Programas\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2009/12/06 23:13:14 | 000,397,312 | ---- | M] () [Auto | Running] -- C:\Arquivos de Programas\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009/10/30 16:48:42 | 000,348,160 | ---- | M] (AVerMedia) [Auto | Running] -- C:\Arquivos de Programas\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\stwrt.sys -- (STHDA)
DRV - [2014/11/03 12:37:56 | 000,114,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/10/31 17:36:24 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/10/31 17:36:24 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswmonflt.sys -- (aswMonFlt)
DRV - [2014/10/23 11:31:31 | 000,422,760 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/10/23 11:31:31 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/10/23 11:31:31 | 000,091,496 | ---- | M] (AVAST Software) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014/10/23 11:31:31 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/10/23 11:31:30 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/10/23 11:31:30 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/10/23 11:31:20 | 000,218,192 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV - [2014/10/03 17:19:32 | 001,138,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20141024.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/10/01 11:11:24 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/10/01 11:11:10 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014/09/26 13:26:26 | 001,636,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20141102.024\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/09/26 13:26:26 | 000,378,672 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Arquivos de Programas\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/09/26 13:26:26 | 000,095,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20141102.024\NAVENG.SYS -- (NAVENG)
DRV - [2014/09/10 16:36:44 | 000,111,408 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Arquivos de Programas\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/09/09 16:39:32 | 000,476,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20141101.001\IDSvix86.sys -- (IDSVix86)
DRV - [2014/08/15 08:15:49 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/10/03 16:21:54 | 000,052,496 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pad.sys -- (PositivoAudioDriverWdm)
DRV - [2011/04/20 23:37:49 | 000,299,640 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1207020.003\symnets.sys -- (SymNetS)
DRV - [2011/03/31 01:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\NIS\1207020.003\srtsp.sys -- (SRTSP)
DRV - [2011/03/31 01:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1207020.003\srtspx.sys -- (SRTSPX)
DRV - [2011/03/15 00:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1207020.003\symefa.sys -- (SymEFA)
DRV - [2011/01/27 04:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1207020.003\symds.sys -- (SymDS)
DRV - [2011/01/27 03:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1207020.003\ironx86.sys -- (SymIRON)
DRV - [2010/11/20 19:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 19:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2010/11/20 19:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009/12/30 11:00:50 | 000,093,296 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2009/11/18 06:50:12 | 001,171,328 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVerA706.sys -- (AVerA706)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\..\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB} : "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKLM\..\SearchScopes\{D35DD44D-BACF-48B5-A8A0-6EB69BE0116D}: "URL" = [Você precisa estar registrado e conectado para ver este link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Você precisa estar registrado e conectado para ver este link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = [Você precisa estar registrado e conectado para ver este link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Você precisa estar registrado e conectado para ver este link.]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKCU\..\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB} : "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0
FF - prefs.js..browser.startup.homepage: "google.com"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_13_2 [2014/11/03 12:37:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/10/23 11:31:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014/10/24 18:44:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thais\AppData\Roaming\mozilla\Extensions
[2014/10/24 18:35:07 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de Programas\Mozilla Firefox\browser\extensions
[2014/10/24 18:35:08 | 000,000,000 | ---D | M] (Default) -- C:\Arquivos de Programas\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.703\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\internal-nacl-plugin
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\epadnjldocmkadjbopkanclaamocokoo\2.0_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\1.2.2_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcnlagjgkjmegedpgileogohfdlpngdl\1.2_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2204.148_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjmmglgcgipmpfmablliiooebiiollim\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\klfneahoibjkdlonilmnkkncopeiomoc\1.0.0_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Thais\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/09/03 17:19:52 | 000,000,833 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Arquivos de Programas\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Arquivos de Programas\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de Programas\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Arquivos de Programas\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Arquivos de Programas\Norton Internet Security\Engine\18.7.2.3\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartUpManagerPositivo] C:\Arquivos de Programas\Positivo Informática\Gerenciador de Inicialização Positivo\ManagerWindows.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de Programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A373037-9F84-4C14-AA33-030A98DAEAFB}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de Programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Arquivos de Programas\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 19:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/11/03 12:39:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Thais\Desktop\OTL.exe
[2014/11/03 02:22:41 | 000,646,656 | ---- | C] (OldTimer Tools) -- C:\Users\Thais\Desktop\OTS (2).exe
[2014/11/02 23:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014/11/02 17:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/11/02 12:25:07 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014/11/02 12:10:12 | 000,114,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/11/02 12:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/11/02 12:09:55 | 000,075,480 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/11/02 12:09:55 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/11/02 12:09:55 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/11/02 12:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/11/02 12:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/11/01 21:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2014/11/01 21:54:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/11/01 21:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014/11/01 21:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2014/11/01 21:42:58 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/11/01 21:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2014/11/01 21:42:50 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2014/11/01 06:37:02 | 000,000,000 | ---D | C] -- C:\Users\Thais\.android
[2014/10/30 15:07:53 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/10/30 14:42:43 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/10/26 13:48:07 | 000,000,000 | ---D | C] -- C:\Users\Thais\AppData\Roaming\WinRAR
[2014/10/26 13:47:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/10/26 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Thais\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/10/26 13:47:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/10/24 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\Thais\AppData\Roaming\Mozilla
[2014/10/24 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\Thais\AppData\Local\Mozilla
[2014/10/24 18:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/10/24 18:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014/10/24 18:35:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/10/24 18:30:08 | 000,000,000 | ---D | C] -- C:\Program Files\AdvanceElite
[2014/10/23 14:43:44 | 000,000,000 | -H-D | C] -- C:\Users\Thais\AppData\Roaming\GoldenGate
[2014/10/23 11:33:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\vbox
[2014/10/23 11:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2014/10/23 11:31:55 | 000,091,496 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/10/23 11:31:50 | 000,422,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/10/23 11:31:48 | 000,070,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswmonflt.sys
[2014/10/23 11:31:45 | 000,081,768 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/10/23 11:31:41 | 000,787,800 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014/10/23 11:31:35 | 000,291,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/10/23 11:31:30 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/10/23 11:24:18 | 005,004,328 | ---- | C] (AVAST Software) -- C:\Users\Thais\Desktop\avast_free_antivirus_setup_online.exe
[2014/10/21 14:13:19 | 000,000,000 | ---D | C] -- C:\Users\Thais\AppData\Roaming\QuickScan
[2014/10/21 10:14:45 | 000,000,000 | -HSD | C] -- C:\Users\Thais\AppData\Local\EmieUserList
[2014/10/21 10:14:44 | 000,000,000 | -HSD | C] -- C:\Users\Thais\AppData\Local\EmieSiteList
[2014/10/09 17:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/10/09 17:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

========== Files - Modified Within 30 Days ==========

[2014/11/03 12:39:01 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/03 12:38:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thais\Desktop\OTL.exe
[2014/11/03 12:37:56 | 000,114,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/11/03 12:37:50 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/03 12:36:51 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2014/11/03 12:36:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/03 12:36:35 | 1558,110,208 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/03 11:49:04 | 000,016,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/03 11:49:04 | 000,016,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/03 02:22:10 | 000,646,656 | ---- | M] (OldTimer Tools) -- C:\Users\Thais\Desktop\OTS (2).exe
[2014/11/03 02:02:44 | 000,034,808 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2014/11/02 22:52:26 | 017,526,360 | ---- | M] () -- C:\Users\Thais\Desktop\RogueKillerX64.exe
[2014/11/02 22:35:48 | 000,991,232 | ---- | M] () -- C:\Users\Thais\Desktop\MicrosoftFixit50267.msi
[2014/11/02 17:41:51 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/02 12:57:20 | 000,000,020 | ---- | M] () -- C:\ProgramData\bc.ini
[2014/11/02 12:10:01 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/11/02 08:41:25 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/11/01 21:42:57 | 000,002,116 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/11/01 06:36:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2014/10/31 17:36:24 | 000,787,800 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2014/10/31 17:36:24 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswmonflt.sys
[2014/10/30 15:08:06 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/10/28 21:33:39 | 000,943,836 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
[2014/10/28 21:33:39 | 000,892,404 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/10/28 21:33:39 | 000,375,678 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
[2014/10/28 21:33:39 | 000,350,392 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/10/26 13:47:37 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/10/26 13:46:46 | 004,448,336 | ---- | M] () -- C:\Users\Thais\Desktop\345-wrar511br.exe
[2014/10/24 19:31:08 | 000,000,045 | ---- | M] () -- C:\Users\Thais\AppData\Roaming\WB.CFG
[2014/10/24 19:02:51 | 000,000,017 | ---- | M] () -- C:\Users\Thais\AppData\Local\resmon.resmoncfg
[2014/10/24 18:35:53 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/10/24 18:30:58 | 000,000,268 | ---- | M] () -- C:\Users\Thais\Desktop\Cut the Rope.url
[2014/10/23 12:59:40 | 000,014,304 | ---- | M] () -- C:\ProgramData\Duplicaterecord.js
[2014/10/23 11:32:32 | 000,002,121 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/10/23 11:31:31 | 000,422,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/10/23 11:31:31 | 000,206,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/10/23 11:31:31 | 000,091,496 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/10/23 11:31:31 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/10/23 11:31:30 | 000,291,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/10/23 11:31:30 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/10/23 11:31:30 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/10/23 11:31:30 | 000,024,184 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/10/23 11:24:32 | 005,004,328 | ---- | M] (AVAST Software) -- C:\Users\Thais\Desktop\avast_free_antivirus_setup_online.exe
[2014/10/19 20:09:21 | 000,000,993 | ---- | M] () -- C:\Users\Thais\Desktop\PhotoScape.lnk
[2014/10/15 19:35:57 | 000,274,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/10/10 01:26:01 | 000,000,297 | ---- | M] () -- C:\Users\Thais\Documents\uoih.rtf

========== Files Created - No Company Name ==========

[2014/11/02 23:05:36 | 000,034,808 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2014/11/02 22:57:23 | 000,991,232 | ---- | C] () -- C:\Users\Thais\Desktop\MicrosoftFixit50267.msi
[2014/11/02 22:53:21 | 017,526,360 | ---- | C] () -- C:\Users\Thais\Desktop\RogueKillerX64.exe
[2014/11/02 17:41:51 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/02 17:34:32 | 000,001,054 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/02 17:34:30 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/02 12:57:20 | 000,000,020 | ---- | C] () -- C:\ProgramData\bc.ini
[2014/11/02 12:10:01 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/11/01 21:42:57 | 000,002,116 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2014/11/01 06:36:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2014/10/30 15:08:05 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2014/10/30 15:08:04 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2014/10/26 13:47:36 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2014/10/26 13:46:33 | 004,448,336 | ---- | C] () -- C:\Users\Thais\Desktop\345-wrar511br.exe
[2014/10/24 19:31:08 | 000,000,045 | ---- | C] () -- C:\Users\Thais\AppData\Roaming\WB.CFG
[2014/10/24 19:02:51 | 000,000,017 | ---- | C] () -- C:\Users\Thais\AppData\Local\resmon.resmoncfg
[2014/10/24 18:35:53 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/10/24 18:35:42 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/10/24 18:30:57 | 000,000,268 | ---- | C] () -- C:\Users\Thais\Desktop\Cut the Rope.url
[2014/10/24 16:57:00 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/10/23 14:43:21 | 000,000,171 | ---- | C] () -- C:\Users\Thais\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
[2014/10/23 12:59:40 | 000,014,304 | ---- | C] () -- C:\ProgramData\Duplicaterecord.js
[2014/10/23 11:32:31 | 000,002,121 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/10/23 11:31:52 | 000,206,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/10/23 11:31:49 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/10/23 11:31:46 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/09/10 07:57:29 | 000,000,000 | ---- | C] () -- C:\Users\Thais\AppData\Local\{282EF7BC-F4B2-4499-9E7C-615EDA9CCB6A}
[2014/02/20 11:25:58 | 000,055,840 | ---- | C] () -- C:\Windows\System32\USBCoInstaller.dll

========== ZeroAccess Check ==========

[2009/07/14 02:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 23:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 23:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/09/13 00:34:54 | 000,000,000 | ---D | M] -- C:\Users\Thais\AppData\Roaming\AVAST Software
[2014/08/31 01:08:07 | 000,000,000 | ---D | M] -- C:\Users\Thais\AppData\Roaming\AVG
[2014/08/16 14:50:36 | 000,000,000 | ---D | M] -- C:\Users\Thais\AppData\Roaming\GamesCafe
[2014/10/23 14:43:58 | 000,000,000 | -H-D | M] -- C:\Users\Thais\AppData\Roaming\GoldenGate
[2014/10/15 16:45:34 | 000,000,000 | ---D | M] -- C:\Users\Thais\AppData\Roaming\PhotoScape
[2014/08/14 21:07:59 | 000,000,000 | ---D | M] -- C:\Users\Thais\AppData\Roaming\Positivo Backup
[2014/10/21 14:13:22 | 000,000,000 | ---D | M] -- C:\Users\Thais\AppData\Roaming\QuickScan
[2014/08/15 08:34:19 | 000,000,000 | ---D | M] -- C:\Users\Thais\AppData\Roaming\Tific
[2014/08/31 00:21:58 | 000,000,000 | ---D | M] -- C:\Users\Thais\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 12:49

OTL Extras logfile created on: 03/11/2014 12:40:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thais\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

1,93 Gb Total Physical Memory | 0,45 Gb Available Physical Memory | 23,18% Memory free
3,87 Gb Paging File | 2,27 Gb Available in Paging File | 58,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 356,46 Gb Free Space | 78,17% Space Free | Partition Type: NTFS

Computer Name: THAIS-PC | User Name: Thais | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{121D40C1-C097-4E8A-A49B-722957E6FFD6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{94172D4E-51A3-4366-B3BB-A06550CCAB1A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9A0D171E-5D55-49FC-A3B8-C46704EDD5A1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6AE21071-2E38-4DFD-87AC-57F8AFFC0F40}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{850F4B22-65FA-44B0-8AF2-74BCDDCB792E}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |
"{8B8C4B5D-1069-447F-A4AD-2CF0BC5F6F6B}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{A8F96470-85A6-4F0A-A1B2-3AE51025AA9E}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{D5C0D0C4-2F16-4EEE-8ECC-B3686B6BCE15}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\ng\vbox\aswfe.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1C86726E-4A85-4322-8A1C-56EDE170FAB5}_is1" = Tutorial 1.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{387B3DFA-BB12-45E6-B431-4A7BF2EBD985}_is1" = Positivo Backup
"{41B72CAF-036B-4E0A-8D22-F5DF7C970434}" = Windows Live Remote Client Resources
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A33ECF3-6AC6-4A9B-932C-4E81625423C7}_is1" = Software de Cadastro Positivo 6.0
"{5400FA29-4A55-4EB9-AD27-AF20DBD334E1}_is1" = Positivo NIS 2011 License Activator
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{674e54ef-d593-4d80-8be2-35d0d8192a23}}_is1" = Aplicação da Promoção Vivo® Banda Larga
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DA3261A-DCEB-401A-ABE0-A367C252B86C}_is1" = Positivo Sincronize
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A828537C-87AF-4E9D-9C54-11D34B8E2FBA}_is1" = Faces 1.03.8
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAB13E97-449B-4D5B-BDE2-AB47B938B722}_is1" = Positivo Experience
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B4B5A5D4-B793-425C-BBF1-0D3D46BAA73F}_is1" = Mural dos Amigos
"{BBF502F8-11A6-4401-8F2F-714ADA01B61A}_is1" = Positivo Notícias
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D00FA097-5115-400D-84AD-4ADEF3EBDB5E}_is1" = Positivo Áudio
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = PCTV
"{E365D4D7-BD51-4A7F-8ECA-0B6C0C42D3CF}_is1" = Gerenciador de Inicialização Positivo
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6617B44-D556-49AC-B2A3-01451E115043}" = Windows Live Remote Service Resources
"{F0839DB3-FBB8-4D14-936F-1D457A088224}" = Bing Bar
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Avast" = Avast Free Antivirus
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = PCTV
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versão 2.0.3.1025
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 33.0 (x86 pt-BR)" = Mozilla Firefox 33.0 (x86 pt-BR)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"PhotoScape" = PhotoScape
"TVWiz" = Intel(R) TV Wizard
"VLC media player" = VLC media player 1.1.10
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 5.11 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Java Packages" = Java Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 02/11/2014 06:42:36 | Computer Name = Thais-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/11/2014 09:56:57 | Computer Name = Thais-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/11/2014 10:30:37 | Computer Name = Thais-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/11/2014 10:38:14 | Computer Name = Thais-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/11/2014 10:42:56 | Computer Name = Thais-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/11/2014 10:45:14 | Computer Name = Thais-PC | Source = VSS | ID = 8193
Description =

Error - 02/11/2014 10:45:14 | Computer Name = Thais-PC | Source = VSS | ID = 13
Description =

Error - 02/11/2014 10:45:14 | Computer Name = Thais-PC | Source = VSS | ID = 8193
Description =

Error - 02/11/2014 10:46:41 | Computer Name = Thais-PC | Source = WinMgmt | ID = 10
Description =

Error - 02/11/2014 10:56:21 | Computer Name = Thais-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 15/10/2014 13:53:47 | Computer Name = Thais-PC | Source = EventLog | ID = 6008
Description = O desligamento anterior do sistema em 14:51:49 às ?15/?10/?2014 não
era esperado.

Error - 15/10/2014 17:39:21 | Computer Name = Thais-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Falha na Instalação: o Windows não pôde instalar a seguinte atualização
com o erro 0x80242016: Atualização do Windows 7 (KB2952664).

Error - 16/10/2014 16:55:36 | Computer Name = Thais-PC | Source = EventLog | ID = 6008
Description = O desligamento anterior do sistema em 17:54:41 às ?16/?10/?2014 não
era esperado.

Error - 16/10/2014 16:55:39 | Computer Name = THAIS-PC | Source = BugCheck | ID = 1001
Description =

Error - 16/10/2014 21:14:35 | Computer Name = Thais-PC | Source = EventLog | ID = 6008
Description = O desligamento anterior do sistema em 22:12:24 às ?16/?10/?2014 não
era esperado.

Error - 18/10/2014 06:52:29 | Computer Name = Thais-PC | Source = EventLog | ID = 6008
Description = O desligamento anterior do sistema em 07:50:06 às ?18/?10/?2014 não
era esperado.

Error - 18/10/2014 15:26:46 | Computer Name = Thais-PC | Source = EventLog | ID = 6008
Description = O desligamento anterior do sistema em 16:25:31 às ?18/?10/?2014 não
era esperado.

Error - 19/10/2014 08:28:11 | Computer Name = Thais-PC | Source = DCOM | ID = 10005
Description =

Error - 19/10/2014 08:28:11 | Computer Name = Thais-PC | Source = Service Control Manager | ID = 7009
Description = Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão
do serviço Windows Search.

Error - 19/10/2014 08:28:11 | Computer Name = Thais-PC | Source = Service Control Manager | ID = 7000
Description = Não foi possível iniciar o serviço Windows Search devido ao seguinte
erro: %%1053


< End of report >
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Seg 03 Nov 2014, 13:19

Boa Tarde! Thais Olino

> Execute o OTL.exe.
> Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" ) 

:OTL
IE - HKLM\..\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
IE - HKCU\..\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB}: "URL" = [Você precisa estar registrado e conectado para ver este link.]
FF - user.js - File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A373037-9F84-4C14-AA33-030A98DAEAFB}: DhcpNameServer = 192.168.0.1

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"Gopher"="gopher://"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"

:Files
ipconfig /renew /c

:Commands 
[CREATERESTOREPOINT]
[resethosts] 
[emptytemp] 
[Reboot]


> Clique no botão Consertar >> Aguarde a conclusão!
> O computador vai reiniciar! 
> Ao surgir,novamente,clique "Executar". 

[Você precisa estar registrado e conectado para ver esta imagem.]

> Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar.
> Poste o relatório: C:\_OTL\MovedFiles\*.log 

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 13:37

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABCD0123-1234-5678-ABCD-0123456789AB}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ABCD0123-1234-5678-ABCD-0123456789AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABCD0123-1234-5678-ABCD-0123456789AB}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9A373037-9F84-4C14-AA33-030A98DAEAFB}\\DhcpNameServer| /E : value set successfully!
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\"Gopher"|"gopher://" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== FILES ==========
< ipconfig /renew /c >
Configura‡Æo de IP do Windows
Adaptador Ethernet ConexÆo local:
Sufixo DNS espec¡fico de conexÆo. . . . . . :
Endere‡o IPv6 de link local . . . . . . . . : fe80::9c37:1b5b:47af:59a8%11
Endere‡o IPv4. . . . . . . . . . . . . . . : 192.168.0.100
M scara de Sub-rede . . . . . . . . . . . . : 255.255.255.0
Gateway PadrÆo. . . . . . . . . . . . . . . : 192.168.0.1
Adaptador de t£nel isatap.{9A373037-9F84-4C14-AA33-030A98DAEAFB}:
Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :
Adaptador de t£nel ConexÆo Local* 2:
Sufixo DNS espec¡fico de conexÆo. . . . . . :
Endere‡o IPv6 . . . . . . . . . . . . . . . : 2001:0:5ef5:79fb:242d:2022:3f57:ff9b
Endere‡o IPv6 de link local . . . . . . . . : fe80::242d:2022:3f57:ff9b%12
Gateway PadrÆo. . . . . . . . . . . . . . . : ::
Adaptador de t£nel isatap.{ECBBB88E-2470-4D1B-AF34-FDB40B89431C}:
Estado da m¡dia. . . . . . . . . . . . . . : m¡dia desconectada
Sufixo DNS espec¡fico de conexÆo. . . . . . :
C:\Users\Thais\Desktop\cmd.bat deleted successfully.
C:\Users\Thais\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Thais
->Temp folder emptied: 4030820 bytes
->Temporary Internet Files folder emptied: 5571948 bytes
->Java cache emptied: 1048 bytes
->FireFox cache emptied: 24375891 bytes
->Google Chrome cache emptied: 384327345 bytes
->Flash cache emptied: 682 bytes

User: Todos os Usuários

User: user

User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1370 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 27804368 bytes
RecycleBin emptied: 3367253 bytes

Total Files Cleaned = 429,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11032014_132938

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Seg 03 Nov 2014, 13:50

Boa Tarde! Thais Olino

> Abra o OTL.exe >> Clique [Você precisa estar registrado e conectado para ver esta imagem.] 

> Confirme essa solicitação!
> Aceite o reboot!
> A requisição CloudFlare,ainda permanece?

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 14:33

sim, permanece !
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Seg 03 Nov 2014, 16:04

Boa Tarde! Thais Olino

> Baixe: < [Você precisa estar registrado e conectado para ver este link.] >
> Descompacte-o ao utilizar!
> Faça uma verificação,ao arquivo Hosts,e coloque-o no padrão Microsoft.
> No Windows XP,verifique: C:\WINDOWS\System32\Drivers\etc <<
> Abra essa pasta,e localize o arquivo Hosts.
> Ps: Abra-o com o Bloco de Notas!

  Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
#
127.0.0.1 localhost


> No Hosts,padronizado,não poderemos ter informações,abaixo de 127.0.0.1 localhost,que indiquem sites confiáveis.
> Tendo dúvidas,baixe e execute o HostsXpert,que gerenciará seu arquivo Hosts.
> Ela colocará o Hosts no padrão Windows,dentre outras opções incluídas no gerenciamento:

- Append File - Allows selection of a file to be appended to your current hosts file.
- Replace File - Allows selection of a file to replace your hosts file.
- Merge File - Allows selection of a file to be merged with your current hosts file.
- Create Backup - Creates a Backup of you current hosts file. Backup file will be placed where ever HostsXpert.exe resides on your Hard drive.
- Restore Backup - Restores the backup hosts file.
- Restore MS Hosts File << Padroniza o Hosts!
- Add to Hosts Files - Adds the line item into your hosts file.
- Delete Line - Deletes highlighted line from hosts file.
- Comments - Insert # / Remove# - Insert or Remove "#" (comment marker).
- Sort File - Sorts the current hosts file in alphanumeric order, removes all comment lines.
- Swap Localhost - Swaps the current hosts file between 127.0.0.1 and 0.0.0.0
- Remove Block Items - Removes all blocking lines in the current hosts file.
- Copy to Clipboard - Copies the current hosts file to the clipboard.
- Make Hosts read-only/writable toggle <-
- Search - Enter text to be searched for, click Previous or Next.
- Open in Memopad - Opens the Memopad built-in to HostsXpert.
- Save Hosts
- Saves the Hosts file from Memopad.
- Save As - Allows you to save the hosts file as a file other than "Hosts".
- Save Hosts Exit Memopad - Saves the Hosts file from Memopad, and returns you to normal view.
- Exit Memopad - Does not save changes.
> Salve-a no desktop!
> Descompacte-a para o desktop!
> Feche todas as janelas e o navegador!
> Execute o HostsXpert.exe,que não se instalará no computador.
> Clique em "Restore MS Hosts File" >> Ok.
> Essa opção,recuperará ou colocará o Hosts,em seu padrão original. ( Microsoft )
> Ocorrendo algum erro,em sua execução,clique em Make Writable e repita o procedimento.
> Finalize e/ou salve essas mudanças,e reinicie o computador!
> Informe!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 16:53

Permaneci.
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Seg 03 Nov 2014, 17:29

Boa Tarde! Thais Olino

> Edite o Hosts com o gerenciador HostsXpert.

[Você precisa estar registrado e conectado para ver esta imagem.]

> Abra a ferramenta e clique em "Tools" >> "MemoPad..." >> "Open in MemoPad".

[Você precisa estar registrado e conectado para ver esta imagem.]

> No campo à direita,remova esta linha.

127.0.0.1  localhost

> Esta aqui,deve ocupar seu lugar: ::1    localhost

> Ao concluir,clique em "MemoPad..." >> "Save" >> "Save Hosts - Exit MemoPad".
> Reinicie o computador!
> Informe!

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 17:45

Permaneci.
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 17:46

Se eu formatar o computador, resolveria esse problema ?
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Seg 03 Nov 2014, 17:54

Thais Olino escreveu:Se eu formatar o computador, resolveria esse problema ?
Boa Tarde! Thais Olino


> Se o Modem não estiver comprometido...vc já o resetou?

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Thais Olino em Seg 03 Nov 2014, 17:58

eu uso roteador e pode ser que seja algo com ele, pois esse problema aconteceu depois que eu comecei usar roteador.
avatar
Thais Olino
Iniciante
Iniciante

Mensagens : 47
Reputação : 1
Data de inscrição : 02/11/2014

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por joram em Seg 03 Nov 2014, 20:07

Thais Olino escreveu:eu uso roteador e pode ser que seja algo com ele, pois esse problema aconteceu depois que eu comecei usar roteador.
Boa Noite! Thais Olino

> Contate um Técnico para que configure seu Roteador e depois, retorne aqui com os resultados.

A+
avatar
joram
Administrador
Administrador

Mensagens : 3765
Reputação : 416
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro

Voltar ao Topo Ir em baixo

Re: como remover Attention required! CloudFlare

Mensagem por Conteúdo patrocinado


Conteúdo patrocinado


Voltar ao Topo Ir em baixo

Página 1 de 2 1, 2  Seguinte

Ver o tópico anterior Ver o tópico seguinte Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum