Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
macaw

Remocao de Jungle net

Recommended Posts

Ola galera,

 

Uns dois dias atras sem saber como eu peguei esse adware jungle net, eu ja tentei usar spybot malwarebytes e tudo o que eu lembrei mas nao consegui, no hijackthis eu nao achei nada e combofix nao roda no windows 8.1 e eu ja nao sei mais o que da pra fazer, então eu queira saber se alguem ja pegou esse adware e conseguiu tirar.

 

Obrigado

 

 

 
ZA-Scan V1.0.0.4 Updated 04-May-2015
Tool run by Gustavo on 18/06/2015 at 13:41:07.25.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gustavo\Downloads\ZA-Scan.exe [Z-Analyse Scan]
 
==== Running Processes ======================
 
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ASUS\P4G\InsOnSrv.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\P4G\InsOnWMI.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\pgAgent\bin\pgagent.exe
C:\Program Files (x86)\PgBouncer\bin\pgbouncer.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Gustavo\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gustavo\Downloads\ZA-Scan.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Gustavo\AppData\Local\Temp\ZAScan.exe
 
==== Services(whitelist) ======================
Powered by E Dev
 
R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [ASLDRService] - ASLDR Service - c:\program files (x86)\asus\atk package\atk hotkey\asldrsrv.exe
R2 - [ASUS InstantOn] - ASUS InstantOn Service - c:\program files\asus\p4g\insonsrv.exe
R2 - [Asus WebStorage Windows Service] - Asus WebStorage Windows Service - c:\program files (x86)\asus\webstorage\2.0.3.226\asuswswinservice.exe
R2 - [AtherosSvc] - AtherosSvc - c:\program files (x86)\bluetooth suite\adminservice.exe
R2 - [ATKGFNEXSrv] - ATKGFNEX Service - c:\program files (x86)\asus\atk package\atkgfnex\gfnexsrv.exe
R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe
R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe
R2 - [ClickToRunSvc] - Microsoft Office ClickToRun Service - c:\program files\microsoft office 15\clientx64\officeclicktorun.exe
R2 - [ETDService] - Elan Service - c:\program files\elantech\etdservice.exe
R2 - [GamesAppIntegrationService] - GamesAppIntegrationService - c:\program files (x86)\wildtangent games\app\gamesappintegrationservice.exe
R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe
R2 - [HitmanProScheduler] - HitmanPro Scheduler - c:\program files\hitmanpro\hmpsched.exe
R2 - [intel® ME Service] - Intel® ME Service - c:\program files (x86)\intel\intel® management engine components\fwservice\intelmefwservice.exe
R2 - [jhi_service] - Intel® Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe
R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe
R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [pgAgent] - PostgreSQL Scheduling Agent - pgAgent - c:\program files (x86)\pgagent\bin\pgagent.exe
R2 - [pgbouncer] - pgbouncer - c:\program files (x86)\pgbouncer\bin\pgbouncer.exe
R2 - [PnkBstrA] - PnkBstrA - c:\windows\system32\pnkbstra.exe [x]
R2 - [postgresql-x64-9.4] - postgresql-x64-9.4 - PostgreSQL Server 9.4 - c:\program files\postgresql\9.4\bin\pg_ctl.exe
R2 - [Qualcomm Atheros Killer Service V2] - Qualcomm Atheros Killer Service V2 - c:\program files\qualcomm atheros\network manager\killerservice.exe
R2 - [sDScannerService] - Spybot-S&D 2 Scanner Service - c:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe
R2 - [sDUpdateService] - Spybot-S&D 2 Updating Service - c:\program files (x86)\spybot - search & destroy 2\sdupdsvc.exe
R2 - [sDWSCService] - Spybot-S&D 2 Security Center Service - c:\program files (x86)\spybot - search & destroy 2\sdwscsvc.exe
R2 - [spyHunter 4 Service] - SpyHunter 4 Service - c:\program files\enigma software group\spyhunter\sh4service.exe
R2 - [TeamViewer9] - TeamViewer 9 - c:\program files (x86)\teamviewer\version9\teamviewer_service.exe
R2 - [VMAuthdService] - VMware Authorization Service - c:\program files (x86)\vmware\vmware player\vmware-authd.exe
R2 - [VMnetDHCP] - VMware DHCP Service - c:\windows\system32\vmnetdhcp.exe [x]
R2 - [VMUSBArbService] - VMware USB Arbitration Service - c:\program files (x86)\common files\vmware\usb\vmware-usbarbitrator64.exe
R2 - [VMware NAT Service] - VMware NAT Service - c:\windows\system32\vmnat.exe [x]
R2 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R2 - [ZAtheros Bt and Wlan Coex Agent] - ZAtheros Bt and Wlan Coex Agent - c:\program files (x86)\bluetooth suite\ath_coexagent.exe
R3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
R3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
S2 - [gupdate] - Google Update Service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
S2 - [skypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S2 - [sT2012_Svc] - Spyware Terminator 2015 Realtime Shield Service - c:\program files (x86)\spyware terminator\st_rsser64.exe [x]
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [cphs] - Intel® Content Protection HECI Service - c:\windows\syswow64\intelcphecisvc.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [GamesAppService] - GamesAppService - c:\program files (x86)\wildtangent games\app\gamesappservice.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [iEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [intel® Capability Licensing Service TCP IP Interface] - Intel® Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [Origin Client Service] - Origin Client Service - c:\program files (x86)\origin\originclientservice.exe
S3 - [ose] - Office  Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [sNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
S4 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe
 
==== Drivers(whitelist) ======================
Powered by E Dev
 
R0 - [FileInfo] - File Information FS MiniFilter - C:\Windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\Windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\Windows\system32\Drivers\Mup.sys
R0 - [WdFilter] - Windows Defender Mini-Filter Driver - C:\Windows\system32\Drivers\WdFilter.sys
R0 - [Wof] - Windows Overlay File System Filter Driver - C:\Windows\system32\Drivers\Wof.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\Windows\system32\Drivers\NetBIOS.sys
R2 - [srv] - Server SMB 1.xxx Driver - C:\Windows\system32\Drivers\srv.sys
R3 - [srv2] - Server SMB 2.xxx Driver - C:\Windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\Windows\system32\Drivers\ACPI.sys
R0 - [acpiex] - Microsoft ACPIEx Driver - C:\Windows\system32\Drivers\acpiex.sys
R0 - [CLFS] - Common Log (CLFS) - C:\Windows\system32\Drivers\CLFS.sys
R0 - [CNG] - CNG - C:\Windows\system32\Drivers\CNG.sys
R0 - [disk] - Disk Driver - C:\Windows\system32\Drivers\disk.sys
R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\Windows\system32\Drivers\EhStorClass.sys
R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\Windows\system32\Drivers\fvevol.sys
R0 - [iaStorA] - iaStorA - C:\Windows\system32\Drivers\iaStorA.sys
R0 - [intelpep] - Intel® Power Engine Plug-in Driver - C:\Windows\system32\Drivers\intelpep.sys
R0 - [KSecDD] - KSecDD - C:\Windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\Windows\system32\Drivers\KSecPkg.sys
R0 - [mountmgr] - Mount Point Manager - C:\Windows\system32\Drivers\mountmgr.sys
R0 - [msisadrv] - msisadrv - C:\Windows\system32\Drivers\msisadrv.sys
R0 - [NDIS] - NDIS System Driver - C:\Windows\system32\Drivers\NDIS.sys
R0 - [partmgr] - Partition Manager - C:\Windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\Windows\system32\Drivers\pci.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\Windows\system32\Drivers\pcw.sys
R0 - [pdc] - pdc - C:\Windows\system32\Drivers\pdc.sys
R0 - [rdyboost] - ReadyBoost - C:\Windows\system32\Drivers\rdyboost.sys
R0 - [spaceport] - Storage Spaces Driver - C:\Windows\system32\Drivers\spaceport.sys
R0 - [Tcpip] - TCP/IP Protocol Driver - C:\Windows\system32\Drivers\Tcpip.sys
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\Windows\system32\Drivers\vdrvroot.sys
R0 - [vmci] - VMware VMCI Bus Driver - C:\Windows\system32\Drivers\vmci.sys
R0 - [volmgr] - Volume Manager Driver - C:\Windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynamic Volume Manager - C:\Windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Storage volumes - C:\Windows\system32\Drivers\volsnap.sys
R0 - [vsock] - vSockets Driver - C:\Windows\system32\Drivers\vsock.sys
R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\Windows\system32\Drivers\Wdf01000.sys
R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\Windows\system32\Drivers\WFPLWFS.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\Windows\system32\Drivers\AFD.sys
R1 - [beep] - Beep - C:\Windows\system32\Drivers\Beep.sys
R1 - [tdx] - NetIO Legacy TDI Support Driver - C:\Windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\Windows\system32\Drivers\tcpipreg.sys
S0 - [hwpolicy] - Hardware Policy Driver - C:\Windows\system32\Drivers\hwpolicy.sys
S0 - [WdBoot] - Windows Defender Boot Driver - C:\Windows\system32\Drivers\WdBoot.sys
S3 - [atapi] - IDE Channel - C:\Windows\system32\Drivers\atapi.sys
 
==== Startup Registry Enabled ======================
 
[HKEY_USERS\S-1-5-21-3231482019-950447838-241382706-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Spotify Web Helper"="C:\Users\Gustavo\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Gustavo\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"
"Spybot-S&D Cleaning"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"WebStorage"="C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe"
"ROGNB"="C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Spotify Web Helper"="C:\Users\Gustavo\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Gustavo\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"
"Spybot-S&D Cleaning"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe /autoclean"
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
 
==== Startup Registry Enabled x64 ======================
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"Thunderbolt"="C:\Program Files\Intel\Thunderbolt Software\Thunderbolt.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
 
==== Startup Folders ======================
 
2014-04-17 18:05:28 2837 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
2014-10-20 09:56:11 2246 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk
 
==== Task Scheduler Jobs ======================
 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/10/2014 10:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/10/2014 10:45]
 
==== Other Scheduled Tasks ======================
 
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\ASUS GPUTweak" ["C:\Program Files\ASUS\ASUS GPU Tweak\GPUTweak.exe"]
"C:\Windows\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files\ASUS\P4G\InsOnCfg.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update1" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update2" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\ASUS Splendid ColorU" [C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe]
"C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\Windows\SysNative\tasks\AsusVibeSchedule" ["C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\ASUS\P4G\IntlDPST.exe]
"C:\Windows\SysNative\tasks\RtHDVBg" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"]
"C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"]
"C:\Windows\SysNative\tasks\UMonitor Task" [C:\Windows\SysWOW64\UMonit64.exe]
"C:\Windows\SysNative\tasks\Update Checker" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{72D37695-6927-4923-BDA7-C24AF930144C}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{429EFF8C-54AB-42CA-94F1-B5816E7F0995}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"]
 
==== Firefox Extensions ======================
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Gustavo\AppData\Roaming\Mozilla\Firefox\Profiles\6juurr9q.default
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
9291708CCD967887AF94BE708B43D64D - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll - Microsoft Office 2013
B5CFBB8AC7C0069D80DBEAA72F3CE9E2 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll - Shockwave for Director / Shockwave for Director
 
 
==== Fake Chromium Profiles Check ======================
 
Fake profile C:\Users\postgres\AppData\Local\Google\Chrome Found
 
==== Chromium Look ======================
 
Google Chrome Version: 43.0.2357.124
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01/05/2015 11:17]
 
Stylish - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe
AdBlock - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Wolfram|Alpha (Official) - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\icncamkooinmbehmkeilcccmoljfkdhp
Chrome Hotword Shared Module - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Skype Click to Call - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Gustavo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
 
==== Chromium Startpages ======================
 
C:\Users\Gustavo\AppData\Local\Google\Chrome\User Data\Default\Preferences
CCE9A2B"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"872F448650CE2C6A8ED92FD0975EA2F86061445AB1CE9B2693018CC7DE72D82B","bepbmhgboaologfdajaanbcjmnhjmhfn":"126C74ACF0DC0F942A1F85A1F8B83EB77F25C164FB26F13E2169057B764F9DEB","eemcgdkfndhakfknompkggombfjjjeno":"7BFC8FDD9D414E67FC06E763A05EC7385C826DC5F25DBD1A15C7BF4CC889DEF5","egfomecnfjolgiknpgdeoikfmpenoobc":"E83BB22E0A71DE101F00ECCDC8EAD3037B88A603117913010F50FDAB43735FA1","ennkphjdgehloodpbhlhldgbnhmacadg":"1C30713B8FFA2A9D77C863C5DFF9A9D0150B3598DF1B00298DA7059682E282C5","fjnbnpbmkenffdnngjfgmeleoegfcffe":"C0BCB2FD7ACFA594E1CB99B44353ACC76EE8EE4D5D0FF19AF2266774D29D2449","gfdkimpbcpahaombhbimeihdjnejgicl":"DB47CEC1030DAFFD38F6F6463D723AED55DC6C9C4E55BD1C0138E13A6AD1C7C9","gighmmpiobklfepjocnamgkkbiglidom":"EEC582DFB01F6C35C9BA6484C4F16B6CE26A0C8B6379BC776A274885EAF05071","icncamkooinmbehmkeilcccmoljfkdhp":"10BA296C30C3C5F65273978523C5653805080B808F08D2DFD7D09412F134092E","kmendfapggjehodndflmmgagdbamhnfd":"0A5B483C0B9B6F8F7EB7FE4F28CDBFFE2DA5123558EE6108CCA16BC930D8A1B0","lccekmodgklaepjeofjdjpbminllajkg":"3CCFDC179122E64103F7BB4C5D08132A2F197336206A3A69EE434E327171B886","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"B7F3EEDD9D04312E9052CAFD43C4DB8E5177D85EFED18E2F0B456C94148D18BC","mfehgcgbbipciphmccgaenjidiccnmng":"B31EA9EF3102FD827C6E7FE5C44A845A09D8C73608D1E3575456E7B06F926E30","mfffpogegjflfpflabcdkioaeobkgjik":"0CD97A4A838873C92B4890ACC3018F55C1F1696ADFA2F1689474C10BC4648BE7","mgndgikekgjfcpckkfioiadnlibdjbkf":"D27E672246167156734A194CE92399A9E4329513EF803D9020A40B068B867E1D","mhjfbmdgcfjbbpaeojofohoefgiehjai":"57F43C2ED8AB16DECFA8DE3D18A275C65B54FFAA37E0F13E322BBE03C23DD2BD","mmbnjoljpgkhiaicaejkdcjbfjknipnc":"99C1EBB1D7CBE512DAD98E904121894639DD736322102CFEA047E73ABF259CFE","nbpagnldghgfoolbancepceaanlmhfmd":"683F16BE17FE87C8A4E44A1E922E9C3C8FD8FA9030C20F10C1EECCF02B1A1942","neajdppkdcdipfabeoofebfddakdcjhd":"AFC4057B719703F141A35437D1A56C8138CB28717BC7B551F196F37CD41A9B4C","nkeimhogjdpnpccoofpliimaahmaaome":"F70A7B08ACD90984AFED79077241364DB0534D042457A5DCC2E158BAEF51DD94","nmmhkkegccagdldgiimedpiccmgmieda":"F9B5196367F3227121DC040B5FE97E45D2269CEC98667474545658EDDEEBDEFD","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"B1DDBB7FC69B696985C2ADF693A629B887C9D70F3022980979CE65AA4566749B","pjjhlfkghdhmijklfnahfkpgmhcmfgcm":"6EC40A8E6F0EBC3E961B2E4A39890868D5FFF256AF2D56F1B5CFDC5A4EEE72B6"}},"google":{"services":{"last_username":"FE5A701814CEFB39D0172CAE857B6E144D0158AF8BE82C2E60C04562158C0454","username":"4729097D0C5168839D41FBB2866D90F80BAB41583C0D0D8F02CFDAA999E79909"}},"homepage":"C20CB4D19D6F8DF77EF4C898270C175763DEC7C2CE553D088EED68B3110EF912","homepage_is_newtabpage":"822DB9F19E337CA2A467AC1E2DB0BA9F18A084D79416698FC0CE5E9026929A30","pinned_tabs":"45DFA846B642007FB93D2BAC03867E21281F0AC2DC60E2E57A5B9DF2F05FCCB5","prefs":{"preference_reset_time":"CF413C38B5070A8AF8287A33BCAFC41969DF6149F65A31D5649983CA1543D60F"},"profile":{"reset_prompt_memento":"641C8798FE0075FAEE1FE34018CFFA0B4F0C2FB22D20A5D3B544C700B7916B04"},"safebrowsing":{"incidents_sent":"3461303DD98B320B7D89DD1C24C03492C9D0137A1451EF71D38EA43B0A91A4A2"},"search_provider_overrides":"A30AEF239275C3E6D64167A1B3E00DB5CF978A7986AEA7DD090554C48C672A5C","session":{"restore_on_startup":"3E27D1211E572E66E1E61975BBA0ED3CF7EB3CB8105E8AFCFBCC41115D7C413A","startup_urls":"AD8F99FF0EADF4F728F66BE31691166AF2863BCA5625CECC657789E28FFB0006"},"software_reporter":{"prompt_reason":"7D35303C8C2A46008DFC1F79261189FE869E6B70DA7775A8D23DC6239D0B6A2C","prompt_seed":"570742CD792D228D0FCFF6AE404D9D9817D0D9CF965D79E265A38FA72757927F","prompt_version":"EEFAD188B4CE9DB14DA6D470B5637FC99F5FC10147A9B6A8692BB3D78AA71394"},"sync":{"remaining_rollback_tries":"4170D0F1DE15498F15C6CA36CF329BDE417CA7FBF01F2B9A7B70E75A56822EBE"}},"super_mac":"45966E27274AD3C699B0DD09AADFE06B626D300FCFA6F3C40ACF37C6129A034D"},"session":{"restore_on_startup":5,"startup_urls":["http://home.sweetim.com/?crg=3.1010000.10005&barid={DD1D3F04-55EA-11E2-87D6-B870F4B997DC}]},"sync":{"remaining_rollback_tries":0}}
 
 
==== IE Start and Search Settings ======================
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
 
==== HijackThis Entries ======================
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{1027C70B-7B3A-4DE0-AF94-C45D8415B25C}: NameServer = 10.11.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{33A7F2C4-262C-4735-991E-0B9A357E7339}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{6f47f876-8852-4e2a-b89c-1ef7bcc72514}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{82621f43-101f-4118-b466-b2e210f4b09a}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{aefe3f69-abd8-40c9-b32f-c508ba5ecde0}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{b1eb1e86-6c25-429f-b084-9028594fb8bd}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1027C70B-7B3A-4DE0-AF94-C45D8415B25C}: NameServer = 10.11.0.1
 
==== EOF on 18/06/2015 at 13:43:38.74 ======================
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá macaw,

 

Por favor, atente para o seguinte:
  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Ao invés de criar um novo tópico, peço que você continue com este e faça uma resposta anexando o log do ZA-Scan, de acordo com essas instruções: http://forum.clubedohardware.com.br/topic/1105783-como-criar-seu-t%C3%B3pico/

 

Abraços.

Compartilhar este post


Link para o post
Compartilhar em outros sites

 

Launched: C:\Users\Gustavo\Downloads\ZA-Scan.exe [Z-Analyse Scan]

 

 

Conforme instrução, a ferramenta deve ser executado na área de trabalho.

 

Aguardo.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

Como o autor não respondeu ao tópico por mais de 10 dias, o mesmo foi arquivado.

Caso você seja o autor do tópico e quer que o mesmo seja reaberto, entre em contato com um Analista de Segurança do Fórum solicitando o desbloqueio.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×