Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Multiple malwares
Message
<blockquote data-quote="Adriana Matutino" data-source="post: 438036" data-attributes="member: 42311"><p>I do, but the website doesn't let me upload it. It keeps saying the file is empty.</p><p>I ran the program again and here'`s the report ctrl c ctrl v:</p><p></p><p>Zoek.exe v5.0.0.1 Updated 30-09-2015</p><p>Tool run by Adriana Matutino on 03/10/2015 at 10:42:33,61.</p><p>Microsoft Windows 7 Home Premium 6.1.7600 x64</p><p>Running in: Normal Mode Internet Access Detected</p><p>Launched: C:\Users\Adriana Matutino\Desktop\zoek.exe [Scan all users] [Deep Scan] </p><p></p><p>==== Older Logs ======================</p><p></p><p>C:\zoek-results2015-10-02-182713.log 906 bytes</p><p></p><p>==== Running Processes ======================</p><p></p><p>C:\PROGRA~2\GbPlugin\GbpSv.exe</p><p>C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe</p><p>C:\Program Files\Alwil Software\Avast5\AvastSvc.exe</p><p>C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe</p><p>C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE</p><p>C:\Users\Adriana Matutino\AppData\Roaming\NetService\netservice.exe</p><p>C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe</p><p>C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe</p><p>C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe</p><p>C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe</p><p>C:\Windows\SysWOW64\DllHost.exe</p><p>C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe</p><p>C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe</p><p>C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe</p><p>C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe</p><p>C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe</p><p>C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe</p><p>C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe</p><p>C:\Program Files\Alwil Software\Avast5\AvastUI.exe</p><p>C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe</p><p>C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe</p><p>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p>C:\Users\Adriana Matutino\Desktop\zoek.exe</p><p>C:\Windows\SysWOW64\cmd.exe</p><p>C:\Windows\SysWOW64\cmd.exe</p><p>C:\Windows\SysWOW64\cmd.exe</p><p></p><p>==== System Specs ======================</p><p></p><p>Windows: Windows 7 Home Premium Edition (64-bit) (Build 7600)</p><p>Memory (RAM): 4015 MB</p><p>CPU Info: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz</p><p>CPU Speed: 2124,5 MHz</p><p>Sound Card: Speaker/HP (Realtek High Defini | </p><p>Display Adapters: NVIDIA GeForce 310M | NVIDIA GeForce 310M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver</p><p>Monitors: 1x; Generic PnP Monitor | </p><p>Screen Resolution: 1366 X 768 - 32 bit</p><p>Network: Network Present</p><p>Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Bluetooth Device (Personal Area Network) | Atheros AR9285 Wireless Network Adapter | Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller</p><p>CD / DVD Drives: 1x (G: | ) G: HL-DT-STDVDRAM GT20N</p><p>Ports: COM Ports NOT Present. LPT Port NOT Present. </p><p>Mouse: 5 Button Wheel Mouse Present</p><p>Hard Disks: C: 457,2GB</p><p>Hard Disks - Free: C: 296,9GB</p><p>Manufacturer *: American Megatrends Inc.</p><p>BIOS Info: AT/AT COMPATIBLE | 09/23/09 | Sony - 20100514</p><p>Time Zone: Romance Standard Time</p><p>Motherboard *: Sony Corporation VAIO</p><p>Country: Brazil </p><p>Language: PTB </p><p></p><p>==== System Specs (Software) ======================</p><p></p><p>AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}</p><p>SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}</p><p>Default Browser: Google Chrome 45.0.2454.101</p><p>Internet Explorer version: 8.0.7600.16385 </p><p>Mozilla Firefox version: 41.0.1 (x86 pt-BR)</p><p>Google Chrome version: 45.0.2454.101</p><p>Adobe Reader version: 11.0.12.18</p><p>Sun Java version: 1.8.0_45 (32-bit) </p><p>Sun Java version: 1.8.0_45 (64-bit) </p><p>Flash Player version: 19.0.0.185</p><p></p><p>==== Files Recently Created / Modified ======================</p><p></p><p>====== C:\Windows ====</p><p>2015-09-04 19:02:47 B58952E67FC2FA0E689F4F0F4E3091E6 43112 ----a-w- C:\Windows\avastSS.scr</p><p>====== C:\Users\ADRIAN~1\AppData\Local\Temp ====</p><p>====== Java Cache =====</p><p>====== C:\Windows\SysWOW64 =====</p><p>====== C:\Windows\SysWOW64\drivers =====</p><p>====== C:\Windows\Sysnative =====</p><p>====== C:\Windows\Sysnative\drivers =====</p><p>====== C:\Windows\Tasks ======</p><p>====== C:\Windows\Temp ======</p><p>======= C:\Program Files =====</p><p>======= C:\PROGRA~2 =====</p><p>2015-10-02 13:57:08 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service</p><p>======= C: =====</p><p>====== C:\Users\Adriana Matutino\AppData\Roaming ======</p><p>2015-10-02 13:57:22 -------- d-----w- C:\Users\Adriana Matutino\AppData\Roaming\Mozilla</p><p>====== C:\Users\Adriana Matutino ======</p><p>2015-10-02 17:13:25 2DDAF1B28DD5B82A75C973CC263B1012 2192384 ----a-w- C:\Users\Adriana Matutino\Desktop\FRST64.exe</p><p></p><p>====== C: exe-files ==</p><p>2015-10-03 08:45:51 FC32C1A3ED0B3F2AC2BC9B3B15410471 98248 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\wrg.exe</p><p>2015-10-03 08:45:51 E5FFD73FCA896510E756CABA7DDF66AB 136648 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\rbt.exe</p><p>2015-10-03 08:45:51 0F86442B238F1C9CA69CB8D662DEB05B 185800 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\ud40.exe</p><p>2015-10-03 08:45:46 FC32C1A3ED0B3F2AC2BC9B3B15410471 98248 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\temp\wrg.exe</p><p>2015-10-03 08:45:45 E5FFD73FCA896510E756CABA7DDF66AB 136648 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\temp\rbt.exe</p><p>2015-10-03 08:45:42 0F86442B238F1C9CA69CB8D662DEB05B 185800 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\temp\ud40.exe</p><p>2015-10-02 17:44:24 E8766DAA687711629698B8D301C89187 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3282514184-3565872630-3476672258-1004\$I9ZFIYM.exe</p><p>2015-10-02 17:13:25 2DDAF1B28DD5B82A75C973CC263B1012 2192384 ----a-w- C:\Users\Adriana Matutino\Desktop\FRST64.exe</p><p>2015-10-02 17:11:15 F19F51A83D76821C21C02A21DFF72C2C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3282514184-3565872630-3476672258-1004\$ILR47J4.exe</p><p>2015-10-02 17:10:11 92E44FBA7990CAAAE5C961526E5E3251 1696256 ----a-w- C:\$Recycle.Bin\S-1-5-21-3282514184-3565872630-3476672258-1004\$RLR47J4.exe</p><p>2015-10-02 13:57:10 AD58FEB99BEEE7E78E8BA45BA172B6BF 107202 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe</p><p>2015-10-02 13:57:08 6215DA3AD492CFBEBEE2ADBED0A6CC22 147624 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe</p><p>2015-10-02 13:52:03 4F04576BC7E8AA5F5D63C118ADF17A31 243792 ----a-w- C:\$Recycle.Bin\S-1-5-21-3282514184-3565872630-3476672258-1004\$R9ZFIYM.exe</p><p>2015-09-30 19:49:05 008AE7228FAA525AF3970C441F4BD4DC 3016272 ----a-w- C:\Program Files (x86)\Google\Update\Install\{19ECED25-6F7C-49F5-B6C7-1FBE13529F3E}\45.0.2454.101_45.0.2454.93_chrome_updater.exe</p><p>2015-09-30 19:49:05 008AE7228FAA525AF3970C441F4BD4DC 3016272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.101\45.0.2454.101_45.0.2454.93_chrome_updater.exe</p><p>2015-09-30 19:32:16 07D733DAB53FD7E2E7C8442216073379 873800 ----a-w- C:\Users\Adriana Matutino\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.2\software_reporter_tool.exe</p><p>=== C: other files ==</p><p>2015-09-30 21:03:40 4D08A7B60638242B389773A506B2E7A0 555384 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1507072.sys</p><p>2015-09-30 21:03:40 4527F0AE9E7D15670977FAFFCCCE138F 959416 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507072.sys</p><p></p><p>==== Startup Registry Enabled ======================</p><p></p><p>[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"</p><p></p><p>[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"</p><p></p><p>[HKEY_USERS\S-1-5-21-3282514184-3565872630-3476672258-1004\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"ares"="C:\Program Files (x86)\Ares\Ares.exe -h"</p><p></p><p>[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]</p><p>"mctadmin"="C:\Windows\System32\mctadmin.exe"</p><p></p><p>[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]</p><p>"mctadmin"="C:\Windows\System32\mctadmin.exe"</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"</p><p>"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"</p><p>"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"</p><p>"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"</p><p>"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"</p><p>"AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui"</p><p>"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"</p><p></p><p>[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]</p><p>"ares"="C:\Program Files (x86)\Ares\Ares.exe -h"</p><p></p><p>==== Startup Registry Enabled x64 ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]</p><p>"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"</p><p>"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"</p><p>"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"</p><p>"CertificateRegistration"="aetcrss1.exe"</p><p>"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "</p><p>"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "</p><p></p><p>==== Task Scheduler Jobs ======================</p><p></p><p>C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [30/09/2015 22:35]</p><p>C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/08/2015 20:37]</p><p>C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]</p><p>C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\MessageCheck.exe [24/03/2012 03:00]</p><p></p><p>==== Other Scheduled Tasks ======================</p><p></p><p>"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]</p><p>"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]</p><p>"C:\Windows\SysNative\tasks\AutoUpdaterTask" [C:\Program Files (x86)\Auto Updater\AutoUpdater.exe]</p><p>"C:\Windows\SysNative\tasks\avastBCLRestartS-1-5-21-3282514184-3565872630-3476672258-1004" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]</p><p>"C:\Windows\SysNative\tasks\avastBCLRestart_chrome.exe" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]</p><p>"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]</p><p>"C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\MessageCheck.exe]</p><p>"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 2050 J510 series" ["C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe"]</p><p>"C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3282514184-3565872630-3476672258-1004" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]</p><p>"C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3282514184-3565872630-3476672258-1004" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]</p><p>"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]</p><p>"C:\Windows\SysNative\tasks\VAIO Health Report" ["C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe"]</p><p>"C:\Windows\SysNative\tasks\SONY\Java Update" ["C:\Program Files\Java\jre6\bin\jusched.exe"]</p><p>"C:\Windows\SysNative\tasks\SONY\OOBEReminder" ["C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe"]</p><p>"C:\Windows\SysNative\tasks\SONY\OOBESendInfo" ["C:\Program Files\Sony\First Experience\OOBESendInfo.exe"]</p><p>"C:\Windows\SysNative\tasks\SONY\VAIO Survey" ["C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe"]</p><p>"C:\Windows\SysNative\tasks\SONY\SUS-BCF\Level4Daily" [C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe]</p><p>"C:\Windows\SysNative\tasks\SONY\SUS-BCF\Level4Month" [C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe]</p><p>"C:\Windows\SysNative\tasks\SONY\VAIO Power Management\VPM Logon Start" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe]</p><p>"C:\Windows\SysNative\tasks\SONY\VAIO Power Management\VPM Session Change" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe]</p><p>"C:\Windows\SysNative\tasks\SONY\VAIO Power Management\VPM Unlock" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe]</p><p>"C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update" ["C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe"]</p><p>"C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair" [C:\Program Files\Sony\VAIO Update\VUSR.exe]</p><p></p><p>==== Firefox Extensions Registry ======================</p><p></p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]</p><p>"<a href="mailto:wrc@avast.com">wrc@avast.com</a>"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [04/09/2015 21:02]</p><p></p><p>==== Firefox Extensions ======================</p><p></p><p>AppDir: C:\Program Files (x86)\Mozilla Firefox</p><p>- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}</p><p></p><p>==== Firefox Plugins ======================</p><p></p><p>Profilepath: C:\Users\Adriana Matutino\AppData\Roaming\Mozilla\Firefox\Profiles\kfeg4fin.default</p><p>10737B44923217BC0E67D26A9FC1F0AA - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)</p><p>E32771B0AE3F18CEFFC12D682025238A - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)</p><p>1A62BB86D17B8DC0D4339BACC8D60635 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash</p><p>257E7BD1D90C987F5F2DDC1CCB185DC3 - C:\Users\Adriana Matutino\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal</p><p>406106D91D3F86FD34EC194940855746 - C:\Users\Adriana Matutino\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal</p><p></p><p></p><p>==== Chromium Look ======================</p><p></p><p>Google Chrome Version: 45.0.2454.101</p><p></p><p>HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions</p><p>aaaaojmikegpiepcfdkkjaplodkpfmlo - No path found[]</p><p>eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswwebrepchrome-sp.crx[13/08/2014 06:14]</p><p>gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[21/07/2015 04:52]</p><p>jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions</p><p>bbjllphbppobebmjpjcijfbakobcheof - No path found[]</p><p></p><p>EasyCalendar - Adriana Matutino\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk</p><p>Slinky Vintage - Adriana Matutino\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdjbhifhppglclhnmmnlfloepnolbkn</p><p>Chrome Hotword Shared Module - Adriana Matutino\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg</p><p>Chrome Web Store Payments - Adriana Matutino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda</p><p></p><p>==== IE Start and Search Settings ======================</p><p></p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Search Bar"="<a href="http://www.google.com/ie" target="_blank">Upgrade to Google Chrome</a>"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]</p><p>@="<a href="http://www.google.com/search?q=%s" target="_blank">%s - Google Search</a>"</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]</p><p>"Tabs"="res://ieframe.dll/tabswelcome.htm"</p><p>[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]</p><p>"Tabs"="res://ieframe.dll/tabswelcome.htm"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]</p><p>"SearchAssistant"="<a href="http://www.google.com/ie" target="_blank">Upgrade to Google Chrome</a>"</p><p>"Default_Search_URL"="<a href="http://www.google.com/ie" target="_blank">Upgrade to Google Chrome</a>"</p><p>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]</p><p>"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"</p><p></p><p>==== All HKCU SearchScopes ======================</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes</p><p>{012E1000-F331-11DB-8314-0800200C9A66} Google Url="<a href="http://www.google.com/search?q={searchTerms}" target="_blank">{searchTerms} - Google Search</a>"</p><p>{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="<a href="https://www.google.com/search?q={searchTerms}" target="_blank">{searchTerms} - Google Search</a>"</p><p>{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found"</p><p></p><p>==== HijackThis Entries ======================</p><p></p><p>F2 - REG:system.ini: UserInit=userinit.exe,</p><p>O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll</p><p>O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll</p><p>O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll</p><p>O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll</p><p>O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll</p><p>O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll</p><p>O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll</p><p>O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"</p><p>O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe</p><p>O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"</p><p>O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe</p><p>O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe</p><p>O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui</p><p>O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"</p><p>O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h</p><p>O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')</p><p>O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')</p><p>O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')</p><p>O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')</p><p>O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000</p><p>O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm</p><p>O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm</p><p>O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll</p><p>O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll</p><p>O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll</p><p>O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll</p><p>O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll</p><p>O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll</p><p>O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll</p><p>O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL</p><p>O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm</p><p>O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm</p><p>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll</p><p>O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll</p><p>O15 - Trusted Zone: <a href="http://www.bancobrasil.com.br" target="_blank">www.bancobrasil.com.br</a></p><p>O15 - Trusted Zone: www14.bancobrasil.com.br</p><p>O15 - Trusted Zone: www2.bancobrasil.com.br</p><p>O15 - Trusted Zone: <a href="http://www.bb.com.br" target="_blank">www.bb.com.br</a></p><p>O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - <a href="http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab" target="_blank">http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab</a></p><p>O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - <a href="http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab" target="_blank">http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab</a></p><p>O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll</p><p>O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll</p><p>O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll</p><p>O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe</p><p>O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe</p><p>O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)</p><p>O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe</p><p>O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe</p><p>O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe</p><p>O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)</p><p>O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)</p><p>O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe</p><p>O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe</p><p>O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE</p><p>O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)</p><p>O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe</p><p>O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)</p><p>O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)</p><p>O23 - Service: Net.Tcp Service Handler (NetTcpHandler) - QNT - C:\Users\Adriana Matutino\AppData\Roaming\NetService\netservice.exe</p><p>O23 - Service: NVIDIA GuardService (nvservice) - Unknown owner - C:\Windows\system32\nvservice.exe (file missing)</p><p>O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)</p><p>O23 - Service: Oasis2Service - Unknown owner - (no file)</p><p>O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - (no file)</p><p>O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe</p><p>O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)</p><p>O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe</p><p>O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)</p><p>O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)</p><p>O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)</p><p>O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)</p><p>O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)</p><p>O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)</p><p>O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe</p><p>O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)</p><p>O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe</p><p>O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe</p><p>O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)</p><p>O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe</p><p>O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - (no file)</p><p>O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)</p><p>O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)</p><p>O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe</p><p>O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)</p><p>O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)</p><p>O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)</p><p>O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)</p><p></p><p>==== C:\zoek_backup content ======================</p><p></p><p>C:\zoek_backup (files=0 folders=0 0 bytes)</p><p></p><p>==== EOF on 03/10/2015 at 10:54:27,30 ======================</p></blockquote><p></p>
[QUOTE="Adriana Matutino, post: 438036, member: 42311"] I do, but the website doesn't let me upload it. It keeps saying the file is empty. I ran the program again and here'`s the report ctrl c ctrl v: Zoek.exe v5.0.0.1 Updated 30-09-2015 Tool run by Adriana Matutino on 03/10/2015 at 10:42:33,61. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Adriana Matutino\Desktop\zoek.exe [Scan all users] [Deep Scan] ==== Older Logs ====================== C:\zoek-results2015-10-02-182713.log 906 bytes ==== Running Processes ====================== C:\PROGRA~2\GbPlugin\GbpSv.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Users\Adriana Matutino\AppData\Roaming\NetService\netservice.exe C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Adriana Matutino\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) (Build 7600) Memory (RAM): 4015 MB CPU Info: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz CPU Speed: 2124,5 MHz Sound Card: Speaker/HP (Realtek High Defini | Display Adapters: NVIDIA GeForce 310M | NVIDIA GeForce 310M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Bluetooth Device (Personal Area Network) | Atheros AR9285 Wireless Network Adapter | Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller CD / DVD Drives: 1x (G: | ) G: HL-DT-STDVDRAM GT20N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 457,2GB Hard Disks - Free: C: 296,9GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/23/09 | Sony - 20100514 Time Zone: Romance Standard Time Motherboard *: Sony Corporation VAIO Country: Brazil Language: PTB ==== System Specs (Software) ====================== AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} Default Browser: Google Chrome 45.0.2454.101 Internet Explorer version: 8.0.7600.16385 Mozilla Firefox version: 41.0.1 (x86 pt-BR) Google Chrome version: 45.0.2454.101 Adobe Reader version: 11.0.12.18 Sun Java version: 1.8.0_45 (32-bit) Sun Java version: 1.8.0_45 (64-bit) Flash Player version: 19.0.0.185 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-09-04 19:02:47 B58952E67FC2FA0E689F4F0F4E3091E6 43112 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\ADRIAN~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-10-02 13:57:08 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service ======= C: ===== ====== C:\Users\Adriana Matutino\AppData\Roaming ====== 2015-10-02 13:57:22 -------- d-----w- C:\Users\Adriana Matutino\AppData\Roaming\Mozilla ====== C:\Users\Adriana Matutino ====== 2015-10-02 17:13:25 2DDAF1B28DD5B82A75C973CC263B1012 2192384 ----a-w- C:\Users\Adriana Matutino\Desktop\FRST64.exe ====== C: exe-files == 2015-10-03 08:45:51 FC32C1A3ED0B3F2AC2BC9B3B15410471 98248 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\wrg.exe 2015-10-03 08:45:51 E5FFD73FCA896510E756CABA7DDF66AB 136648 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\rbt.exe 2015-10-03 08:45:51 0F86442B238F1C9CA69CB8D662DEB05B 185800 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\ud40.exe 2015-10-03 08:45:46 FC32C1A3ED0B3F2AC2BC9B3B15410471 98248 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\temp\wrg.exe 2015-10-03 08:45:45 E5FFD73FCA896510E756CABA7DDF66AB 136648 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\temp\rbt.exe 2015-10-03 08:45:42 0F86442B238F1C9CA69CB8D662DEB05B 185800 ----a-w- C:\Users\Adriana Matutino\AppData\Roaming\RunDir\temp\ud40.exe 2015-10-02 17:44:24 E8766DAA687711629698B8D301C89187 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3282514184-3565872630-3476672258-1004\$I9ZFIYM.exe 2015-10-02 17:13:25 2DDAF1B28DD5B82A75C973CC263B1012 2192384 ----a-w- C:\Users\Adriana Matutino\Desktop\FRST64.exe 2015-10-02 17:11:15 F19F51A83D76821C21C02A21DFF72C2C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3282514184-3565872630-3476672258-1004\$ILR47J4.exe 2015-10-02 17:10:11 92E44FBA7990CAAAE5C961526E5E3251 1696256 ----a-w- C:\$Recycle.Bin\S-1-5-21-3282514184-3565872630-3476672258-1004\$RLR47J4.exe 2015-10-02 13:57:10 AD58FEB99BEEE7E78E8BA45BA172B6BF 107202 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2015-10-02 13:57:08 6215DA3AD492CFBEBEE2ADBED0A6CC22 147624 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2015-10-02 13:52:03 4F04576BC7E8AA5F5D63C118ADF17A31 243792 ----a-w- C:\$Recycle.Bin\S-1-5-21-3282514184-3565872630-3476672258-1004\$R9ZFIYM.exe 2015-09-30 19:49:05 008AE7228FAA525AF3970C441F4BD4DC 3016272 ----a-w- C:\Program Files (x86)\Google\Update\Install\{19ECED25-6F7C-49F5-B6C7-1FBE13529F3E}\45.0.2454.101_45.0.2454.93_chrome_updater.exe 2015-09-30 19:49:05 008AE7228FAA525AF3970C441F4BD4DC 3016272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.101\45.0.2454.101_45.0.2454.93_chrome_updater.exe 2015-09-30 19:32:16 07D733DAB53FD7E2E7C8442216073379 873800 ----a-w- C:\Users\Adriana Matutino\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.2\software_reporter_tool.exe === C: other files == 2015-09-30 21:03:40 4D08A7B60638242B389773A506B2E7A0 555384 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_1507072.sys 2015-09-30 21:03:40 4527F0AE9E7D15670977FAFFCCCE138F 959416 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507072.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3282514184-3565872630-3476672258-1004\Software\Microsoft\Windows\CurrentVersion\Run] "ares"="C:\Program Files (x86)\Ares\Ares.exe -h" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ares"="C:\Program Files (x86)\Ares\Ares.exe -h" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CertificateRegistration"="aetcrss1.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [30/09/2015 22:35] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/08/2015 20:37] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\MessageCheck.exe [24/03/2012 03:00] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AutoUpdaterTask" [C:\Program Files (x86)\Auto Updater\AutoUpdater.exe] "C:\Windows\SysNative\tasks\avastBCLRestartS-1-5-21-3282514184-3565872630-3476672258-1004" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\avastBCLRestart_chrome.exe" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\MessageCheck.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 2050 J510 series" ["C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-3282514184-3565872630-3476672258-1004" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-3282514184-3565872630-3476672258-1004" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\VAIO Health Report" ["C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe"] "C:\Windows\SysNative\tasks\SONY\Java Update" ["C:\Program Files\Java\jre6\bin\jusched.exe"] "C:\Windows\SysNative\tasks\SONY\OOBEReminder" ["C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe"] "C:\Windows\SysNative\tasks\SONY\OOBESendInfo" ["C:\Program Files\Sony\First Experience\OOBESendInfo.exe"] "C:\Windows\SysNative\tasks\SONY\VAIO Survey" ["C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe"] "C:\Windows\SysNative\tasks\SONY\SUS-BCF\Level4Daily" [C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe] "C:\Windows\SysNative\tasks\SONY\SUS-BCF\Level4Month" [C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe] "C:\Windows\SysNative\tasks\SONY\VAIO Power Management\VPM Logon Start" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\SONY\VAIO Power Management\VPM Session Change" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\SONY\VAIO Power Management\VPM Unlock" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update" ["C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair" [C:\Program Files\Sony\VAIO Update\VUSR.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "[email]wrc@avast.com[/email]"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [04/09/2015 21:02] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Adriana Matutino\AppData\Roaming\Mozilla\Firefox\Profiles\kfeg4fin.default 10737B44923217BC0E67D26A9FC1F0AA - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) E32771B0AE3F18CEFFC12D682025238A - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 1A62BB86D17B8DC0D4339BACC8D60635 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash 257E7BD1D90C987F5F2DDC1CCB185DC3 - C:\Users\Adriana Matutino\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll - Módulo de Proteção - Caixa Economica Federal 406106D91D3F86FD34EC194940855746 - C:\Users\Adriana Matutino\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll - Módulo de Proteção - Caixa Economica Federal ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.101 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaojmikegpiepcfdkkjaplodkpfmlo - No path found[] eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswwebrepchrome-sp.crx[13/08/2014 06:14] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[21/07/2015 04:52] jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bbjllphbppobebmjpjcijfbakobcheof - No path found[] EasyCalendar - Adriana Matutino\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgcoifbkbphhjnekfkmohklfaimhikk Slinky Vintage - Adriana Matutino\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdjbhifhppglclhnmmnlfloepnolbkn Chrome Hotword Shared Module - Adriana Matutino\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg Chrome Web Store Payments - Adriana Matutino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="[URL="http://www.google.com/ie"]Upgrade to Google Chrome[/URL]" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="[URL="http://www.google.com/search?q=%s"]%s - Google Search[/URL]" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="[URL="http://www.google.com/ie"]Upgrade to Google Chrome[/URL]" "Default_Search_URL"="[URL="http://www.google.com/ie"]Upgrade to Google Chrome[/URL]" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="[URL="http://www.google.com/search?q={searchTerms}"]{searchTerms} - Google Search[/URL]" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="[URL="https://www.google.com/search?q={searchTerms}"]{searchTerms} - Google Search[/URL]" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll O2 - BHO: G-Buster Browser Defense Itaú Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: [URL="http://www.bancobrasil.com.br"]www.bancobrasil.com.br[/URL] O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: [URL="http://www.bb.com.br"]www.bb.com.br[/URL] O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - [URL]http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab[/URL] O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [URL]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/URL] O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll O20 - Winlogon Notify: GbPluginUni - C:\Program Files (x86)\GbPlugin\gbiehUni.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Net.Tcp Service Handler (NetTcpHandler) - QNT - C:\Users\Adriana Matutino\AppData\Roaming\NetService\netservice.exe O23 - Service: NVIDIA GuardService (nvservice) - Unknown owner - C:\Windows\system32\nvservice.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Oasis2Service - Unknown owner - (no file) O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - (no file) O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Rapport Management Service (RapportMgmtService) - IBM Corp. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing) O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - (no file) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== EOF on 03/10/2015 at 10:54:27,30 ====================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top