corryvm
-
Items
13 -
Registratiedatum
-
Laatst bezocht
corryvm's prestaties
-
ok hartelijk dank zal volgende nog uitvoeren
-
momenteel ondervind ik geen problemen meer met de webcam, wilde wel nog vragen of ik er nu zeker van mag zijn dat de hacker niet meteen weer mijn pc kan overnemen. kan ik mij hiertegen nog extra beveiligen tegen hack. alvast bedankt voor de hulp van mijn grootste probleem
-
heb even nog een vraagje, heb deze ochtend ondervonden dat hij het pictogram van zowel batterij als men geluid rechts onderaan niet meer weer geeft. als ik dit weer toonbaar wil maken zegt hij dat er geen batterij en geluid geconfigureerd is. wat zou ik hier aan kunnen doen.
-
[ATTACH]26471[/ATTACH] ik vond nergens de volledige log heb dus opnieuw laten scannen en nu heb ik volledige log zal hem bijvoegen a2scan_130614-181709.txt
-
[ATTACH]26470[/ATTACH] quarantine_130614-175527.txt
-
[ATTACH]26461[/ATTACH] TDSSKiller.2.8.16.0_14.06.2013_09.53.31_log.txt
-
[ATTACH]26458[/ATTACH] [ATTACH]26459[/ATTACH] [ATTACH]26460[/ATTACH] HitmanPro_20130613_2305.log mbar-log-2013-06-13 (23-29-14).txt system-log.txt
-
[ATTACH]26456[/ATTACH] had blijkbaar verkeerde bijlage ingevoegd dit hopelijk de juiste met de ondernomen acties van de scan mbam-log-2013-06-13 (19-40-18).txt
-
[ATTACH]26455[/ATTACH] de scan is eindelijk voltooid hierbij de log bijlage, hopelijk is het me deze keer gelukt bij te voegen MBAM-log-2013-06-13 (21-37-25).txt
-
hoe moet je de log invoegen als bijlage vond dit niet ga eens goed moeten nakijken. sorry volgende staat dus ook niet in bijlage
-
Zoek.exe Version 4.0.0.2 Updated 03-June-2013 Tool run by Robin on do 13/06/2013 at 19:13:21,92. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011341191} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011341191} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3a421c8f-e238-4aeb-8874-b8b5f2cc4772} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3a421c8f-e238-4aeb-8874-b8b5f2cc4772} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{60e91567-ef8a-4520-bce2-83aba5256799} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{60e91567-ef8a-4520-bce2-83aba5256799} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3462c343-be19-4143-af70-cefb56f46fc6} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3462c343-be19-4143-af70-cefb56f46fc6} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110011341191} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011341191} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3a421c8f-e238-4aeb-8874-b8b5f2cc4772} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3a421c8f-e238-4aeb-8874-b8b5f2cc4772} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{60e91567-ef8a-4520-bce2-83aba5256799} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60e91567-ef8a-4520-bce2-83aba5256799} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully HKEY_CLASSES_ROOT\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3462c343-be19-4143-af70-cefb56f46fc6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\couponalert_2pservice deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\couponalert_2pservice deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions prefs.js not found user.js not found ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z46zjv6u.default user.js not found ---- Lines OneClickDownload removed from prefs.js ---- ---- Lines OneClickDownload modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20131306_1918_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SweetIM"=- "Coupon Alert Search Scope Monitor"=- "CouponAlert_2p Browser Plugin Loader"=- ==== Deleting Files \ Folders ====================== "C:\user.js" deleted "C:\ProgramData\HPWALog.txt" deleted "C:\user.js" deleted "C:\end" deleted "C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbrmon.exe" deleted "C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbrstub.dll" deleted "C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\T8RES.DLL" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" deleted "C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted "C:\Users\Robin\AppData\Roaming\windir" deleted "C:\Program Files (x86)\Vid-Saver" deleted "C:\Program Files (x86)\CouponAlert_2p" deleted "C:\Program Files (x86)\Funmoods" deleted "C:\Program Files (x86)\SweetIM" not deleted "C:\Program Files (x86)\Solid YouTube Downloader and Converter DB Toolbar" deleted "C:\Program Files (x86)\Yontoo" deleted "C:\Program Files (x86)\ExpressFiles" deleted "C:\Program Files (x86)\FoxTabPDFConverter" deleted "C:\Program Files (x86)\Babylon" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Program Files (x86)\Solid YouTube Downloader and Converter DB Toolbar" deleted "C:\Program Files (x86)\YourFileDownloader" deleted "C:\Program Files (x86)\Yontoo" deleted "C:\Program Files (x86)\Vid-Saver" deleted "C:\Program Files (x86)\Red Sky" deleted "C:\Program Files (x86)\SweetIM" not deleted "C:\Program Files (x86)\Funmoods" deleted "C:\Program Files (x86)\Conduit" deleted "C:\Users\Robin\AppData\Roaming\YourFileDownloader" deleted "C:\Users\Robin\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\boost_interprocess" deleted "C:\ProgramData\SweetIM" deleted "C:\ProgramData\Tarma Installer" deleted "C:\Users\Robin\AppData\Local\Ilivid Player" deleted "C:\Users\Robin\AppData\Local\DownTango" deleted "C:\Users\Robin\AppData\Local\PackageAware" deleted "C:\Users\Robin\AppData\Local\Vid-Saver" deleted "C:\Users\Robin\AppData\Local\Conduit" deleted "C:\Users\Robin\AppData\LocalLow\BabylonToolbar" deleted "C:\Users\Robin\AppData\LocalLow\Funmoods" deleted "C:\Users\Robin\AppData\LocalLow\DataMngr" deleted "C:\Users\Robin\AppData\LocalLow\PriceGong" deleted "C:\Users\Robin\AppData\LocalLow\searchquband" deleted "C:\Users\Robin\AppData\LocalLow\Conduit" deleted "C:\Users\Robin\AppData\LocalLow\Toolbar4" deleted "C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com" deleted "C:\Program Files (x86)\CouponAlert_2p\bar" deleted "C:\Program Files (x86)\CouponAlert_2p\bar\1.bin" deleted "C:\Program Files (x86)\SweetIM\Messenger" not deleted "C:\Program Files (x86)\SweetIM\Messenger" not deleted ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\z46zjv6u.default 3D928B3FE97C403A33F803B3D1A260C9 - C:\Users\Robin\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll - Google Update AB87C54CA19675880B0CAE65B8AF140C - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.11 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Robin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 8C1CAFEBED8CA61926158CEE71F8A750 - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 517021D1BCA1962ABF09099014A7D87D - C:\windows\SysWOW64\npOGPPlugin.dll - OGPlanet Game Plugin 517021D1BCA1962ABF09099014A7D87D - C:\windows\system32\npOGPPlugin.dll - OGPlanet Game Plugin AB87C54CA19675880B0CAE65B8AF140C - C:\windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.11 15E298B5EC5B89C5994A59863969D9FF - C:\windows\system32\npmproxy.dll - Microsoft® Windows® Operating System 15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Robin\AppData\Local\Temp\crx832D.tmp[] fdloijijlkoblmigdofommgnheckmaki - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx[] jplinpmadfkdgipabgcdchbdikologlh - C:\Program Files (x86)\1ClickDownload\1click11.crx[] kincjchfokkeneeofpeefomkikfkiedl - C:\Program Files (x86)\OApps\chromeaddon.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45] niapdbllcanepiiimjjndipklodoedlc - C:\Users\Robin\AppData\Local\Temp\YontooLayers.crx[] pgmfkblbflahhponhjmkcnpjinenhlnc - C:\Users\Robin\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx[] pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[12/12/2012 19:51] Battlefield Heroes - Robin - Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh Battlefield Play4Free - Robin - Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei AdBlock - Robin - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://start.funmoods.com/?f=1&a=nv1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {29868439-9DFA-4834-8165-6FD98A0FE43C} Bing Url="http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully HKEY_USERS\S-1-5-21-1807347547-2428687172-3078923314-1000\Software\Classes\Software\Microsoft\Internet Explorer\URLSearchHooks\{CA3EB689-8F09-4026-AA10-B9534C691CE0} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Robin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Robin\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Robin\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\users\Robin\AppData\Local\Mozilla\Firefox\Profiles\z46zjv6u.default\Cache will be emptied at reboot ==== Empty Chrome Cache ====================== C:\users\Robin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\Robin\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\SweetIM" not found "C:\Program Files (x86)\SweetIM" not found "C:\users\Robin\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VRH3LJ76\static.nl.softonic.com" not found ==== EOF on do 13/06/2013 at 19:23:26,12 ======================
-
[ATTACH]26454[/ATTACH]Zoek.exe Version 4.0.0.2 Updated 03-June-2013 zoek.txt
-
best, laptop met windows 7 virusscanner microsoft securitiy essentials eergisteren was mijn zoon aan het studeren op laptop, toen plots het lampje van de webcam aanging. nadien verscheen er een chatvenster en was er een persoon geld aan het afpersen en bedreigen de laptop om zeep te helpen als hij niet wou betalen. toen we hem zijde dat hij hier thuis om het geld moest komen, zodat we die persoon persoonlijk konden aanpakken, heeft hij gezegt ik geef u 1 minuut dan is u laptop om zeep en moogt ge hem wegsmijten. wij hebben de laptop onmiddelijk offline gehaald en zijn naar het politiekantoor gegaan daar hebben ze ons proberen te helpen, door middel van sommige services en processen te stoppen via taakbeheer. namelijk RasMAn en RasAuto. we waren toch een beetje opgelucht dat ze ons hierbij hebben geholpen. maar toen ik later die avond op de laptop bezig was, ging plots het lampje van de webcam weer aan ik heb de laptop weer offline gehaald, en heb vervolgens een systeem herstel ook uitgevoerd, momenteel heb ik al twee dagen niets ondervonden, maar vermoed dat er nog iets op de laptop achtergebleven is. zou iemand eventueel kunnen helpen, wat we nog kunnen doen. heb ook het programma HijackThis gedownload en een scan onder administrator laten uitvoeren hieronder zal ik de post hiervan kleven. in de hoop dat iemand mij toch nog kan helpen en vertellen of de laptop in orde is nog of niet. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 15:51:54, on 13/06/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16611) CHROME: 27.0.1453.110 FIREFOX: 16.0.1 (nl) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Users\Robin\AppData\Local\Akamai\netsession_win.exe C:\Users\Robin\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbrmon.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Users\Robin\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Users\Robin\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\Solid YouTube Downloader and Converter DB Toolbar\tbhelper.dll R3 - URLSearchHook: (no name) - {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: CrossriderApp0003491 - {11111111-1111-1111-1111-110011341191} - C:\Program Files (x86)\Vid-Saver\Vid-Saver.dll O2 - BHO: Toolbar BHO - {3a421c8f-e238-4aeb-8874-b8b5f2cc4772} - C:\PROGRA~2\COUPON~2\bar\1.bin\2pbar.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O2 - BHO: Search Assistant BHO - {60e91567-ef8a-4520-bce2-83aba5256799} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Solid YouTube Downloader and Converter DB Toolbar\tbcore3.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O3 - Toolbar: Solid YouTube Downloader and Converter DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Solid YouTube Downloader and Converter DB Toolbar\tbcore3.dll O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: (no name) - !{3462c343-be19-4143-af70-cefb56f46fc6} - (no file) O3 - Toolbar: (no name) - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file) O3 - Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [Coupon Alert Search Scope Monitor] "C:\PROGRA~2\COUPON~2\bar\1.bin\2psrchmn.exe" /m=2 /w /h O4 - HKLM\..\Run: [CouponAlert_2p Browser Plugin Loader] C:\PROGRA~2\COUPON~2\bar\1.bin\2pbrmon.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Robin\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MediaGet2] C:\Users\Robin\AppData\Local\MediaGet2\mediaget.exe --minimized O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Robin\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Robin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Robin\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: SolidWorks Background Downloader.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Robin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - MSN Games - Free Online Games O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - Unknown owner - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (file missing) O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (file missing) O23 - Service: AVG WatchDog (avgwd) - Unknown owner - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (file missing) O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe O23 - Service: Coupon AlertService (CouponAlert_2pService) - COMPANYVERS_NAME - C:\PROGRA~2\COUPON~2\bar\1.bin\2pbarsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18152 bytes
