Ga naar inhoud

Trojan.Win32.bProtector.AMN (A)

Marika
 Delen

Aanbevolen berichten

Marika Groentje

Marika

Geplaatst:
Geplaatst:

Beste,

Ik heb volgende scan uitgevoerd met Emsisoft Emergency Kit. Ik heb hierbij 3 virussen gevonden, waarvan ik er twee in quarantaine heb kunnen plaatsen en de derde kan ik niet in quarantaine plaatsen of verwijderen.

Hoe kan ik " Trojan.Win32.bProtector.AMN (A) " wel verwijderen? En die twee andere die in quarantaine staan, mag ik die ook verwijderen?

Emsisoft Emergency Kit - Versie 3.0

Laatste Update: 12/28/2012 8:41:27 PM

Scaninstellingen:

Scantype: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\, D:\, Q:\

Detecteer riskware: Uit

Scan archieven: Aan

ADS Scan: Aan

Bestandsextensiefilter: Uit

Geavanceerde cache: Aan

Directe schijftoegang: Uit

Scan gestart: 12/28/2012 8:42:09 PM

C:\Windows\SysWOW64\protector.dll Ontdekt: Trojan.Win32.bProtector.AMN (A)

C:\$Recycle.Bin\S-1-5-21-443520092-2441362985-2714935032-1001\$RKS4UPA.zip -> friendly_snowboard_kopen_runme.exe Ontdekt: Trojan.Generic.KDV.810897 (B)

C:\ProgramData\bProtector\component_332.decrpt Ontdekt: Trojan.Generic.7365232 (B)

Gescand 522381

Gevonden 3

Scan geëindigd: 12/28/2012 11:30:03 PM

Scantijd: 2:47:54

C:\ProgramData\bProtector\component_332.decrpt In quarantaine Trojan.Generic.7365232 (B)

C:\$Recycle.Bin\S-1-5-21-443520092-2441362985-2714935032-1001\$RKS4UPA.zip -> friendly_snowboard_kopen_runme.exe In quarantaine Trojan.Generic.KDV.810897 (B)

In quarantaine 2

Verwijderd 0

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites
Marika Groentje

Marika

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 12-12-29.02 - Marika 29/12/2012 11:57:50.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.6058.4175 [GMT 1:00]

Gestart vanuit: c:\users\Marika\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\etype\fiLE2linktemplatex.dll

c:\program files (x86)\RewardsArcade

c:\program files (x86)\RewardsArcade\appAPIinternalWrapper.js

c:\program files (x86)\RewardsArcade\fb.js

c:\program files (x86)\RewardsArcade\jquery.js

c:\program files (x86)\RewardsArcade\json.js

c:\program files (x86)\RewardsArcade\RewardsArcade.dll

c:\program files (x86)\RewardsArcade\RewardsArcade.exe

c:\program files (x86)\RewardsArcade\Uninstall.exe

c:\program files (x86)\RewardsArcade\UserConfirmation.exe

c:\programdata\bProtector

c:\programdata\bProtector\bProtect.exe

c:\programdata\bProtector\bProtect.settings

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_bProtector

-------\Service_bProtector

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-28 to 2012-12-29 ))))))))))))))))))))))))))))))

.

.

2012-12-29 10:13 . 2012-12-29 10:13 -------- d-----w- c:\users\Marika\AppData\Roaming\ParetoLogic

2012-12-29 10:13 . 2012-12-29 10:13 -------- d-----w- c:\users\Marika\AppData\Roaming\DriverCure

2012-12-29 10:12 . 2012-12-29 10:45 -------- d-----w- c:\programdata\ParetoLogic

2012-12-29 10:01 . 2012-12-29 10:01 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-12-29 10:01 . 2012-12-29 10:01 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-12-29 10:01 . 2012-12-29 10:01 -------- d-----w- c:\windows\system32\Macromed

2012-12-29 08:04 . 2012-08-23 15:28 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui

2012-12-29 08:04 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2012-12-29 08:04 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2012-12-29 08:04 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll

2012-12-29 08:00 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-12-29 08:00 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2012-12-29 07:58 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll

2012-12-29 07:58 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll

2012-12-29 07:57 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-12-29 07:57 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys

2012-12-29 07:57 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-12-29 07:57 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll

2012-12-29 07:57 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-12-29 07:57 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-12-29 07:57 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-12-28 23:43 . 2012-12-28 23:43 -------- d-----w- c:\programdata\WoW Worldwide Software LTD

2012-12-28 23:43 . 2012-12-28 23:44 -------- d-----w- c:\program files (x86)\SoftQuick

2012-12-28 23:43 . 2012-12-28 23:44 -------- d-----w- c:\program files (x86)\ContinueToSave

2012-12-28 23:43 . 2012-12-28 23:43 -------- d-----w- c:\programdata\continuetosave

2012-12-22 15:27 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-22 15:27 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-22 15:27 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-22 15:27 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-15 17:02 . 2012-12-15 17:02 -------- d-----w- c:\users\Marika\AppData\Roaming\AVG2013

2012-12-15 16:54 . 2012-12-15 16:54 -------- d-----w- c:\users\Marika\AppData\Roaming\TuneUp Software

2012-12-15 16:53 . 2012-12-15 16:54 -------- d-----w- c:\programdata\AVG2013

2012-12-15 13:51 . 2012-12-17 23:08 -------- d-----w- c:\users\Marika\AppData\Local\Avg2013

2012-12-15 13:51 . 2012-12-15 13:51 -------- d-----w- c:\users\Marika\AppData\Local\MFAData

2012-12-13 19:48 . 2012-12-13 19:48 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-12-13 19:48 . 2012-12-13 19:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-12-13 19:48 . 2012-12-13 19:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-12-13 19:48 . 2012-12-13 19:47 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-12-13 19:47 . 2012-12-13 19:47 -------- d-----w- c:\program files (x86)\Java

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-14 18:50 . 2012-10-06 16:52 67413224 ----a-w- c:\windows\system32\MRT.exe

2012-11-28 09:29 . 2012-11-28 09:29 8282192 ----a-w- c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE

2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2012-10-16 08:38 . 2012-11-28 09:20 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-11-28 09:20 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-11-28 09:20 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys

2012-10-09 18:17 . 2012-11-15 18:37 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 18:37 226816 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 18:37 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 18:37 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll

2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-08 10:42 . 2011-03-15 08:42 973672 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys

2012-10-08 10:42 . 2012-10-08 10:42 2747240 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-08 10:42 . 2012-10-08 10:42 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-08 10:42 . 2012-10-08 10:42 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-10-08 10:42 . 2011-03-15 08:42 247144 ----a-w- c:\windows\system32\nvinitx.dll

2012-10-08 10:42 . 2012-10-08 10:42 9146728 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-08 10:42 . 2012-10-08 10:42 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll

2012-10-08 10:42 . 2012-10-08 10:42 7414632 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-08 10:42 . 2012-10-08 10:42 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-10-08 10:42 . 2012-10-08 10:42 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-08 10:42 . 2011-03-15 08:42 202600 ----a-w- c:\windows\SysWow64\nvinit.dll

2012-10-08 10:42 . 2012-10-08 10:42 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2012-10-08 10:42 . 2011-03-15 08:42 2731880 ----a-w- c:\windows\system32\nvapi64.dll

2012-10-08 10:42 . 2012-10-08 10:42 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-08 10:42 . 2012-10-08 10:42 1760104 ----a-w- c:\windows\system32\nvdispco64.dll

2012-10-08 10:42 . 2012-10-08 10:42 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-10-06 17:12 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-10-06 17:12 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

2012-10-04 16:40 . 2012-12-12 19:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-10-03 17:56 . 2012-11-15 18:37 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-10-03 17:44 . 2012-11-15 18:37 303104 ----a-w- c:\windows\system32\nlasvc.dll

2012-10-03 17:44 . 2012-11-15 18:37 70656 ----a-w- c:\windows\system32\nlaapi.dll

2012-10-03 17:44 . 2012-11-15 18:37 246272 ----a-w- c:\windows\system32\netcorehc.dll

2012-10-03 17:44 . 2012-11-15 18:37 18944 ----a-w- c:\windows\system32\netevent.dll

2012-10-03 17:44 . 2012-11-15 18:37 216576 ----a-w- c:\windows\system32\ncsi.dll

2012-10-03 17:42 . 2012-11-15 18:37 569344 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-10-03 16:42 . 2012-11-15 18:37 18944 ----a-w- c:\windows\SysWow64\netevent.dll

2012-10-03 16:42 . 2012-11-15 18:37 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll

2012-10-03 16:42 . 2012-11-15 18:37 156672 ----a-w- c:\windows\SysWow64\ncsi.dll

2012-10-03 16:07 . 2012-11-15 18:37 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]

.

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110011041135}]

2012-01-17 17:46 470528 ----a-w- c:\program files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]

2012-08-02 10:13 248936 ----a-w- c:\program files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EF4DC753-1626-83AF-153F-5B7404AA9922}]

2012-12-29 00:02 118272 ----a-w- c:\programdata\continuetosave\50de32f81a9de.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files (x86)\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]

"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files (x86)\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll" [2012-08-02 274536]

.

[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

.

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]

[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]

[HKEY_CLASSES_ROOT\Softonic.dskBnd]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 94208 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 94208 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 94208 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

c:\users\Marika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Marika\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-10-18 26643352]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-1-13 1138464]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer2"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]

R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-08-09 166704]

R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]

R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]

R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-31 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe [2012-05-19 397848]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]

S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-01-14 349736]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-01-14 39464]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-11-09 31088]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-29 10:01]

.

2012-12-29 c:\windows\Tasks\ContinueToSaveUpdaterTask{42FB4C1A-664D-42BC-8980-22D4FAA94EE3}.job

- c:\programdata\Premium\ContinueToSave\ContinueToSave.exe [2012-12-28 14:50]

.

2012-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 19:07]

.

2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 19:07]

.

2012-12-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001Core.job

- c:\users\Marika\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-04 11:10]

.

2012-12-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001UA.job

- c:\users\Marika\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-04 11:10]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 97792 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 97792 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 97792 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 97792 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-26 11775592]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://websearch.soft-quick.info/

mStart Page = hxxp://websearch.soft-quick.info/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 195.130.130.132 195.130.131.132

.

- - - - ORPHANS VERWIJDERD - - - -

.

BHO-{597A9974-8CB0-4f41-B61F-ED065738A397} - c:\program files (x86)\RewardsArcade\RewardsArcade.dll

BHO-{d0230100-3044-43b1-a44e-70dc12fd418c} - c:\program files (x86)\etype\file2linktemplateX.dll

Toolbar-Locked - (no file)

Toolbar-{d0230100-3044-43b1-a44e-70dc12fd418c} - c:\program files (x86)\etype\file2linktemplateX.dll

Toolbar-Locked - (no file)

WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)

HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\bProtector\component_332.decrpt

AddRemove-RewardsArcade - c:\program files (x86)\RewardsArcade\Uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Data]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET CLR Networking 4.0.0.0]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET Data Provider for Oracle]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NET Data Provider for SqlServer]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\.NETFramework]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\1394ohci]

"ImagePath"="\SystemRoot\system32\drivers\1394ohci.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ACPI]

"ImagePath"="system32\drivers\ACPI.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AcpiPmi]

"ImagePath"="\SystemRoot\system32\drivers\acpipmi.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AdobeFlashPlayerUpdateSvc]

"ImagePath"="c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adp94xx]

"ImagePath"="\SystemRoot\system32\DRIVERS\adp94xx.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adpahci]

"ImagePath"="\SystemRoot\system32\DRIVERS\adpahci.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adpu320]

"ImagePath"="\SystemRoot\system32\DRIVERS\adpu320.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\adsi]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AeLookupSvc]

"ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AFD]

"ImagePath"="\SystemRoot\system32\drivers\afd.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\agp440]

"ImagePath"="\SystemRoot\system32\drivers\agp440.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ALG]

"ImagePath"="%SystemRoot%\System32\alg.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\aliide]

"ImagePath"="\SystemRoot\system32\drivers\aliide.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdide]

"ImagePath"="\SystemRoot\system32\drivers\amdide.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AmdK8]

"ImagePath"="\SystemRoot\system32\DRIVERS\amdk8.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AmdPPM]

"ImagePath"="\SystemRoot\system32\DRIVERS\amdppm.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdsata]

"ImagePath"="\SystemRoot\system32\drivers\amdsata.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdsbs]

"ImagePath"="\SystemRoot\system32\DRIVERS\amdsbs.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\amdxata]

"ImagePath"="system32\drivers\amdxata.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppID]

"ImagePath"="\SystemRoot\system32\drivers\appid.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppIDSvc]

"ServiceDll"="%SystemRoot%\System32\appidsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Appinfo]

"ServiceDll"="%SystemRoot%\System32\appinfo.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Apple Mobile Device]

"ImagePath"="\"c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AppMgmt]

"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\arc]

"ImagePath"="\SystemRoot\system32\DRIVERS\arc.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\arcsas]

"ImagePath"="\SystemRoot\system32\DRIVERS\arcsas.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AsyncMac]

"ImagePath"="system32\DRIVERS\asyncmac.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\atapi]

"ImagePath"="system32\drivers\atapi.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AudioEndpointBuilder]

"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AudioSrv]

"ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avg]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVGIDSAgent]

"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgidsagent.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVGIDSDriver]

"ImagePath"="system32\DRIVERS\avgidsdrivera.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AVGIDSHA]

"ImagePath"="system32\DRIVERS\avgidsha.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgldx64]

"ImagePath"="system32\DRIVERS\avgldx64.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgloga]

"ImagePath"="system32\DRIVERS\avgloga.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgmfx64]

"ImagePath"="system32\DRIVERS\avgmfx64.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgrkx64]

"ImagePath"="system32\DRIVERS\avgrkx64.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Avgtdia]

"ImagePath"="system32\DRIVERS\avgtdia.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\avgwd]

"ImagePath"="\"c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AxInstSV]

"ServiceDll"="%SystemRoot%\System32\AxInstSV.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\b06bdrv]

"ImagePath"="\SystemRoot\system32\DRIVERS\bxvbda.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\b57nd60a]

"ImagePath"="system32\DRIVERS\b57nd60a.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BattC]

"MofImagePath"="system32\drivers\battc.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BBSvc]

"ImagePath"="c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BBUpdate]

"ImagePath"="c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BCM43XX]

"ImagePath"="system32\DRIVERS\bcmwl664.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BDESVC]

"ServiceDll"="%SystemRoot%\System32\bdesvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Beep]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BFE]

"ServiceDll"="%SystemRoot%\System32\bfe.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BITS]

"ServiceDll"="%systemroot%\system32\qmgr.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\blbdrive]

"ImagePath"="system32\DRIVERS\blbdrive.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Bonjour Service]

"ImagePath"="\"c:\program files\Bonjour\mDNSResponder.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bowser]

"ImagePath"="system32\DRIVERS\bowser.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrFiltLo]

"ImagePath"="\SystemRoot\system32\DRIVERS\BrFiltLo.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrFiltUp]

"ImagePath"="\SystemRoot\system32\DRIVERS\BrFiltUp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BridgeMP]

"ImagePath"="system32\DRIVERS\bridge.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Browser]

"ServiceDll"="%SystemRoot%\System32\browser.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Brserid]

"ImagePath"="\SystemRoot\System32\Drivers\Brserid.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrSerWdm]

"ImagePath"="\SystemRoot\System32\Drivers\BrSerWdm.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrUsbMdm]

"ImagePath"="\SystemRoot\System32\Drivers\BrUsbMdm.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BrUsbSer]

"ImagePath"="\SystemRoot\System32\Drivers\BrUsbSer.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BthEnum]

"ImagePath"="\SystemRoot\system32\drivers\BthEnum.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BTHMODEM]

"ImagePath"="system32\DRIVERS\bthmodem.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BthPan]

"ImagePath"="system32\DRIVERS\bthpan.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BTHPORT]

"ImagePath"="\SystemRoot\System32\Drivers\BTHport.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\bthserv]

"ServiceDll"="%SystemRoot%\system32\bthserv.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BTHUSB]

"ImagePath"="\SystemRoot\System32\Drivers\BTHUSB.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BTWAMPFL]

"ImagePath"="system32\DRIVERS\btwampfl.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\btwaudio]

"ImagePath"="system32\drivers\btwaudio.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\btwavdt]

"ImagePath"="system32\DRIVERS\btwavdt.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\btwdins]

"ImagePath"="c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\btwl2cap]

"ImagePath"="system32\DRIVERS\btwl2cap.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\btwrchid]

"ImagePath"="system32\DRIVERS\btwrchid.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\catchme]

"ImagePath"="\??\c:\combofix\catchme.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cdfs]

"ImagePath"="system32\DRIVERS\cdfs.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cdrom]

"ImagePath"="\SystemRoot\system32\drivers\cdrom.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CertPropSvc]

"ServiceDll"="%SystemRoot%\System32\certprop.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\circlass]

"ImagePath"="\SystemRoot\system32\DRIVERS\circlass.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CLFS]

"ImagePath"="System32\CLFS.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v2.0.50727_32]

"ImagePath"="%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v2.0.50727_64]

"ImagePath"="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v4.0.30319_32]

"ImagePath"="c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clr_optimization_v4.0.30319_64]

"ImagePath"="c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\clwvd]

"ImagePath"="system32\DRIVERS\clwvd.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmBatt]

"ImagePath"="system32\DRIVERS\CmBatt.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdide]

"ImagePath"="\SystemRoot\system32\drivers\cmdide.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CNG]

"ImagePath"="System32\Drivers\cng.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Compbatt]

"ImagePath"="system32\DRIVERS\compbatt.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CompositeBus]

"ImagePath"="\SystemRoot\system32\drivers\CompositeBus.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\COMSysApp]

"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crcdisk]

"ImagePath"="\SystemRoot\system32\DRIVERS\crcdisk.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\crypt32]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CryptSvc]

"ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cvhsvc]

"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DCLocator]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DcomLaunch]

"ServiceDll"="%SystemRoot%\system32\rpcss.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\defragsvc]

"ServiceDll"="%Systemroot%\System32\defragsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DfsC]

"ImagePath"="System32\Drivers\dfsc.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dhcp]

"ServiceDll"="%SystemRoot%\system32\dhcpcore.dll"

--

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\discache]

"ImagePath"="System32\drivers\discache.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Disk]

"ImagePath"="system32\DRIVERS\disk.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Dnscache]

"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\dot3svc]

"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DPS]

"ServiceDll"="%SystemRoot%\system32\dps.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\drmkaud]

"ImagePath"="system32\drivers\drmkaud.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\DXGKrnl]

"ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EapHost]

"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ebdrv]

"ImagePath"="\SystemRoot\system32\DRIVERS\evbda.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EFS]

"ImagePath"="%SystemRoot%\System32\lsass.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ehRecvr]

"ImagePath"="%systemroot%\ehome\ehRecvr.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ehSched]

"ImagePath"="%systemroot%\ehome\ehsched.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Elantech]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\elxstor]

"ImagePath"="\SystemRoot\system32\DRIVERS\elxstor.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ErrDev]

"ImagePath"="\SystemRoot\system32\drivers\errdev.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ESENT]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ETD]

"ImagePath"="system32\DRIVERS\ETD.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog]

"ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\EventSystem]

"ServiceDll"="%systemroot%\system32\es.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\exfat]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fastfat]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fax]

"ImagePath"="%systemroot%\system32\fxssvc.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdc]

"ImagePath"="\SystemRoot\system32\DRIVERS\fdc.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fdPHost]

"ServiceDll"="%SystemRoot%\system32\fdPHost.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FDResPub]

"ServiceDll"="%SystemRoot%\system32\fdrespub.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FileInfo]

"ImagePath"="system32\drivers\fileinfo.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Filetrace]

"ImagePath"="system32\drivers\filetrace.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\flpydisk]

"ImagePath"="\SystemRoot\system32\DRIVERS\flpydisk.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FltMgr]

"ImagePath"="system32\drivers\fltmgr.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache]

"ServiceDll"="%SystemRoot%\system32\FntCache.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FontCache3.0.0.0]

"ImagePath"="%systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\FsDepends]

"ImagePath"="System32\drivers\FsDepends.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fs_Rec]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fvevol]

"ImagePath"="System32\DRIVERS\fvevol.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gagp30kx]

"ImagePath"="\SystemRoot\system32\DRIVERS\gagp30kx.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GameConsoleService]

"ImagePath"="\"c:\program files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GEARAspiWDM]

"ImagePath"="system32\DRIVERS\GEARAspiWDM.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gpsvc]

"ServiceDll"="%SystemRoot%\System32\gpsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gupdate]

"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /svc"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gupdatem]

"ImagePath"="\"c:\program files (x86)\Google\Update\GoogleUpdate.exe\" /medsvc"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\gusvc]

"ImagePath"="\"c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hcw85cir]

"ImagePath"="\SystemRoot\system32\drivers\hcw85cir.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HdAudAddService]

"ImagePath"="\SystemRoot\system32\drivers\HdAudio.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HDAudBus]

"ImagePath"="\SystemRoot\system32\drivers\HDAudBus.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidBatt]

"ImagePath"="\SystemRoot\system32\DRIVERS\HidBatt.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidBth]

"ImagePath"="\SystemRoot\system32\DRIVERS\hidbth.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidIr]

"ImagePath"="\SystemRoot\system32\DRIVERS\hidir.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hidserv]

"ServiceDll"="%SystemRoot%\System32\hidserv.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HidUsb]

"ImagePath"="\SystemRoot\system32\drivers\hidusb.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hkmsvc]

"ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupListener]

"ServiceDll"="%SystemRoot%\system32\ListSvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HomeGroupProvider]

"ServiceDll"="%SystemRoot%\system32\provsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HpSAMD]

"ImagePath"="\SystemRoot\system32\drivers\HpSAMD.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HTTP]

"ImagePath"="system32\drivers\HTTP.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\hwpolicy]

"ImagePath"="System32\drivers\hwpolicy.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\i8042prt]

"ImagePath"="\SystemRoot\system32\drivers\i8042prt.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ialm]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iaStor]

"ImagePath"="system32\DRIVERS\iaStor.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iaStorV]

"ImagePath"="\SystemRoot\system32\drivers\iaStorV.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IBUpdaterService]

"ImagePath"="\"c:\programdata\IBUpdaterService\ibsvc.exe\" /SERVICE"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\idsvc]

"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\igfx]

"ImagePath"="system32\DRIVERS\igdkmd64.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iirsp]

"ImagePath"="\SystemRoot\system32\DRIVERS\iirsp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IKEEXT]

"ServiceDll"="%SystemRoot%\System32\ikeext.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\inetaccs]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IntcAzAudAddService]

"ImagePath"="system32\drivers\RTKVHD64.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IntcDAud]

"ImagePath"="system32\DRIVERS\IntcDAud.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\intelide]

"ImagePath"="\SystemRoot\system32\drivers\intelide.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\intelppm]

"ImagePath"="system32\DRIVERS\intelppm.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPBusEnum]

"ServiceDll"="%SystemRoot%\system32\ipbusenum.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IpFilterDriver]

"ImagePath"="system32\DRIVERS\ipfltdrv.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iphlpsvc]

"ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPMIDRV]

"ImagePath"="\SystemRoot\system32\drivers\IPMIDrv.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IPNAT]

"ImagePath"="System32\drivers\ipnat.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iPod Service]

"ImagePath"="\"c:\program files\iPod\bin\iPodService.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\IRENUM]

"ImagePath"="system32\drivers\irenum.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\isapnp]

"ImagePath"="\SystemRoot\system32\drivers\isapnp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\iScsiPrt]

"ImagePath"="\SystemRoot\system32\drivers\msiscsi.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kbdclass]

"ImagePath"="\SystemRoot\system32\drivers\kbdclass.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\kbdhid]

"ImagePath"="\SystemRoot\system32\drivers\kbdhid.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KeyIso]

"ImagePath"="%SystemRoot%\system32\lsass.exe"

Link naar reactie
Delen op andere sites
Marika Groentje

Marika

Geplaatst:
  • Auteur
Geplaatst:

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KSecDD]

"ImagePath"="System32\Drivers\ksecdd.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KSecPkg]

"ImagePath"="System32\Drivers\ksecpkg.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ksthunk]

"ImagePath"="\SystemRoot\system32\drivers\ksthunk.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\KtmRm]

"ServiceDll"="%systemroot%\system32\msdtckrm.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer]

"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanWorkstation]

"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ldap]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdio]

"ImagePath"="system32\DRIVERS\lltdio.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lltdsvc]

"ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\lmhosts]

"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LMS]

"ImagePath"="c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Lsa]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_FC]

"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_fc.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_SAS]

"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_sas.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_SAS2]

"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_sas2.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LSI_SCSI]

"ImagePath"="\SystemRoot\system32\DRIVERS\lsi_scsi.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\luafv]

"ImagePath"="\SystemRoot\system32\drivers\luafv.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MAV Client PerfMon Provider]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mcx2Svc]

"ServiceDll"="%SystemRoot%\system32\Mcx2Svc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\megasas]

"ImagePath"="\SystemRoot\system32\DRIVERS\megasas.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MegaSR]

"ImagePath"="\SystemRoot\system32\DRIVERS\MegaSR.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEIx64]

"ImagePath"="system32\DRIVERS\HECIx64.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MMCSS]

"ServiceDll"="%SystemRoot%\system32\mmcss.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Modem]

"ImagePath"="system32\drivers\modem.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\monitor]

"ImagePath"="system32\DRIVERS\monitor.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mouclass]

"ImagePath"="\SystemRoot\system32\drivers\mouclass.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mouhid]

"ImagePath"="system32\DRIVERS\mouhid.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mountmgr]

"ImagePath"="System32\drivers\mountmgr.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mpio]

"ImagePath"="\SystemRoot\system32\drivers\mpio.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mpsdrv]

"ImagePath"="System32\drivers\mpsdrv.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MpsSvc]

"ServiceDll"="%SystemRoot%\system32\mpssvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MRxDAV]

"ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mrxsmb]

"ImagePath"="system32\DRIVERS\mrxsmb.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mrxsmb10]

"ImagePath"="system32\DRIVERS\mrxsmb10.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mrxsmb20]

"ImagePath"="system32\DRIVERS\mrxsmb20.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msahci]

"ImagePath"="system32\drivers\msahci.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msdsm]

"ImagePath"="\SystemRoot\system32\drivers\msdsm.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSDTC]

"ImagePath"="%SystemRoot%\System32\msdtc.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSDTC Bridge 3.0.0.0]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSDTC Bridge 4.0.0.0]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Msfs]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mshidkmdf]

"ImagePath"="\SystemRoot\System32\drivers\mshidkmdf.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msisadrv]

"ImagePath"="system32\drivers\msisadrv.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSiSCSI]

"ServiceDll"="%systemroot%\system32\iscsiexe.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msiserver]

"ImagePath"="%systemroot%\system32\msiexec.exe /V"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSKSSRV]

"ImagePath"="system32\drivers\MSKSSRV.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSPCLOCK]

"ImagePath"="system32\drivers\MSPCLOCK.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSPQM]

"ImagePath"="system32\drivers\MSPQM.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MsRPC]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSSCNTRS]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\mssmbios]

"ImagePath"="\SystemRoot\system32\drivers\mssmbios.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MSTEE]

"ImagePath"="system32\drivers\MSTEE.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MTConfig]

"ImagePath"="\SystemRoot\system32\DRIVERS\MTConfig.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Mup]

"ImagePath"="System32\Drivers\mup.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\napagent]

"ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NativeWifiP]

"ImagePath"="system32\DRIVERS\nwifi.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NDIS]

"ImagePath"="system32\drivers\ndis.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NdisCap]

"ImagePath"="system32\DRIVERS\ndiscap.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NdisTapi]

"ImagePath"="system32\DRIVERS\ndistapi.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Ndisuio]

"ImagePath"="system32\DRIVERS\ndisuio.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NdisWan]

"ImagePath"="system32\DRIVERS\ndiswan.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NDProxy]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBIOS]

"ImagePath"="system32\DRIVERS\netbios.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetBT]

"ImagePath"="System32\DRIVERS\netbt.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netlogon]

"ImagePath"="%SystemRoot%\system32\lsass.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Netman]

"ServiceDll"="%SystemRoot%\System32\netman.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\netprofm]

"ServiceDll"="%SystemRoot%\System32\netprofm.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NetTcpPortSharing]

"ImagePath"="\"%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nfrd960]

"ImagePath"="\SystemRoot\system32\DRIVERS\nfrd960.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NlaSvc]

"ServiceDll"="%SystemRoot%\System32\nlasvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Npfs]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nsi]

"ServiceDll"="%systemroot%\system32\nsisvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nsiproxy]

"ImagePath"="system32\drivers\nsiproxy.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NTDS]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Ntfs]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Null]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvlddmkm]

"ImagePath"="system32\DRIVERS\nvlddmkm.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvpciflt]

"ImagePath"="system32\DRIVERS\nvpciflt.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvraid]

"ImagePath"="\SystemRoot\system32\drivers\nvraid.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvstor]

"ImagePath"="\SystemRoot\system32\drivers\nvstor.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NVSvc]

"ImagePath"="%SystemRoot%\system32\nvvsvc.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nvUpdatusService]

"ImagePath"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\nv_agp]

"ImagePath"="\SystemRoot\system32\drivers\nv_agp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ohci1394]

"ImagePath"="\SystemRoot\system32\drivers\ohci1394.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ose]

"ImagePath"="\"c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\osppsvc]

"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Outlook]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2pimsvc]

"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\p2psvc]

"ServiceDll"="%SystemRoot%\system32\p2psvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Parport]

"ImagePath"="\SystemRoot\system32\DRIVERS\parport.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\partmgr]

"ImagePath"="System32\drivers\partmgr.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PcaSvc]

"ServiceDll"="%SystemRoot%\System32\pcasvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pci]

"ImagePath"="system32\drivers\pci.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pciide]

"ImagePath"="\SystemRoot\system32\drivers\pciide.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pcmcia]

"ImagePath"="\SystemRoot\system32\DRIVERS\pcmcia.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pcw]

"ImagePath"="System32\drivers\pcw.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PEAUTH]

"ImagePath"="system32\drivers\peauth.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfDisk]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfHost]

"ImagePath"="%SystemRoot%\SysWow64\perfhost.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfNet]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfOS]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PerfProc]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Perf_iCrcPerfMonMgr]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pla]

"ServiceDll"="%systemroot%\system32\pla.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PlugPlay]

"ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPAutoReg]

"ServiceDll"="%SystemRoot%\system32\pnrpauto.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PNRPsvc]

"ServiceDll"="%SystemRoot%\system32\pnrpsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PolicyAgent]

"ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PortProxy]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Power]

"ServiceDll"="%SystemRoot%\system32\umpo.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PptpMiniport]

"ImagePath"="system32\DRIVERS\raspptp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Processor]

"ImagePath"="\SystemRoot\system32\DRIVERS\processr.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProfSvc]

"ServiceDll"="%systemroot%\system32\profsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ProtectedStorage]

"ImagePath"="%SystemRoot%\system32\lsass.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Psched]

"ImagePath"="system32\DRIVERS\pacer.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ql2300]

"ImagePath"="\SystemRoot\system32\DRIVERS\ql2300.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ql40xx]

"ImagePath"="\SystemRoot\system32\DRIVERS\ql40xx.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVE]

"ServiceDll"="%windir%\system32\qwave.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\QWAVEdrv]

"ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAcd]

"ImagePath"="System32\DRIVERS\rasacd.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAgileVpn]

"ImagePath"="system32\DRIVERS\AgileVpn.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasAuto]

"ServiceDll"="%SystemRoot%\System32\rasauto.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Rasl2tp]

"ImagePath"="system32\DRIVERS\rasl2tp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasMan]

"ServiceDll"="%SystemRoot%\System32\rasmans.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasPppoe]

"ImagePath"="system32\DRIVERS\raspppoe.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RasSstp]

"ImagePath"="system32\DRIVERS\rassstp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rdbss]

"ImagePath"="system32\DRIVERS\rdbss.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rdpbus]

"ImagePath"="\SystemRoot\system32\DRIVERS\rdpbus.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPCDD]

"ImagePath"="System32\DRIVERS\RDPCDD.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPDD]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPENCDD]

"ImagePath"="system32\drivers\rdpencdd.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPNP]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPREFMP]

"ImagePath"="system32\drivers\rdprefmp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPUDD]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RdpVideoMiniport]

"ImagePath"="System32\drivers\rdpvideominiport.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RDPWD]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rdyboost]

"ImagePath"="System32\drivers\rdyboost.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteAccess]

"ServiceDLL"="%SystemRoot%\System32\mprdim.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RemoteRegistry]

"ServiceDll"="%SystemRoot%\system32\regsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RFCOMM]

"ImagePath"="system32\DRIVERS\rfcomm.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RichVideo]

"ImagePath"="\"c:\program files (x86)\CyberLink\Shared files\RichVideo.exe\"\00\01\03\01\03\01\03\01\03\01\03\01\03\01\03\01\03\01\03\01\03\01\03\01\03\10\02\01\03\01\03\01\03\01\03\01\03\01\03\01\03\02\03\02\03\02\03\02\03\02\03\02\03\02\03\02\03\02\03\02\03\02\03"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcEptMapper]

"ServiceDll"="%SystemRoot%\System32\RpcEpMap.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcLocator]

"ImagePath"="%SystemRoot%\system32\locator.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RpcSs]

"ServiceDll"="%SystemRoot%\system32\rpcss.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rspndr]

"ImagePath"="system32\DRIVERS\rspndr.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\RTL8167]

"ImagePath"="system32\DRIVERS\Rt64win7.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\rtport]

"ImagePath"="\??\c:\windows\SysWOW64\drivers\rtport.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SABI]

"ImagePath"="\??\c:\windows\system32\Drivers\SABI.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SamSs]

"ImagePath"="%SystemRoot%\system32\lsass.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Samsung UPD Service]

"ImagePath"="\"c:\windows\System32\SUPDSvc.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sbp2port]

"ImagePath"="\SystemRoot\system32\drivers\sbp2port.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCardSvr]

"ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\scfilter]

"ImagePath"="System32\DRIVERS\scfilter.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Schedule]

"ServiceDll"="%systemroot%\system32\schedsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPolicySvc]

"ServiceDll"="%SystemRoot%\System32\certprop.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SDRSVC]

"ServiceDll"="%Systemroot%\System32\SDRSVC.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\secdrv]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\seclogon]

"ServiceDll"="%windir%\system32\seclogon.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SENS]

"ServiceDll"="%SystemRoot%\system32\sens.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SensrSvc]

"ServiceDll"="%SystemRoot%\system32\sensrsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Serenum]

"ImagePath"="\SystemRoot\system32\DRIVERS\serenum.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Serial]

"ImagePath"="\SystemRoot\system32\DRIVERS\serial.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sermouse]

"ImagePath"="\SystemRoot\system32\DRIVERS\sermouse.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ServiceModelEndpoint 3.0.0.0]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ServiceModelOperation 3.0.0.0]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ServiceModelService 3.0.0.0]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SessionEnv]

"ServiceDLL"="%SystemRoot%\system32\sessenv.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sffdisk]

"ImagePath"="\SystemRoot\system32\drivers\sffdisk.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sffp_mmc]

"ImagePath"="\SystemRoot\system32\drivers\sffp_mmc.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sffp_sd]

"ImagePath"="\SystemRoot\system32\drivers\sffp_sd.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sfloppy]

"ImagePath"="\SystemRoot\system32\DRIVERS\sfloppy.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Sftfs]

"ImagePath"="system32\DRIVERS\Sftfslh.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sftlist]

"ImagePath"="\"c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Sftplay]

"ImagePath"="system32\DRIVERS\Sftplaylh.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Sftredir]

"ImagePath"="system32\DRIVERS\Sftredirlh.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Sftvol]

"ImagePath"="system32\DRIVERS\Sftvollh.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sftvsa]

"ImagePath"="\"c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe\""

Link naar reactie
Delen op andere sites
Marika Groentje

Marika

Geplaatst:
  • Auteur
Geplaatst:

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess]

"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ShellHWDetection]

"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SiSRaid2]

"ImagePath"="\SystemRoot\system32\DRIVERS\SiSRaid2.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SiSRaid4]

"ImagePath"="\SystemRoot\system32\DRIVERS\sisraid4.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SkypeUpdate]

"ImagePath"="\"c:\program files (x86)\Skype\Updater\Updater.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Smb]

"ImagePath"="system32\DRIVERS\smb.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SMSvcHost 3.0.0.0]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SMSvcHost 4.0.0.0]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SNMPTRAP]

"ImagePath"="%SystemRoot%\System32\snmptrap.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\spldr]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Spooler]

"ImagePath"="%SystemRoot%\System32\spoolsv.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppsvc]

"ImagePath"="%SystemRoot%\system32\sppsvc.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\sppuinotify]

"ServiceDll"="%SystemRoot%\system32\sppuinotify.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv]

"ImagePath"="System32\DRIVERS\srv.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srv2]

"ImagePath"="System32\DRIVERS\srv2.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\srvnet]

"ImagePath"="System32\DRIVERS\srvnet.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SSDPSRV]

"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SstpSvc]

"ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ss_bbus]

"ImagePath"="system32\DRIVERS\ss_bbus.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ss_bmdfl]

"ImagePath"="system32\DRIVERS\ss_bmdfl.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ss_bmdm]

"ImagePath"="system32\DRIVERS\ss_bmdm.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\stexstor]

"ImagePath"="\SystemRoot\system32\DRIVERS\stexstor.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\StillCam]

"ImagePath"="system32\DRIVERS\serscan.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\stisvc]

"ServiceDll"="%SystemRoot%\System32\wiaservc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\swenum]

"ImagePath"="\SystemRoot\system32\drivers\swenum.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\swprv]

"ServiceDll"="%Systemroot%\System32\swprv.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SysMain]

"ServiceDll"="%systemroot%\system32\sysmain.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TabletInputService]

"ServiceDll"="%SystemRoot%\System32\TabSvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TapiSrv]

"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TBS]

"ServiceDll"="%SystemRoot%\System32\tbssvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip]

"ImagePath"="System32\drivers\tcpip.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6]

"ImagePath"="system32\DRIVERS\tcpip.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIP6TUNNEL]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tcpipreg]

"ImagePath"="System32\drivers\tcpipreg.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TCPIPTUNNEL]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TDPIPE]

"ImagePath"="system32\drivers\tdpipe.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TDTCP]

"ImagePath"="system32\drivers\tdtcp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tdx]

"ImagePath"="system32\DRIVERS\tdx.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermDD]

"ImagePath"="\SystemRoot\system32\drivers\termdd.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TermService]

"ServiceDll"="%SystemRoot%\System32\termsrv.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Themes]

"ServiceDll"="%SystemRoot%\system32\themeservice.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\THREADORDER]

"ServiceDll"="%SystemRoot%\system32\mmcss.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrkWks]

"ServiceDll"="%SystemRoot%\System32\trkwks.dll"

--

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrustedInstaller]

"ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TSDDD]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tssecsrv]

"ImagePath"="System32\DRIVERS\tssecsrv.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TsUsbFlt]

"ImagePath"="System32\drivers\tsusbflt.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\tunnel]

"ImagePath"="system32\DRIVERS\tunnel.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TurboB]

"ImagePath"="system32\DRIVERS\TurboB.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TurboBoost]

"ImagePath"="\"c:\program files\Intel\TurboBoost\TurboBoost.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\uagp35]

"ImagePath"="\SystemRoot\system32\DRIVERS\uagp35.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\udfs]

"ImagePath"="system32\DRIVERS\udfs.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UGatherer]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UGTHRSVC]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UI0Detect]

"ImagePath"="%SystemRoot%\system32\UI0Detect.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\uliagpkx]

"ImagePath"="\SystemRoot\system32\drivers\uliagpkx.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\umbus]

"ImagePath"="\SystemRoot\system32\drivers\umbus.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UmPass]

"ImagePath"="\SystemRoot\system32\DRIVERS\umpass.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UNS]

"ImagePath"="\"c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\upnphost]

"ServiceDll"="%SystemRoot%\System32\upnphost.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\USBAAPL64]

"ImagePath"="System32\Drivers\usbaapl64.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbccgp]

"ImagePath"="system32\DRIVERS\usbccgp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbcir]

"ImagePath"="\SystemRoot\system32\drivers\usbcir.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbehci]

"ImagePath"="\SystemRoot\system32\drivers\usbehci.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbhub]

"ImagePath"="system32\DRIVERS\usbhub.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbohci]

"ImagePath"="\SystemRoot\system32\drivers\usbohci.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbprint]

"ImagePath"="system32\DRIVERS\usbprint.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\USBSTOR]

"ImagePath"="system32\DRIVERS\USBSTOR.SYS"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbuhci]

"ImagePath"="\SystemRoot\system32\drivers\usbuhci.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\usbvideo]

"ImagePath"="\SystemRoot\System32\Drivers\usbvideo.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\UxSms]

"ServiceDll"="%SystemRoot%\System32\uxsms.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VaultSvc]

"ImagePath"="%SystemRoot%\system32\lsass.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vdrvroot]

"ImagePath"="system32\drivers\vdrvroot.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vds]

"ImagePath"="%SystemRoot%\System32\vds.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vga]

"ImagePath"="system32\DRIVERS\vgapnp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VgaSave]

"ImagePath"="\SystemRoot\System32\drivers\vga.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vhdmp]

"ImagePath"="\SystemRoot\system32\drivers\vhdmp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\viaide]

"ImagePath"="\SystemRoot\system32\drivers\viaide.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\volmgr]

"ImagePath"="system32\drivers\volmgr.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\volmgrx]

"ImagePath"="System32\drivers\volmgrx.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\volsnap]

"ImagePath"="system32\drivers\volsnap.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vsmraid]

"ImagePath"="\SystemRoot\system32\DRIVERS\vsmraid.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\VSS]

"ImagePath"="%systemroot%\system32\vssvc.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vwifibus]

"ImagePath"="system32\DRIVERS\vwifibus.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vwififlt]

"ImagePath"="system32\DRIVERS\vwififlt.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W32Time]

"ServiceDll"="%systemroot%\system32\w32time.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\W3SVC]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WacomPen]

"ImagePath"="\SystemRoot\system32\DRIVERS\wacompen.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WANARP]

"ImagePath"="system32\DRIVERS\wanarp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wanarpv6]

"ImagePath"="system32\DRIVERS\wanarp.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WatAdminSvc]

"ImagePath"="%SystemRoot%\system32\Wat\WatAdminSvc.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wbengine]

"ImagePath"="\"%systemroot%\system32\wbengine.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WbioSrvc]

"ServiceDll"="%SystemRoot%\System32\wbiosrvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wcncsvc]

"ServiceDll"="%SystemRoot%\System32\wcncsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WcsPlugInService]

"ServiceDll"="%SystemRoot%\System32\WcsPlugInService.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wd]

"ImagePath"="\SystemRoot\system32\DRIVERS\wd.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wdf01000]

"ImagePath"="system32\drivers\Wdf01000.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WdiServiceHost]

"ServiceDll"="%SystemRoot%\system32\wdi.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WdiSystemHost]

"ServiceDll"="%SystemRoot%\system32\wdi.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WebClient]

"ServiceDll"="%SystemRoot%\System32\webclnt.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wecsvc]

"ServiceDll"="%SystemRoot%\system32\wecsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wercplsupport]

"ServiceDll"="%SystemRoot%\System32\wercplsupport.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WerSvc]

"ServiceDll"="%SystemRoot%\System32\WerSvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WfpLwf]

"ImagePath"="system32\DRIVERS\wfplwf.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WIMMount]

"ImagePath"="system32\drivers\wimmount.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinDefend]

"ServiceDll"="%ProgramFiles%\Windows Defender\mpsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Windows Workflow Foundation 3.0.0.0]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinHttpAutoProxySvc]

"ServiceDll"="winhttp.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winmgmt]

"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinRM]

"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Winsock]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinSock2]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WinUsb]

"ImagePath"="system32\DRIVERS\WinUsb.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Wlansvc]

"ServiceDll"="%SystemRoot%\System32\wlansvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wlcrasvc]

"ImagePath"="\"c:\program files\Windows Live\Mesh\wlcrasvc.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wlidsvc]

"ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WmiAcpi]

"ImagePath"="\SystemRoot\system32\drivers\wmiacpi.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WmiApRpl]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wmiApSrv]

"ImagePath"="%systemroot%\system32\wbem\WmiApSrv.exe"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WMPNetworkSvc]

"ImagePath"="\"%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe\""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPCSvc]

"ServiceDll"="%SystemRoot%\System32\wpcsvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WPDBusEnum]

"ServiceDll"="%SystemRoot%\system32\wpdbusenum.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ws2ifsl]

"ImagePath"="\SystemRoot\system32\drivers\ws2ifsl.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WSearch]

"ImagePath"="%systemroot%\system32\SearchIndexer.exe /Embedding"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WSearchIdxPi]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wuauserv]

"ServiceDll"="%systemroot%\system32\wuaueng.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WudfPf]

"ImagePath"="system32\drivers\WudfPf.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WUDFRd]

"ImagePath"="system32\DRIVERS\WUDFRd.sys"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\wudfsvc]

"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\WwanSvc]

"ServiceDll"="%SystemRoot%\System32\wwansvc.dll"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xmlprov]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{07171AC2-0D2A-427d-BCE5-B6C2D6C7058B}]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{13EACD45-DF67-4465-B237-63F97EF68797}]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{2FD32F05-504C-4D9C-80E0-C543E8ED71CA}]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{3C0D226A-1799-486F-95A2-237DABBD9445}]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{7B5915CD-5548-49E0-826B-AF78CAB4CFBF}]

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{E91EA3E8-0AB5-4467-AA08-E4E47BA7B5CE}]

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\CyberLink\Shared files\RichVideo.exe

c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe

c:\program files (x86)\Samsung\Easy Display Manager\dmhkcore.exe

c:\program files (x86)\Samsung\Easy Display Manager\WifiManager.exe

c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

c:\program files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

c:\program files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe

c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe

c:\program files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe

c:\program files (x86)\Common Files\Samsung\SSCSettings\SSCSettings.exe

c:\windows\SysWOW64\wscript.exe

c:\program files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe

c:\program files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

c:\users\Marika\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe

.

**************************************************************************

.

Voltooingstijd: 2012-12-29 12:11:36 - machine werd herstart

ComboFix-quarantined-files.txt 2012-12-29 11:11

.

Pre-Run: 162.414.886.912 bytes beschikbaar

Post-Run: 164.152.987.648 bytes beschikbaar

.

- - End Of File - - 2E5B1838747D7F401A76BB6AE

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE

Folder::

c:\program files (x86)\ContinueToSave

c:\programdata\continuetosave

Registry::

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

[-HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110011041135}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]

[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EF4DC753-1626-83AF-153F-5B7404AA9922}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

[-HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[-HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]

[-HKEY_CLASSES_ROOT\Softonic.dskBnd.1]

[-HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]

[-HKEY_CLASSES_ROOT\Softonic.dskBnd]

DDS::

uStart Page = hxxp://websearch.soft-quick.info/

mStart Page = hxxp://websearch.soft-quick.info/

IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in de rode snelkoppeling van ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Link naar reactie
Delen op andere sites
Marika Groentje

Marika

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 12-12-29.02 - Marika 29/12/2012 14:56:16.2.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.6058.4957 [GMT 1:00]

Gestart vanuit: c:\users\Marika\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Marika\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\ContinueToSave

c:\program files (x86)\ContinueToSave\uninstall.exe

c:\programdata\continuetosave

c:\programdata\continuetosave\50de32f81a9de.dll

c:\programdata\continuetosave\50de32f81a9de.tlb

c:\programdata\continuetosave\kbmfmicdbniojekfcfconloneccnomhe.crx

c:\programdata\continuetosave\settings.ini

c:\programdata\continuetosave\uninstall.exe

c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-28 to 2012-12-29 ))))))))))))))))))))))))))))))

.

.

2012-12-29 14:01 . 2012-12-29 14:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-12-29 14:01 . 2012-12-29 14:01 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-12-29 10:13 . 2012-12-29 10:13 -------- d-----w- c:\users\Marika\AppData\Roaming\ParetoLogic

2012-12-29 10:13 . 2012-12-29 10:13 -------- d-----w- c:\users\Marika\AppData\Roaming\DriverCure

2012-12-29 10:12 . 2012-12-29 10:45 -------- d-----w- c:\programdata\ParetoLogic

2012-12-29 10:01 . 2012-12-29 10:01 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-12-29 10:01 . 2012-12-29 10:01 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-12-29 10:01 . 2012-12-29 10:01 -------- d-----w- c:\windows\system32\Macromed

2012-12-29 08:04 . 2012-08-23 15:28 3584 ----a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui

2012-12-29 08:04 . 2012-08-23 13:41 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2012-12-29 08:04 . 2012-08-23 13:40 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2012-12-29 08:04 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll

2012-12-29 08:00 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2012-12-29 08:00 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2012-12-29 07:58 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll

2012-12-29 07:58 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll

2012-12-29 07:57 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-12-29 07:57 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys

2012-12-29 07:57 . 2012-08-24 18:04 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-12-29 07:57 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll

2012-12-29 07:57 . 2012-08-24 16:57 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-12-29 07:57 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-12-29 07:57 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-12-28 23:43 . 2012-12-28 23:43 -------- d-----w- c:\programdata\WoW Worldwide Software LTD

2012-12-28 23:43 . 2012-12-28 23:44 -------- d-----w- c:\program files (x86)\SoftQuick

2012-12-22 15:27 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll

2012-12-22 15:27 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll

2012-12-22 15:27 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2012-12-22 15:27 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2012-12-15 17:02 . 2012-12-15 17:02 -------- d-----w- c:\users\Marika\AppData\Roaming\AVG2013

2012-12-15 16:54 . 2012-12-15 16:54 -------- d-----w- c:\users\Marika\AppData\Roaming\TuneUp Software

2012-12-15 16:53 . 2012-12-15 16:54 -------- d-----w- c:\programdata\AVG2013

2012-12-15 13:51 . 2012-12-17 23:08 -------- d-----w- c:\users\Marika\AppData\Local\Avg2013

2012-12-15 13:51 . 2012-12-15 13:51 -------- d-----w- c:\users\Marika\AppData\Local\MFAData

2012-12-13 19:48 . 2012-12-13 19:48 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-12-13 19:48 . 2012-12-13 19:47 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-12-13 19:48 . 2012-12-13 19:47 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-12-13 19:48 . 2012-12-13 19:47 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-12-13 19:47 . 2012-12-13 19:47 -------- d-----w- c:\program files (x86)\Java

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-29 11:16 . 2012-02-15 14:45 22368 ----a-w- c:\windows\system32\drivers\AFD.SYS

2012-12-29 11:16 . 2009-07-14 00:10 22368 ----a-w- c:\windows\system32\drivers\WS2IFSL.SYS

2012-12-14 18:50 . 2012-10-06 16:52 67413224 ----a-w- c:\windows\system32\MRT.exe

2012-10-22 12:02 . 2012-10-22 12:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2012-10-16 08:38 . 2012-11-28 09:20 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2012-10-16 08:38 . 2012-11-28 09:20 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2012-10-16 07:39 . 2012-11-28 09:20 561664 ----a-w- c:\windows\apppatch\AcLayers.dll

2012-10-15 02:48 . 2012-10-15 02:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys

2012-10-09 18:17 . 2012-11-15 18:37 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll

2012-10-09 18:17 . 2012-11-15 18:37 226816 ----a-w- c:\windows\system32\dhcpcore6.dll

2012-10-09 17:40 . 2012-11-15 18:37 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll

2012-10-09 17:40 . 2012-11-15 18:37 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll

2012-10-08 10:42 . 2012-10-08 10:42 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll

2012-10-08 10:42 . 2012-10-08 10:42 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-10-08 10:42 . 2012-10-08 10:42 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll

2012-10-08 10:42 . 2012-10-08 10:42 26331496 ----a-w- c:\windows\system32\nvoglv64.dll

2012-10-08 10:42 . 2012-10-08 10:42 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll

2012-10-08 10:42 . 2012-10-08 10:42 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2012-10-08 10:42 . 2012-10-08 10:42 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-10-08 10:42 . 2011-03-15 08:42 973672 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-10-08 10:42 . 2012-10-08 10:42 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll

2012-10-08 10:42 . 2012-10-08 10:42 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2012-10-08 10:42 . 2012-10-08 10:42 30056 ----a-w- c:\windows\system32\drivers\nvpciflt.sys

2012-10-08 10:42 . 2012-10-08 10:42 2747240 ----a-w- c:\windows\system32\nvcuvid.dll

2012-10-08 10:42 . 2012-10-08 10:42 25256296 ----a-w- c:\windows\system32\nvcompiler.dll

2012-10-08 10:42 . 2012-10-08 10:42 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2012-10-08 10:42 . 2011-03-15 08:42 247144 ----a-w- c:\windows\system32\nvinitx.dll

2012-10-08 10:42 . 2012-10-08 10:42 9146728 ----a-w- c:\windows\system32\nvcuda.dll

2012-10-08 10:42 . 2012-10-08 10:42 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll

2012-10-08 10:42 . 2012-10-08 10:42 7414632 ----a-w- c:\windows\system32\nvopencl.dll

2012-10-08 10:42 . 2012-10-08 10:42 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll

2012-10-08 10:42 . 2012-10-08 10:42 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-10-08 10:42 . 2011-03-15 08:42 202600 ----a-w- c:\windows\SysWow64\nvinit.dll

2012-10-08 10:42 . 2012-10-08 10:42 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2012-10-08 10:42 . 2011-03-15 08:42 2731880 ----a-w- c:\windows\system32\nvapi64.dll

2012-10-08 10:42 . 2012-10-08 10:42 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-10-08 10:42 . 2012-10-08 10:42 1760104 ----a-w- c:\windows\system32\nvdispco64.dll

2012-10-08 10:42 . 2012-10-08 10:42 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2012-10-06 17:12 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2012-10-06 17:12 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2012-10-05 02:32 . 2012-10-05 02:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

2012-10-04 16:40 . 2012-12-12 19:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-10-03 17:56 . 2012-11-15 18:37 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-10-03 17:44 . 2012-11-15 18:37 303104 ----a-w- c:\windows\system32\nlasvc.dll

2012-10-03 17:44 . 2012-11-15 18:37 70656 ----a-w- c:\windows\system32\nlaapi.dll

2012-10-03 17:44 . 2012-11-15 18:37 246272 ----a-w- c:\windows\system32\netcorehc.dll

2012-10-03 17:44 . 2012-11-15 18:37 18944 ----a-w- c:\windows\system32\netevent.dll

2012-10-03 17:44 . 2012-11-15 18:37 216576 ----a-w- c:\windows\system32\ncsi.dll

2012-10-03 17:42 . 2012-11-15 18:37 569344 ----a-w- c:\windows\system32\iphlpsvc.dll

2012-10-03 16:42 . 2012-11-15 18:37 18944 ----a-w- c:\windows\SysWow64\netevent.dll

2012-10-03 16:42 . 2012-11-15 18:37 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll

2012-10-03 16:42 . 2012-11-15 18:37 156672 ----a-w- c:\windows\SysWow64\ncsi.dll

2012-10-03 16:07 . 2012-11-15 18:37 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys

2012-10-02 02:30 . 2012-10-02 02:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110011041135}]

2012-01-17 17:46 470528 ----a-w- c:\program files (x86)\Premiumplay Codec-C\Premiumplay Codec-C.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{597A9974-8CB0-4f41-B61F-ED065738A397}]

c:\program files (x86)\RewardsArcade\RewardsArcade.dll [bU]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\Vuze_Remote\prxtbVuze.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{d0230100-3044-43b1-a44e-70dc12fd418c}]

c:\program files (x86)\etype\file2linktemplateX.dll [bU]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]

2012-08-02 10:13 248936 ----a-w- c:\program files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 94208 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 94208 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 94208 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-08-28 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]

.

c:\users\Marika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Marika\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-10-18 26643352]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-1-13 1138464]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer2"=wdmaud.drv

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]

R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]

R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [2010-08-09 166704]

R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]

R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]

R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]

R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-31 1255736]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]

S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe [2012-05-19 397848]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]

S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]

S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-01-14 349736]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-01-14 39464]

S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-11-09 31088]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-11-12 138024]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-12-24 412264]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-29 10:01]

.

2012-12-29 c:\windows\Tasks\ContinueToSaveUpdaterTask{42FB4C1A-664D-42BC-8980-22D4FAA94EE3}.job

- c:\programdata\Premium\ContinueToSave\ContinueToSave.exe [2012-12-28 14:50]

.

2012-09-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 19:07]

.

2012-12-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-28 19:07]

.

2012-12-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001Core.job

- c:\users\Marika\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-04 11:10]

.

2012-12-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-443520092-2441362985-2714935032-1001UA.job

- c:\users\Marika\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-04 11:10]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 97792 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 97792 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 97792 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-10-18 21:52 97792 ----a-w- c:\users\Marika\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-26 11775592]

"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [bU]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://websearch.soft-quick.info/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 195.130.130.132 195.130.131.132

.

- - - - ORPHANS VERWIJDERD - - - -

.

BHO-{EF4DC753-1626-83AF-153F-5B7404AA9922} - c:\programdata\continuetosave\50de32f81a9de.dll

Wow6432Node-HKCU-Run-Media Finder - c:\program files (x86)\Media Finder\Media Finder.exe

AddRemove-SP_e14dcdfa - c:\program files (x86)\ContinueToSave\uninstall.exe

AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\bProtector\component_332.decrpt

AddRemove-{C1C6816E-CBB3-A748-85F9-A8B47B68985B} - c:\programdata\continuetosave\uninstall.exe

.

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2012-12-29 15:03:16

ComboFix-quarantined-files.txt 2012-12-29 14:03

ComboFix2.txt 2012-12-29 11:11

.

Pre-Run: 164.261.392.384 bytes beschikbaar

Post-Run: 164.189.278.208 bytes beschikbaar

.

- - End Of File - - 56E4B8BD6A456F0FC75D8A18958C2443

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download AdwCleaner by Xplode naar je bureaublad.

A3qkP9RCEAAOZhQ.jpg

  • Sluit alle openstaande vensters.
  • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  • Voor XP: Gewoon dubbelklikken op AdwCleaner.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.