Vraag & Antwoord

Beveiliging & privacy

Somoto en Bigseekpro probleem

Anoniem
None
28 antwoorden
  • Emsisoft Emergency Kit - Versie 1.0
    Laatste Update: 8-11-2011 1:47:45

    Scaninstellingen:

    Scantype: Diepe Scan
    Objecten: Geheugen, Sporen, Cookies, C:\, D:\
    Scan archieven: Aan
    Heuristieken: Uit
    ADS Scan: Aan

    Scan gestart: 8-11-2011 1:48:37

    c:\program files\GameSpy Arcade Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\cstrike Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\cstrike\frontline Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\halflife Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\halflife\action Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\halflife\cstrike Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\halflife\firearms Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\halflife\frontline Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\halflife\gearbox Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\halflife\tfc Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2 Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\aq2 Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\battle Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\chaosdm Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\duel Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\freeze Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\gloom Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\gxmod Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\holywars Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\jail Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\kots Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\lfiredm Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\lithium2 Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\LMCTF Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\pball Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\q2comp Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\QPong Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\ra2 Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\requiem Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\sconfig Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\tourney Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\wf Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake2\wod Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3 Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\alliance Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\beryllium Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\excessive Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\instagib Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\jailbreak Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\matchmod Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\osp Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\q3comp Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\q3f Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\q3ut2 Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\requiem Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\rocketarena3 Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\quake3\wfa Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\Arena Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\ch Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\CTF Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\CTFb Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\CTFplus Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\DD Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\DM Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\Duel Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\Fr Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\MT Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\Open Cal Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\RPG Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\tribes\TAC Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\ut Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\ut\Excessive Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\ut\RocketArena Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Custom\ut\Swat Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Images Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Images\portraits Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Profiles Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Profiles\(default) Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_common Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_demospy Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_fplanet Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_gnews Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_gspyder Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_news Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_support Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Skins Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Sounds Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Sounds\(default) Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Sounds\classic Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\users\bigadje\appdata\roaming\microsoft\windows\start menu\programs\GameSpy Arcade Ontdekt: Trace.Directory.GameSpy Arcade!A2
    c:\users\bigadje\appdata\roaming\microsoft\windows\start menu\programs\WAV to MP3 Encoder Ontdekt: Trace.Directory.WAV to MP3 Encoder 1.0!A2
    c:\users\bigadje\appdata\roaming\DaCamYoWebcam Ontdekt: Trace.Directory.DaCamYo !A2
    Value: HKEY_CLASSES_ROOT\CLSID\{9A5ED012-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    Value: HKEY_CLASSES_ROOT\CLSID\{9A5ED015-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    Value: HKEY_CLASSES_ROOT\CLSID\{9A5ED016-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    Value: HKEY_CLASSES_ROOT\CLSID\{9A5ED017-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    Value: HKEY_CLASSES_ROOT\CLSID\{9A5ED018-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A5ED012-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A5ED015-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A5ED016-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A5ED017-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A5ED018-B192-11d3-9382-0000B4BDB148}\InprocServer32 –> ThreadingModel Ontdekt: Trace.Registry.HackerWacker 2.6!A2
    c:\program files\GameSpy Arcade\4dca9208.dat Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Aphex.exe Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\ArcRes.dll Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\dat.bmp Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\def_banner.gif Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\def_banner.html Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\def_bannerbg.jpg Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\def_loading.gif Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\def_logo.jpg Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\def_news.html Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\fpupdate.exe Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\GameSpy Arcade - Debug.lnk Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\GameSpy Arcade Help.url Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\GameSpy Arcade Website.url Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\GameSpy Arcade.lnk Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\GameSpy.com Gaming's Homepage.url Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\GSAPak.exe Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\gslan.dll Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\gsws.dll Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\INSTALL.LOG Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\pw32.dll Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\readme.html Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Register GameSpy Arcade.url Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\RptCrash.exe Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_news\rsrc.dir Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_news\service_tab.psd Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_news\service_tab+.tga Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_support\rsrc.dir Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\Services\_support\service_tab.psd Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\program files\GameSpy Arcade\ws_default.html Ontdekt: Trace.File.GameSpy Arcade!A2
    c:\windows\ss3unstl.exe Ontdekt: Trace.File.Ocean Screensaver!A2
    Value: HKEY_CURRENT_USER\Software\GameSpy\GameSpy Arcade –> InstDir Ontdekt: Trace.Registry.GameSpy Arcade!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade –> DisplayName Ontdekt: Trace.Registry.GameSpy Arcade!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade –> UninstallString Ontdekt: Trace.Registry.GameSpy Arcade!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Player\Downloaded –> Repeat Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Player\Library –> Repeat Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Player\Purchased –> Repeat Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Player\QuickPlay –> Repeat Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Player\Top25 –> Repeat Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Player –> Volume Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\PortablePlayers\0 –> AutoSync Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\PortablePlayers\0 –> NoRemove Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\PortablePlayers\0 –> SerialNumber Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\PortablePlayers\0 –> Usages Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\PortablePlayers –> Devices Ontdekt: Trace.Registry.iMesh MediaBar!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\General –> AppData Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\General –> DownloadLimit Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\General –> DSUniqueID Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\General –> LanguageCode Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\General –> LimitTime Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\General –> Login Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\General –> MNEnabled Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\General –> NetworkPaneShow Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\General –> OKHashes Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> AccessUploading Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> AntPort Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> ConnectIp Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> EnableLocalConnections Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> MaxConnForFile Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> MaxDownload Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> MaxDownloadSpeed Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> MaxUpload Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> MaxUploadSpeed Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> PreviewPort Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> ReassignSlowSources Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> SmartTraffic Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> StatusUploadPort Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> TimeLibraryReportSent Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\IM2Net –> TimeUploadPort Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\Proxy –> Enabled Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\Proxy –> Password Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\Proxy –> ServerAddress Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\Proxy –> ServerPort Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\Proxy –> Type Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\Proxy –> UseAuthentication Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Network\Proxy –> Username Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Artwork –> ThumbnailArtwork Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountArtistPageEntry Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountDiscoveryEntry Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountDownloadsAdded Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountDPShowsUp Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountHidingIMWindow Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountPeopleHomeEntry Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountPlaySong Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountPlaySongMN Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountProfilePageEntry Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountSearch Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountSearchEntry Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountShownLogin Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMCountUserListOpened Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMDiscoveryGenreEntry Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMDiscoveryMoodsEntry Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMUsedInvite Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Bubbles –> BMUsedSearch Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\FileList –> DeleteFromDisk Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\FileList –> MediaTypeFilter Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\IEHomepage –> DontShowIEHomepageOffer Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\IEHomepage –> DontShowIEHomepageOfferNever Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\IEHomepage –> IEHomepage Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\IEHomepage –> LastHomepageCheck Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Invite –> DownloadCount Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Invite –> InviteShowCount Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Invite –> PlayCount Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Search –> MaxResultsCount Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Search –> MediaTypeFilter Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Search –> PremiumEnabled Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Security –> DoNotShare Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences\Security –> Password Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> AUDeclineDate Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> AutoResetPlayCount Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> CopyFromRemovable Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> Crossfade Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IMPictureFolderPath Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsAddSongsToQP Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsAutoVolume Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsCrossfadeEnable Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsIMAlertContacts Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsIMAlertMessages Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsIMDontPlayWhenPlaying Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsIMEveryone Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsIMPlayWhenSign Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsIMSpecialAlers Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsNeedUpdateHisory Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsNotPresentAnyVideo Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsNotPresentMusic Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsNotPresentVideo Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsNotShowNick Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsPlayDownloadSound Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsSearchAutoSuggest Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsSecurityLock Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsShowCRQDialog Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsShowDownloadTray Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsShowFTPDialog Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsShowLQDialog Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> IsShowToday Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> ReceiveLooking Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> RootLicenseDate Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> SendLooking Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> ShowNILWarning Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> SubsType Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> UsedMNPortable Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> UsedPortable Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> VideoRegime Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> VisualEnabled Ontdekt: Trace.Registry.iMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh\Preferences –> VisualRegime Ontdekt: Trace.Registry.iMesh!A2
    Key: HKEY_CURRENT_USER\software\imesh Ontdekt: Trace.Registry.IMesh!A2
    Value: HKEY_CURRENT_USER\Software\iMesh –> LastOpenFileDir Ontdekt: Trace.Registry.iMesh!A2
    Key: HKEY_LOCAL_MACHINE\software\imesh Ontdekt: Trace.Registry.IMesh!A2
    Value: HKEY_CURRENT_USER\Software\Kazaa\Advanced –> Status Ontdekt: Trace.Registry.Kazaa!A2
    Key: HKEY_CURRENT_USER\software\kazaa Ontdekt: Trace.Registry.KaZaA!A2
    Value: HKEY_CURRENT_USER\Software\EffeTech\MSN Sniffer 2\process –> id Ontdekt: Trace.Registry.MsnSniffer 2.1!A2
    Value: HKEY_CURRENT_USER\Software\EffeTech\MSN Sniffer 2\Reg –> SetupTime Ontdekt: Trace.Registry.MsnSniffer 2.1!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> 1 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> 10 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> 2 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> 4 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> 5 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> 6 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> 7 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> 9 Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> AdsLastKnownState Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> id Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> InitialPort Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> InstallState Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> SL Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> TableType Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming\PartyPoker –> useCount Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming –> AutoLoginToOtherGames Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming –> CFDialogShown Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming –> FreshInstall Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_CURRENT_USER\Software\PartyGaming –> OldCFformat Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> ButtonText Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> CLSID Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> Default Visible Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> Exec Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> HotIcon Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> Icon Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> MenuStatusBar Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> MenuText Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} –> Path Ontdekt: Trace.Registry.PartyPoker!A2
    Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\extended properties\{305ca226-d286-468e-b848-2b2e8e697b74} 2 –> %systemroot%\system32\p2p networking v126.cpl Ontdekt: Trace.Registry.PeerEnabler!A2
    C:\Users\bigadje\Desktop\ComboFix.exe/$0\List.bat Ontdekt: Virus.Win32.HTML!IK
    C:\Users\bigadje\Documents\Cosmos\Scoop\telescope-2.8.5.EXE/Installer.exe Ontdekt: Trojan-Downloader.Win32.Delf!IK
    C:\Users\bigadje\Documents\Cosmos\Scoop\telescope-2.8.5.zip/Installer.exe Ontdekt: Trojan-Downloader.Win32.Delf!IK
    C:\Users\bigadje\Documents\Cosmos\Scoop\telescope-2.8.5.zip/telescope2.8.5.msi Ontdekt: Trojan-Downloader.Win32.Delf!IK
    C:\Users\bigadje\Downloads\ComboFix.exe/$0\List.bat Ontdekt: Virus.Win32.HTML!IK

    Gescand

    Bestanden: 608021
    Sporen: 438894
    Cookies: 99
    Processen: 60

    Gevonden

    Bestanden: 5
    Sporen: 276
    Cookies: 0
    Processen: 0
    Registersleutels: 0

    Scan Geëindigd: 8-11-2011 5:40:14
    Scantijd: 3:51:37
  • Als ik in Chrome iets in de titelbalk type knalt hij me door naar Somoto zoekmachine of een Bigseek zoekmachine. Denk dat het een spyware oid is. Hoe krijg ik dat weg? Heb al een scan gedaan met Adware. Hierbij de Hijack file.


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 0:56:52, on 2-11-2011
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.19088)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Xfire\Xfire.exe
    C:\Users\bigadje\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Users\bigadje\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bigadje\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bigadje\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bigadje\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\bigadje\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nl.msn.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=81&bd=Pavilion&pf=desktop
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    R3 - URLSearchHook: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: (no name) - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
    O3 - Toolbar: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Free YouTube Download - C:\Users\bigadje\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F557} (Flatcast Viewer 5.0) - http://data.myflatcast.com/data/objects/NpFv501.dll
    O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{DDCD2313-0166-4931-AD83-0B80E2A01BD5}: NameServer = 8.8.8.8,8.8.4.4
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O22 - SharedTaskScheduler: ObjectDockShellExt - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
    O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c9871e2dc4eb71) (gupdate1c9871e2dc4eb71) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe


    End of file - 9948 bytes
  • Hallo bigadje, probeer het tool [b:72a4f6cd00]Toolbar Cleaner[/b:72a4f6cd00].

    Het probleem is namelijk dat Google's Chrome instellingen nog niet in logs vermeld worden!

    http://www.gratissoftwaresite.nl/downloads/taxonomy/term/543

    He zal je duidelijk zijn, dat je de toolbars eerst aanvinkt die je kwijt wilt en dan op de knop Remove klikt.

    Laat me weten of dat tool doet wat het beloofd en post ook een nieuw Hijack This-log.
  • Hallo,

    probleem is dat het geen toolbar is, tenminste niet zichtbaar in de balk boven. Hij stuurt je gewoon door naar de desbetreffende pagina.

    Groet
    Arnold
  • Hallo Arnold, dan maar kijken of we via ComboFix er achter komen:

    [b:964a4af957]Welk programma[/b:964a4af957]: ComboFix
    [b:964a4af957]Waarvoor/waarom[/b:964a4af957]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:964a4af957]Moeilijkheidsgraad[/b:964a4af957]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:964a4af957]Downloadlokatie[/b:964a4af957]: Dit programma absoluut naar het bureaublad downloaden!
    [b:964a4af957]Download ComboFix via één van deze locaties[/b:964a4af957]:
    [list:964a4af957][*:964a4af957][b:964a4af957]Bleepingcomputer[/b:964a4af957]
    [*:964a4af957][b:964a4af957]ForoSpyware[/b:964a4af957]
    [*:964a4af957][b:964a4af957]Geekstogo[/b:964a4af957][/list:u:964a4af957]
    [b:964a4af957]Hier[/b:964a4af957] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:964a4af957]Hier[/b:964a4af957] en [b:964a4af957]hier[/b:964a4af957] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:964a4af957]Voor alle duidelijkheid nogmaals[/b:964a4af957]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:964a4af957]Opmerkingen[/b:964a4af957]:
    [list:964a4af957][*:964a4af957] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:964a4af957]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:964a4af957]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:964a4af957]
    [b:964a4af957]ComboFix is opgestart[/b:964a4af957]:
    [list:964a4af957][*:964a4af957]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:964a4af957]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:964a4af957]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:964a4af957]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:964a4af957]Post de inhoud van dit logbestand in je volgende bericht.
    [*:964a4af957]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:964a4af957]
    [b:964a4af957]Belangrijke opmerking[/b:964a4af957]:
    [list:964a4af957][*:964a4af957][b:964a4af957]
  • Logbestand

    ComboFix 11-11-02.03 - bigadje 03-11-2011 0:25.1.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3071.1833 [GMT 1:00]
    Gestart vanuit: c:\users\bigadje\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\3D3
    c:\programdata\3D3\mm.db
    c:\programdata\3D3\thumbnail.db
    c:\programdata\Microsoft\Windows\Start Menu\Windows Live Messenger .lnk
    c:\users\bigadje\AppData\Local\log.txt
    c:\users\bigadje\AppData\Roaming\EurekaLog
    c:\users\bigadje\AppData\Roaming\EurekaLog\logivert\logivert_PC_BIG_ADJE.elf
    c:\users\bigadje\AppData\Roaming\Microsoft\~DFK3fed8a.tmp
    c:\users\bigadje\AppData\Roaming\Microsoft\1eaadjc.dll
    c:\users\bigadje\AppData\Roaming\Microsoft\bass.dll
    c:\users\bigadje\AppData\Roaming\Microsoft\kfgresk.dll
    c:\users\bigadje\AppData\Roaming\Microsoft\mjcriu.dll
    c:\users\bigadje\AppData\Roaming\Microsoft\peaadje.dll
    c:\users\bigadje\AppData\Roaming\Microsoft\qwadjb.dll
    c:\users\bigadje\AppData\Roaming\Microsoft\rsaadjd.dll
    c:\windows\iun6002.exe
    c:\windows\system32\CF25095.exe
    c:\windows\system32\ijl11.dll
    c:\windows\system32\jucheck.exe
    c:\windows\system32\uninstall.exe
    c:\windows\test
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-10-02 to 2011-11-02 ))))))))))))))))))))))))))))))
    .
    .
    2175-05-27 23:15 . 2008-03-05 14:56 3786760 —-a-w- c:\windows\system32\d3dx9_37.dll
    2011-11-02 23:35 . 2011-11-02 23:35 ——– d—–w- c:\users\bigadje\AppData\Local\temp
    2011-11-02 23:35 . 2011-11-02 23:35 ——– d—–w- c:\windows\system32\config\systemprofile\AppData\Local\temp
    2011-11-02 23:35 . 2011-11-02 23:35 ——– d—–w- c:\users\UpdatusUser\AppData\Local\temp
    2011-11-02 09:41 . 2011-11-02 09:44 ——– d—–w- c:\program files\Toolbar Cleaner
    2011-11-02 00:00 . 2011-11-02 00:00 ——– d—–w- c:\program files\Conduit
    2011-11-02 00:00 . 2011-11-02 00:00 ——– d—–w- c:\users\bigadje\AppData\Local\Conduit
    2011-11-01 23:59 . 2011-11-02 00:00 ——– d—–w- c:\program files\Freecorder
    2011-11-01 17:37 . 2011-11-01 17:37 388096 —-a-r- c:\users\bigadje\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-11-01 17:37 . 2011-11-01 17:37 ——– d—–w- c:\program files\Trend Micro
    2011-11-01 01:15 . 2011-10-31 23:40 16432 —-a-w- c:\windows\system32\lsdelete.exe
    2011-10-31 23:36 . 2011-08-18 14:25 64512 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2011-10-31 23:36 . 2011-10-31 23:36 ——– d—–w- c:\program files\Lavasoft
    2011-10-31 23:12 . 2011-10-31 23:14 ——– d—–w- c:\users\bigadje\AppData\Roaming\GetRightToGo
    2011-10-31 22:51 . 2011-10-31 22:52 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2011-10-31 22:51 . 2011-08-31 16:00 22216 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-10-31 18:07 . 2011-10-31 18:07 ——– d—–w- c:\users\bigadje\AppData\Roaming\MP4 to MP3 Converter
    2011-10-31 18:06 . 2011-10-31 18:06 ——– d—–w- c:\program files\MP4 to MP3 Converter
    2011-10-31 18:03 . 2011-10-31 18:03 ——– d—–w- c:\users\bigadje\AppData\Roaming\DVDVideoSoft
    2011-10-29 10:48 . 2011-10-29 10:48 ——– d—–w- c:\users\bigadje\AppData\Roaming\Netscape
    2011-10-29 10:48 . 2011-10-29 10:48 ——– d—–w- c:\users\bigadje\AppData\Local\Netscape
    2011-10-26 17:47 . 2011-10-26 17:47 ——– d—–w- c:\program files\Lame For Audacity
    2011-10-15 14:27 . 2011-11-01 15:59 ——– d—–w- C:\Spectrum
    2011-10-13 20:29 . 2011-10-13 20:29 42392 —-a-w- c:\windows\system32\xfcodec.dll
    2011-10-04 22:58 . 2011-10-04 22:58 ——– d—–w- c:\program files\TweetDeck
    2011-10-04 22:57 . 2011-10-26 17:35 ——– d—–w- c:\program files\Audacity 1.3 Beta (Unicode)
    2011-10-04 22:44 . 2011-10-04 22:44 ——– d—–w- c:\users\bigadje\AppData\Local\RadioSure
    2011-10-04 17:42 . 2011-10-04 22:58 ——– d—–w- c:\users\bigadje\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-11-02 18:38 . 2008-12-04 18:56 137464 —-a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2011-11-02 18:37 . 2009-03-07 10:31 214520 —-a-w- c:\windows\system32\PnkBstrB.xtr
    2011-11-02 18:37 . 2008-12-04 18:55 214520 —-a-w- c:\windows\system32\PnkBstrB.exe
    2011-11-02 18:37 . 2008-12-04 18:55 214520 —-a-w- c:\windows\system32\PnkBstrB.ex0
    2011-10-31 23:40 . 2010-11-01 10:52 101720 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-10-23 21:25 . 2011-06-19 09:44 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-13 17:27 . 2008-02-09 11:22 75136 —-a-w- c:\windows\system32\PnkBstrA.exe
    2011-08-19 14:33 . 2011-09-28 23:14 25944 —-a-w- c:\windows\system32\SmartDefragBootTime.exe
    2011-09-29 07:28 . 2011-06-08 19:24 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFree.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    2011-01-17 15:54 175912 —-a-w- c:\program files\Freecorder\prxtbFree.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFree.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFree.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-07 202256]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart\0lsdelete
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy Business Tools 5 Update Setup]
    2010-05-26 12:24 3648607 -c–a-w- c:\users\bigadje\AppData\Local\{A354E2E1-A068-49E6-BCB4-C3433B40F33E}\setup_ebt5.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
    2007-04-18 15:01 65536 —-a-w- c:\hp\support\hpsysdrv.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPN]
    2007-10-23 10:36 198184 —-a-w- c:\program files\KPN\bin\sprtcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)]
    2011-08-31 16:00 1047208 —-a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
    2011-06-24 16:22 534880 —-a-w- c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    2010-03-07 14:51 202256 —-a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "AntiVirusOverride"=dword:00000001
    "AntiSpywareOverride"=dword:00000001
    .
    R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
    R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate1c9871e2dc4eb71;Google Update Service (gupdate1c9871e2dc4eb71);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 133104]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-10-31 2152152]
    R3 FlashUSB;Flash Loader utility driver;c:\windows\system32\Drivers\FlashUSB.sys [2008-01-25 15453]
    R3 FNETTHJM;Freecom Turbo USB 2.0;c:\windows\system32\drivers\fnetthjm.sys [2010-01-16 23936]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 133104]
    R3 hitmanpro3;Hitman Pro 3 Support Driver; [x]
    R3 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
    R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-06-09 24576]
    R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
    R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
    R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
    S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-08-18 64512]
    S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
    S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
    S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168]
    S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-04-21 352656]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-08-17 7390560]
    S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
    S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-03-31 80896]
    S2 sprtsvc_KPN;SupportSoft Sprocket Service (KPN);c:\program files\KPN\bin\sprtsvc.exe [2007-10-23 202016]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
    S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-14 2250616]
    S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 134480]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 28624]
    S3 camdrv41;Philips SPC 900NC PC Camera;c:\windows\system32\DRIVERS\camdrv41.sys [2007-04-23 1347584]
    S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-11-02 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-08-18 23:40]
    .
    2011-10-13 c:\windows\Tasks\GlaryInitialize.job
    - c:\program files\Glary Utilities\initialize.exe [2009-11-05 07:07]
    .
    2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc8f396256b32e.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 23:13]
    .
    2010-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 23:13]
    .
    2011-05-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1250621424-1792265585-3911309756-1000Core1cc1d485e0b5565.job
    - c:\users\bigadje\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-02 08:57]
    .
    2011-06-27 c:\windows\Tasks\Launch HTC Sync Loader.job
    - c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-04-26 15:22]
    .
    2011-11-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1250621424-1792265585-3911309756-1000.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
    .
    2010-12-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1250621424-1792265585-3911309756-1001.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
    .
    2010-12-09 c:\windows\Tasks\RegistryBooster.job
    - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-07 00:53]
    .
    2010-12-09 c:\windows\Tasks\User_Feed_Synchronization-{64DE32D8-0311-4F7B-8E79-C8891A596F5E}.job
    - c:\windows\system32\msfeedssync.exe [2011-06-15 04:32]
    .
    2011-10-03 c:\windows\Tasks\User_Feed_Synchronization-{F2FB0988-5A20-4CEB-A3A7-DC1F602DDBFF}.job
    - c:\windows\system32\msfeedssync.exe [2011-06-15 04:32]
    .
    2011-07-27 c:\windows\Tasks\{995BB312-90A8-47F3-8112-804528967B5E}.job
    - c:\program files\Skype\Phone\Skype.exe [2011-06-15 13:02]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1060933
    mStart Page = hxxp://www.bigseekpro.com/accmeware/{C008CB9D-135B-4A6F-B384-1185B6CF3F66}
    uInternet Settings,ProxyOverride = *.local
    IE: &Clean Traces
    IE: &Download with &DAP
    IE: &Download with AktivDownloadManager!
    IE: Download &all with DAP
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\users\bigadje\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{DDCD2313-0166-4931-AD83-0B80E2A01BD5}: NameServer = 8.8.8.8,8.8.4.4
    DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab
    FF - ProfilePath - c:\users\bigadje\AppData\Roaming\Mozilla\Firefox\Profiles\92e0uyta.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home?AF=14542
    FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
    FF - user.js: yahoo.homepage.dontask - true
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    URLSearchHooks-{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
    BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
    BHO-{ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
    Toolbar-{3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
    WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file)
    SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
    MSConfigStartUp-Easy Business Tools 5 Update Setup for All Users - c:\programdata\{A354E2E1-A068-49E6-BCB4-C3433B40F33E}\setup_ebt5.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-11-03 00:35
    Windows 6.0.6001 Service Pack 1 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    Voltooingstijd: 2011-11-03 00:39:33
    ComboFix-quarantined-files.txt 2011-11-02 23:39
    .
    Pre-Run: 252.325.736.448 bytes beschikbaar
    Post-Run: 254.842.548.224 bytes beschikbaar
    .
    - - End Of File - - 4F085690E7B12829F28427784A41E8F5
  • Hoi Arnold, ik wil ComboFix een hoop laten verwijderen.

    O.a. ook Iobit Advanced SystemCare 4.

    Waarom: Iobit is een Chinese softwareverspreider.
    En de softwareprodukten bestaan uit gestolen en geleende onderdelen van andere softwaremakers.

    Dat tool in jouw Windows bestaat o.a. uit onderdelen van MBAM en twee westerse antivirussoftwaremakers!

    Zie ook: http://www.nationaalcomputerforum.nl/showthread.php?t=67376

    - verwijdering ervan zal ook AVG beter laten presteren.
    En verwijder ook Lavasoft AdAware, het zelfde verhaal - de antivirussektie in dat tool colllideert met AVG.

    Ik denk dat je het meteen zal merken dat beide tools verwijderd zijn!
  • Het werkte niet! Maar ik heb het probleem zelf opgelost, was eenvoudiger dan ik had gedacht.

    In Google Chrome ga je naar "opties" > zoeken > zoekmachines beheren.
    Daar stond bij de "standaard zoekmachines" de Big zeek URL.
    Deze verwijderd, en weg is het probleem.

    Dank vor je hulp.

    Groet
    Arnold
  • Begrijp ik goed dat jij het niet meer nodig acht verder te gaan?
  • Aha, ik zie dus nog wat over het hoofd. Ik hoor graag van je wat er nog meer moet gebeuren.

    Groet
    Arnold
  • Zie dan ook mijn bericht van Geplaatst: do nov 03, 2011 9:43 am en laat weten wat jij wil!
  • Adaware en Advanced SystemCare 4. heb ik verwijderd.
  • Mooi zo.

    Er zit nog veel trackingware en ook nog spyware software in jouw Windows!

    Open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:f46bb66802]Kladblok[/b:f46bb66802]".


    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:f46bb66802]
  • ComboFix 11-11-02.03 - bigadje 03-11-2011 23:54:47.2.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.3071.1942 [GMT 1:00]
    Gestart vanuit: c:\users\bigadje\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\bigadje\Desktop\CFScript.txt
    AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\Common Files\Spigot
    c:\program files\Common Files\Spigot\Search Settings\config.ini
    c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
    c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml
    c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml
    c:\program files\Common Files\Spigot\wtxpcom\chrome.manifest
    c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
    c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
    c:\program files\Common Files\Spigot\wtxpcom\install.rdf
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-10-03 to 2011-11-03 ))))))))))))))))))))))))))))))
    .
    .
    2175-05-27 23:15 . 2008-03-05 14:56 3786760 —-a-w- c:\windows\system32\d3dx9_37.dll
    2011-11-03 23:02 . 2011-11-03 23:07 ——– d—–w- c:\users\bigadje\AppData\Local\temp
    2011-11-03 23:02 . 2011-11-03 23:02 ——– d—–w- c:\windows\system32\config\systemprofile\AppData\Local\temp
    2011-11-03 23:02 . 2011-11-03 23:02 ——– d—–w- c:\users\UpdatusUser\AppData\Local\temp
    2011-11-02 09:41 . 2011-11-02 09:44 ——– d—–w- c:\program files\Toolbar Cleaner
    2011-11-01 17:37 . 2011-11-01 17:37 388096 —-a-r- c:\users\bigadje\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-11-01 17:37 . 2011-11-01 17:37 ——– d—–w- c:\program files\Trend Micro
    2011-10-31 23:12 . 2011-10-31 23:14 ——– d—–w- c:\users\bigadje\AppData\Roaming\GetRightToGo
    2011-10-31 18:07 . 2011-10-31 18:07 ——– d—–w- c:\users\bigadje\AppData\Roaming\MP4 to MP3 Converter
    2011-10-31 18:06 . 2011-10-31 18:06 ——– d—–w- c:\program files\MP4 to MP3 Converter
    2011-10-31 18:03 . 2011-10-31 18:03 ——– d—–w- c:\users\bigadje\AppData\Roaming\DVDVideoSoft
    2011-10-29 10:48 . 2011-10-29 10:48 ——– d—–w- c:\users\bigadje\AppData\Roaming\Netscape
    2011-10-29 10:48 . 2011-10-29 10:48 ——– d—–w- c:\users\bigadje\AppData\Local\Netscape
    2011-10-26 17:47 . 2011-10-26 17:47 ——– d—–w- c:\program files\Lame For Audacity
    2011-10-15 14:27 . 2011-11-01 15:59 ——– d—–w- C:\Spectrum
    2011-10-13 20:29 . 2011-10-13 20:29 42392 —-a-w- c:\windows\system32\xfcodec.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-11-03 18:09 . 2008-12-04 18:56 138160 —-a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2011-11-03 18:08 . 2008-12-04 18:55 271200 —-a-w- c:\windows\system32\PnkBstrB.exe
    2011-11-03 18:06 . 2008-12-04 18:55 202040 —-a-w- c:\windows\system32\PnkBstrB.ex0
    2011-11-03 00:07 . 2009-03-07 10:31 271200 —-a-w- c:\windows\system32\PnkBstrB.xtr
    2011-10-31 23:40 . 2010-11-01 10:52 101720 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-10-23 21:25 . 2011-06-19 09:44 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-10-13 17:27 . 2008-02-09 11:22 75136 —-a-w- c:\windows\system32\PnkBstrA.exe
    2011-08-19 14:33 . 2011-09-28 23:14 25944 —-a-w- c:\windows\system32\SmartDefragBootTime.exe
    2011-09-29 07:28 . 2011-06-08 19:24 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware (reboot)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
    2007-04-18 15:01 65536 —-a-w- c:\hp\support\hpsysdrv.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPN]
    2007-10-23 10:36 198184 —-a-w- c:\program files\KPN\bin\sprtcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    2010-03-07 14:51 202256 —-a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
    "AntiVirusOverride"=dword:00000001
    "AntiSpywareOverride"=dword:00000001
    .
    R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
    R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
    R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate1c9871e2dc4eb71;Google Update Service (gupdate1c9871e2dc4eb71);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 133104]
    R3 FlashUSB;Flash Loader utility driver;c:\windows\system32\Drivers\FlashUSB.sys [2008-01-25 15453]
    R3 FNETTHJM;Freecom Turbo USB 2.0;c:\windows\system32\drivers\fnetthjm.sys [2010-01-16 23936]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 133104]
    R3 hitmanpro3;Hitman Pro 3 Support Driver; [x]
    R3 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
    R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-06-09 24576]
    R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
    R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
    R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
    R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
    S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
    S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
    S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
    S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-08-17 7390560]
    S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
    S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-03-31 80896]
    S2 sprtsvc_KPN;SupportSoft Sprocket Service (KPN);c:\program files\KPN\bin\sprtsvc.exe [2007-10-23 202016]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
    S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-14 2250616]
    S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 134480]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
    S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 28624]
    S3 camdrv41;Philips SPC 900NC PC Camera;c:\windows\system32\DRIVERS\camdrv41.sys [2007-04-23 1347584]
    S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-10-13 c:\windows\Tasks\GlaryInitialize.job
    - c:\program files\Glary Utilities\initialize.exe [2009-11-05 07:07]
    .
    2011-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc8f396256b32e.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 23:13]
    .
    2010-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 23:13]
    .
    2011-05-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1250621424-1792265585-3911309756-1000Core1cc1d485e0b5565.job
    - c:\users\bigadje\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-02 08:57]
    .
    2011-06-27 c:\windows\Tasks\Launch HTC Sync Loader.job
    - c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-04-26 15:22]
    .
    2011-11-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1250621424-1792265585-3911309756-1000.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
    .
    2010-12-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1250621424-1792265585-3911309756-1001.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
    .
    2010-12-09 c:\windows\Tasks\RegistryBooster.job
    - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2010-12-07 00:53]
    .
    2010-12-09 c:\windows\Tasks\User_Feed_Synchronization-{64DE32D8-0311-4F7B-8E79-C8891A596F5E}.job
    - c:\windows\system32\msfeedssync.exe [2011-06-15 04:32]
    .
    2011-10-03 c:\windows\Tasks\User_Feed_Synchronization-{F2FB0988-5A20-4CEB-A3A7-DC1F602DDBFF}.job
    - c:\windows\system32\msfeedssync.exe [2011-06-15 04:32]
    .
    2011-07-27 c:\windows\Tasks\{995BB312-90A8-47F3-8112-804528967B5E}.job
    - c:\program files\Skype\Phone\Skype.exe [2011-06-15 13:02]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1060933
    mStart Page = hxxp://www.bigseekpro.com/accmeware/{C008CB9D-135B-4A6F-B384-1185B6CF3F66}
    uInternet Settings,ProxyOverride = *.local
    IE: &Clean Traces
    IE: &Download with &DAP
    IE: &Download with AktivDownloadManager!
    IE: Download &all with DAP
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\users\bigadje\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
    IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{DDCD2313-0166-4931-AD83-0B80E2A01BD5}: NameServer = 8.8.8.8,8.8.4.4
    DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab
    FF - ProfilePath - c:\users\bigadje\AppData\Roaming\Mozilla\Firefox\Profiles\92e0uyta.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=14542
    FF - prefs.js: browser.search.selectedEngine - Yahoo
    FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/home?AF=14542
    FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
    FF - user.js: yahoo.homepage.dontask - true
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    URLSearchHooks-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    Toolbar-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
    MSConfigStartUp-Easy Business Tools 5 Update Setup - c:\users\bigadje\AppData\Local\{A354E2E1-A068-49E6-BCB4-C3433B40F33E}\setup_ebt5.exe
    MSConfigStartUp-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-11-04 00:09
    Windows 6.0.6001 Service Pack 1 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET CLR Data]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET CLR Networking]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET CLR Networking 4.0.0.0]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET Data Provider for Oracle]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NET Data Provider for SqlServer]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\.NETFramework]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\61883]
    "ImagePath"="system32\DRIVERS\61883.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ACPI]
    "ImagePath"="system32\drivers\acpi.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adp94xx]
    "ImagePath"="\SystemRoot\system32\drivers\adp94xx.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpahci]
    "ImagePath"="\SystemRoot\system32\drivers\adpahci.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpu160m]
    "ImagePath"="\SystemRoot\system32\drivers\adpu160m.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adpu320]
    "ImagePath"="\SystemRoot\system32\drivers\adpu320.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\adsi]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\aec]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AeLookupSvc]
    "ServiceDll"="%SystemRoot%\System32\aelupsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AFD]
    "ImagePath"="\SystemRoot\system32\drivers\afd.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\agp440]
    "ImagePath"="\SystemRoot\system32\drivers\agp440.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\aic78xx]
    "ImagePath"="\SystemRoot\system32\drivers\djsvs.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ALG]
    "ImagePath"="%SystemRoot%\System32\alg.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\aliide]
    "ImagePath"="\SystemRoot\system32\drivers\aliide.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\amdagp]
    "ImagePath"="\SystemRoot\system32\drivers\amdagp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\amdide]
    "ImagePath"="\SystemRoot\system32\drivers\amdide.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AmdK7]
    "ImagePath"="\SystemRoot\system32\drivers\amdk7.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AmdK8]
    "ImagePath"="\SystemRoot\system32\drivers\amdk8.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Appinfo]
    "ServiceDll"="%SystemRoot%\System32\appinfo.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AppMgmt]
    "ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\arc]
    "ImagePath"="\SystemRoot\system32\drivers\arc.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\arcsas]
    "ImagePath"="\SystemRoot\system32\drivers\arcsas.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ASP.NET_1.1.4322]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ASPI32]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AsyncMac]
    "ImagePath"="system32\DRIVERS\asyncmac.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\atapi]
    "ImagePath"="\SystemRoot\system32\drivers\atapi.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ati External Event Utility]
    "ImagePath"="%SystemRoot%\system32\Ati2evxx.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Atierecord]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\atikmdag]
    "ImagePath"="system32\DRIVERS\atikmdag.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AudioEndpointBuilder]
    "ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Audiosrv]
    "ServiceDll"="%SystemRoot%\System32\Audiosrv.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avc]
    "ImagePath"="system32\DRIVERS\avc.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avg]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSAgent]
    "ImagePath"="\"c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe\""
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSDriver]
    "ImagePath"="system32\DRIVERS\AVGIDSDriver.Sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSEH]
    "ImagePath"="system32\DRIVERS\AVGIDSEH.Sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSFilter]
    "ImagePath"="system32\DRIVERS\AVGIDSFilter.Sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\AVGIDSShim]
    "ImagePath"="system32\DRIVERS\AVGIDSShim.Sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avgldx86]
    "ImagePath"="system32\DRIVERS\avgldx86.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avgmfx86]
    "ImagePath"="system32\DRIVERS\avgmfx86.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avgrkx86]
    "ImagePath"="system32\DRIVERS\avgrkx86.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Avgtdix]
    "ImagePath"="system32\DRIVERS\avgtdix.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\avgwd]
    "ImagePath"="\"c:\program files\AVG\AVG10\avgwdsvc.exe\""
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BattC]
    "MofImagePath"="system32\drivers\battc.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Beep]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BFE]
    "ServiceDll"="%SystemRoot%\System32\bfe.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BITS]
    "ServiceDll"="%systemroot%\system32\qmgr.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\blbdrive]
    "ImagePath"="\SystemRoot\system32\drivers\blbdrive.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bowser]
    "ImagePath"="system32\DRIVERS\bowser.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrFiltLo]
    "ImagePath"="\SystemRoot\system32\drivers\brfiltlo.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrFiltUp]
    "ImagePath"="\SystemRoot\system32\drivers\brfiltup.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Browser]
    "ServiceDll"="%SystemRoot%\System32\browser.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Brserid]
    "ImagePath"="\SystemRoot\system32\drivers\brserid.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrSerWdm]
    "ImagePath"="\SystemRoot\system32\drivers\brserwdm.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrUsbMdm]
    "ImagePath"="\SystemRoot\system32\drivers\brusbmdm.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BrUsbSer]
    "ImagePath"="\SystemRoot\system32\drivers\brusbser.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\BTHMODEM]
    "ImagePath"="\SystemRoot\system32\drivers\bthmodem.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\camdrv41]
    "ImagePath"="system32\DRIVERS\camdrv41.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\catchme]
    "ImagePath"="\??\c:\combofix\catchme.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\cdfs]
    "ImagePath"="system32\DRIVERS\cdfs.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\cdrom]
    "ImagePath"="system32\DRIVERS\cdrom.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CertPropSvc]
    "ServiceDll"="%SystemRoot%\System32\certprop.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\circlass]
    "ImagePath"="system32\DRIVERS\circlass.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CLFS]
    "ImagePath"="System32\CLFS.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\clr_optimization_v2.0.50727_32]
    "ImagePath"="%systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\clr_optimization_v4.0.30319_32]
    "ImagePath"="c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\cmdide]
    "ImagePath"="\SystemRoot\system32\drivers\cmdide.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Compbatt]
    "ImagePath"="\SystemRoot\system32\drivers\compbatt.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\COMSysApp]
    "ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\crcdisk]
    "ImagePath"="system32\drivers\crcdisk.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Crusoe]
    "ImagePath"="\SystemRoot\system32\drivers\crusoe.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\crypt32]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CryptSvc]
    "ServiceDll"="%SystemRoot%\system32\cryptsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\CscService]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DCLocator]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DcomLaunch]
    "ServiceDll"="%SystemRoot%\system32\rpcss.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DfsC]
    "ImagePath"="System32\Drivers\dfsc.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DFSR]
    "ImagePath"="%SystemRoot%\system32\DFSR.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dhcp]
    "ServiceDll"="%SystemRoot%\system32\dhcpcsvc.dll"

    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\disk]
    "ImagePath"="system32\drivers\disk.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Dnscache]
    "ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\dot3svc]
    "ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DPS]
    "ServiceDll"="%SystemRoot%\system32\dps.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\drmkaud]
    "ImagePath"="system32\drivers\drmkaud.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DXGKrnl]
    "ImagePath"="\SystemRoot\System32\drivers\dxgkrnl.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\E1G60]
    "ImagePath"="system32\DRIVERS\E1G60I32.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EapHost]
    "ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ecache]
    "ImagePath"="System32\drivers\ecache.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ehRecvr]
    "ImagePath"="%systemroot%\ehome\ehRecvr.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ehSched]
    "ImagePath"="%systemroot%\ehome\ehsched.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ehstart]
    "ServiceDll"="%SystemRoot%\ehome\ehstart.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\elxstor]
    "ImagePath"="\SystemRoot\system32\drivers\elxstor.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EmdCache]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EMDMgmt]
    "ServiceDll"="%systemroot%\system32\emdmgmt.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ESENT]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Eventlog]
    "ServiceDll"="%SystemRoot%\System32\wevtsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EventSystem]
    "ServiceDll"="%systemroot%\system32\es.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\exfat]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fastfat]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fdc]
    "ImagePath"="system32\DRIVERS\fdc.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\fdPHost]
    "ServiceDll"="%SystemRoot%\system32\fdPHost.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FDResPub]
    "ServiceDll"="%SystemRoot%\system32\fdrespub.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FileInfo]
    "ImagePath"="system32\drivers\fileinfo.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Filetrace]
    "ImagePath"="system32\drivers\filetrace.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FlashUSB]
    "ImagePath"="System32\Drivers\FlashUSB.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FLASH_USBDRV]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FLEXnet Licensing Service]
    "ImagePath"="\"c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe\""
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\flpydisk]
    "ImagePath"="system32\DRIVERS\flpydisk.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FltMgr]
    "ImagePath"="system32\drivers\fltmgr.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FNETTHJM]
    "ImagePath"="system32\drivers\fnetthjm.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\FontCache3.0.0.0]
    "ImagePath"="%systemroot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Fs_Rec]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gagp30kx]
    "ImagePath"="\SystemRoot\system32\drivers\gagp30kx.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gpsvc]
    "ServiceDll"="%SystemRoot%\System32\gpsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gupdate1c9871e2dc4eb71]
    "ImagePath"="c:\program files\Google\Update\GoogleUpdate.exe /svc"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\gupdatem]
    "ImagePath"="c:\program files\Google\Update\GoogleUpdate.exe /medsvc"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HdAudAddService]
    "ImagePath"="system32\drivers\HdAudio.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HDAudBus]
    "ImagePath"="system32\DRIVERS\HDAudBus.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HidBth]
    "ImagePath"="\SystemRoot\system32\drivers\hidbth.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HidIr]
    "ImagePath"="system32\DRIVERS\hidir.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hidserv]
    "ServiceDll"="%SystemRoot%\System32\hidserv.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HidUsb]
    "ImagePath"="system32\DRIVERS\hidusb.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hitmanpro3]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hkmsvc]
    "ServiceDLL"="%SystemRoot%\system32\kmsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HP Health Check Service]
    "ImagePath"="\"c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe\""
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HPBtnSrv]
    "ImagePath"="c:\hp\HPEZBTN\HPBtnSrv.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HpCISSs]
    "ImagePath"="\SystemRoot\system32\drivers\hpcisss.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hpqcxs08]
    "ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqcxs08.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\hpqddsvc]
    "ServiceDll"="c:\program files\HP\Digital Imaging\bin\hpqddsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HTCAND32]
    "ImagePath"="System32\Drivers\ANDROIDUSB.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\htcnprot]
    "ImagePath"="system32\DRIVERS\htcnprot.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HTTP]
    "ImagePath"="system32\drivers\HTTP.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\i2omp]
    "ImagePath"="\SystemRoot\system32\drivers\i2omp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\i8042prt]
    "ImagePath"="system32\DRIVERS\i8042prt.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IAANTMON]
    "ImagePath"="c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iaStor]
    "ImagePath"="system32\drivers\iastor.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iaStorV]
    "ImagePath"="\SystemRoot\system32\drivers\iastorv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\idsvc]
    "ImagePath"="\"%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iirsp]
    "ImagePath"="\SystemRoot\system32\drivers\iirsp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IKEEXT]
    "ServiceDll"="%SystemRoot%\System32\ikeext.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\inetaccs]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IntcAzAudAddService]
    "ImagePath"="system32\drivers\RTKVHDA.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\intelide]
    "ImagePath"="\SystemRoot\system32\drivers\intelide.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\intelppm]
    "ImagePath"="system32\DRIVERS\intelppm.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IPBusEnum]
    "ServiceDll"="%SystemRoot%\system32\ipbusenum.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IpFilterDriver]
    "ImagePath"="system32\DRIVERS\ipfltdrv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iphlpsvc]
    "ServiceDll"="%SystemRoot%\System32\iphlpsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IpInIp]
    "ImagePath"="system32\DRIVERS\ipinip.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IPMIDRV]
    "ImagePath"="\SystemRoot\system32\drivers\ipmidrv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IPNAT]
    "ImagePath"="system32\DRIVERS\ipnat.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\IRENUM]
    "ImagePath"="system32\drivers\irenum.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\isapnp]
    "ImagePath"="\SystemRoot\system32\drivers\isapnp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iScsiPrt]
    "ImagePath"="system32\DRIVERS\msiscsi.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iteatapi]
    "ImagePath"="\SystemRoot\system32\drivers\iteatapi.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\iteraid]
    "ImagePath"="\SystemRoot\system32\drivers\iteraid.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\kbdclass]
    "ImagePath"="system32\DRIVERS\kbdclass.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\kbdhid]
    "ImagePath"="system32\DRIVERS\kbdhid.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KeyIso]
    "ImagePath"="%SystemRoot%\system32\lsass.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KSecDD]
    "ImagePath"="System32\Drivers\ksecdd.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\KtmRm]
    "ServiceDll"="%systemroot%\system32\msdtckrm.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LanmanServer]
    "ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LanmanWorkstation]
    "ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Lbd]
    "ImagePath"="system32\DRIVERS\Lbd.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LBTServ]
    "ImagePath"="c:\program files\Common Files\LogiShrd\Bluetooth\lbtserv.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ldap]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LGBusEnum]
    "ImagePath"="system32\drivers\LGBusEnum.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LGVirHid]
    "ImagePath"="system32\drivers\LGVirHid.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LHidFilt]
    "ImagePath"="system32\DRIVERS\LHidFilt.Sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LHidKe]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LightScribeService]
    "ImagePath"="\"c:\program files\Common Files\LightScribe\LSSrvc.exe\""
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lltdio]
    "ImagePath"="system32\DRIVERS\lltdio.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lltdsvc]
    "ServiceDll"="%SystemRoot%\System32\lltdsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\lmhosts]
    "ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LMouFilt]
    "ImagePath"="system32\DRIVERS\LMouFilt.Sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Lsa]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LSI_FC]
    "ImagePath"="\SystemRoot\system32\drivers\lsi_fc.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LSI_SAS]
    "ImagePath"="\SystemRoot\system32\drivers\lsi_sas.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LSI_SCSI]
    "ImagePath"="\SystemRoot\system32\drivers\lsi_scsi.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\luafv]
    "ImagePath"="\SystemRoot\system32\drivers\luafv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\LUsbFilt]
    "ImagePath"="System32\Drivers\LUsbFilt.Sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MBAMSwissArmy]
    "ImagePath"="\??\c:\windows\system32\drivers\mbamswissarmy.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Mcx2Svc]
    "ServiceDll"="%SystemRoot%\system32\Mcx2Svc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\megasas]
    "ImagePath"="\SystemRoot\system32\drivers\megasas.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MMCSS]
    "ServiceDll"="%SystemRoot%\system32\mmcss.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Modem]
    "ImagePath"="system32\drivers\modem.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\monitor]
    "ImagePath"="system32\DRIVERS\monitor.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mouclass]
    "ImagePath"="system32\DRIVERS\mouclass.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mouhid]
    "ImagePath"="system32\DRIVERS\mouhid.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MountMgr]
    "ImagePath"="System32\drivers\mountmgr.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mpio]
    "ImagePath"="\SystemRoot\system32\drivers\mpio.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mpsdrv]
    "ImagePath"="System32\drivers\mpsdrv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MpsSvc]
    "ServiceDll"="%SystemRoot%\system32\mpssvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Mraid35x]
    "ImagePath"="\SystemRoot\system32\drivers\mraid35x.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MRxDAV]
    "ImagePath"="\SystemRoot\system32\drivers\mrxdav.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mrxsmb]
    "ImagePath"="system32\DRIVERS\mrxsmb.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mrxsmb10]
    "ImagePath"="system32\DRIVERS\mrxsmb10.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mrxsmb20]
    "ImagePath"="system32\DRIVERS\mrxsmb20.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msahci]
    "ImagePath"="\SystemRoot\system32\drivers\msahci.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msdsm]
    "ImagePath"="\SystemRoot\system32\drivers\msdsm.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDTC]
    "ImagePath"="%SystemRoot%\System32\msdtc.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDTC Bridge 3.0.0.0]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDTC Bridge 4.0.0.0]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSDV]
    "ImagePath"="system32\DRIVERS\msdv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Msfs]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msisadrv]
    "ImagePath"="system32\drivers\msisadrv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSiSCSI]
    "ServiceDll"="%systemroot%\system32\iscsiexe.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\msiserver]
    "ImagePath"="%systemroot%\system32\msiexec.exe /V"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSKSSRV]
    "ImagePath"="system32\drivers\MSKSSRV.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSPCLOCK]
    "ImagePath"="system32\drivers\MSPCLOCK.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSPQM]
    "ImagePath"="system32\drivers\MSPQM.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MsRPC]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSSCNTRS]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\mssmbios]
    "ImagePath"="system32\DRIVERS\mssmbios.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MSTEE]
    "ImagePath"="system32\drivers\MSTEE.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Mup]
    "ImagePath"="System32\Drivers\mup.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\napagent]
    "ServiceDLL"="%SystemRoot%\system32\qagentRT.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NativeWifiP]
    "ImagePath"="system32\DRIVERS\nwifi.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NDIS]
    "ImagePath"="system32\drivers\ndis.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NdisTapi]
    "ImagePath"="system32\DRIVERS\ndistapi.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ndisuio]
    "ImagePath"="system32\DRIVERS\ndisuio.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NdisWan]
    "ImagePath"="system32\DRIVERS\ndiswan.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NDProxy]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NetBIOS]
    "ImagePath"="system32\DRIVERS\netbios.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\netbt]
    "ImagePath"="System32\DRIVERS\netbt.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Netlogon]
    "ImagePath"="%SystemRoot%\system32\lsass.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Netman]
    "ServiceDll"="%SystemRoot%\System32\netman.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\netprofm]
    "ServiceDll"="%SystemRoot%\System32\netprofm.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\netr73]
    "ImagePath"="system32\DRIVERS\netr73.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NetTcpPortSharing]
    "ImagePath"="\"%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nfrd960]
    "ImagePath"="\SystemRoot\system32\drivers\nfrd960.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NlaSvc]
    "ServiceDll"="%SystemRoot%\System32\nlasvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NMIndexingService]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NMSAccess]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NMSAccessU]
    "ImagePath"="c:\program files\CDBurnerXP\NMSAccessU.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Nokia Music]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Npfs]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nsi]
    "ServiceDll"="%systemroot%\system32\nsisvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nsiproxy]
    "ImagePath"="system32\drivers\nsiproxy.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NTDS]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Ntfs]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ntrigdigi]
    "ImagePath"="\SystemRoot\system32\drivers\ntrigdigi.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Null]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvlddmkm]
    "ImagePath"="system32\DRIVERS\nvlddmkm.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvraid]
    "ImagePath"="\SystemRoot\system32\drivers\nvraid.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvstor]
    "ImagePath"="\SystemRoot\system32\drivers\nvstor.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvsvc]
    "ImagePath"="c:\windows\system32\nvvsvc.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nvUpdatusService]
    "ImagePath"="c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nv_agp]
    "ImagePath"="\SystemRoot\system32\drivers\nv_agp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NwlnkFlt]
    "ImagePath"="system32\DRIVERS\nwlnkflt.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NwlnkFwd]
    "ImagePath"="system32\DRIVERS\nwlnkfwd.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\odserv]
    "ImagePath"="\"c:\program files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE\""
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ohci1394]
    "ImagePath"="system32\DRIVERS\ohci1394.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ose]
    "ImagePath"="\"c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Outlook]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\p2pimsvc]
    "ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\p2psvc]
    "ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Parport]
    "ImagePath"="\SystemRoot\system32\drivers\parport.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\partmgr]
    "ImagePath"="System32\drivers\partmgr.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Parvdm]
    "ImagePath"="\SystemRoot\system32\drivers\parvdm.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PassThru Service]
    "ImagePath"="c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PcaSvc]
    "ServiceDll"="%SystemRoot%\System32\pcasvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PcdrNdisuio]
    "ImagePath"="system32\DRIVERS\pcdrndisuio.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pci]
    "ImagePath"="system32\drivers\pci.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pciide]
    "ImagePath"="\SystemRoot\system32\drivers\pciide.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pcmcia]
    "ImagePath"="\SystemRoot\system32\drivers\pcmcia.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PEAUTH]
    "ImagePath"="system32\drivers\peauth.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfDisk]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfNet]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfOS]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PerfProc]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\pla]
    "ServiceDll"="%systemroot%\system32\pla.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PlugPlay]
    "ServiceDll"="%SystemRoot%\system32\umpnpmgr.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PnkBstrA]
    "ImagePath"="c:\windows\system32\PnkBstrA.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PNRPAutoReg]
    "ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PNRPsvc]
    "ServiceDll"="%SystemRoot%\system32\p2psvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PolicyAgent]
    "ServiceDll"="%SystemRoot%\System32\ipsecsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PortProxy]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PptpMiniport]
    "ImagePath"="system32\DRIVERS\raspptp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Processor]
    "ImagePath"="\SystemRoot\system32\drivers\processr.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ProfSvc]
    "ServiceDll"="%systemroot%\system32\profsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ProtectedStorage]
    "ImagePath"="%SystemRoot%\system32\lsass.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PSched]
    "ImagePath"="system32\DRIVERS\pacer.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PxHelp20]
    "ImagePath"="System32\Drivers\PxHelp20.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ql2300]
    "ImagePath"="\SystemRoot\system32\drivers\ql2300.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ql40xx]
    "ImagePath"="\SystemRoot\system32\drivers\ql40xx.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\QWAVE]
    "ServiceDll"="%windir%\system32\qwave.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\QWAVEdrv]
    "ImagePath"="\SystemRoot\system32\drivers\qwavedrv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasAcd]
    "ImagePath"="System32\DRIVERS\rasacd.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasAuto]
    "ServiceDll"="%SystemRoot%\System32\rasauto.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Rasl2tp]
    "ImagePath"="system32\DRIVERS\rasl2tp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasMan]
    "ServiceDll"="%SystemRoot%\System32\rasmans.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasPppoe]
    "ImagePath"="system32\DRIVERS\raspppoe.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RasSstp]
    "ImagePath"="system32\DRIVERS\rassstp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rdbss]
    "ImagePath"="system32\DRIVERS\rdbss.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPCDD]
    "ImagePath"="System32\DRIVERS\RDPCDD.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPDD]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rdpdr]
    "ImagePath"="\SystemRoot\system32\drivers\rdpdr.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPENCDD]
    "ImagePath"="system32\drivers\rdpencdd.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPNP]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RDPWD]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RemoteAccess]
    "ServiceDLL"="%SystemRoot%\System32\mprdim.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RemoteRegistry]
    "ServiceDll"="%SystemRoot%\system32\regsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RpcLocator]
    "ImagePath"="%SystemRoot%\system32\locator.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RpcSs]
    "ServiceDll"="%SystemRoot%\system32\rpcss.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\rspndr]
    "ImagePath"="system32\DRIVERS\rspndr.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RTL8169]
    "ImagePath"="system32\DRIVERS\Rtlh86.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\RTSTOR]
    "ImagePath"="system32\drivers\RTSTOR.SYS"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SamSs]
    "ImagePath"="%SystemRoot%\system32\lsass.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sbp2port]
    "ImagePath"="\SystemRoot\system32\drivers\sbp2port.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SCardSvr]
    "ServiceDll"="%SystemRoot%\System32\SCardSvr.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Schedule]
    "ServiceDll"="%systemroot%\system32\schedsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SCPolicySvc]
    "ServiceDll"="%SystemRoot%\System32\certprop.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SDRSVC]
    "ServiceDll"="%Systemroot%\System32\SDRSVC.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\secdrv]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\seclogon]
    "ServiceDll"="%windir%\system32\seclogon.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SENS]
    "ServiceDll"="%SystemRoot%\system32\sens.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Serenum]
    "ImagePath"="\SystemRoot\system32\drivers\serenum.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Serial]
    "ImagePath"="\SystemRoot\system32\drivers\serial.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sermouse]
    "ImagePath"="\SystemRoot\system32\drivers\sermouse.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ServiceModelOperation 3.0.0.0]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ServiceModelService 3.0.0.0]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SessionEnv]
    "ServiceDLL"="%SystemRoot%\system32\sessenv.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sffdisk]
    "ImagePath"="\SystemRoot\system32\drivers\sffdisk.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sffp_mmc]
    "ImagePath"="\SystemRoot\system32\drivers\sffp_mmc.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sffp_sd]
    "ImagePath"="\SystemRoot\system32\drivers\sffp_sd.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sfloppy]
    "ImagePath"="\SystemRoot\system32\drivers\sfloppy.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SharedAccess]
    "ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ShellHWDetection]
    "ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sisagp]
    "ImagePath"="\SystemRoot\system32\drivers\sisagp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SiSRaid2]
    "ImagePath"="\SystemRoot\system32\drivers\sisraid2.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SiSRaid4]
    "ImagePath"="\SystemRoot\system32\drivers\sisraid4.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\slsvc]
    "ImagePath"="%SystemRoot%\system32\SLsvc.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SLUINotify]
    "ServiceDll"="%SystemRoot%\system32\SLUINotify.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SmartDefragBootTime]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SmartDefragDriver]
    "ImagePath"="System32\Drivers\SmartDefragDriver.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Smb]
    "ImagePath"="system32\DRIVERS\smb.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SMSvcHost 3.0.0.0]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SMSvcHost 4.0.0.0]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SNMPTRAP]
    "ImagePath"="%SystemRoot%\System32\snmptrap.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\spldr]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\splitter]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Spooler]
    "ImagePath"="%SystemRoot%\System32\spoolsv.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\sprtsvc_KPN]
    "ImagePath"="\"c:\program files\KPN\bin\sprtsvc.exe\" /service /p KPN"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srv]
    "ImagePath"="System32\DRIVERS\srv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srv2]
    "ImagePath"="System32\DRIVERS\srv2.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\srvnet]
    "ImagePath"="System32\DRIVERS\srvnet.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SSDPSRV]
    "ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SstpSvc]
    "ServiceDll"="%SystemRoot%\system32\sstpsvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\StarOpen]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Steam Client Service]
    "ImagePath"="c:\program files\Common Files\Steam\SteamService.exe /RunAsService"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Stereo Service]
    "ImagePath"="c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\stisvc]
    "ServiceDll"="%SystemRoot%\System32\wiaservc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\swenum]
    "ImagePath"="system32\DRIVERS\swenum.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\swmidi]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\swprv]
    "ServiceDll"="%Systemroot%\System32\swprv.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Symc8xx]
    "ImagePath"="\SystemRoot\system32\drivers\symc8xx.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SymIM]
    "ImagePath"="system32\DRIVERS\SymIM.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SymIMMP]
    "ImagePath"="system32\DRIVERS\SymIM.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Sym_hi]
    "ImagePath"="\SystemRoot\system32\drivers\sym_hi.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Sym_u3]
    "ImagePath"="\SystemRoot\system32\drivers\sym_u3.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SysMain]
    "ServiceDll"="%systemroot%\system32\sysmain.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TabletInputService]
    "ServiceDll"="%SystemRoot%\System32\TabSvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TapiSrv]
    "ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TBPanel]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TBS]
    "ServiceDll"="%SystemRoot%\System32\tbssvc.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip]
    "ImagePath"="System32\drivers\tcpip.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Tcpip6]
    "ImagePath"="system32\DRIVERS\tcpip.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tcpipreg]
    "ImagePath"="System32\drivers\tcpipreg.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TDPIPE]
    "ImagePath"="system32\drivers\tdpipe.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TDTCP]
    "ImagePath"="system32\drivers\tdtcp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tdx]
    "ImagePath"="system32\DRIVERS\tdx.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TeamViewer6]
    "ImagePath"="c:\program files\TeamViewer\Version6\TeamViewer_Service.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TermDD]
    "ImagePath"="system32\DRIVERS\termdd.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TermService]
    "ServiceDll"="%SystemRoot%\System32\termsrv.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TfFsMon]
    "ImagePath"="system32\drivers\TfFsMon.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TfNetMon]
    "ImagePath"="\??\c:\windows\system32\drivers\TfNetMon.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TfSysMon]
    "ImagePath"="system32\drivers\TfSysMon.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Themes]
    "ServiceDll"="%SystemRoot%\system32\shsvcs.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\THREADORDER]
    "ServiceDll"="%SystemRoot%\system32\mmcss.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TomTomHOMEService]
    "ImagePath"="c:\program files\TomTom HOME 2\TomTomHOMEService.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TrkWks]
    "ServiceDll"="%SystemRoot%\System32\trkwks.dll"

    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TrustedInstaller]
    "ImagePath"="%SystemRoot%\servicing\TrustedInstaller.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TSDDD]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tssecsrv]
    "ImagePath"="System32\DRIVERS\tssecsrv.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tunmp]
    "ImagePath"="system32\DRIVERS\tunmp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tunnel]
    "ImagePath"="system32\DRIVERS\tunnel.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\uagp35]
    "ImagePath"="\SystemRoot\system32\drivers\uagp35.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\udfs]
    "ImagePath"="system32\DRIVERS\udfs.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UGatherer]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UGTHRSVC]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UI0Detect]
    "ImagePath"="%SystemRoot%\system32\UI0Detect.exe"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\uliagpkx]
    "ImagePath"="\SystemRoot\system32\drivers\uliagpkx.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\uliahci]
    "ImagePath"="\SystemRoot\system32\drivers\uliahci.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UlSata]
    "ImagePath"="\SystemRoot\system32\drivers\ulsata.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ulsata2]
    "ImagePath"="\SystemRoot\system32\drivers\ulsata2.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\umbus]
    "ImagePath"="system32\DRIVERS\umbus.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UmRdpService]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\upnphost]
    "ServiceDll"="%SystemRoot%\System32\upnphost.dll"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usb]
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbaudio]
    "ImagePath"="system32\drivers\usbaudio.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbbus]
    "ImagePath"="system32\DRIVERS\lgusbbus.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbccgp]
    "ImagePath"="system32\DRIVERS\usbccgp.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbcir]
    "ImagePath"="system32\DRIVERS\usbcir.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\UsbDiag]
    "ImagePath"="system32\DRIVERS\lgusbdiag.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbehci]
    "ImagePath"="system32\DRIVERS\usbehci.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbhub]
    "ImagePath"="system32\DRIVERS\usbhub.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\USBModem]
    "ImagePath"="system32\DRIVERS\lgusbmodem.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbohci]
    "ImagePath"="\SystemRoot\system32\drivers\usbohci.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbprint]
    "ImagePath"="system32\DRIVERS\usbprint.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\usbscan]
    "ImagePath"="system32\DRIVERS\usbscan.sys"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\USBSTOR
  • Hoi, niet om het even, maar ComboFix geeft niet aan dat er iets nieuws is geïnstalleerd, maar schijnbaar is er van alles wat betreft netwerksoftware erbij hekomen?
  • Ik heb gedaan zoals je het beschreef, en er is geen software bij gekomen. Wel kon ik na het scannen geen programma's meer starten, kreeg een foutmelding. Denk dat het daar mee te maken heeft. Na het opnieuw opstarten van de pc deed alles het weer. Wat nu?
  • Wat een waslijst!

    Hoe draait jouw Windows nu?
  • Doe het volgende:

    [b:64a051d7d3]Doe de ESET online scan (Klik).[/b:64a051d7d3]
    [list:64a051d7d3]
    [*:64a051d7d3]Klik op de knop [b:64a051d7d3]ESET Online Scanner[/b:64a051d7d3]
    [*:64a051d7d3]Zet een vinkje bij [b:64a051d7d3]YES, I accept the Terms of Use[/b:64a051d7d3]
    [*:64a051d7d3]Klik op [b:64a051d7d3]Start[/b:64a051d7d3]
    [*:64a051d7d3]Sta het ActiveX control toe om te installeren.
    [*:64a051d7d3]Zet een vinkje bij de volgende opties:
    [list:64a051d7d3][*:64a051d7d3][b:64a051d7d3]Remove found threats[/b:64a051d7d3]
    [*:64a051d7d3][b:64a051d7d3]Scan archives[/b:64a051d7d3][/list:u:64a051d7d3]
    [*:64a051d7d3]Klik vervolgens op [b:64a051d7d3]
  • C:\Program Files\Uniblue\RegistryBooster\decryptor_module.dll Win32/RegistryBooster application cleaned by deleting - quarantined
    C:\Program Files\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application cleaned by deleting - quarantined
    C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe Win32/RegistryBooster application cleaned by deleting - quarantined
    C:\Program Files\Uniblue\RegistryBooster\rbnotifier.exe Win32/RegistryBooster application cleaned by deleting - quarantined
    C:\Program Files\Uniblue\RegistryBooster\rb_move_serial.exe Win32/RegistryBooster application cleaned by deleting - quarantined
    C:\Program Files\Uniblue\RegistryBooster\rb_track_install.exe Win32/RegistryBooster application cleaned by deleting - quarantined
    C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined
    C:\ProgramData\{F03307B7-E779-4F5E-A32E-9A73D8D6E0F2}\rbia.exe Win32/RegistryBooster application cleaned by deleting - quarantined
    C:\Qoobox\Quarantine\C\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe.vir a variant of Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined
    C:\Users\bigadje\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00c1c7 Win32/OpenCandy application deleted - quarantined
    C:\Users\bigadje\Documents\Muziek\Incomplete\T-3545425-westerhaar.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan cleaned - quarantined
    C:\Users\bigadje\Downloads\cnet_netscape-navigator-9_0_0_6_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
    C:\Users\bigadje\Downloads\CNET_TechTracker_2_0_4_Setup.exe Win32/OpenCandy application deleted - quarantined
  • Hoi, had jij RegistyBooster soms illegitiem in gebruik?

    Op zich heb ik er overigens geen probleem mee ook dat het tool verwijderd is!

    http://www.youtube.com/watch?v=KCFCUQ_P0rk

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.