QVO6 virus (yup nog eentje)

[Nielsken]

Hey iedereen,

Het begint een beetje een plaag te worden blijkbaar. Mijn vriendin haar Laptop heeft ook het QVO6 virus te pakken na het instaleren van het start menu 8 programma. Ik heb zelf al wat research gedaan naar oplossingen maar ik kom op zeer twijfelachtige sites terecht. Hier heb ik een paar mooie oplossingen gevonden maar die daar stond bij dat ik die niet op mijn pc mocht toepassen omdat ze zeer specifiek waren. Vandaar mijn postje. Ze werkt voornamelijk met Chrome of firefox we mijden IE een beetje.

Ik heb zelf al een scan gedaan met HijackThis.

Bedankt op voorhand.

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 16:44:20, on 18/09/2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16537)

FIREFOX: 21.0 (nl)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe

C:\Users\Gebruiker\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [HP Photosmart Plus B210 series (NET)] "C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN0AR2P00505J9:NW" -scfn "HP Photosmart Plus B210 series (NET)" -AutoStart 1

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_Plugin.exe -update plugin

O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Dropbox.lnk = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: @oem3.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @oem5.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Omiga plus service (omigaplussvc) - Unknown owner - C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11009 bytes

[juisterr]

Logjes van HijackThis zijn een gepasseerd station.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[Nielsken]

Hey

Sorry dat het zolang duurde ik heb het druk gehad. Ik probeer ook al een paar dagen dit logje te posten maar het lukt niet echt.

Deel 1

Logfile of random's system information tool 1.09 (written by random/random)

Run by Gebruiker at 2013-09-26 12:21:44

Microsoft Windows 8

System drive C: has 87 GB (76%) free of 114 GB

Total RAM: 3673 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:22:22, on 26/09/2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16688)

Boot mode: Normal

Running processes:

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe

C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files\trend micro\Gebruiker.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [HP Photosmart Plus B210 series (NET)] "C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN0AR2P00505J9:NW" -scfn "HP Photosmart Plus B210 series (NET)" -AutoStart 1

O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Dropbox.lnk = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: @oem3.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @oem5.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Omiga plus service (omigaplussvc) - Unknown owner - C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10395 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=2f377863-1aa4-4f6a-a83e-57396154ef0f /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\ba0dae73-1d4c-4278-b0f1-5a67689b2764-184-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\ibmpmsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k NetworkService

"dwm.exe"

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"

C:\Windows\system32\BtwRSupportService.exe

dashost.exe {28130bbd-cf15-4b50-a8cc141e9e7f1265}

"C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\msiexec.exe /V

C:\Windows\system32\wbem\wmiprvse.exe

taskhostex.exe

taskeng.exe {68840159-2DC2-40B6-B5F7-6AB4F449469A}

C:\Windows\Explorer.EXE

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580

"C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe"

"C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe" /loaddll

"C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe"

"C:\Windows\System32\igfxtray.exe"

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"

"C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN0AR2P00505J9:NW" -scfn "HP Photosmart Plus B210 series (NET)" -AutoStart 1

"C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe"

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup

"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

"C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe"

"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"

"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr

C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding

"C:\Users\Gebruiker\Downloads\RSITx64.exe"

C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

C:\Windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}

taskhost.exe $(Arg0)

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\5emop8zj.default

prefs.js - "browser.startup.homepage" - "http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=SamsungXSSDX840XSeries_S14CNEAD212247T&ts=1371736838"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.7.700.202 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@zylom.com/ZylomGamesPlayer]

"Description"=Zylom Games Player 1.00

"Path"=C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.7.700.202 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]

AcroIEToolbarHelper Class - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]

"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]

"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-07-20 373760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Photosmart Plus B210 series (NET)"=C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-08-15 4411440]

"Acrobat Assistant 7.0"=C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]

""= []

"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Dropbox.lnk - C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 6670496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicDisplay.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BasicRender.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BrokerInfrastructure]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DeviceInstall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dxgkrnl.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\FsDepends.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LSM]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmartcardSimulator]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VirtualSmartcardReader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wcmsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"EnableUIADesktopToggle"=0

"EnableCursorSuppression"=1

"ConsentPromptBehaviorUser"=3

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"ForceActiveDesktopOn"=0

"NoActiveDesktopChanges"=1

"NoActiveDesktop"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"VIDC.YUY2"=msyuv.dll

"vidc.i420"=iyuv_32.dll

"msacm.msgsm610"=msgsm32.acm

"msacm.msg711"=msg711.acm

"VIDC.YVYU"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"wavemapper"=msacm32.drv

"midimapper"=midimap.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"vidc.msvc"=msvidc32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

- - - Updated - - -

Deel 2

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-24 18:42:17 ----A---- C:\Windows\system32\rpcrt4.dll

2013-09-24 18:42:16 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2013-09-24 18:42:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2013-09-24 18:42:16 ----A---- C:\Windows\system32\DWrite.dll

2013-09-24 18:42:10 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-09-24 18:42:10 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-09-24 18:42:09 ----A---- C:\Windows\SYSWOW64\qedit.dll

2013-09-24 18:42:09 ----A---- C:\Windows\system32\qedit.dll

2013-09-24 18:42:09 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-09-24 18:42:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-09-24 18:42:08 ----A---- C:\Windows\system32\jscript9.dll

2013-09-24 18:42:07 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-09-24 18:42:07 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-09-24 18:42:07 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-09-24 18:42:06 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-09-24 18:42:06 ----A---- C:\Windows\system32\jsproxy.dll

2013-09-24 18:42:06 ----A---- C:\Windows\system32\jscript.dll

2013-09-24 18:42:06 ----A---- C:\Windows\system32\iertutil.dll

2013-09-24 18:42:01 ----A---- C:\Windows\system32\wininet.dll

2013-09-24 18:42:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-09-24 18:41:48 ----A---- C:\Windows\system32\mshtml.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\UXInit.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\uxtheme.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\UXInit.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\urlmon.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\iesysprep.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\iesetup.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\iernonce.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\ie4uinit.exe

2013-09-24 18:41:46 ----A---- C:\Windows\SYSWOW64\uxtheme.dll

2013-09-24 18:41:46 ----A---- C:\Windows\system32\msfeeds.dll

2013-09-24 18:41:46 ----A---- C:\Windows\system32\ieframe.dll

2013-09-24 18:41:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-09-24 18:41:41 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2013-09-24 18:41:41 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-09-24 18:41:41 ----A---- C:\Windows\SYSWOW64\apprepsync.dll

2013-09-24 18:41:41 ----A---- C:\Windows\SYSWOW64\apprepapi.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\wintrust.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\cryptsvc.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\crypt32.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\apprepsync.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\apprepapi.dll

2013-09-24 18:41:08 ----A---- C:\Windows\system32\win32k.sys

2013-09-24 18:36:23 ----D---- C:\rsit

2013-09-24 18:36:23 ----D---- C:\Program Files\trend micro

2013-09-23 18:02:51 ----D---- C:\ProgramData\Zylom

2013-09-23 18:02:51 ----D---- C:\Program Files (x86)\Zylom Games

2013-09-16 17:27:02 ----D---- C:\ProgramData\IObit

2013-09-16 17:26:47 ----D---- C:\Program Files (x86)\IObit

2013-09-05 01:43:42 ----A---- C:\Windows\system32\drivers\avgrkx64.sys

======List of files/folders modified in the last 1 month======

2013-09-26 12:20:53 ----D---- C:\Windows\SysWOW64

2013-09-26 12:20:52 ----D---- C:\Users\Gebruiker\AppData\Roaming\Dropbox

2013-09-26 12:20:34 ----D---- C:\Windows\Temp

2013-09-26 12:19:13 ----D---- C:\Windows\system32\config

2013-09-26 12:19:11 ----D---- C:\Windows\Microsoft.NET

2013-09-26 12:19:10 ----D---- C:\Windows\WinSxS

2013-09-26 12:19:09 ----RD---- C:\Windows\System32

2013-09-25 18:20:09 ----D---- C:\Program Files\Internet Explorer

2013-09-25 18:20:09 ----D---- C:\Program Files (x86)\Internet Explorer

2013-09-25 18:20:08 ----D---- C:\Windows\system32\Drivers

2013-09-25 18:20:08 ----D---- C:\Program Files\Windows Journal

2013-09-25 18:20:07 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-09-25 18:20:07 ----D---- C:\Windows\system32\nl-NL

2013-09-25 18:08:05 ----D---- C:\ProgramData\MFAData

2013-09-25 18:03:35 ----D---- C:\Windows\system32\sru

2013-09-25 14:34:04 ----SHD---- C:\Windows\Installer

2013-09-25 14:34:02 ----D---- C:\ProgramData\Microsoft Help

2013-09-25 14:33:52 ----D---- C:\Windows\CbsTemp

2013-09-25 14:32:55 ----D---- C:\Windows\Prefetch

2013-09-25 14:32:35 ----SHD---- C:\System Volume Information

2013-09-24 18:41:28 ----D---- C:\Windows\system32\catroot2

2013-09-24 18:36:23 ----RD---- C:\Program Files

2013-09-24 18:34:19 ----HD---- C:\Program Files\WindowsApps

2013-09-24 18:34:19 ----D---- C:\Windows\AUInstallAgent

2013-09-23 18:02:51 ----RD---- C:\Program Files (x86)

2013-09-23 18:02:51 ----HD---- C:\ProgramData

2013-09-23 17:00:47 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-09-23 17:00:46 ----D---- C:\Windows\Inf

2013-09-16 17:26:48 ----D---- C:\Windows\system32\Tasks

2013-09-05 22:09:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

- - - Updated - - -

Deel 2

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-24 18:42:17 ----A---- C:\Windows\system32\rpcrt4.dll

2013-09-24 18:42:16 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2013-09-24 18:42:16 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2013-09-24 18:42:16 ----A---- C:\Windows\system32\DWrite.dll

2013-09-24 18:42:10 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-09-24 18:42:10 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-09-24 18:42:09 ----A---- C:\Windows\SYSWOW64\qedit.dll

2013-09-24 18:42:09 ----A---- C:\Windows\system32\qedit.dll

2013-09-24 18:42:09 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-09-24 18:42:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-09-24 18:42:08 ----A---- C:\Windows\system32\jscript9.dll

2013-09-24 18:42:07 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-09-24 18:42:07 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-09-24 18:42:07 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-09-24 18:42:06 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-09-24 18:42:06 ----A---- C:\Windows\system32\jsproxy.dll

2013-09-24 18:42:06 ----A---- C:\Windows\system32\jscript.dll

2013-09-24 18:42:06 ----A---- C:\Windows\system32\iertutil.dll

2013-09-24 18:42:01 ----A---- C:\Windows\system32\wininet.dll

2013-09-24 18:42:00 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-09-24 18:41:48 ----A---- C:\Windows\system32\mshtml.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\UXInit.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-09-24 18:41:47 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\uxtheme.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\UXInit.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\urlmon.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\iesysprep.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\iesetup.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\iernonce.dll

2013-09-24 18:41:47 ----A---- C:\Windows\system32\ie4uinit.exe

2013-09-24 18:41:46 ----A---- C:\Windows\SYSWOW64\uxtheme.dll

2013-09-24 18:41:46 ----A---- C:\Windows\system32\msfeeds.dll

2013-09-24 18:41:46 ----A---- C:\Windows\system32\ieframe.dll

2013-09-24 18:41:45 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-09-24 18:41:41 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2013-09-24 18:41:41 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-09-24 18:41:41 ----A---- C:\Windows\SYSWOW64\apprepsync.dll

2013-09-24 18:41:41 ----A---- C:\Windows\SYSWOW64\apprepapi.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\wintrust.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\cryptsvc.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\crypt32.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\apprepsync.dll

2013-09-24 18:41:41 ----A---- C:\Windows\system32\apprepapi.dll

2013-09-24 18:41:08 ----A---- C:\Windows\system32\win32k.sys

2013-09-24 18:36:23 ----D---- C:\rsit

2013-09-24 18:36:23 ----D---- C:\Program Files\trend micro

2013-09-23 18:02:51 ----D---- C:\ProgramData\Zylom

2013-09-23 18:02:51 ----D---- C:\Program Files (x86)\Zylom Games

2013-09-16 17:27:02 ----D---- C:\ProgramData\IObit

2013-09-16 17:26:47 ----D---- C:\Program Files (x86)\IObit

2013-09-05 01:43:42 ----A---- C:\Windows\system32\drivers\avgrkx64.sys

======List of files/folders modified in the last 1 month======

2013-09-26 12:20:53 ----D---- C:\Windows\SysWOW64

2013-09-26 12:20:52 ----D---- C:\Users\Gebruiker\AppData\Roaming\Dropbox

2013-09-26 12:20:34 ----D---- C:\Windows\Temp

2013-09-26 12:19:13 ----D---- C:\Windows\system32\config

2013-09-26 12:19:11 ----D---- C:\Windows\Microsoft.NET

2013-09-26 12:19:10 ----D---- C:\Windows\WinSxS

2013-09-26 12:19:09 ----RD---- C:\Windows\System32

2013-09-25 18:20:09 ----D---- C:\Program Files\Internet Explorer

2013-09-25 18:20:09 ----D---- C:\Program Files (x86)\Internet Explorer

2013-09-25 18:20:08 ----D---- C:\Windows\system32\Drivers

2013-09-25 18:20:08 ----D---- C:\Program Files\Windows Journal

2013-09-25 18:20:07 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-09-25 18:20:07 ----D---- C:\Windows\system32\nl-NL

2013-09-25 18:08:05 ----D---- C:\ProgramData\MFAData

2013-09-25 18:03:35 ----D---- C:\Windows\system32\sru

2013-09-25 14:34:04 ----SHD---- C:\Windows\Installer

2013-09-25 14:34:02 ----D---- C:\ProgramData\Microsoft Help

2013-09-25 14:33:52 ----D---- C:\Windows\CbsTemp

2013-09-25 14:32:55 ----D---- C:\Windows\Prefetch

2013-09-25 14:32:35 ----SHD---- C:\System Volume Information

2013-09-24 18:41:28 ----D---- C:\Windows\system32\catroot2

2013-09-24 18:36:23 ----RD---- C:\Program Files

2013-09-24 18:34:19 ----HD---- C:\Program Files\WindowsApps

2013-09-24 18:34:19 ----D---- C:\Windows\AUInstallAgent

2013-09-23 18:02:51 ----RD---- C:\Program Files (x86)

2013-09-23 18:02:51 ----HD---- C:\ProgramData

2013-09-23 17:00:47 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-09-23 17:00:46 ----D---- C:\Windows\Inf

2013-09-16 17:26:48 ----D---- C:\Windows\system32\Tasks

2013-09-05 22:09:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

[Nielsken]

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver; C:\Windows\System32\drivers\ACPI.sys [2012-09-20 425192]

R0 acpiex;Microsoft ACPIEx Driver; C:\Windows\System32\Drivers\acpiex.sys [2012-07-26 77040]

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-05 45880]

R0 CLFS;@%SystemRoot%\system32\drivers\clfs.sys,-100; C:\Windows\System32\drivers\CLFS.sys [2012-07-26 361200]

R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2012-10-11 562392]

R0 disk;@disk.inf,%disk_ServiceDesc%;Disk Driver; C:\Windows\System32\drivers\disk.sys [2012-07-26 102640]

R0 EhStorClass;@%SystemRoot%\system32\drivers\EhStorClass.sys,-100; C:\Windows\System32\drivers\EhStorClass.sys [2012-07-26 81136]

R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\System32\drivers\fileinfo.sys [2012-07-26 71920]

R0 FltMgr;@%SystemRoot%\system32\drivers\fltmgr.sys,-10001; C:\Windows\system32\drivers\fltmgr.sys [2012-07-26 374512]

R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2012-09-20 465128]

R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [2012-09-20 100072]

R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2012-10-11 172264]

R0 mountmgr;@%SystemRoot%\system32\drivers\mountmgr.sys,-100; C:\Windows\System32\drivers\mountmgr.sys [2012-07-26 93936]

R0 msisadrv;msisadrv; C:\Windows\System32\drivers\msisadrv.sys [2012-07-26 17136]

R0 Mup;@%systemroot%\system32\drivers\mup.sys,-101; C:\Windows\System32\Drivers\mup.sys [2012-07-26 83696]

R0 NDIS;@%SystemRoot%\system32\drivers\ndis.sys,-200; C:\Windows\system32\drivers\ndis.sys [2013-02-02 993512]

R0 partmgr;@%SystemRoot%\system32\drivers\partmgr.sys,-100; C:\Windows\System32\drivers\partmgr.sys [2013-01-10 91880]

R0 pci;@machine.inf,%pci_svcdesc%;PCI Bus Driver; C:\Windows\System32\drivers\pci.sys [2012-07-26 234224]

R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2012-07-26 52464]

R0 pdc;@%SystemRoot%\system32\drivers\pdc.sys,-100; C:\Windows\system32\drivers\pdc.sys [2013-03-02 69864]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2012-07-26 217328]

R0 spaceport;@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver; C:\Windows\System32\drivers\spaceport.sys [2013-05-04 284416]

R0 storahci;@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver; C:\Windows\System32\drivers\storahci.sys [2013-03-02 77544]

R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys [2013-07-09 2233168]

R0 vdrvroot;@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator; C:\Windows\System32\drivers\vdrvroot.sys [2012-07-26 36080]

R0 volmgr;@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver; C:\Windows\System32\drivers\volmgr.sys [2012-07-26 83184]

R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\Windows\System32\drivers\volmgrx.sys [2012-07-26 378608]

R0 volsnap;@volume.inf,%VolumeClassName%;Storage volumes; C:\Windows\System32\drivers\volsnap.sys [2012-07-26 332016]

R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\Windows\system32\drivers\Wdf01000.sys [2013-01-10 785504]

R0 WFPLWFS;@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000; C:\Windows\system32\DRIVERS\wfplwfs.sys [2012-07-26 96496]

R1 AFD;@%systemroot%\system32\drivers\afd.sys,-1000; C:\Windows\system32\drivers\afd.sys [2012-11-06 560640]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]

R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2013-07-18 248632]

R1 BasicDisplay;BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [2012-07-26 48640]

R1 BasicRender;BasicRender; C:\Windows\System32\drivers\BasicRender.sys [2012-07-26 29696]

R1 Beep;Beep; C:\Windows\system32\drivers\Beep.sys [2012-07-26 7680]

R1 cdrom;@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver; C:\Windows\System32\drivers\cdrom.sys [2012-07-26 174080]

R1 Dfsc;@%systemroot%\system32\wkssvc.dll,-1008; C:\Windows\System32\Drivers\dfsc.sys [2012-07-26 118784]

R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2012-07-26 50688]

R1 Msfs;Msfs; C:\Windows\system32\drivers\Msfs.sys [2012-07-26 26112]

R1 mssmbios;@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver; C:\Windows\System32\drivers\mssmbios.sys [2012-07-26 37616]

R1 NetBIOS;@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys [2012-07-26 46080]

R1 NetBT;@%SystemRoot%\system32\drivers\netbt.sys,-2; C:\Windows\System32\DRIVERS\netbt.sys [2012-07-26 331776]

R1 Npfs;Npfs; C:\Windows\system32\drivers\Npfs.sys [2012-07-26 49152]

R1 npsvctrig;@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider; C:\Windows\System32\drivers\npsvctrig.sys [2012-07-26 23552]

R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys [2012-07-26 34304]

R1 Null;Null; C:\Windows\system32\drivers\Null.sys [2012-07-26 5632]

R1 Psched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys [2012-07-26 145408]

R1 rdbss;@%systemroot%\system32\wkssvc.dll,-1000; C:\Windows\system32\DRIVERS\rdbss.sys [2013-05-04 427520]

R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2012-07-26 117248]

R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]

R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]

R2 lltdio;@%SystemRoot%\system32\lltdres.dll,-6; C:\Windows\system32\DRIVERS\lltdio.sys [2012-07-26 60416]

R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys [2012-07-26 134144]

R2 NativeWifiP;@%SystemRoot%\System32\drivers\nwifi.sys,-101; C:\Windows\system32\DRIVERS\nwifi.sys [2012-07-26 427520]

R2 Ndu;@%SystemRoot%\system32\drivers\Ndu.sys,-10001; C:\Windows\system32\drivers\Ndu.sys [2012-07-26 97792]

R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2013-04-09 805376]

R2 rspndr;@%SystemRoot%\system32\lltdres.dll,-5; C:\Windows\system32\DRIVERS\rspndr.sys [2012-07-26 78848]

R2 secdrv;Security Driver; C:\Windows\system32\drivers\secdrv.sys [2012-07-26 23040]

R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2012-07-26 45056]

R3 AmUStor;@oem7.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2012-07-20 100992]

R3 bcbtums;@oem3.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-01-27 134696]

R3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Stuurprogramma voor Broadcom 802.11 netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]

R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys [2012-07-26 101888]

R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712]

R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]

R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]

R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]

R3 CmBatt;@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver; C:\Windows\System32\drivers\CmBatt.sys [2012-07-26 25600]

R3 CompositeBus;@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver; C:\Windows\System32\drivers\CompositeBus.sys [2012-07-26 36352]

R3 condrv;Console Driver; C:\Windows\System32\drivers\condrv.sys [2012-07-26 33792]

R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2013-04-16 1455368]

R3 HdAudAddService;@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2013-01-09 341504]

R3 HDAudBus;@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\System32\drivers\HDAudBus.sys [2012-09-20 71168]

R3 HTTP;@%SystemRoot%\system32\drivers\http.sys,-1; C:\Windows\system32\drivers\HTTP.sys [2013-03-15 861184]

R3 i8042prt;@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver; C:\Windows\System32\drivers\i8042prt.sys [2012-07-26 112640]

R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2012-11-16 42824]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]

R3 intelppm;@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver; C:\Windows\System32\drivers\intelppm.sys [2012-11-06 89088]

R3 kbdclass;@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver; C:\Windows\System32\drivers\kbdclass.sys [2012-07-26 48368]

R3 kdnic;@kdnic.inf,%KdNic.Service.DispName%;Microsoft-netwerkminipoort voor kernelfoutopsporing (NDIS 6.20); C:\Windows\system32\DRIVERS\kdnic.sys [2012-07-26 18432]

R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [2012-07-26 21376]

R3 MEIx64;@oem1.inf,%HECI_SvcDesc%;Intel® Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2013-01-11 64624]

R3 monitor;@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service; C:\Windows\System32\drivers\monitor.sys [2013-03-01 30720]

R3 mouclass;@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver; C:\Windows\System32\drivers\mouclass.sys [2012-07-26 45808]

R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2012-10-11 74752]

R3 mrxsmb;@%systemroot%\system32\wkssvc.dll,-1002; C:\Windows\system32\DRIVERS\mrxsmb.sys [2013-02-06 370688]

R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2012-07-26 279552]

R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2013-02-06 215552]

R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys [2012-09-20 25088]

R3 Ndisuio;@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys [2012-07-26 58880]

R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]

R3 NDProxy;NDIS Proxy; C:\Windows\system32\drivers\NDProxy.sys [2013-04-09 60416]

R3 Ntfs;Ntfs; C:\Windows\system32\drivers\Ntfs.sys [2013-02-02 1933544]

R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys [2012-07-26 114176]

R3 RasAgileVpn;@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN-minipoort (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2012-07-26 68608]

R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys [2012-07-26 124928]

R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys [2012-07-26 81920]

R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2012-07-26 92672]

R3 rdpbus;@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver; C:\Windows\System32\drivers\rdpbus.sys [2012-07-26 22528]

R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672]

R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT-stuurprogramma; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-02 589824]

R3 srv;@%systemroot%\system32\srvsvc.dll,-102; C:\Windows\System32\DRIVERS\srv.sys [2012-07-26 416768]

R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys [2013-04-09 623104]

R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2013-04-09 247808]

R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2012-10-11 12288]

R3 swenum;@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver; C:\Windows\System32\drivers\swenum.sys [2012-07-26 13680]

R3 TPM;@tpm.inf,%TPM%;TPM; C:\Windows\system32\drivers\tpm.sys [2013-03-02 148712]

R3 tunnel;@nettun.inf,%TUNNEL.Service.DisplayName%;Stuurprogramma voor Microsoft IPv6 Tunnel-minipoortadapter; C:\Windows\system32\DRIVERS\tunnel.sys [2012-07-26 149504]

R3 UCX01000;USB Controller Extension; C:\Windows\System32\drivers\ucx01000.sys [2013-05-04 213248]

R3 umbus;@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver; C:\Windows\System32\drivers\umbus.sys [2012-07-26 48128]

R3 usbccgp;@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver; C:\Windows\System32\drivers\usbccgp.sys [2012-07-26 120832]

R3 usbehci;@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\Windows\System32\drivers\usbehci.sys [2012-09-20 79080]

R3 usbhub;@usbport.inf,%ROOTHUB.SvcDesc%;Stuurprogramma voor Microsoft USB Standaard-hub; C:\Windows\System32\drivers\usbhub.sys [2013-02-02 496872]

R3 USBHUB3;@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub; C:\Windows\System32\drivers\UsbHub3.sys [2013-05-04 446720]

R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2012-09-20 210304]

R3 USBXHCI;@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller; C:\Windows\System32\drivers\USBXHCI.SYS [2013-03-02 337128]

R3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; C:\Windows\System32\drivers\vwifibus.sys [2012-07-26 24064]

R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]

R3 WmiAcpi;@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI; C:\Windows\System32\drivers\wmiacpi.sys [2012-07-26 17408]

R4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys [2012-07-26 108544]

S0 3ware;3ware; C:\Windows\System32\drivers\3ware.sys [2012-07-26 106736]

S0 adp94xx;adp94xx; C:\Windows\System32\drivers\adp94xx.sys [2012-07-26 492272]

S0 adpahci;adpahci; C:\Windows\System32\drivers\adpahci.sys [2012-07-26 340720]

S0 adpu320;adpu320; C:\Windows\System32\drivers\adpu320.sys [2012-07-26 184048]

S0 agp440;@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter; C:\Windows\System32\drivers\agp440.sys [2012-07-26 63216]

S0 amdsata;amdsata; C:\Windows\System32\drivers\amdsata.sys [2012-07-26 76016]

S0 amdsbs;amdsbs; C:\Windows\System32\drivers\amdsbs.sys [2012-07-26 258288]

S0 amdxata;amdxata; C:\Windows\System32\drivers\amdxata.sys [2012-07-26 26352]

S0 arc;arc; C:\Windows\System32\drivers\arc.sys [2012-07-26 104688]

S0 arcsas;@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver; C:\Windows\System32\drivers\arcsas.sys [2012-07-26 108272]

S0 atapi;@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel; C:\Windows\System32\drivers\atapi.sys [2012-07-26 25840]

S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2012-10-26 20912]

S0 b06bdrv;@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD; C:\Windows\System32\drivers\bxvbda.sys [2012-09-20 533224]

S0 ebdrv;@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\System32\drivers\evbda.sys [2012-09-20 3265256]

S0 EhStorTcgDrv;@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols; C:\Windows\System32\drivers\EhStorTcgDrv.sys [2012-07-26 113904]

S0 gagp30kx;@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\System32\drivers\gagp30kx.sys [2012-07-26 66800]

S0 HpSAMD;HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [2012-07-26 64752]

S0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2012-07-26 24816]

S0 iaStorV;@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7; C:\Windows\System32\drivers\iaStorV.sys [2012-07-26 411888]

S0 iirsp;iirsp; C:\Windows\System32\drivers\iirsp.sys [2012-07-26 45296]

S0 intelide;intelide; C:\Windows\System32\drivers\intelide.sys [2012-07-26 18672]

S0 isapnp;isapnp; C:\Windows\System32\drivers\isapnp.sys [2012-07-26 22256]

S0 LSI_SAS;LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [2012-07-26 108784]

S0 LSI_SAS2;LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [2012-07-26 92400]

S0 LSI_SCSI;LSI_SCSI; C:\Windows\System32\drivers\lsi_scsi.sys [2012-07-26 116976]

S0 LSI_SSS;LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [2012-07-26 81136]

S0 megasas;megasas; C:\Windows\System32\drivers\megasas.sys [2012-07-26 51952]

S0 MegaSR;MegaSR; C:\Windows\System32\drivers\MegaSR.sys [2012-07-26 353008]

S0 mvumis;mvumis; C:\Windows\System32\drivers\mvumis.sys [2012-07-26 64240]

S0 nfrd960;nfrd960; C:\Windows\System32\drivers\nfrd960.sys [2012-07-26 52464]

S0 nv_agp;@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter; C:\Windows\System32\drivers\nv_agp.sys [2012-07-26 125168]

S0 nvraid;nvraid; C:\Windows\System32\drivers\nvraid.sys [2012-07-26 150256]

S0 nvstor;nvstor; C:\Windows\System32\drivers\nvstor.sys [2012-07-26 168176]

S0 pciide;pciide; C:\Windows\System32\drivers\pciide.sys [2012-07-26 14064]

S0 pcmcia;pcmcia; C:\Windows\System32\drivers\pcmcia.sys [2012-07-26 237808]

S0 sbp2port;@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver; C:\Windows\System32\drivers\sbp2port.sys [2012-07-26 107760]

S0 SiSRaid2;SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [2012-07-26 44784]

S0 SiSRaid4;SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [2012-07-26 81648]

S0 stexstor;stexstor; C:\Windows\System32\drivers\stexstor.sys [2012-07-26 30960]

S0 storflt;@%SystemRoot%\system32\vmstorfltres.dll,-1000; C:\Windows\system32\DRIVERS\vmstorfl.sys [2012-07-26 45160]

S0 storvsc;storvsc; C:\Windows\System32\drivers\storvsc.sys [2012-07-26 37992]

S0 uagp35;@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter; C:\Windows\System32\drivers\uagp35.sys [2012-07-26 65776]

S0 uliagpkx;@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter; C:\Windows\System32\drivers\uliagpkx.sys [2012-07-26 66800]

S0 viaide;viaide; C:\Windows\System32\drivers\viaide.sys [2012-07-26 19184]

S0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\System32\drivers\vmbus.sys [2012-07-26 137832]

S0 vsmraid;vsmraid; C:\Windows\System32\drivers\vsmraid.sys [2012-07-26 164080]

S0 VSTXRAID;@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver; C:\Windows\System32\drivers\vstxraid.sys [2012-07-26 322800]

S0 Wd;@wd.inf,%WdServiceDisplayName%;Microsoft Watchdog Timer Driver; C:\Windows\System32\drivers\wd.sys [2012-07-26 23792]

S1 dam;@%SystemRoot%\system32\drivers\dam.sys,-100; C:\Windows\system32\drivers\dam.sys [2012-10-11 58088]

S3 1394ohci;@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller; C:\Windows\System32\drivers\1394ohci.sys [2012-07-26 226304]

S3 acpipagr;@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver; C:\Windows\System32\drivers\acpipagr.sys [2012-07-26 10240]

S3 AcpiPmi;@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver; C:\Windows\System32\drivers\acpipmi.sys [2012-07-26 12288]

S3 acpitime;@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver; C:\Windows\System32\drivers\acpitime.sys [2012-07-26 10752]

S3 AmdK8;@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver; C:\Windows\System32\drivers\amdk8.sys [2012-11-06 90624]

S3 AmdPPM;@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver; C:\Windows\System32\drivers\amdppm.sys [2012-11-06 88064]

S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2012-07-26 79360]

S3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys [2012-07-26 26624]

S3 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2013-02-02 37632]

S3 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 51200]

S3 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2012-11-27 29952]

S3 BTHMODEM;@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver; C:\Windows\System32\drivers\bthmodem.sys [2012-07-26 65536]

S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]

S3 circlass;@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices; C:\Windows\System32\drivers\circlass.sys [2012-07-26 45056]

S3 dmvsc;dmvsc; C:\Windows\System32\drivers\dmvsc.sys [2012-07-26 33280]

S3 drmkaud;@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys [2012-10-11 5632]

S3 ErrDev;@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver; C:\Windows\System32\drivers\errdev.sys [2012-07-26 10240]

S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2012-07-26 194560]

S3 fastfat;FAT12/16/32 File System Driver; C:\Windows\system32\drivers\fastfat.sys [2012-07-26 210672]

S3 fdc;@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver; C:\Windows\System32\drivers\fdc.sys [2012-07-26 30720]

S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys [2012-07-26 34816]

S3 flpydisk;@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver; C:\Windows\System32\drivers\flpydisk.sys [2012-07-26 24576]

S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2012-07-26 57584]

S3 FxPPM;@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver; C:\Windows\System32\drivers\fxppm.sys [2012-11-06 22528]

S3 gencounter;@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter; C:\Windows\System32\drivers\vmgencounter.sys [2012-07-26 12288]

S3 GPIOClx0101;Microsoft GPIO Class Extension Driver; C:\Windows\System32\Drivers\msgpioclx.sys [2012-09-20 120040]

S3 HidBatt;@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver; C:\Windows\System32\drivers\HidBatt.sys [2012-07-26 27136]

S3 HidBth;@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport; C:\Windows\System32\drivers\hidbth.sys [2013-04-09 95744]

S3 hidi2c;@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver; C:\Windows\System32\drivers\hidi2c.sys [2012-11-20 39936]

S3 HidIr;@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver; C:\Windows\System32\drivers\hidir.sys [2012-07-26 46080]

S3 HidUsb;@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver; C:\Windows\System32\drivers\hidusb.sys [2013-05-04 27648]

S3 hyperkbd;hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [2012-07-26 11776]

S3 HyperVideo;HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [2012-07-26 24576]

S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys [2012-07-26 89088]

S3 IPMIDRV;IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [2012-07-26 78336]

S3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys [2012-07-26 145920]

S3 IRENUM;@%SystemRoot%\system32\drivers\irenum.sys,-100; C:\Windows\system32\drivers\irenum.sys [2012-07-26 17920]

S3 iScsiPrt;@iscsi.inf,%iScsiPortName%;iScsiPort Driver; C:\Windows\System32\drivers\msiscsi.sys [2012-11-06 277736]

S3 kbdhid;@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver; C:\Windows\System32\drivers\kbdhid.sys [2012-07-26 29184]

S3 Modem;Modem; C:\Windows\system32\drivers\modem.sys [2012-07-26 40448]

S3 mouhid;@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver; C:\Windows\System32\drivers\mouhid.sys [2013-03-02 26112]

S3 MRxDAV;@%systemroot%\system32\webclnt.dll,-104; C:\Windows\system32\drivers\mrxdav.sys [2012-07-26 141312]

S3 MsBridge;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2012-07-26 129536]

S3 msgpiowin32;@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver; C:\Windows\System32\drivers\msgpiowin32.sys [2013-01-10 28904]

S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2012-07-26 8704]

S3 mshidumdf;@%SystemRoot%\system32\drivers\mshidumdf.sys,-100; C:\Windows\System32\drivers\mshidumdf.sys [2012-07-26 10752]

S3 MSKSSRV;@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2012-07-26 11008]

S3 MsLldp;@C:\Windows\system32\DRIVERS\mslldp.sys,-200; C:\Windows\system32\DRIVERS\mslldp.sys [2012-07-26 68608]

S3 MSPCLOCK;@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2012-07-26 7168]

S3 MSPQM;@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2012-07-26 6912]

S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2012-07-26 390896]

S3 MSTEE;@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2012-07-26 8192]

S3 MTConfig;@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver; C:\Windows\System32\drivers\MTConfig.sys [2012-07-26 14848]

S3 NdisCap;@%SystemRoot%\System32\drivers\ndiscap.sys,-5000; C:\Windows\system32\DRIVERS\ndiscap.sys [2012-07-26 46592]

S3 NdisImPlatform;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [2012-07-26 126464]

S3 NDISWANLEGACY;@%systemroot%\system32\rascfg.dll,-32014; C:\Windows\system32\DRIVERS\ndiswan.sys [2012-07-26 174080]

S3 Parport;@msports.inf,%Parport.SVCDESC%;Parallel port driver; C:\Windows\System32\drivers\parport.sys [2012-07-26 105984]

S3 Processor;@cpu.inf,%Processor.SvcDesc%;Processor Driver; C:\Windows\System32\drivers\processr.sys [2012-11-06 87552]

S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys [2012-07-26 46592]

S3 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys [2012-07-26 16384]

S3 RDPDR;@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100; C:\Windows\System32\drivers\rdpdr.sys [2012-07-26 179712]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-12 27880]

S3 RDPWD;RDP Winstation Driver; C:\Windows\system32\drivers\RDPWD.sys [2012-07-26 208384]

S3 s3cap;s3cap; C:\Windows\System32\drivers\vms3cap.sys [2012-07-26 7168]

S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2012-07-26 36864]

S3 sdbus;sdbus; C:\Windows\System32\drivers\sdbus.sys [2013-03-02 194792]

S3 sdstor;@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver; C:\Windows\System32\drivers\sdstor.sys [2012-10-11 56552]

S3 SerCx;Serial UART Support Library; C:\Windows\system32\drivers\SerCx.sys [2012-07-26 62976]

S3 Serenum;@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver; C:\Windows\System32\drivers\serenum.sys [2012-07-26 23040]

S3 Serial;@msports.inf,%Serial.SVCDESC%;Serial port driver; C:\Windows\System32\drivers\serial.sys [2012-07-26 76800]

S3 sermouse;@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver; C:\Windows\System32\drivers\sermouse.sys [2012-07-26 27136]

S3 sfloppy;@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive; C:\Windows\System32\drivers\sfloppy.sys [2012-07-26 16896]

S3 SpbCx;Simple Peripheral Bus Support Library; C:\Windows\system32\drivers\SpbCx.sys [2012-07-26 59392]

S3 TCPIP6;@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2013-07-09 2233168]

S3 terminpt;@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver; C:\Windows\System32\drivers\terminpt.sys [2012-07-26 36592]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-07-26 57344]

S3 TsUsbGD;@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device; C:\Windows\System32\drivers\TsUsbGD.sys [2012-07-26 30208]

S3 UASPStor;@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver; C:\Windows\System32\drivers\uaspstor.sys [2012-07-26 97008]

S3 UmPass;@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver; C:\Windows\System32\drivers\umpass.sys [2012-07-26 11776]

S3 usbcir;@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR); C:\Windows\System32\drivers\usbcir.sys [2012-07-26 99328]

S3 usbohci;@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\System32\drivers\usbohci.sys [2012-11-20 27136]

S3 usbprint;@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class; C:\Windows\System32\drivers\usbprint.sys [2012-07-26 25600]

S3 USBSTOR;@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver; C:\Windows\System32\drivers\USBSTOR.SYS [2012-07-26 119024]

S3 usbuhci;@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\System32\drivers\usbuhci.sys [2012-09-20 32256]

S3 VerifierExt;@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000; C:\Windows\system32\drivers\VerifierExt.sys [2012-07-26 106224]

S3 vhdmp;vhdmp; C:\Windows\System32\drivers\vhdmp.sys [2013-03-02 495336]

S3 VMBusHID;VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [2012-07-26 22144]

S3 vpci;@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus; C:\Windows\System32\drivers\vpci.sys [2012-07-26 67824]

S3 WacomPen;@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver; C:\Windows\System32\drivers\wacompen.sys [2012-07-26 27008]

S3 Wanarp;@%systemroot%\system32\rascfg.dll,-32011; C:\Windows\system32\DRIVERS\wanarp.sys [2013-04-09 83456]

S3 WdBoot;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390; C:\Windows\system32\drivers\WdBoot.sys [2013-01-29 35232]

S3 WdFilter;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330; C:\Windows\system32\drivers\WdFilter.sys [2013-01-29 230904]

S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2012-07-26 33520]

S3 wpcfltr;Family Safety Filter Driver; C:\Windows\system32\DRIVERS\wpcfltr.sys [2012-07-26 45056]

S3 WpdUpFltr;@%systemroot%\System32\drivers\WpdUpFltr.sys,-100; C:\Windows\System32\drivers\WpdUpFltr.sys [2012-07-26 19968]

S3 WSDPrintDevice;@WSDPrint.Inf,%WSDPrintDevice.SVCDESC%;WSD Print Support; C:\Windows\System32\drivers\WSDPrint.sys [2012-07-26 21504]

S3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]

S3 WUDFRd;@hidbthle.inf,%WudfRdDisplayName%;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\Windows\System32\drivers\WUDFRd.sys [2012-07-26 198656]

S3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]

S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys [2012-07-26 321024]

S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys [2012-09-20 22528]

- - - Updated - - -

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]

R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]

R2 BcmBtRSupport;@oem3.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\Windows\system32\BtwRSupportService.exe [2011-12-15 2246184]

R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 IBMPMSVC;@oem5.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2012-11-16 71536]

R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2012-09-20 35840]

R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2012-07-26 769024]

R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2013-09-09 75584]

R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 WlanSvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 wscsvc;@%SystemRoot%\System32\wscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2013-04-09 816128]

R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 124416]

R3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 wlidsvc;@%SystemRoot%\system32\wlidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 WSService;@%SystemRoot%\system32\WSService.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30 116648]

S2 omigaplussvc;Omiga plus service; C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe []

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2012-07-26 4881408]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-06-01 72704]

S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2012-07-26 94208]

S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 10752]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2012-09-20 35840]

S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2012-07-26 669696]

S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30 116648]

S3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2012-09-20 35840]

S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]

S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2012-07-26 144384]

S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2012-09-20 35840]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2012-07-26 20992]

S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2012-07-26 9728]

S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2012-07-26 14848]

S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2012-07-26 94208]

S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2012-07-26 40960]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2012-09-20 35840]

S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2012-11-27 680960]

S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2013-05-04 1483776]

S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2012-07-26 1616896]

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2013-01-29 14920]

S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 wmiApSrv;@%Systemroot%\system32\wbem\wmiapsrv.exe,-110; C:\Windows\system32\wbem\WmiApSrv.exe [2012-07-26 198144]

S3 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2012-09-20 1314816]

S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 wuauserv;@%systemroot%\system32\wuaueng.dll,-105; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]

S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-09-20 29696]

-----------------EOF-----------------

- - - Updated - - -

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]

R2 AudioEndpointBuilder;@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 Audiosrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]

R2 BcmBtRSupport;@oem3.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control Service; C:\Windows\system32\BtwRSupportService.exe [2011-12-15 2246184]

R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 BrokerInfrastructure;@%windir%\system32\bisrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 DcomLaunch;@combase.dll,-5012; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 DeviceAssociationService;@%SystemRoot%\system32\das.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Dhcp;@%SystemRoot%\system32\dhcpcore.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 IBMPMSVC;@oem5.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2012-11-16 71536]

R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 LSM;@%windir%\system32\lsm.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 RpcSs;@combase.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2012-09-20 35840]

R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2012-07-26 769024]

R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2013-09-09 75584]

R2 stisvc;@%SystemRoot%\system32\wiaservc.dll,-9; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Themes;@%SystemRoot%\System32\themeservice.dll,-8192; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 Wcmsvc;@%SystemRoot%\System32\wcmsvc.dll,-4097; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 Winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 WlanSvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R2 wscsvc;@%SystemRoot%\System32\wscsvc.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2013-04-09 816128]

R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec.exe [2012-07-26 124416]

R3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 netprofm;@%SystemRoot%\system32\netprofmsvc.dll,-202; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 SSDPSRV;@%systemroot%\system32\ssdpsrv.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 SystemEventsBroker;@%windir%\system32\SystemEventsBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 TimeBroker;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]

R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 wlidsvc;@%SystemRoot%\system32\wlidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

R3 WSService;@%SystemRoot%\system32\WSService.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30 116648]

S2 omigaplussvc;Omiga plus service; C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe []

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2012-07-26 4881408]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-06-01 72704]

S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2012-07-26 94208]

S3 AllUserInstallAgent;@%SystemRoot%\System32\AUInstallAgent.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2012-07-26 10752]

S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 DeviceInstall;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 DsmSvc;@%SystemRoot%\system32\DeviceSetupManager.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 Eaphost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2012-09-20 35840]

S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2012-07-26 669696]

S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 fhsvc;@%systemroot%\system32\fhsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-30 116648]

S3 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2012-09-20 35840]

S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]

S3 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2012-07-26 144384]

S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 NcaSvc;@%SystemRoot%\system32\ncasvc.dll,-3009; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 NcdAutoSetup;@%SystemRoot%\system32\NcdAutoSetup.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2012-09-20 35840]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2012-07-26 20992]

S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 PrintNotify;@C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2012-07-26 9728]

S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2012-07-26 14848]

S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 svsvc;@%SystemRoot%\system32\svsvc.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2012-07-26 94208]

S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2012-07-26 40960]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 upnphost;@%systemroot%\system32\upnphost.dll,-213; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2012-09-20 35840]

S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2012-11-27 680960]

S3 vmicheartbeat;@%systemroot%\system32\vmicres.dll,-101; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmickvpexchange;@%systemroot%\system32\vmicres.dll,-201; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmicrdv;@%systemroot%\system32\vmicres.dll,-601; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmicshutdown;@%systemroot%\system32\vmicres.dll,-301; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmictimesync;@%systemroot%\system32\vmicres.dll,-401; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 vmicvss;@%systemroot%\system32\vmicres.dll,-501; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2013-05-04 1483776]

S3 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2012-07-26 1616896]

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 WebClient;@%systemroot%\system32\webclnt.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 WinDefend;@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310; C:\Program Files\Windows Defender\MsMpEng.exe [2013-01-29 14920]

S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S3 wmiApSrv;@%Systemroot%\system32\wbem\wmiapsrv.exe,-110; C:\Windows\system32\wbem\WmiApSrv.exe [2012-07-26 198144]

S3 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files\Windows Media Player\wmpnetwk.exe [2012-09-20 1314816]

S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 wuauserv;@%systemroot%\system32\wuaueng.dll,-105; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-12 139696]

S4 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2012-09-20 29696]

S4 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S4 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2012-09-20 29696]

S4 SharedAccess;@%SystemRoot%\system32\ipnathlp.dll,-106; C:\Windows\System32\svchost.exe [2012-09-20 29696]

-----------------EOF-----------------

[juisterr]

Download Zoek.zip naar het bureaublad.

1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
   
2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
   

• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  
  
  emptyclsid;
  firefoxlook; 
  Chromelook; 
  CHRdefaults;
  autoclean; 
  iedefaults; 
  filesrcm;
  
  
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

[Nielsken]

==== System Restore Info ======================

30/09/2013 18:07:37 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3315628511-3092048787-2522545195-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\omigaplussvc deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\5emop8zj.default

user.js not found

---- Lines qvo6 removed from prefs.js ----

user_pref("browser.startup.homepage", "http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=SamsungXSSDX840XSeries_S14CNEAD212247T&ts=1371736838");

---- Lines qvo6 modified from prefs.js ----

---- Lines qvo6.com removed from prefs.js ----

---- Lines qvo6.com modified from prefs.js ----

---- Lines Torntv removed from prefs.js ----

---- Lines Torntv modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1369860961840,\"rdfTime\":1368303951000}}},{\"name\":\"app-profile\",\"addons\":{\"torntv2@torntv.com\":{\"descriptor\":\"C:\\\\Users\\\\Gebruiker\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\5emop8zj.default\\\\extensions\\\\torntv2@torntv.com.xpi\",\"mtime\":1371736818357}}}]");

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- Lines browser.startup.page modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20133009_1811_.backup

==== Deleting Files \ Folders ======================

"C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\5emop8zj.default\extensions\torntv2@torntv.com.xpi" deleted

"C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk" deleted

"C:\windows\SysNative\tasks\Omiga Plus RunAsStdUser" deleted

"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted

"C:\Program Files (x86)\TornTV.com" deleted

"C:\Program Files (x86)\WinZipper" deleted

"C:\Program Files (x86)\Desk 365" deleted

"C:\Users\Gebruiker\AppData\Roaming\Desk 365" deleted

"C:\Users\Gebruiker\AppData\Roaming\337" deleted

"C:\Users\Gebruiker\AppData\Roaming\eIntaller" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\Users\Gebruiker\AppData\Local\iLivid" deleted

"C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\GEBRUI~1\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

2013-09-24 16:42:16 B4CB5AE28AD921DBB2BB5D0A6D1FDD9D 694272 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll

2013-09-24 16:42:16 3213F234B8FC8D0869D50B98884EB5F4 1421312 ----a-w- C:\Windows\SysWOW64\DWrite.dll

2013-09-24 16:42:10 A2476B7D165AFB10A8FA4E335DEC9E88 2620928 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL

2013-09-24 16:42:09 3C3C36189700311E49376358046D562F 496640 ----a-w- C:\Windows\SysWOW64\qedit.dll

2013-09-24 16:42:08 7AC3F683EE68A588A26BDBBA1CC296B2 2048000 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-09-24 16:42:07 E6BEEF5265329CBB3DDF95CE89F08580 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-09-24 16:42:07 76A981040FC0C9BA0C6EDC91BE99C3E4 2876928 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-09-24 16:42:07 1669544D9288099E7BE0CF73EF8B9F3E 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-09-24 16:42:06 F73CE26EFC7AE039A8534722395CE9A7 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-09-24 16:42:01 F76B96D80327187F52B01E0082571F20 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-09-24 16:42:00 5FE24CECBD39A12E0BDDE3931FA5478B 14332928 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-09-24 16:41:47 F21025151AA06B25DC6FCE169560F4E4 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-09-24 16:41:47 B7D15FC840EB5A401A9A2D15A4BA1A94 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-09-24 16:41:47 B2F431895A7F787466EFEAB87C5F014F 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-09-24 16:41:47 907EFFBAD00EF8FAF0347AF63F895FFE 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-09-24 16:41:47 69B892115CD4E738FB0F2834DDB9002A 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2013-09-24 16:41:47 210074573A7E60E425A8E4667B55FA7C 44032 ----a-w- C:\Windows\SysWOW64\UXInit.dll

2013-09-24 16:41:46 0904FD891C44DE02D14A66DF07B64D6A 534528 ----a-w- C:\Windows\SysWOW64\uxtheme.dll

2013-09-24 16:41:45 A1BBF4D3F0F8164CF9A8B46B428100C6 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-09-24 16:41:41 F7A43B51E2C1D7C332FB17D0A804AF60 261120 ----a-w- C:\Windows\SysWOW64\wintrust.dll

2013-09-24 16:41:41 AA4D1D67CFC5C9BC17163FA619A070FA 74240 ----a-w- C:\Windows\SysWOW64\apprepsync.dll

2013-09-24 16:41:41 3674D14E4B7D4700BFF7D06DC608334E 87040 ----a-w- C:\Windows\SysWOW64\apprepapi.dll

2013-09-24 16:41:41 186EF39B997ACB482C5092AD0079B5A3 1568256 ----a-w- C:\Windows\SysWOW64\crypt32.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-09-27 19:34:52 E8628146CC0B005C37C788ADE7504134 423504 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT

2013-09-24 16:42:17 6BDCC68E85A386414E4E028DEB768350 1314816 ----a-w- C:\Windows\Sysnative\rpcrt4.dll

2013-09-24 16:42:16 3E57DE8477F6F851B43904B50B1816C5 1838080 ----a-w- C:\Windows\Sysnative\DWrite.dll

2013-09-24 16:42:10 67AB74C4493C123D1E32F013222DA107 2842112 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL

2013-09-24 16:42:09 3E70676B18292EF37017E8895EBF9AC3 595968 ----a-w- C:\Windows\Sysnative\qedit.dll

2013-09-24 16:42:08 1FFB9680178BAA8BFE2BE5CF91FBD574 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-09-24 16:42:06 C23E349B999CAC55B398C36E0FA54A88 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-09-24 16:42:06 AE4AD9943B92F71C7552F3CBC94F3CF6 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-09-24 16:42:06 A45FE588EC4D64620E755FAE8735856D 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-09-24 16:42:06 6344E1B323F993C1F7FB68C028D356D6 855552 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-09-24 16:42:01 6DBE239FF1C9650A794C974B8C7913D7 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-09-24 16:41:48 0CBE4F2B4C2316814693EAF8F9CD98A7 19246592 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-09-24 16:41:47 FAA0282FF13ECFB8B620E01619703850 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-09-24 16:41:47 CC062CD7E7CBA0EFD0EF7975DD4CA1C4 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll

2013-09-24 16:41:47 74671852110963BD2D23740E65C84206 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll

2013-09-24 16:41:47 6A0910927CDCBCF5EFE79B73D0B7596B 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-09-24 16:41:47 4C95B1B5ADF6E82D7A8FA2DD8D383626 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-09-24 16:41:47 37A27E7A53724DF4193C0337891609AB 915968 ----a-w- C:\Windows\Sysnative\uxtheme.dll

2013-09-24 16:41:47 163464CAAF793906958F7098DA9C9C6D 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-09-24 16:41:46 D2CFD6F140FBC9F6F09B8DB42ACBE4B1 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-09-24 16:41:46 55B082D7A4823B963975F7D32C7AC8BA 15404544 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-09-24 16:41:41 F68F697F5B4E74217159C38FFFD37964 124416 ----a-w- C:\Windows\Sysnative\apprepapi.dll

2013-09-24 16:41:41 E4E889A9CA3E8CCEE6FB5D1B4F94296F 98304 ----a-w- C:\Windows\Sysnative\apprepsync.dll

2013-09-24 16:41:41 B6FCC2BB7D1044EA0FC4B573951BE8DC 1889280 ----a-w- C:\Windows\Sysnative\crypt32.dll

2013-09-24 16:41:41 74466D77EE8588C04B95AE9DBC693EF8 337408 ----a-w- C:\Windows\Sysnative\wintrust.dll

2013-09-24 16:41:41 5CE2742F063731EC10C1B2EE386A2C08 68096 ----a-w- C:\Windows\Sysnative\cryptsvc.dll

2013-09-24 16:41:08 947B40E8199C16F0E62EABC312813DF7 4038144 ----a-w- C:\Windows\Sysnative\win32k.sys

2013-09-24 16:34:48 4A0B5BF31A5ACC06337EE07F907F14CB 144384 ----a-w- C:\Windows\Sysnative\tssdisai.dll

====== C:\Windows\Sysnative\drivers =====

2013-09-24 16:42:09 1794C43A000A47D92B3304FC1E3E512A 2233168 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-09-04 23:43:42 4494718783294ECFFBA7E89D82BAE6E1 45880 ----a-w- C:\Windows\Sysnative\drivers\avgrkx64.sys

====== C:\Windows\Tasks ======

2013-09-16 15:26:48 9C6BA4DE10687894AC040E2F20818227 3168 ----a-w- C:\Windows\Sysnative\Tasks\StartMenuAutoupdate

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-09-24 16:36:23 -------- d-----w- C:\Program Files\trend micro

======= C:\Program Files (x86) =====

2013-09-23 16:02:51 -------- d-----w- C:\Program Files (x86)\Zylom Games

2013-09-16 15:26:47 -------- d-----w- C:\Program Files (x86)\IObit

======= C: =====

====== C:\Users\Gebruiker\AppData\Roaming ======

2013-09-26 17:46:05 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\Sun

2013-09-21 10:49:19 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Gebruiker\AppData\Locallow\ChangeTaskbarRect

2013-09-16 15:26:48 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\IObit

====== C:\Users\Gebruiker ======

2013-09-26 17:45:51 AC9C3A02685CEDAE968FCDB7A4618879 913832 ----a-w- C:\Users\Gebruiker\Downloads\chromeinstall-7u40.exe

2013-09-24 16:35:53 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe

2013-09-23 16:02:51 -------- d-----w- C:\ProgramData\Zylom

2013-09-23 16:02:37 04DF2AF6FC311F0C1E38BC74E68AA659 511152 ----a-w- C:\Users\Gebruiker\Downloads\gamesplayerinstall.exe

2013-09-16 15:27:02 -------- d-----w- C:\ProgramData\IObit

2013-09-16 15:26:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8

2013-09-14 18:20:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

====== C: exe-files ==

2013-09-30 16:04:00 F8DF9347B5830EBE63798FECBB911718 7019608 ----a-w- C:\Program Files (x86)\AVG\AVG2013\Notification\Launcher.exe

2013-09-26 17:45:51 AC9C3A02685CEDAE968FCDB7A4618879 913832 ----a-w- C:\Users\Gebruiker\Downloads\chromeinstall-7u40.exe

2013-09-24 16:41:47 FAA0282FF13ECFB8B620E01619703850 51712 ----a-w- C:\Windows\System32\ie4uinit.exe

2013-09-24 16:41:47 E386800116A8DCE3AD797F34A6126081 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-09-24 16:41:46 ECC765E9B81567B977FAFEB0E30FA281 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-09-24 16:36:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe

2013-09-24 16:35:53 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe

2013-09-24 16:34:49 8ABBB5CE0C62E0A6D28F32F44B7F865C 98304 ----a-w- C:\Windows\servicing\TrustedInstaller.exe

=== C: other files ==

2013-09-24 16:42:09 1794C43A000A47D92B3304FC1E3E512A 2233168 ----a-w- C:\Windows\System32\Drivers\tcpip.sys

2013-09-24 16:41:08 947B40E8199C16F0E62EABC312813DF7 4038144 ----a-w- C:\Windows\System32\win32k.sys

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\5emop8zj.default

7ABE33792F2787D599B6963E71B9E8CD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll - Shockwave Flash

FC5866F7793AF2CBCD425CC4B8D32A9E - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[]

Google Docs - Gebruiker - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Gebruiker - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Gebruiker - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Gebruiker - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Chrome In-App Payments service - Gebruiker - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Gebruiker - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=SamsungXSSDX840XSeries_S14CNEAD212247T&ts=1371736838"

"Default_Page_URL"="http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=SamsungXSSDX840XSeries_S14CNEAD212247T&ts=1371736838"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=SamsungXSSDX840XSeries_S14CNEAD212247T&ts=1371736838"

"Start Page"="http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=SamsungXSSDX840XSeries_S14CNEAD212247T&ts=1371736838"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=SamsungXSSDX840XSeries_S14CNEAD212247T&ts=1371736838"

"Start Page"="http://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=SamsungXSSDX840XSeries_S14CNEAD212247T&ts=1371736838"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Gebruiker\Desktop\Dropbox.lnk - C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\AVG 2013.lnk - C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Users\Public\Desktop\Benodigdheden kopen - HP Photosmart Plus B210 series.lnk - C:\Program Files (x86)\HP\HP Photosmart Plus B210 series\Bin\hpqDTSS.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe

C:\Users\Public\Desktop\HP Photosmart Plus B210 series.lnk - C:\Program Files (x86)\HP\HP Photosmart Plus B210 series\Bin\HP Photosmart Plus B210 series.exe -Start UDCDevicePage

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe QVO6

C:\Users\Public\Desktop\Start Menu 8.lnk - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe

C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2013.lnk - C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Start Menu 8.lnk - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Verwijder Start Menu 8.lnk - C:\Program Files (x86)\IObit\Start Menu 8\unins000.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe QVO6

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Libraries

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe QVO6

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\5emop8zj.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 30/09/2013 at 18:14:31,45 ======================

[juisterr]

een goede opruiming, hoe gaat het met je problemen?

[Nielsken]

Perfect.

Helemaal verdwenen.

Bedankt.

[juisterr]

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.