Ga naar inhoud

besmetting.

zubrrr
 Delen

Aanbevolen berichten

kape Grootmeester

kape

Geplaatst:
Geplaatst:

Je start de PC op in "veilige" modus via constant tokkelen op de F8-toets. Dan kies je daar voor de "veilige modus met netwerkverbinding". Dan krijg je een iets andere omgeving, waarbij de rode snelkoppeling van Combofix al op je bureaublad zou moeten staan. Daar op klikken ... en programma zou moeten starten.

Link naar reactie
Delen op andere sites
  • Reacties 54
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Geplaatste afbeeldingen

Asus Grootmeester

Asus

Geplaatst:
Geplaatst:

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

Het is de bedoeling dat je het programma (Combofix) op je bureaublad opslaat, zie deze info.

Hoe je Windows XP in veilige modus opstart kan je hier bekijken...na het opstarten in veilige modus kan je dan Combofix uitvoeren van op je bureaublad.

Link naar reactie
Delen op andere sites
zubrrr Ervaren

zubrrr

Geplaatst:
  • Auteur
Geplaatst:

Bij het uitvoeren van combofix had ik gisteren enkel de snelkoppeling op mijn bureaublad.Dank zij Asus zijn info heb ik nu het programma(en niet de snelkoppeling) op mijn bureaublad.Ik ga hem eerst nog eens laten lopen via de gewone weg.Dan kan ik Avg uitschakelen.Als het te lang duurt zal ik het uitvoeren via veilige modus met avg op de achtergrond.Zo goed Kape en Asus ?

Link naar reactie
Delen op andere sites
zubrrr Ervaren

zubrrr

Geplaatst:
  • Auteur
Geplaatst:

Nus is hij waar hij gisteren bleef staan.Het knipperlichtje onder: verwijderen van mappen:

C:\WINDOWS\system32\Cache doet het.Maar ik vrees er weer voor dat hij niks zal verder geven.Het is toch niet normaal dat hij daar zolang overdoet.

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Stop er dan maar mee ... dan is er duidelijk geen verschil tussen de normale en veilige modus.

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

Klik op de knop "Options" en vink nu de onderstaande opties aan.



    • Running processes
    • Recently Created
    • Startup Information
    • Installed Programs
    • HijackThis Log
    • Firefox Look
    • Chrome Look
    • System Specs
    • Silent Runners
    • Firefox Defaults
    • Reset Chrome
    • Reset IE proxy
    • Empty Temp Folders
    • System Restore Point
    • System Restore Info
    • Reset System Restore
    • Shortcut Fix
    • IE Defaults
    • Reset Hosts
    • Auto Clean

    [*] Klik daarna op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites
zubrrr Ervaren

zubrrr

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

Hier het logje :

Zoek.exe Version 4.0.0.2 Updated 31-03-2013

Tool run by Acer on wo 03/04/2013 at 21:35:03,10.

Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

3/04/2013 21:35:57 System Restore is disabled.

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\acer\Acer eConsole\MediaServerService.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Program Files\Acer\Acer eMode Management\AspireService.exe

C:\Program Files\Acer\Acer eConsole\MediaSync.exe

C:\Program Files\Microsoft IntelliType Pro\type32.exe

C:\Program Files\Microsoft IntelliPoint\point32.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTW10.exe

C:\Documents and Settings\Acer\Bureaublad\zoek.exe

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Acer eConsole

Acer eMode Management

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI - Nederlands

Adobe Shockwave Player 12.0

AVG 2012

Basissoftware voor HP Officejet 6500 E710n-z

Beveiligingsupdate voor Windows Internet Explorer 7 (KB2183461)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB2360131)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB2416400)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB2482017)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB2497640)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127-v2)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2792100)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2797052)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)

Beveiligingsupdate voor Windows XP (KB2544893-v2)

Beveiligingsupdate voor Windows XP (KB2584146)

Beveiligingsupdate voor Windows XP (KB2585542)

Beveiligingsupdate voor Windows XP (KB2598479)

Beveiligingsupdate voor Windows XP (KB2603381)

Beveiligingsupdate voor Windows XP (KB2618451)

Beveiligingsupdate voor Windows XP (KB2619339)

Beveiligingsupdate voor Windows XP (KB2620712)

Beveiligingsupdate voor Windows XP (KB2621440)

Beveiligingsupdate voor Windows XP (KB2624667)

Beveiligingsupdate voor Windows XP (KB2631813)

Beveiligingsupdate voor Windows XP (KB2633171)

Beveiligingsupdate voor Windows XP (KB2639417)

Beveiligingsupdate voor Windows XP (KB2641653)

Beveiligingsupdate voor Windows XP (KB2646524)

Beveiligingsupdate voor Windows XP (KB2647518)

Beveiligingsupdate voor Windows XP (KB2653956)

Beveiligingsupdate voor Windows XP (KB2655992)

Beveiligingsupdate voor Windows XP (KB2659262)

Beveiligingsupdate voor Windows XP (KB2660465)

Beveiligingsupdate voor Windows XP (KB2661637)

Beveiligingsupdate voor Windows XP (KB2676562)

Beveiligingsupdate voor Windows XP (KB2686509)

Beveiligingsupdate voor Windows XP (KB2691442)

Beveiligingsupdate voor Windows XP (KB2695962)

Beveiligingsupdate voor Windows XP (KB2698365)

Beveiligingsupdate voor Windows XP (KB2705219)

Beveiligingsupdate voor Windows XP (KB2707511)

Beveiligingsupdate voor Windows XP (KB2712808)

Beveiligingsupdate voor Windows XP (KB2719985)

Beveiligingsupdate voor Windows XP (KB2723135)

Beveiligingsupdate voor Windows XP (KB2724197)

Beveiligingsupdate voor Windows XP (KB2727528)

Beveiligingsupdate voor Windows XP (KB2731847)

Beveiligingsupdate voor Windows XP (KB2753842-v2)

Beveiligingsupdate voor Windows XP (KB2753842)

Beveiligingsupdate voor Windows XP (KB2757638)

Beveiligingsupdate voor Windows XP (KB2758857)

Beveiligingsupdate voor Windows XP (KB2770660)

Beveiligingsupdate voor Windows XP (KB2778344)

Beveiligingsupdate voor Windows XP (KB2779030)

Beveiligingsupdate voor Windows XP (KB2780091)

Beveiligingsupdate voor Windows XP (KB2799494)

Beveiligingsupdate voor Windows XP (KB2802968)

C-Media WDM Audio Driver

CCleaner

Compatibility Pack for the 2007 Office system

Google Earth Plug-in

Google Update Helper

Google Updater

Hewlett-Packard ACLM.NET v1.1.0.0

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix voor Windows XP (KB2633952)

Hotfix voor Windows XP (KB2779562)

HP Deskjet 3740

HP Officejet 6500 E710n-z Haelp

HP Photo Creations

HP Product Detection

HP Update

HPDiagnosticAlert

I.R.I.S. OCR

Java 7 Update 17

Java Auto Updater

Junk Mail filter update

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Dutch Language Pack

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Language Pack - NLD

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft IntelliPoint 5.2

Microsoft IntelliType Pro 5.2

Microsoft Office Excel Viewer

Microsoft Office Word Viewer 2003

Microsoft PowerPoint Viewer

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 20.0 (x86 nl)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

OpenOffice.org 3.0

Photo Notifier and Animation Creator

PowerDVD

Productverbeteringonderzoek HP Officejet 6500 E710n-z

Realtek AC'97 Audio

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Segoe UI

swMSM

TuneUp Utilities Language Pack (nl-NL)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update voor Windows Internet Explorer 8 (KB2447568)

Update voor Windows XP (KB2641690)

Update voor Windows XP (KB2661254-v2)

Update voor Windows XP (KB2718704)

Update voor Windows XP (KB2736233)

Update voor Windows XP (KB2749655)

WebFldrs XP

Windows Back-up

Windows Internet Explorer 8

Windows Live - Hulpprogramma voor uploaden

Windows Live aanmeldhulp

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sync

Windows Live Writer

Windows Media Format 11 runtime

Windows Media Player 11

Windows Media Player Firefox Plugin

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\Acer\Application Data\Mozilla\Firefox\Profiles\gchpwlkh.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.be/");

Added to C:\Documents and Settings\Acer\Application Data\Mozilla\Firefox\Profiles\gchpwlkh.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Acer\Application Data\Mozilla\Firefox\Profiles\d2jv0uea.default-1363634868609\prefs.js:

user_pref("browser.startup.homepage", "google");

Added to C:\Documents and Settings\Acer\Application Data\Mozilla\Firefox\Profiles\d2jv0uea.default-1363634868609\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Administrator.ACER-T135\Application Data\Mozilla\Firefox\Profiles\wkem4uvd.default\prefs.js:

Added to C:\Documents and Settings\Administrator.ACER-T135\Application Data\Mozilla\Firefox\Profiles\wkem4uvd.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

"C:\FOUND.000" deleted

"C:\FOUND.001" deleted

"C:\FOUND.002" deleted

"C:\FOUND.003" deleted

"C:\FOUND.004" deleted

"C:\FOUND.005" deleted

"C:\FOUND.009" deleted

"C:\FOUND.010" deleted

"C:\FOUND.011" deleted

"C:\FOUND.006" deleted

"C:\FOUND.007" deleted

"C:\FOUND.008" deleted

"C:\FOUND.012" deleted

"C:\FOUND.013" deleted

"C:\FOUND.014" deleted

"C:\FOUND.015" deleted

"C:\FOUND.016" deleted

"C:\FOUND.017" deleted

"C:\FOUND.018" deleted

==== System Specs ======================

Windows: Windows XP Home Edition Service Pack 3 (Build 2600)

Internet Explorer: 8.0.6001.18702

Memory (RAM): 448 MB

CPU Info: AMD Sempron Processor 3000+

CPU Speed: 1770,4 MHz

Sound Card: Realtek AC97 Audio |

Display Adapters: VIA/S3G UniChrome Pro IGP | NetMeeting driver | RDPDD Chained DD

Monitors: 1x; Plug en Play-monitor |

Screen Resolution: 1280 X 768 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8139/810x Family Fast Ethernet NIC - Pakketplanner-minipoort

CD / DVD Drives: 1x (E: | ) E: ASUS DRW-1814BLT

Ports: COM1 | COM2 LPT1

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C: 58,6GB | D: 220,9GB

Hard Disks - Free: C: 42,5GB | D: 220,8GB

Manufacturer *: Award Software International, Inc.

BIOS Info: AT/AT COMPATIBLE | 08/30/05 | VIAK8 - 42302e31

Time Zone: Romance (standaardtijd)

Motherboard *: Acer K8VM800MAE

Sun Java version: 1.7.0_17

Country: België

Language: NLB

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-04-02 18:17:00 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe

2013-04-02 18:17:00 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe

2013-04-02 18:17:00 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe

2013-04-02 18:17:00 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe

2013-04-02 18:17:00 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe

====== C:\DOCUME~1\Acer\LOCALS~1\Temp ====

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-04-02 17:40:09 -------- d-----w- C:\Program Files\Trend Micro

======= C: =====

====== C:\Documents and Settings\Acer\Application Data ======

====== C:\Documents and Settings\Acer ======

2013-04-01 19:46:26 -------- d--h--r- C:\Documents and Settings\Acer\Onlangs geopend

====== C: exe-files ==

2013-04-02 18:17:00 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe

2013-04-02 18:17:00 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe

2013-04-02 18:17:00 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe

2013-04-02 18:17:00 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe

2013-04-02 18:17:00 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe

=== C: other files ==

2013-04-02 18:19:52 44D449FFD271A20B8D12326CA6D8E0DD 7564 ----a-w- C:\Qoobox\BackEnv\SetPath.bat

======== System Restore Points ========

No Restore Point in System.

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-3339670028-2350408140-161039472-1006\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"="VTTimer.exe"

"VTTrayp"="VTtrayp.exe"

"AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe"

"MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe"

"type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe"

"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe"

"SoundMan"="SOUNDMAN.EXE"

"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe"

"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"

"AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe"

"Google Updater"="C:\Program Files\Google\Google Updater\GoogleUpdater.exe -systray -startup"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMJPMIG8.1]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="IMJPMIG8.1"

"hkey"="HKLM"

"command"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSPY2002]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MSPY2002"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002A]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PHIME2002A"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002ASync]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="PHIME2002ASync"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [17/09/2011 10:49]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ [undertermined Task]

C:\WINDOWS\tasks\At2.job --a------ C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [16/11/2010 21:12]

C:\WINDOWS\tasks\At3.job --a------ C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [16/11/2010 21:12]

C:\WINDOWS\tasks\At4.job --a------ C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [16/11/2010 21:12]

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/03/2013 07:59]

C:\WINDOWS\tasks\Google Software Updater.job --a------ C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [12/08/2012 16:31]

C:\WINDOWS\tasks\User_Feed_Synchronization-{F3CD9E55-B75F-4790-BE71-4F93270E41F8}.job --ah----- [undertermined Task]

C:\WINDOWS\tasks\At1.job --a------ C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [16/11/2010 21:12]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Acer\Application Data\Mozilla\Firefox\Profiles\gchpwlkh.default

- Undetermined - C:\Program Files\Web Assistant\Firefox

- AVG Do Not Track - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack

- Undetermined - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\11.1.0.7

- Undetermined - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- TimeLineRemove.Com - %ProfilePath%\extensions\jid0-YxzrUsJ0WOiOaU89TngAzLcIs18@jetpack

ProfilePath: C:\Documents and Settings\Administrator.ACER-T135\Application Data\Mozilla\Firefox\Profiles\wkem4uvd.default

- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

- Undetermined - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Acer\Application Data\Mozilla\Firefox\Profiles\gchpwlkh.default

D4BD9F86123C87ECA570418B69326F99 - C:\WINDOWS\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2

21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

6C403C77C8657F7F6A4F88106BCD5440 - C:\Program Files\NOS\bin\np_gp.dll - getPlusPlus for Adobe 16291

1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery

AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

Profilepath: C:\Documents and Settings\Acer\Application Data\Mozilla\Firefox\Profiles\d2jv0uea.default-1363634868609

47299371607DC2FB234444EEACB1639E - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash

05C4A7136F3012BB47107333B5D351D3 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U17

D4BD9F86123C87ECA570418B69326F99 - C:\WINDOWS\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.170.2

E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

546A28FBC44B984FD92530227BF6F5C2 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director

E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update

21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

EA768A823B0DE8D2B3FFF8E38F4AFF50 - C:\Program Files\Google\Google Updater\2.4.1808.5272\npCIDetect14.dll - Google Updater

9013599B12923A45C029C34E8D2211AC - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In

6C403C77C8657F7F6A4F88106BCD5440 - C:\Program Files\NOS\bin\np_gp.dll - getPlusPlus for Adobe 16291

1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery

AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

BF2AD333C79072EEBE5AE0D72670E64E - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

ndibdjnfmopecpmkdieinmbadjfpblof - C:\Documents and Settings\All Users\Application Data\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{10B6074D-C44A-4E57-83BB-38ECC8DC4F4D} AVG Secure Search Url="http://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=us&nt=1"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== shortcuts on Users Desktops ======================

C:\Documents and Settings\Acer\Bureaublad\HiJackThis.lnk - C:\Documents and Settings\Acer\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts on All Users Desktop ======================

C:\Documents and Settings\All Users\Bureaublad\AVG 2012.lnk - C:\Program Files\AVG\AVG2012\avgui.exe

==== shortcuts in Users Start Menu ======================

C:\Documents and Settings\Acer\Menu Start\Programma's\HiJackThis\HiJackThis.lnk - C:\Documents and Settings\Acer\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts in All Users Start Menu ======================

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Rekenmachine.lnk - C:\WINDOWS\system32\calc.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Paint.lnk - C:\WINDOWS\system32\mspaint.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Entertainment\Volumeregeling.lnk - C:\WINDOWS\system32\sndvol32.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.10411.0\Silverlight.Configuration.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\AVG\AVG 2012.lnk - C:\Program Files\AVG\AVG2012\avgui.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Google Earth\Uninstall Google Earth Plug-in.lnk - C:\WINDOWS\system32\msiexec.exe /x {34B32B70-8081-11E2-89AF-B8AC6F98CCE3} FEEDBACK=1

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyOverride"="<local>"

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

==== HijackThis Entries ======================

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [LaunchApp] Alaunch

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe

O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe

O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -systray -startup

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1342849095500

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342849076812

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE

==== Silent Runners ======================

"Silent Runners.vbs", revision 69, Silent Runners - Adware? Disinfect, don't reformat!

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe [MS]

msnmsgr = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

LaunchApp = Alaunch [Acer Inc.]

VTTimer = VTTimer.exe [s3 Graphics, Inc.]

VTTrayp = VTtrayp.exe [s3 Graphics Co., Ltd.]

AspireService = C:\Program Files\Acer\Acer eMode Management\AspireService.exe [Acer Inc.]

MediaSync = C:\Program Files\Acer\Acer eConsole\MediaSync.exe [Acer Inc.]

type32 = "C:\Program Files\Microsoft IntelliType Pro\type32.exe" [MS]

IntelliPoint = "C:\Program Files\Microsoft IntelliPoint\point32.exe" [MS]

SoundMan = SOUNDMAN.EXE [Realtek Semiconductor Corp.]

RemoteControl = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [Cyberlink Corp.]

HPDJ Taskbar Utility = C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [HP]

HP Component Manager = "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [Hewlett-Packard Company]

HP Software Update = C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [Hewlett-Packard]

AVG_TRAY = "C:\Program Files\AVG\AVG2012\avgtray.exe" [AVG Technologies CZ, s.r.o.]

Google Updater = "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -systray -startup [Google]

Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated]

SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [sun Microsystems, Inc.]

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\

>{26923b43-4d38-484f-9b9e-de460746276c}\(Default) = Internet Explorer

\StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [MS]

>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}\(Default) = Outlook Express

\StubPath = C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE [MS]

{8b15971b-5355-4c82-8c07-7e181ea07608}\(Default) = Fax

\StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.UnInstall.PerUser [MS]

{94de52c8-2d59-4f1b-883e-79663d2d9a8c}\(Default) = Fax Provider

\StubPath = rundll32.exe C:\WINDOWS\system32\Setup\FxsOcm.dll,XP_UninstallProvider [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub

-> {HKLM…CLSID} = Adobe PDF Link Helper

\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated]

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\(Default) = WormRadar.com IESiteBlocker.NavFilter

-> {HKLM…CLSID} = AVG Safe Search

\InProcServer32\(Default) = C:\Program Files\AVG\AVG2012\avgssie.dll [AVG Technologies CZ, s.r.o.]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

-> {HKLM…CLSID} = Java Plug-In SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\ssv.dll [Oracle Corporation]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)

-> {HKLM…CLSID} = Windows Live Aanmelden - Help

\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)

-> {HKLM…CLSID} = Google Toolbar Notifier BHO

\InProcServer32\(Default) = C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll [Google Inc.]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)

-> {HKLM…CLSID} = Java Plug-In 2 SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{88895560-9AA2-1069-930E-00AA0030EBC8} = HyperTerminal-pictogramuitbreiding

-> {HKLM…CLSID} = HyperTerminal Icon Ext

\InProcServer32\(Default) = C:\WINDOWS\system32\hticons.dll [Hilgraeve, Inc.]

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = OpenOffice.org Column Handler

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" [sun Microsystems, Inc.]

{087B3AE3-E237-4467-B8DB-5A38AB959AC9} = OpenOffice.org Infotip Handler

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" [sun Microsystems, Inc.]

{63542C48-9552-494A-84F7-73AA6A7C99C1} = OpenOffice.org Property Sheet Handler

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" [sun Microsystems, Inc.]

{3B092F0C-7696-40E3-A80F-68D74DA84210} = OpenOffice.org Thumbnail Viewer

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" [sun Microsystems, Inc.]

{97FA8AA2-EE77-4FF2-9449-424D8924EF21} = IntelliType Pro Zooming Control Panel Property Page

-> {HKLM…CLSID} = IntelliType Pro Zooming Property Page

\InProcServer32\(Default) = "C:\Program Files\Microsoft IntelliType Pro\itcplzm.dll" [MS]

{111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} = IntelliType Pro Scrolling Control Panel Property Page

-> {HKLM…CLSID} = IntelliType Pro Scrolling Property Page

\InProcServer32\(Default) = "C:\Program Files\Microsoft IntelliType Pro\itcplwhl.dll" [MS]

{ED6E87C6-8A83-43aa-8208-8DBC8247F4D2} = IntelliType Pro Key Settings Control Panel Property Page

-> {HKLM…CLSID} = IntelliType Pro Key Settings Property Page

\InProcServer32\(Default) = "C:\Program Files\Microsoft IntelliType Pro\itcplkey.dll" [MS]

{A2569D1F-4E06-43EC-9825-0088B471BE47} = IntelliType Pro Wireless Control Panel Property Page

-> {HKLM…CLSID} = IntelliType Pro Wireless Control Panel Property Page

\InProcServer32\(Default) = "C:\Program Files\Microsoft IntelliType Pro\itcplwir.dll" [MS]

{20082881-FC36-4E47-9A7A-644C95FF749F} = IntelliPoint Wireless Control Panel Property Page

-> {HKLM…CLSID} = Wireless Property Page

\InProcServer32\(Default) = "C:\Program Files\Microsoft IntelliPoint\ipcplwir.dll" [MS]

{AF90F543-6A3A-4C1B-8B16-ECEC073E69BE} = IntelliPoint Wheel Control Panel Property Page

-> {HKLM…CLSID} = Wheel Property Page

\InProcServer32\(Default) = "C:\Program Files\Microsoft IntelliPoint\ipcplwhl.dll" [MS]

{653DCCC2-13DB-45B2-A389-427885776CFE} = IntelliPoint Activities Control Panel Property Page

-> {HKLM…CLSID} = Activities Property Page

\InProcServer32\(Default) = "C:\Program Files\Microsoft IntelliPoint\ipcplact.dll" [MS]

{124597D8-850A-41AE-849C-017A4FA99CA2} = IntelliPoint Buttons Control Panel Property Page

-> {HKLM…CLSID} = Buttons Property Page

\InProcServer32\(Default) = "C:\Program Files\Microsoft IntelliPoint\ipcplbtn.dll" [MS]

{0563DB41-F538-4B37-A92D-4659049B7766} = WLMD Message Handler

-> {HKLM…CLSID} = CLSID_WLMCMimeFilter

\InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\MI1933~1\OFFICE11\msohev.dll [MS]

{00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided)

-> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim

-> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim

-> {HKLM…CLSID} = Windows Live Photo Gallery Editor Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim

-> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler

-> {HKLM…CLSID} = Microsoft Office Metadata Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler

-> {HKLM…CLSID} = Microsoft Office Thumbnail Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = AVG Shell Extension

-> {HKLM…CLSID} = AVG Shell Extension Class

\InProcServer32\(Default) = C:\Program Files\AVG\AVG2012\avgse.dll [AVG Technologies CZ, s.r.o.]

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\

<<!>> BootExecute = autocheck autochk *|C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart [AVG Technologies CZ, s.r.o.]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> cetihpz\CLSID = {CF184AD3-CDCB-4168-A3F7-8E447D129300}

-> {HKLM…CLSID} = CZipHandler Object

\InProcServer32\(Default) = C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll [Hewlett-Packard Company]

<<!>> linkscanner\CLSID = {F274614C-63F8-47D5-A4D1-FBDDE494F8D1}

-> {HKLM…CLSID} = XPLPPFilter Class

\InProcServer32\(Default) = C:\Program Files\AVG\AVG2012\avgpp.dll [AVG Technologies CZ, s.r.o.]

<<!>> livecall\CLSID = {828030A1-22C1-4009-854F-8E305202313F}

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL [MS]

<<!>> msnim\CLSID = {828030A1-22C1-4009-854F-8E305202313F}

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL [MS]

<<!>> wlmailhtml\CLSID = {03C514A3-1EFB-4856-9F99-10D7BE1653C0}

-> {HKLM…CLSID} = Windows Live Mail HTML Asynchronous Pluggable Protocol Handler

\InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

AVG Shell Extension\(Default) = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}

-> {HKLM…CLSID} = AVG Shell Extension Class

\InProcServer32\(Default) = C:\Program Files\AVG\AVG2012\avgse.dll [AVG Technologies CZ, s.r.o.]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = OpenOffice.org Column Handler

-> {HKLM…CLSID} = (no title provided)

\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll" [sun Microsystems, Inc.]

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info

-> {HKLM…CLSID} = PDF Shell Extension

\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

AVG Shell Extension\(Default) = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3}

-> {HKLM…CLSID} = AVG Shell Extension Class

\InProcServer32\(Default) = C:\Program Files\AVG\AVG2012\avgse.dll [AVG Technologies CZ, s.r.o.]

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\

SaveZoneInformation = (REG_DWORD) dword:0x00000001

{User Configuration|Administrative Templates|Windows Components|Attachment Manager|

Do not preserve zone information in file attachments}

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

disableregistrytools = (REG_DWORD) dword:0x00000000

{User Configuration|Administrative Templates|System|

Prevent access to registry editing tools}

HKCU\Software\Policies\Microsoft\Windows\System\

disablecmd = (REG_DWORD) dword:0x00000000

{User Configuration|Administrative Templates|System|

Disable the command prompt}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

DisableRegistryTools = (REG_DWORD) dword:0x00000000

{unrecognized setting}

Active Desktop and Wallpaper:

-----------------------------

Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

Wallpaper = C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

Wallpaper = C:\Documents and Settings\Acer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

Enabled Screen Saver:

---------------------

HKCU\Control Panel\Desktop\

SCRNSAVE.EXE = C:\WINDOWS\system32\logon.scr [MS]

Windows Portable Device AutoPlay Handlers

-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

MSLivePhotoAcqHWEventHandler\

Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10

ProgID = Microsoft.LivePhotoAcqHWEventHandler

HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqHWEventHandler\CLSID\(Default) = {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F}

-> {HKLM…CLSID} = (no title provided)

\LocalServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [MS]

MSLivePhotoAcquireDropHandler\

Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10

InvokeProgID = Microsoft.LivePhotoAcqDTShim.1

InvokeVerb = open

HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625}

-> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

MSLiveShowPicturesOnArrival\

Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10

InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1

InvokeVerb = open

HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7}

-> {HKLM…CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

MSLiveVideoCameraArrivalCaptureWizard\

Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10

ProgID = WLXAutoPlayMgr.WLXHWEventHandler

InitCmdLine = WLXVideoAcquireWizard

HKLM\SOFTWARE\Classes\WLXAutoPlayMgr.WLXHWEventHandler\CLSID\(Default) = {9B5C97F6-B3A5-4A6D-8B03-993EC7291A22}

-> {HKLM…CLSID} = WLXWEventHandler Class

\LocalServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe" [MS]

MSWPDShellNamespaceHandler\

Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501

CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}

InitCmdLine =

-> {HKLM…CLSID} = WPDShextAutoplay

\LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS]

PDVDPlayDVDMovieOnArrival\

Provider = PowerDVD

InvokeProgID = DVD

InvokeVerb = PlayWithPowerDVD

HKLM\SOFTWARE\Classes\DVD\shell\PlayWithPowerDVD\Command\(Default) = "C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" "%l" [CyberLink Corp.]

ShowBizCancelAutoPlay\

Provider =

ProgID = ShowBizCancelAutoPlay.CancelAutoPlay

HKLM\SOFTWARE\Classes\ShowBizCancelAutoPlay.CancelAutoPlay\CLSID\(Default) = {C730D06E-F984-421F-B71C-2E7144CFE10E}

-> {HKLM…CLSID} = ShowBiz Cancel AutoPlay

\LocalServer32\(Default) = CancelAutoPlay.exe [file not found]

Enabled Scheduled Tasks: {++}

------------------------

GoogleUpdateTaskMachineCore -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /c [Google Inc.]

GoogleUpdateTaskMachineUA -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]

At2 -> launches: C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe /UA 9.1 /DDV 0x0805" [Hewlett-Packard Co.]

At3 -> launches: C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe /UA 9.1 /DDV 0x0805" [Hewlett-Packard Co.]

At4 -> launches: C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe /UA 9.1 /DDV 0x0805" [Hewlett-Packard Co.]

Adobe Flash Player Updater -> launches: C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated]

Google Software Updater -> launches: C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe scheduled_start [Google]

User_Feed_Synchronization-{F3CD9E55-B75F-4790-BE71-4F93270E41F8} -> launches: C:\WINDOWS\system32\msfeedssync.exe sync [MS]

At1 -> launches: C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe /UA 9.1 /DDV 0x0805" [Hewlett-Packard Co.]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 09

%SystemRoot%\system32\rsvpsp.dll [MS], 10 - 11

Toolbars, Explorer Bars, Extensions:

------------------------------------

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\

{219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\

ButtonText = In weblog opnemen

MenuText = &In weblog opnemen met Windows Live Writer

CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC}

-> {HKLM…CLSID} = BlogThisToolbarButton Class

\InProcServer32\(Default) = C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [MS]

{E2E2DD38-D088-4134-82B7-F2BA38496583}\

MenuText = @xpsp3res.dll,-20001

Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

Acer Media Server, Acer Media Server, "C:\Program Files\acer\Acer eConsole\MediaServerService.exe" [Acer Inc.]

AVG WatchDog, avgwd, "C:\Program Files\AVG\AVG2012\avgwdsvc.exe" [AVG Technologies CZ, s.r.o.]

Java Quick Starter, JavaQuickStarterService, "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [Oracle Corporation]

Safe Mode Drivers & Services (subkey name, subkey default value):

-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\

<<!>> PEVSystemStart, Service

<<!>> procexp90.Sys, Driver

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> PEVSystemStart, Service

<<!>> procexp90.Sys, Driver

Print Monitors:

---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\

HP 5412 Status Monitor\Driver = hpinksts5412LM.dll [Hewlett-Packard Co.]

HP Discovery Port Monitor (HP Officejet 6500 E710n-z)\Driver = HPDiscoPM5412.dll [Hewlett-Packard Co.]

hpzsnt10\Driver = hpzsnt10.dll [HP]

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Acer\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Acer\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Acer\Local Settings\Application Data\Mozilla\Firefox\Profiles\d2jv0uea.default-1363634868609\Cache emptied successfully

C:\Documents and Settings\Administrator.ACER-T135\Local Settings\Application Data\Mozilla\Firefox\Profiles\wkem4uvd.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Acer\LOCALS~1\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Acer\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

aangepast door kape
dubbel log verwijderd
Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.