Ga naar inhoud

Item wil niet weg..


callofduty

Aanbevolen berichten

Download 51a612a8b27e2-Zoek.pngzoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm; 

Vink nu de onderstaande opties aan.

  • HijackThis Log
  • Firefox Look
  • Chrome Look
  • Reset Chrome
  • Shortcut Fix
  • IE Defaults

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.4 Updated 10-August-2013

Tool run by Thijmen on wo 14-08-2013 at 0:13:20,12.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Thijmen\Downloads\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

14-8-2013 0:15:40 Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-07-26 23:13:52 048948BD5B560F0DB1788D31DAA5CAA5 38848 ----a-w- C:\Windows\avastSS.scr

====== C:\Users\Thijmen\AppData\Local\Temp ====

2013-08-13 14:07:08 13A09BECABCE7CE7DE02D42D9C00A250 38456 ----a-w- C:\Users\Thijmen\AppData\Local\Temp\bitool.dll

2013-08-13 13:58:47 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\Thijmen\AppData\Local\Temp\uttE0E0.tmp.exe

2013-08-10 17:59:28 C2D1573136F7ECEE5E33194E1A9510C0 136192 ----a-w- C:\Users\Thijmen\AppData\Local\Temp\BunndleOfferManager.dll

====== C:\Windows\SysWOW64 =====

2013-08-04 15:53:28 81360ACBCA851F9FEE87E6BDC53E1289 692104 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-08-04 15:53:27 8C1348AB014241E4C92E12AC5B0C34FC 71048 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-08-04 16:31:26 ABC65537623EC3EA3E0429D52804AD94 1660 ----a-w- C:\Windows\Sysnative\ASOROSet.bin

2013-08-04 16:24:54 063772B2238FF16DF317D186E195829B 20312 ----a-w- C:\Windows\Sysnative\roboot64.exe

====== C:\Windows\Sysnative\drivers =====

2013-08-13 14:07:50 C9914A74045A6D23DB7252FA3985DE25 29696 ----a-w- C:\Windows\Sysnative\drivers\dtscsibus.sys

2013-07-26 23:14:16 E8184039D57365BEE3EAA750375C44AD 20048 ----a-w- C:\Windows\Sysnative\drivers\aswFsBlk.sys

2013-07-26 23:14:16 56BBD39753B9F7461C4DE03C3217249D 121936 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys

2013-07-26 23:14:13 DEE012D532C3F62CA099961505F41CF6 28752 ----a-w- C:\Windows\Sysnative\drivers\aswRdr.sys

2013-07-26 23:14:08 193691B35598642A328D880483DC0ED9 51280 ----a-w- C:\Windows\Sysnative\drivers\aswTdi.sys

2013-07-26 23:14:04 C671E9548D3D1B4CD15D0B164D9D01C7 61008 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys

====== C:\Windows\Tasks ======

2013-08-04 15:53:29 E4A4C9B330D031E06AEB113A4B4BF7BB 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-08-04 15:53:29 B233A2EC5EFAA46F6D61DD1C42CADFCE 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater

2013-07-25 00:35:49 9B7DD89F133CA1BD9830886D99F9EC12 3230 ----a-w- C:\Windows\Sysnative\Tasks\SidebarExecute

2013-07-17 22:56:31 -------- d-----w- C:\Windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-07-24 22:40:23 -------- d-----w- C:\Program Files\Microsoft Silverlight

2013-07-17 22:55:12 -------- d-----w- C:\Program Files\Microsoft Office

======= C:\Program Files (x86) =====

2013-08-13 14:28:51 -------- d-----w- C:\Program Files (x86)\Environment Simulating Studio

2013-08-13 14:07:35 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Ultra

2013-08-13 13:58:55 -------- d-----w- C:\Program Files (x86)\SearchProtect

2013-08-10 20:21:18 -------- d-----w- C:\Program Files (x86)\Twitter

2013-08-06 11:54:44 -------- d-----w- C:\Program Files (x86)\R.G. Mechanics

2013-07-31 17:28:25 -------- d-----w- C:\Program Files (x86)\Adobe

2013-07-27 22:38:42 -------- d-----w- C:\Program Files (x86)\R.G. Catalyst

2013-07-27 16:18:20 -------- d-----w- C:\Program Files (x86)\Foxit Software

2013-07-27 16:14:07 -------- d-----w- C:\Program Files (x86)\GOG.com

2013-07-25 00:51:16 -------- d-----w- C:\Program Files (x86)\Common Files\Adobe

2013-07-24 22:40:23 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight

2013-07-17 22:58:26 -------- d-----w- C:\Program Files (x86)\Common Files\DESIGNER

2013-07-17 22:54:58 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2013-07-17 22:53:51 -------- d-----w- C:\Program Files (x86)\Microsoft Office

======= C: =====

====== C:\Users\Thijmen\AppData\Roaming ======

2013-08-13 14:07:42 -------- d-----w- C:\users\Thijmen\AppData\Roaming\DAEMON Tools Ultra

2013-08-13 13:58:55 -------- d-----w- C:\users\Thijmen\AppData\Local\SearchProtect

2013-08-10 20:21:24 -------- d-----w- C:\users\Thijmen\AppData\Local\twitter

2013-08-10 20:21:19 -------- d-----w- C:\users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck

2013-08-04 16:24:56 -------- d-----w- C:\users\Thijmen\AppData\Roaming\Systweak

2013-07-31 17:29:27 -------- d-----w- C:\users\Thijmen\AppData\Locallow\Adobe

2013-07-31 17:27:44 -------- d-----w- C:\users\Thijmen\AppData\Local\Adobe

2013-07-27 16:05:45 -------- d-----w- C:\users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-07-26 18:13:14 -------- d-----w- C:\users\Thijmen\AppData\Roaming\Leadertech

2013-07-26 14:31:34 -------- d-----w- C:\users\Thijmen\AppData\Roaming\DAEMON Tools Pro

2013-07-26 14:29:01 -------- d-----w- C:\users\Thijmen\AppData\Roaming\Atari

2013-07-25 16:03:33 -------- d-----w- C:\users\Thijmen\AppData\Roaming\Publish Providers

2013-07-25 14:07:20 -------- d-----w- C:\users\Default\AppData\Local\Microsoft Help

2013-07-25 14:07:20 -------- d-----w- C:\users\Default User\AppData\Local\Microsoft Help

2013-07-25 12:56:27 -------- d-----w- C:\users\Thijmen\AppData\Local\Programs

2013-07-25 00:59:46 -------- d-----w- C:\users\Thijmen\AppData\Local\ElevatedDiagnostics

2013-07-25 00:35:15 -------- d-----w- C:\users\Thijmen\AppData\Roaming\TuneUp Software

2013-07-25 00:30:22 -------- d-----w- C:\users\Thijmen\AppData\Local\MFAData

2013-07-24 21:47:17 -------- d-----w- C:\users\Thijmen\AppData\Roaming\uTorrent

2013-07-17 23:02:13 -------- d-----w- C:\users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2013-07-17 22:56:03 FEF5C779D0B44382EF8F073BA0BBF7BB 37329920 ------w- C:\users\Thijmen\AppData\Local\Microsoft Office 2010 Toolkit.exe

2013-07-17 22:53:57 -------- d-----w- C:\users\Thijmen\AppData\Local\Microsoft Help

====== C:\Users\Thijmen ======

2013-08-13 14:29:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Environment Dimension

2013-08-13 14:07:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra

2013-08-13 14:07:07 -------- d-----w- C:\ProgramData\DAEMON Tools Ultra

2013-08-13 13:58:09 AB11A6A7E1C011AD19BF674A01ACC2D5 1130576 ----a-w- C:\Users\Thijmen\Downloads\utorrent (1).exe

2013-08-04 16:24:09 0A8655152C01512CB7DD9B8C35F229A1 4327208 ----a-w- C:\Users\Thijmen\Downloads\rcpsetupst_RC1_NL_L_2.exe

2013-07-31 17:28:12 -------- d-----w- C:\ProgramData\Adobe

2013-07-27 16:05:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2013-07-26 23:14:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

2013-07-26 14:31:10 -------- d-----w- C:\ProgramData\DAEMON Tools Pro

2013-07-25 00:30:22 -------- d--h--w- C:\ProgramData\Common Files

2013-07-25 00:30:22 -------- d-----w- C:\ProgramData\MFAData

2013-07-24 22:40:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2013-07-17 23:00:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2013-07-17 22:53:48 -------- d-----w- C:\ProgramData\Microsoft Help

====== C: exe-files ==

2013-08-13 14:28:51 E16D40886FCF9483F1518CB60A84A590 729077 ----a-w- C:\Program Files (x86)\Environment Simulating Studio\unins000.exe

2013-08-13 14:28:36 400D33BBC67279B5D2FF354D150C570E 102877831 ----a-w- C:\Users\Thijmen\AppData\Local\Temp\Rar$EXa0.830\ETS 2 Real Environment Dimension\redexpert10s_ess2013.exe

2013-08-13 14:08:18 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Thijmen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJO0OG8A\LyricsPal_1060-8101_v122[1].exe

2013-08-13 14:07:50 28D49571D57A84108F156A2BC082E326 54400 ----a-w- C:\Program Files (x86)\DAEMON Tools Ultra\dtinst.exe

2013-08-13 14:07:12 9B62C7540BFC4A4A68B2D7A20EE13AF5 141216 ----a-w- C:\Users\Thijmen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4HJJJ5JK\bi_downloader[1].exe

2013-08-13 13:58:51 79ED2E6E1C8C12BB84EE421E4933C054 5522864 ----a-w- C:\Users\Thijmen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4HJJJ5JK\SPSetup[1].exe

2013-08-13 13:58:49 80AF7980A7E0EE4345112F5AF92CF587 66992 ----a-w- C:\Users\Thijmen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WGHL668A\spstub[1].exe

2013-08-13 13:58:47 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Users\Thijmen\AppData\Local\Temp\uttE0E0.tmp.exe

2013-08-13 13:58:46 AB11A6A7E1C011AD19BF674A01ACC2D5 1130576 ----a-w- C:\Users\Thijmen\AppData\Roaming\uTorrent\uTorrent.exe

2013-08-13 13:58:15 AB11A6A7E1C011AD19BF674A01ACC2D5 1130576 ----a-w- C:\Users\Thijmen\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe

2013-08-13 13:58:09 AB11A6A7E1C011AD19BF674A01ACC2D5 1130576 ----a-w- C:\Users\Thijmen\Downloads\utorrent (1).exe

2013-08-10 20:21:19 0750A548878A1148C51F7AF44CB501AF 822264 ----a-r- C:\Users\Thijmen\AppData\Roaming\Microsoft\Installer\{E2031233-3B7C-4DFC-9319-197626C011C3}\TweetDeck.exe

2013-08-10 17:59:21 AFD35A63D83113781E1D1585E1774B3C 1130576 ----a-w- C:\Users\Thijmen\AppData\Roaming\uTorrent\updates\3.3.1_29988.exe

=== C: other files ==

2013-08-13 14:07:50 C9914A74045A6D23DB7252FA3985DE25 29696 ----a-w- C:\Windows\System32\drivers\dtscsibus.sys

2013-08-13 14:07:50 C9914A74045A6D23DB7252FA3985DE25 29696 ----a-w- C:\Program Files (x86)\DAEMON Tools Ultra\dtscsibus.sys

2013-08-10 17:58:36 98DEE5831823C9C5219511EB1ED9B098 103 ----a-w- C:\Users\Thijmen\AppData\Local\Temp\utt8096.tmp.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1608317268-975079482-870237345-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"avast5"="C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

==== Startup Folders ======================

2013-07-26 22:52:57 1684 ----a-w- C:\users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04-08-2013 17:53]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-07-2013 22:33]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04-07-2013 22:33]

==== Chrome Look ======================

Google Docs - Thijmen - Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Thijmen - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Thijmen - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Thijmen - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Gmail - Thijmen - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.conduit.com/?ctid=CT3310431&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPE05A476B-C3C5-436B-9236-EDA37F9300D8"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Conduit Search Url="http://search.conduit.com/Results.aspx?ctid=CT3310431&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPE05A476B-C3C5-436B-9236-EDA37F9300D8&q={SearchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

{F74EC606-4231-4658-BA59-2B6393FF11E0} Yahoo//nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=512435&p={searchTerms}"

==== Reset Google Chrome ======================

C:\users\Thijmen\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully

C:\users\Thijmen\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Thijmen\Desktop\µTorrent.lnk -

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\avast Free Antivirus.lnk -

C:\Users\Public\Desktop\DAEMON Tools Ultra.lnk - C:\Program Files (x86)\DAEMON Tools Ultra\DTLauncher.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

C:\Users\Public\Desktop\TeamViewer 8.lnk - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Mafia™.lnk -

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\RollerCoaster Tycoon® 3.lnk -

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk - C:\Users\Thijmen\AppData\Local\Temp\{D536DC46-4394-4318-B9D3-81A3E71FB16E}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe /remind /language=NLD /PRNM="RollerCoaster Tycoon 3"/PRMP="RCT3"/SKUN="PCXX"/GTYP="STRY"

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TweetDeck\TweetDeck.lnk - C:\Users\Thijmen\AppData\Roaming\Microsoft\Installer\{E2031233-3B7C-4DFC-9319-197626C011C3}\TweetDeck.exe

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\Rar.txt

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm

C:\Users\Thijmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast Free Antivirus.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra\DAEMON Tools Ultra.lnk - C:\Program Files (x86)\DAEMON Tools Ultra\DTLauncher.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra\DTGadget.lnk - C:\Program Files (x86)\DAEMON Tools Ultra\DTUltra.gadget

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Access 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\accicons.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Excel 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft OneNote 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Outlook 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Publisher 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pubs.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Digital Certificate for VBA Projects.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\cagicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Language Preferences.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\misc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\msouc.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\oisicon.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office 2010 Tools\Office Anytime Upgrade.lnk - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Office Setup Controller\promo.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Environment Dimension\Uninstall Real Environment Dimension.lnk - C:\Program Files (x86)\Environment Simulating Studio\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\Rar.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotnet.lnk - C:\Program Files (x86)\Spotnet\Spotnet.exe

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\Thijmen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F3 - REG:win.ini: load=C:\Users\Thijmen\LOCALS~1\Temp\msaicuryf.pif

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Users\Thijmen\AppData\Local\Temp\{D536DC46-4394-4318-B9D3-81A3E71FB16E}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe

O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== EOF on wo 14-08-2013 at 0:20:29,71 ======================

Link naar reactie
Delen op andere sites

We gaan even in het register kijken voor een kleine aanpassing. Typ in het zoekvak bij Start de opdracht regedit. Dan komen we uit in het register. Speur daar via "zoeken" naar volgend bestand msaicuryf.pif. Vooraan in deze sleutel zal je ook "Load" als aanduiding vinden. Indien dit het geval is, laat dit even weten vóór we verder gaan met de behandeling.

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.