Kladblok opent bij opstarten.
- Status
Hierbij de resultaten van de zoekopdracht met Total commander.
Ik hoop dat er iets te vinden is.
Zoekopdracht(desktop.ini)
c:\Program Files (x86)\Acer\Registration\desktop.ini
c:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\60\BIN\DESKTOP.INI
c:\Program Files (x86)\Microsoft Office\OFFICE11\1043\DataServices\DESKTOP.INI
c:\Program Files (x86)\Microsoft Office\Office12\1043\DataServices\DESKTOP.INI
c:\Program Files (x86)\Windows Live\Mail\Stationery\Desktop.ini
c:\Users\Gebruiker\Music\Elvis-Presley-Albums\Elvis Presley - 2nd To None\desktop.ini
c:\Users\Gebruiker\Pictures\Whiskey\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ehome-reg-inf_31bf3856ad364e35_6.1.7600.16385_none_5121322bdca04800\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ehome-samplemedia_31bf3856ad364e35_6.1.7600.16385_none_b6b9b223710b3802\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-fontext_31bf3856ad364e35_6.1.7600.16385_none_fa7a8a2a0d4e51c5\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.1.7600.16385_none_9df540b5daee0822\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.7600.16385_none_add5a10aa4d614d5\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.7600.16385_none_d7db1bd6e26c8fb9\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-br-links-component_31bf3856ad364e35_6.1.7600.16385_none_f884207db70f2af5\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-es-links-component_31bf3856ad364e35_6.1.7600.16385_none_9bad6a6fe6cd2a9b\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-fr-links-component_31bf3856ad364e35_6.1.7600.16385_none_fdd5eb81e578b451\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-gb-links-component_31bf3856ad364e35_6.1.7600.16385_none_0c6f0acfe2258c98\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-in-links-component_31bf3856ad364e35_6.1.7600.16385_none_8524b6fd148c78d2\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-jp-links-component_31bf3856ad364e35_6.1.7600.16385_none_c4d0601d7a048c6b\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-kr-links-component_31bf3856ad364e35_6.1.7600.16385_none_047bef9cdf7ca004\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-pl-links-component_31bf3856ad364e35_6.1.7600.16385_none_501cbd860be777f1\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-ru-links-component_31bf3856ad364e35_6.1.7600.16385_none_eb4e5afbd781da48\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-au-component_31bf3856ad364e35_6.1.7600.16385_none_3474618675ef0765\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-br-component_31bf3856ad364e35_6.1.7600.16385_none_0fd974910466d9d9\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-ca-component_31bf3856ad364e35_6.1.7600.16385_none_f8af4ddae3bfcc7f\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-de-component_31bf3856ad364e35_6.1.7600.16385_none_4d5bfdc5c9c70eda\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-es-component_31bf3856ad364e35_6.1.7600.16385_none_73dcb25ee3bfcc7f\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-fr-component_31bf3856ad364e35_6.1.7600.16385_none_df9f5ff2afce5135\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-gb-component_31bf3856ad364e35_6.1.7600.16385_none_90a406812df29cfc\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-in-component_31bf3856ad364e35_6.1.7600.16385_none_5ab89b69752e8636\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-it-component_31bf3856ad364e35_6.1.7600.16385_none_0bd16b052df29cfc\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-jp-component_31bf3856ad364e35_6.1.7600.16385_none_1f07b0cb1d9f164f\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-kr-component_31bf3856ad364e35_6.1.7600.16385_none_e356c62cc60fa668\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-mx-component_31bf3856ad364e35_6.1.7600.16385_none_fc528b79548778dc\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-nl-component_31bf3856ad364e35_6.1.7600.16385_none_ce12671a4dd92927\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-pl-component_31bf3856ad364e35_6.1.7600.16385_none_35f55ccb238ce4d5\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-ru-component_31bf3856ad364e35_6.1.7600.16385_none_a77d89e58e66c2ac\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-tr-component_31bf3856ad364e35_6.1.7600.16385_none_b6d417c887b872f7\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-us-component_31bf3856ad364e35_6.1.7600.16385_none_b2f45fe5915da9ef\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-za-component_31bf3856ad364e35_6.1.7600.16385_none_a361574c7d52bad0\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-us-links-component_31bf3856ad364e35_6.1.7600.16385_none_b0f49680a073500b\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-musicsamples_31bf3856ad364e35_6.1.7600.16385_none_06495209cbd8e93b\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-photosamples_31bf3856ad364e35_6.1.7600.16385_none_f36e0e659b8042be\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ringtonesamples_31bf3856ad364e35_6.1.7600.16385_none_135e536ebbe59c28\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..allpaper-characters_31bf3856ad364e35_6.1.7600.16385_none_bde0eaed84920a21\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..allpaper-landscapes_31bf3856ad364e35_6.1.7600.16385_none_e57abb2f66db71a9\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..dthemes-calligraphy_31bf3856ad364e35_6.1.7600.16385_none_c1407bc73caf8dfc\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..i-accessibilityuser_31bf3856ad364e35_6.1.7600.16385_none_bf396ba9226e0702\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ini-accessoriesuser_31bf3856ad364e35_6.1.7600.16385_none_7ff91f5d2dd6c770\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ini-maintenanceuser_31bf3856ad364e35_6.1.7600.16385_none_61fc91b36f901b87\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ini-systemtoolsuser_31bf3856ad364e35_6.1.7600.16385_none_7ca09f65fd387e58\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-accessories_31bf3856ad364e35_6.1.7600.16385_none_480c0d8bd31ae43f\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-maintenance_31bf3856ad364e35_6.1.7600.16385_none_ba8f25a3b6d81a68\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-systemtools_31bf3856ad364e35_6.1.7600.16385_none_da623240a154f357\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..lpaper-architecture_31bf3856ad364e35_6.1.7600.16385_none_d99106b927aa7782\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..l-soundthemes-delta_31bf3856ad364e35_6.1.7600.16385_none_fbf7e0678b64a4b8\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ndthemes-characters_31bf3856ad364e35_6.1.7600.16385_none_08da32b0fdad9220\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..opini-accessibility_31bf3856ad364e35_6.1.7600.16385_none_36604ea896f9a97d\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..oundthemes-festival_31bf3856ad364e35_6.1.7600.16385_none_121f20b55f0bde68\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..oundthemes-heritage_31bf3856ad364e35_6.1.7600.16385_none_5872c0830d0c4747\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..sktopini-sendtouser_31bf3856ad364e35_6.1.7600.16385_none_64398328adc9c59d\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..-soundthemes-garden_31bf3856ad364e35_6.1.7600.16385_none_f7a4bf1e15863e21\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..-soundthemes-quirky_31bf3856ad364e35_6.1.7600.16385_none_e55404efe49bb9cb\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..soundthemes-savanna_31bf3856ad364e35_6.1.7600.16385_none_8501e89d0b011992\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..-soundthemes-sonata_31bf3856ad364e35_6.1.7600.16385_none_201752c112c5078c\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..undthemes-afternoon_31bf3856ad364e35_6.1.7600.16385_none_2a05e57d5ab3659e\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..undthemes-cityscape_31bf3856ad364e35_6.1.7600.16385_none_5b48f43248490503\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..undthemes-landscape_31bf3856ad364e35_6.1.7600.16385_none_7a83a914edc3de49\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-shell-sounds_31bf3856ad364e35_6.1.7600.16385_none_73076dd9cf3a9dce\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-shell-soundthemes-raga_31bf3856ad364e35_6.1.7600.16385_none_2fe300bf8e73cdbd\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-shell-wallpaper-nature_31bf3856ad364e35_6.1.7600.16385_none_d5909570704a09c0\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-shell-wallpaper-scenes_31bf3856ad364e35_6.1.7600.16385_none_a4393b1a254aeaee\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7600.16385_none_73a679f8be493c8c\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-videosamples_31bf3856ad364e35_6.1.7600.16385_none_51a21f033003affd\desktop.ini
c:\Windows\winsxs\amd64_subsystem-for-unix-based-applications_31bf3856ad364e35_6.1.7600.16385_none_cfdd496d09a0a280\Desktop.ini
c:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\Desktop.ini
Zoekopdracht ( *.bat)
c:\Program Files (x86)\Acer\Screensaver\HotkeySetting.bat
c:\Program Files (x86)\Adobe\Adobe Fireworks CS5\Configuration\Win\Shared\AdobeAIR\SDK\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\plugins\org.apache.ant_1.7.1.v20090120-1145\bin\ant.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\plugins\org.apache.ant_1.7.1.v20090120-1145\bin\antRun.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\plugins\org.apache.ant_1.7.1.v20090120-1145\bin\lcp.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\bin\aasdoc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\bin\acompc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\bin\amxmlc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\templates\automation-runtimeloading-files\build.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\aasdoc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\acompc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\amxmlc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\fontswf.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\templates\automation-runtimeloading-files\build.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\plugins\org.apache.ant_1.7.0.v200803061910\bin\ant.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\plugins\org.apache.ant_1.7.0.v200803061910\bin\antRun.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\plugins\org.apache.ant_1.7.0.v200803061910\bin\lcp.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\aasdoc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\acompc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\amxmlc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\fontswf.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\templates\automation-runtimeloading-files\build.bat
c:\Program Files (x86)\Adobe\Adobe Flash CS5\AIK2.0\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash CS5\AMT\win\stage-prep.bat
c:\Program Files (x86)\Adobe\Adobe Flash CS5\PFI\bin\pfi.bat
c:\Program Files (x86)\TerraTec\TerraTec Home Cinema\Reset_THC.bat
c:\Program Files (x86)\TerraTec\TerraTec Home Cinema\THC_diag.bat
c:\Program Files\Acer\Acer PowerSmart Manager\RegPlayerPlugin_install.bat
c:\Program Files\Acer\Acer PowerSmart Manager\RegPlayerPlugin_uninstall.bat
c:\Program Files\Adobe\Adobe Premiere Pro CS5\hack.bat
c:\Users\Gebruiker\Downloads\Dreamweaver CS4 NL\Dreamweaver CS4 NL Installatie\payloads\AdobeAMP-fr_FR\Installer.bat
c:\Windows\DelMR.bat
c:\Windows\System32\Msdtc\Trace\msdtcvtr.bat
c:\Windows\SysWOW64\Msdtc\Trace\msdtcvtr.bat
c:\Windows\winsxs\amd64_microsoft-windows-com-dtc-tracing_31bf3856ad364e35_6.1.7600.16385_none_73d43c6a0c805ae7\msdtcvtr.bat
c:\Windows\winsxs\x86_microsoft-windows-com-dtc-tracing_31bf3856ad364e35_6.1.7600.16385_none_17b5a0e65422e9b1\msdtcvtr.bat
Alvast bedankt
Ik hoop dat er iets te vinden is.
Zoekopdracht(desktop.ini)
c:\Program Files (x86)\Acer\Registration\desktop.ini
c:\Program Files (x86)\Common Files\microsoft shared\Web Server Extensions\60\BIN\DESKTOP.INI
c:\Program Files (x86)\Microsoft Office\OFFICE11\1043\DataServices\DESKTOP.INI
c:\Program Files (x86)\Microsoft Office\Office12\1043\DataServices\DESKTOP.INI
c:\Program Files (x86)\Windows Live\Mail\Stationery\Desktop.ini
c:\Users\Gebruiker\Music\Elvis-Presley-Albums\Elvis Presley - 2nd To None\desktop.ini
c:\Users\Gebruiker\Pictures\Whiskey\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ehome-reg-inf_31bf3856ad364e35_6.1.7600.16385_none_5121322bdca04800\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ehome-samplemedia_31bf3856ad364e35_6.1.7600.16385_none_b6b9b223710b3802\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-fontext_31bf3856ad364e35_6.1.7600.16385_none_fa7a8a2a0d4e51c5\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-gameexplorer_31bf3856ad364e35_6.1.7600.16385_none_9df540b5daee0822\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.7600.16385_none_add5a10aa4d614d5\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.7600.16385_none_d7db1bd6e26c8fb9\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-br-links-component_31bf3856ad364e35_6.1.7600.16385_none_f884207db70f2af5\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-es-links-component_31bf3856ad364e35_6.1.7600.16385_none_9bad6a6fe6cd2a9b\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-fr-links-component_31bf3856ad364e35_6.1.7600.16385_none_fdd5eb81e578b451\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-gb-links-component_31bf3856ad364e35_6.1.7600.16385_none_0c6f0acfe2258c98\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-in-links-component_31bf3856ad364e35_6.1.7600.16385_none_8524b6fd148c78d2\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-jp-links-component_31bf3856ad364e35_6.1.7600.16385_none_c4d0601d7a048c6b\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-kr-links-component_31bf3856ad364e35_6.1.7600.16385_none_047bef9cdf7ca004\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-pl-links-component_31bf3856ad364e35_6.1.7600.16385_none_501cbd860be777f1\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-ru-links-component_31bf3856ad364e35_6.1.7600.16385_none_eb4e5afbd781da48\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-au-component_31bf3856ad364e35_6.1.7600.16385_none_3474618675ef0765\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-br-component_31bf3856ad364e35_6.1.7600.16385_none_0fd974910466d9d9\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-ca-component_31bf3856ad364e35_6.1.7600.16385_none_f8af4ddae3bfcc7f\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-de-component_31bf3856ad364e35_6.1.7600.16385_none_4d5bfdc5c9c70eda\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-es-component_31bf3856ad364e35_6.1.7600.16385_none_73dcb25ee3bfcc7f\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-fr-component_31bf3856ad364e35_6.1.7600.16385_none_df9f5ff2afce5135\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-gb-component_31bf3856ad364e35_6.1.7600.16385_none_90a406812df29cfc\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-in-component_31bf3856ad364e35_6.1.7600.16385_none_5ab89b69752e8636\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-it-component_31bf3856ad364e35_6.1.7600.16385_none_0bd16b052df29cfc\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-jp-component_31bf3856ad364e35_6.1.7600.16385_none_1f07b0cb1d9f164f\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-kr-component_31bf3856ad364e35_6.1.7600.16385_none_e356c62cc60fa668\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-mx-component_31bf3856ad364e35_6.1.7600.16385_none_fc528b79548778dc\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-nl-component_31bf3856ad364e35_6.1.7600.16385_none_ce12671a4dd92927\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-pl-component_31bf3856ad364e35_6.1.7600.16385_none_35f55ccb238ce4d5\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-ru-component_31bf3856ad364e35_6.1.7600.16385_none_a77d89e58e66c2ac\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-tr-component_31bf3856ad364e35_6.1.7600.16385_none_b6d417c887b872f7\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-us-component_31bf3856ad364e35_6.1.7600.16385_none_b2f45fe5915da9ef\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..ttheme-za-component_31bf3856ad364e35_6.1.7600.16385_none_a361574c7d52bad0\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-m..-us-links-component_31bf3856ad364e35_6.1.7600.16385_none_b0f49680a073500b\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-musicsamples_31bf3856ad364e35_6.1.7600.16385_none_06495209cbd8e93b\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-photosamples_31bf3856ad364e35_6.1.7600.16385_none_f36e0e659b8042be\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-ringtonesamples_31bf3856ad364e35_6.1.7600.16385_none_135e536ebbe59c28\desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..allpaper-characters_31bf3856ad364e35_6.1.7600.16385_none_bde0eaed84920a21\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..allpaper-landscapes_31bf3856ad364e35_6.1.7600.16385_none_e57abb2f66db71a9\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..dthemes-calligraphy_31bf3856ad364e35_6.1.7600.16385_none_c1407bc73caf8dfc\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..i-accessibilityuser_31bf3856ad364e35_6.1.7600.16385_none_bf396ba9226e0702\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ini-accessoriesuser_31bf3856ad364e35_6.1.7600.16385_none_7ff91f5d2dd6c770\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ini-maintenanceuser_31bf3856ad364e35_6.1.7600.16385_none_61fc91b36f901b87\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ini-systemtoolsuser_31bf3856ad364e35_6.1.7600.16385_none_7ca09f65fd387e58\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-accessories_31bf3856ad364e35_6.1.7600.16385_none_480c0d8bd31ae43f\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-maintenance_31bf3856ad364e35_6.1.7600.16385_none_ba8f25a3b6d81a68\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ktopini-systemtools_31bf3856ad364e35_6.1.7600.16385_none_da623240a154f357\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..lpaper-architecture_31bf3856ad364e35_6.1.7600.16385_none_d99106b927aa7782\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..l-soundthemes-delta_31bf3856ad364e35_6.1.7600.16385_none_fbf7e0678b64a4b8\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..ndthemes-characters_31bf3856ad364e35_6.1.7600.16385_none_08da32b0fdad9220\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..opini-accessibility_31bf3856ad364e35_6.1.7600.16385_none_36604ea896f9a97d\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..oundthemes-festival_31bf3856ad364e35_6.1.7600.16385_none_121f20b55f0bde68\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..oundthemes-heritage_31bf3856ad364e35_6.1.7600.16385_none_5872c0830d0c4747\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..sktopini-sendtouser_31bf3856ad364e35_6.1.7600.16385_none_64398328adc9c59d\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..-soundthemes-garden_31bf3856ad364e35_6.1.7600.16385_none_f7a4bf1e15863e21\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..-soundthemes-quirky_31bf3856ad364e35_6.1.7600.16385_none_e55404efe49bb9cb\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..soundthemes-savanna_31bf3856ad364e35_6.1.7600.16385_none_8501e89d0b011992\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..-soundthemes-sonata_31bf3856ad364e35_6.1.7600.16385_none_201752c112c5078c\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..undthemes-afternoon_31bf3856ad364e35_6.1.7600.16385_none_2a05e57d5ab3659e\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..undthemes-cityscape_31bf3856ad364e35_6.1.7600.16385_none_5b48f43248490503\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-s..undthemes-landscape_31bf3856ad364e35_6.1.7600.16385_none_7a83a914edc3de49\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-shell-sounds_31bf3856ad364e35_6.1.7600.16385_none_73076dd9cf3a9dce\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-shell-soundthemes-raga_31bf3856ad364e35_6.1.7600.16385_none_2fe300bf8e73cdbd\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-shell-wallpaper-nature_31bf3856ad364e35_6.1.7600.16385_none_d5909570704a09c0\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-shell-wallpaper-scenes_31bf3856ad364e35_6.1.7600.16385_none_a4393b1a254aeaee\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-tabletpc-journal_31bf3856ad364e35_6.1.7600.16385_none_73a679f8be493c8c\Desktop.ini
c:\Windows\winsxs\amd64_microsoft-windows-videosamples_31bf3856ad364e35_6.1.7600.16385_none_51a21f033003affd\desktop.ini
c:\Windows\winsxs\amd64_subsystem-for-unix-based-applications_31bf3856ad364e35_6.1.7600.16385_none_cfdd496d09a0a280\Desktop.ini
c:\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\Desktop.ini
Zoekopdracht ( *.bat)
c:\Program Files (x86)\Acer\Screensaver\HotkeySetting.bat
c:\Program Files (x86)\Adobe\Adobe Fireworks CS5\Configuration\Win\Shared\AdobeAIR\SDK\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\plugins\org.apache.ant_1.7.1.v20090120-1145\bin\ant.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\plugins\org.apache.ant_1.7.1.v20090120-1145\bin\antRun.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\plugins\org.apache.ant_1.7.1.v20090120-1145\bin\lcp.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\bin\aasdoc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\bin\acompc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\bin\amxmlc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\3.5.0\templates\automation-runtimeloading-files\build.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\aasdoc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\acompc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\amxmlc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\bin\fontswf.bat
c:\Program Files (x86)\Adobe\Adobe Flash Builder 4\sdks\4.0.0\templates\automation-runtimeloading-files\build.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\plugins\org.apache.ant_1.7.0.v200803061910\bin\ant.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\plugins\org.apache.ant_1.7.0.v200803061910\bin\antRun.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\plugins\org.apache.ant_1.7.0.v200803061910\bin\lcp.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\aasdoc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\acompc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\amxmlc.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\bin\fontswf.bat
c:\Program Files (x86)\Adobe\Adobe Flash Catalyst CS5\sdks\4.0.0\templates\automation-runtimeloading-files\build.bat
c:\Program Files (x86)\Adobe\Adobe Flash CS5\AIK2.0\bin\adt.bat
c:\Program Files (x86)\Adobe\Adobe Flash CS5\AMT\win\stage-prep.bat
c:\Program Files (x86)\Adobe\Adobe Flash CS5\PFI\bin\pfi.bat
c:\Program Files (x86)\TerraTec\TerraTec Home Cinema\Reset_THC.bat
c:\Program Files (x86)\TerraTec\TerraTec Home Cinema\THC_diag.bat
c:\Program Files\Acer\Acer PowerSmart Manager\RegPlayerPlugin_install.bat
c:\Program Files\Acer\Acer PowerSmart Manager\RegPlayerPlugin_uninstall.bat
c:\Program Files\Adobe\Adobe Premiere Pro CS5\hack.bat
c:\Users\Gebruiker\Downloads\Dreamweaver CS4 NL\Dreamweaver CS4 NL Installatie\payloads\AdobeAMP-fr_FR\Installer.bat
c:\Windows\DelMR.bat
c:\Windows\System32\Msdtc\Trace\msdtcvtr.bat
c:\Windows\SysWOW64\Msdtc\Trace\msdtcvtr.bat
c:\Windows\winsxs\amd64_microsoft-windows-com-dtc-tracing_31bf3856ad364e35_6.1.7600.16385_none_73d43c6a0c805ae7\msdtcvtr.bat
c:\Windows\winsxs\x86_microsoft-windows-com-dtc-tracing_31bf3856ad364e35_6.1.7600.16385_none_17b5a0e65422e9b1\msdtcvtr.bat
Alvast bedankt
Blijft ie Notepad trouwens open staan als je hem niet wegklikt????
Zo ja, check dan je actieve processen op dat moment met HijackThis...op die manier kan je ook de reg.sleutel achterhalen.
Zo ja, check dan je actieve processen op dat moment met HijackThis...op die manier kan je ook de reg.sleutel achterhalen.
Notepad blijft open.
Dus actieve processen bekeken maar zie niets of het wordt anders genoemd.
Hieronder de lijst, misschien ziet iemand iets vreemds.
StartupList report, 02-10-10, 15:51:55
StartupList version: 1.52.2
Started from : C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.EXE
Detected: Windows 7 (WinNT 6.00.3504)
Detected: Internet Explorer v8.00 (8.00.7600.16385)
* Using default options
==================================================
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\FTD Watchdog\FtdMonitor.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\updaterz.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Acer\Acer VCM\Vc.exe
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
Acer VCM.lnk = ?
HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
WinZip Quick Pick.lnk = C:\Program Files (x86)\WinZip\WZQKPICK.EXE
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = userinit.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Adobe Reader Speed Launcher = "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
BackupManagerTray = "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
EgisTecLiveUpdate = "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
VitaKeyPdtWzd = "c:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe"
LManager = C:\Program Files (x86)\Launch Manager\LManager.exe
ArcadeDeluxeAgent = "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
PlayMovie = "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
avast5 = "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HP Software Update = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
(Default) =
AppleSyncNotifier = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AdobeCS5ServiceManager = "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
SwitchBoard = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
updaterz.exe = C:\windows\updaterz.exe
QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
FTD Watchdog Monitor = "C:\Program Files (x86)\FTD Watchdog\FtdMonitor.exe"
msnmsgr = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
Remote Control Editor = "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe"
AdobeBridge = "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
ATI Display Driver = C:\Users\Gebruiker\AppData\Roaming\Stub\Stub\0.0.0.0\Protected.exe
updaterz.exe = C:\windows\updaterz.exe
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
=
--------------------------------------------------
File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
(Default) = C:\Windows\SysWOW64\mshta.exe "%1" %*
--------------------------------------------------
Shell & screensaver key from C:\Windows\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll - {0347C33E-8762-4905-BF09-768834316C61}
(no name) - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll - {074C1DC5-9320-4A9A-947D-C042949C6216}
AcroIEHelperStub - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
(no name) - (no file) - {5C255C8A-E604-49b4-9D64-90988571CECB}
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
(no name) - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
Ask Toolbar BHO - (no file) - {D4027C7F-154A-4066-A1AD-4243D8127440}
(no name) - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
(no name) - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}
--------------------------------------------------
Enumerating Task Scheduler jobs:
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #4: C:\Windows\system32\napinsp.dll
NameSpace #5: C:\Windows\system32\pnrpnsp.dll
NameSpace #6: C:\Windows\system32\pnrpnsp.dll
NameSpace #7: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
NameSpace #8: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
NameSpace #9: C:\Windows\system32\wshbth.dll
NameSpace #10: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
WebCheck: *Registry key not found*
--------------------------------------------------
End of report, 8.645 bytes
Report generated in 0,062 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Dus actieve processen bekeken maar zie niets of het wordt anders genoemd.
Hieronder de lijst, misschien ziet iemand iets vreemds.
StartupList report, 02-10-10, 15:51:55
StartupList version: 1.52.2
Started from : C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.EXE
Detected: Windows 7 (WinNT 6.00.3504)
Detected: Internet Explorer v8.00 (8.00.7600.16385)
* Using default options
==================================================
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\FTD Watchdog\FtdMonitor.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Windows\updaterz.exe
C:\Program Files (x86)\WinZip\WZQKPICK.EXE
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Acer\Acer VCM\Vc.exe
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
Acer VCM.lnk = ?
HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
WinZip Quick Pick.lnk = C:\Program Files (x86)\WinZip\WZQKPICK.EXE
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = userinit.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Adobe Reader Speed Launcher = "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
BackupManagerTray = "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
EgisTecLiveUpdate = "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
VitaKeyPdtWzd = "c:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe"
LManager = C:\Program Files (x86)\Launch Manager\LManager.exe
ArcadeDeluxeAgent = "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
PlayMovie = "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
avast5 = "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HP Software Update = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
(Default) =
AppleSyncNotifier = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AdobeCS5ServiceManager = "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
SwitchBoard = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
updaterz.exe = C:\windows\updaterz.exe
QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
FTD Watchdog Monitor = "C:\Program Files (x86)\FTD Watchdog\FtdMonitor.exe"
msnmsgr = "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
Remote Control Editor = "C:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe"
AdobeBridge = "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
ATI Display Driver = C:\Users\Gebruiker\AppData\Roaming\Stub\Stub\0.0.0.0\Protected.exe
updaterz.exe = C:\windows\updaterz.exe
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
=
--------------------------------------------------
File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
(Default) = C:\Windows\SysWOW64\mshta.exe "%1" %*
--------------------------------------------------
Shell & screensaver key from C:\Windows\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll - {0347C33E-8762-4905-BF09-768834316C61}
(no name) - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll - {074C1DC5-9320-4A9A-947D-C042949C6216}
AcroIEHelperStub - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
(no name) - (no file) - {5C255C8A-E604-49b4-9D64-90988571CECB}
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
(no name) - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
Ask Toolbar BHO - (no file) - {D4027C7F-154A-4066-A1AD-4243D8127440}
(no name) - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
(no name) - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}
--------------------------------------------------
Enumerating Task Scheduler jobs:
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #4: C:\Windows\system32\napinsp.dll
NameSpace #5: C:\Windows\system32\pnrpnsp.dll
NameSpace #6: C:\Windows\system32\pnrpnsp.dll
NameSpace #7: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
NameSpace #8: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
NameSpace #9: C:\Windows\system32\wshbth.dll
NameSpace #10: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
WebCheck: *Registry key not found*
--------------------------------------------------
End of report, 8.645 bytes
Report generated in 0,062 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
nijltjetweety
Niet meer actief
updaterz.exe = C:\windows\updaterz.exe hoort zeker niet bij de autorun registersleutel te staan. Er zijn programmas die dit bestand gebruiken maar dergelijke updates moeten via het programma gestuurd worden. Ook staat dat soms onder C:\ maar niet in de map windows.
Die sleutel is niet juist, samen met de .exe.Ik wacht even de scans af (linkje van tuts).
Verder opkuis indien nodig gaat via een geschoold analist moeten gebeuren.
Exporteer voorlopig de sleutel zodat je hem kan terugplaatsen indien nodig en delete hem daarna.
Mogelijk is het probleem daarmee opgelost.
Die sleutel is niet juist, samen met de .exe.Ik wacht even de scans af (linkje van tuts).
Verder opkuis indien nodig gaat via een geschoold analist moeten gebeuren.
Exporteer voorlopig de sleutel zodat je hem kan terugplaatsen indien nodig en delete hem daarna.
Mogelijk is het probleem daarmee opgelost.
Laatst bewerkt:
Inderdaad een virus.
Na het volgen van de stappen getipt door Tuts is het probleem verholpen.
Iedereen bedankt voor de hulp en tips.
groeten,
Ben
Na het volgen van de stappen getipt door Tuts is het probleem verholpen.
Iedereen bedankt voor de hulp en tips.
groeten,
Ben
- Status