Federal Computer Crime Unit Virus

kweezie wabbit · 9 mei 2013

Dit ziet er nu goed uit.

Nog een laatste controle voor de zekerheid.

Download zoek.exe naar het bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm; 
uninstall-list;

Klik op de knop "Options" en vink nu de onderstaande opties aan.
- Running processes
- Installed Programs
- System Specs
- Silent Runners
- Firefox Defaults
- Reset Chrome
- Reset IE proxy
- Shortcut Fix
- Reset Hosts
- Auto Clean
[*] Klik daarna op de knop "Run script".

[*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

[*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

[*] Post nu de inhoud van het geopende logje in het volgende bericht.

bdeweerdt · 12 mei 2013

Met wat vertraging hier het gevraagde log(je)!

Zoek.exe Version 4.0.0.2 Updated 12-May-2013

Tool run by Filip on zo 12/05/2013 at 17:10:50,29.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Program Files\Belgacom\bin\sprtsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\Program Files\Analog Devices\Core\smax4pnp.exe

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\Program Files\Spector Photo Software\Agent.exe

C:\Program Files\Belgium Identity Card\beid35gui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\dcmsvc\dcmsvc.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\ATI Technologies\ATI.ACE\cli.exe

C:\Program Files\IrfanView\I_VIEW32.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

C:\Documents and Settings\Filip\Bureaublad\zoek.exe

==== Reset Hosts File ======================

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

32 Bit HP CIO Components Installer

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI - Nederlands

Adobe Shockwave Player 11.5

AIO_Scan

Apple Application Support

Apple Software Update

ATI - Software Uninstall Utility

ATI Catalyst Control Center

ATI Display Driver

Belgacom Genius

Belgium e-ID middleware 3.5.6 (build 6954)

Beveiligingsupdate for Windows XP (KB923689)

Beveiligingsupdate for Windows XP (KB941569)

Beveiligingsupdate voor Microsoft Windows (KB2564958)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB928090)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB929969)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB933566)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB937143)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB939653)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB944533)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB950759)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB969897)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB972260)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB974455)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB976325)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB978207)

Beveiligingsupdate voor Windows Internet Explorer 7 (KB982381)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2482017)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2497640)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2530548)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2559049)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2792100)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2797052)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2799329)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2809289)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB2817183)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332)

Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)

Beveiligingsupdate voor Windows Media Player (KB2378111)

Beveiligingsupdate voor Windows Media Player (KB911564)

Beveiligingsupdate voor Windows Media Player (KB952069)

Beveiligingsupdate voor Windows Media Player (KB954155)

Beveiligingsupdate voor Windows Media Player (KB968816)

Beveiligingsupdate voor Windows Media Player (KB973540)

Beveiligingsupdate voor Windows Media Player (KB975558)

Beveiligingsupdate voor Windows Media Player (KB978695)

Beveiligingsupdate voor Windows Media Player 11 (KB936782)

Beveiligingsupdate voor Windows Media Player 11 (KB954154)

Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)

Beveiligingsupdate voor Windows Media Player 9 (KB917734)

Beveiligingsupdate voor Windows XP (KB2079403)

Beveiligingsupdate voor Windows XP (KB2115168)

Beveiligingsupdate voor Windows XP (KB2121546)

Beveiligingsupdate voor Windows XP (KB2229593)

Beveiligingsupdate voor Windows XP (KB2259922)

Beveiligingsupdate voor Windows XP (KB2296011)

Beveiligingsupdate voor Windows XP (KB2347290)

Beveiligingsupdate voor Windows XP (KB2360937)

Beveiligingsupdate voor Windows XP (KB2387149)

Beveiligingsupdate voor Windows XP (KB2393802)

Beveiligingsupdate voor Windows XP (KB2412687)

Beveiligingsupdate voor Windows XP (KB2419632)

Beveiligingsupdate voor Windows XP (KB2423089)

Beveiligingsupdate voor Windows XP (KB2440591)

Beveiligingsupdate voor Windows XP (KB2443105)

Beveiligingsupdate voor Windows XP (KB2476490)

Beveiligingsupdate voor Windows XP (KB2476687)

Beveiligingsupdate voor Windows XP (KB2478960)

Beveiligingsupdate voor Windows XP (KB2478971)

Beveiligingsupdate voor Windows XP (KB2479628)

Beveiligingsupdate voor Windows XP (KB2479943)

Beveiligingsupdate voor Windows XP (KB2481109)

Beveiligingsupdate voor Windows XP (KB2483185)

Beveiligingsupdate voor Windows XP (KB2485376)

Beveiligingsupdate voor Windows XP (KB2485663)

Beveiligingsupdate voor Windows XP (KB2503658)

Beveiligingsupdate voor Windows XP (KB2503665)

Beveiligingsupdate voor Windows XP (KB2506212)

Beveiligingsupdate voor Windows XP (KB2506223)

Beveiligingsupdate voor Windows XP (KB2507618)

Beveiligingsupdate voor Windows XP (KB2507938)

Beveiligingsupdate voor Windows XP (KB2508272)

Beveiligingsupdate voor Windows XP (KB2508429)

Beveiligingsupdate voor Windows XP (KB2509553)

Beveiligingsupdate voor Windows XP (KB2511455)

Beveiligingsupdate voor Windows XP (KB2524375)

Beveiligingsupdate voor Windows XP (KB2535512)

Beveiligingsupdate voor Windows XP (KB2536276-v2)

Beveiligingsupdate voor Windows XP (KB2536276)

Beveiligingsupdate voor Windows XP (KB2544893-v2)

Beveiligingsupdate voor Windows XP (KB2544893)

Beveiligingsupdate voor Windows XP (KB2555917)

Beveiligingsupdate voor Windows XP (KB2562937)

Beveiligingsupdate voor Windows XP (KB2566454)

Beveiligingsupdate voor Windows XP (KB2567053)

Beveiligingsupdate voor Windows XP (KB2567680)

Beveiligingsupdate voor Windows XP (KB2570222)

Beveiligingsupdate voor Windows XP (KB2570947)

Beveiligingsupdate voor Windows XP (KB2584146)

Beveiligingsupdate voor Windows XP (KB2585542)

Beveiligingsupdate voor Windows XP (KB2592799)

Beveiligingsupdate voor Windows XP (KB2598479)

Beveiligingsupdate voor Windows XP (KB2603381)

Beveiligingsupdate voor Windows XP (KB2618451)

Beveiligingsupdate voor Windows XP (KB2619339)

Beveiligingsupdate voor Windows XP (KB2620712)

Beveiligingsupdate voor Windows XP (KB2621440)

Beveiligingsupdate voor Windows XP (KB2624667)

Beveiligingsupdate voor Windows XP (KB2631813)

Beveiligingsupdate voor Windows XP (KB2633171)

Beveiligingsupdate voor Windows XP (KB2639417)

Beveiligingsupdate voor Windows XP (KB2641653)

Beveiligingsupdate voor Windows XP (KB2646524)

Beveiligingsupdate voor Windows XP (KB2647518)

Beveiligingsupdate voor Windows XP (KB2653956)

Beveiligingsupdate voor Windows XP (KB2655992)

Beveiligingsupdate voor Windows XP (KB2659262)

Beveiligingsupdate voor Windows XP (KB2660465)

Beveiligingsupdate voor Windows XP (KB2661637)

Beveiligingsupdate voor Windows XP (KB2676562)

Beveiligingsupdate voor Windows XP (KB2685939)

Beveiligingsupdate voor Windows XP (KB2686509)

Beveiligingsupdate voor Windows XP (KB2691442)

Beveiligingsupdate voor Windows XP (KB2695962)

Beveiligingsupdate voor Windows XP (KB2698365)

Beveiligingsupdate voor Windows XP (KB2705219)

Beveiligingsupdate voor Windows XP (KB2707511)

Beveiligingsupdate voor Windows XP (KB2709162)

Beveiligingsupdate voor Windows XP (KB2712808)

Beveiligingsupdate voor Windows XP (KB2718523)

Beveiligingsupdate voor Windows XP (KB2719985)

Beveiligingsupdate voor Windows XP (KB2723135)

Beveiligingsupdate voor Windows XP (KB2724197)

Beveiligingsupdate voor Windows XP (KB2727528)

Beveiligingsupdate voor Windows XP (KB2731847)

Beveiligingsupdate voor Windows XP (KB2753842-v2)

Beveiligingsupdate voor Windows XP (KB2753842)

Beveiligingsupdate voor Windows XP (KB2757638)

Beveiligingsupdate voor Windows XP (KB2758857)

Beveiligingsupdate voor Windows XP (KB2761226)

Beveiligingsupdate voor Windows XP (KB2770660)

Beveiligingsupdate voor Windows XP (KB2778344)

Beveiligingsupdate voor Windows XP (KB2779030)

Beveiligingsupdate voor Windows XP (KB2780091)

Beveiligingsupdate voor Windows XP (KB2799494)

Beveiligingsupdate voor Windows XP (KB2802968)

Beveiligingsupdate voor Windows XP (KB2807986)

Beveiligingsupdate voor Windows XP (KB2808735)

Beveiligingsupdate voor Windows XP (KB2813170)

Beveiligingsupdate voor Windows XP (KB2813345)

Beveiligingsupdate voor Windows XP (KB2820917)

Beveiligingsupdate voor Windows XP (KB923561)

Beveiligingsupdate voor Windows XP (KB938464)

Beveiligingsupdate voor Windows XP (KB946648)

Beveiligingsupdate voor Windows XP (KB950760)

Beveiligingsupdate voor Windows XP (KB950762)

Beveiligingsupdate voor Windows XP (KB950974)

Beveiligingsupdate voor Windows XP (KB951066)

Beveiligingsupdate voor Windows XP (KB951376-v2)

Beveiligingsupdate voor Windows XP (KB951376)

Beveiligingsupdate voor Windows XP (KB951698)

Beveiligingsupdate voor Windows XP (KB951748)

Beveiligingsupdate voor Windows XP (KB952004)

Beveiligingsupdate voor Windows XP (KB952954)

Beveiligingsupdate voor Windows XP (KB953839)

Beveiligingsupdate voor Windows XP (KB954211)

Beveiligingsupdate voor Windows XP (KB954600)

Beveiligingsupdate voor Windows XP (KB955069)

Beveiligingsupdate voor Windows XP (KB956391)

Beveiligingsupdate voor Windows XP (KB956572)

Beveiligingsupdate voor Windows XP (KB956744)

Beveiligingsupdate voor Windows XP (KB956802)

Beveiligingsupdate voor Windows XP (KB956803)

Beveiligingsupdate voor Windows XP (KB956841)

Beveiligingsupdate voor Windows XP (KB956844)

Beveiligingsupdate voor Windows XP (KB957095)

Beveiligingsupdate voor Windows XP (KB957097)

Beveiligingsupdate voor Windows XP (KB958644)

Beveiligingsupdate voor Windows XP (KB958687)

Beveiligingsupdate voor Windows XP (KB958690)

Beveiligingsupdate voor Windows XP (KB958869)

Beveiligingsupdate voor Windows XP (KB959426)

Beveiligingsupdate voor Windows XP (KB960225)

Beveiligingsupdate voor Windows XP (KB960715)

Beveiligingsupdate voor Windows XP (KB960803)

Beveiligingsupdate voor Windows XP (KB960859)

Beveiligingsupdate voor Windows XP (KB961371)

Beveiligingsupdate voor Windows XP (KB961373)

Beveiligingsupdate voor Windows XP (KB961501)

Beveiligingsupdate voor Windows XP (KB968537)

Beveiligingsupdate voor Windows XP (KB969059)

Beveiligingsupdate voor Windows XP (KB969898)

Beveiligingsupdate voor Windows XP (KB969947)

Beveiligingsupdate voor Windows XP (KB970238)

Beveiligingsupdate voor Windows XP (KB970430)

Beveiligingsupdate voor Windows XP (KB971468)

Beveiligingsupdate voor Windows XP (KB971486)

Beveiligingsupdate voor Windows XP (KB971557)

Beveiligingsupdate voor Windows XP (KB971633)

Beveiligingsupdate voor Windows XP (KB971657)

Beveiligingsupdate voor Windows XP (KB971961)

Beveiligingsupdate voor Windows XP (KB972270)

Beveiligingsupdate voor Windows XP (KB973346)

Beveiligingsupdate voor Windows XP (KB973354)

Beveiligingsupdate voor Windows XP (KB973507)

Beveiligingsupdate voor Windows XP (KB973525)

Beveiligingsupdate voor Windows XP (KB973869)

Beveiligingsupdate voor Windows XP (KB973904)

Beveiligingsupdate voor Windows XP (KB974112)

Beveiligingsupdate voor Windows XP (KB974318)

Beveiligingsupdate voor Windows XP (KB974392)

Beveiligingsupdate voor Windows XP (KB974571)

Beveiligingsupdate voor Windows XP (KB975025)

Beveiligingsupdate voor Windows XP (KB975467)

Beveiligingsupdate voor Windows XP (KB975560)

Beveiligingsupdate voor Windows XP (KB975561)

Beveiligingsupdate voor Windows XP (KB975562)

Beveiligingsupdate voor Windows XP (KB975713)

Beveiligingsupdate voor Windows XP (KB977165)

Beveiligingsupdate voor Windows XP (KB977816)

Beveiligingsupdate voor Windows XP (KB977914)

Beveiligingsupdate voor Windows XP (KB978037)

Beveiligingsupdate voor Windows XP (KB978251)

Beveiligingsupdate voor Windows XP (KB978262)

Beveiligingsupdate voor Windows XP (KB978338)

Beveiligingsupdate voor Windows XP (KB978542)

Beveiligingsupdate voor Windows XP (KB978601)

Beveiligingsupdate voor Windows XP (KB978706)

Beveiligingsupdate voor Windows XP (KB979309)

Beveiligingsupdate voor Windows XP (KB979482)

Beveiligingsupdate voor Windows XP (KB979559)

Beveiligingsupdate voor Windows XP (KB979683)

Beveiligingsupdate voor Windows XP (KB979687)

Beveiligingsupdate voor Windows XP (KB980195)

Beveiligingsupdate voor Windows XP (KB980218)

Beveiligingsupdate voor Windows XP (KB980232)

Beveiligingsupdate voor Windows XP (KB980436)

Beveiligingsupdate voor Windows XP (KB981322)

Beveiligingsupdate voor Windows XP (KB981349)

Beveiligingsupdate voor Windows XP (KB981997)

Beveiligingsupdate voor Windows XP (KB982132)

Beveiligingsupdate voor Windows XP (KB982214)

Beveiligingsupdate voor Windows XP (KB982665)

Broadcom Gigabit Integrated Controller

BufferChm

C4200

C4200_doccd

c4200_Help

Colin McRae Rally 2005

Copy

CustomerResearchQFolder

dcmsvc 1.0

Dell Resource CD

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DocProc

DocProcQFolder

drivers

Dropbox

Essentiële update voor Windows Media Player 11 (KB959772)

eSupportQFolder

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

High Definition Audio Driver Package - KB835221

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB976002-v5)

Hotfix voor Windows Internet Explorer 7 (KB947864)

Hotfix voor Windows Media Player 11 (KB939683)

Hotfix voor Windows XP (KB2443685)

Hotfix voor Windows XP (KB2570791)

Hotfix voor Windows XP (KB2633952)

Hotfix voor Windows XP (KB2756822)

Hotfix voor Windows XP (KB2779562)

Hotfix voor Windows XP (KB952287)

Hotfix voor Windows XP (KB961118)

Hotfix voor Windows XP (KB970653-v3)

Hotfix voor Windows XP (KB976098-v2)

Hotfix voor Windows XP (KB979306)

Hotfix voor Windows XP (KB981793)

HP-software voor foto- en beeldbewerking 2.0 - All-in-One

HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma

HP-software voor foto- en beeldbewerking 2.0 - HP psc 1200

HP Customer Participation Program 9.0

HP Imaging Device Functions 9.0

HP OCR Software 9.0

HP Photosmart All-In-One Software 9.0

HP Photosmart Essential 2.01

HP Photosmart Essential2.01

hp psc 1200 series

HP Smart Web Printing 4.60

HP Solution Center 9.0

HP Update

HPProductAssistant

HPSSupply

Intel® Graphics Media Accelerator Driver

IP Camera

IrfanView (remove only)

Java 6 Update 11

Java 6 Update 3

Java SE Runtime Environment 6 Update 1

KaraFun 1.18

KBC-beveiligingscomponenten

KBC Trusted Sites

LiveUpdate 2.6 (Symantec Corporation)

Malwarebytes Anti-Malware versie 1.75.0.1300

MarketingReg

MarketResearch

McAfee Security Scan Plus

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Dutch Language Pack

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Language Pack - NLD

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Dutch Language Pack

Microsoft .NET Framework 3.0 Nederlands taalpakket

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Dutch) 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office Live Add-in 1.3

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft Software Update for Web Folders (Dutch) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Modem Helper

Mozilla Firefox 20.0.1 (x86 nl)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

Nero 7 Premium

OGA Notifier 2.0.0048.0

Pakket voor de provider van Microsoft Base-smartcardcryptografieservice

PCI Audio Driver

PDFCreator

Playchess

PS_AIO_ProductContext

PS_AIO_Software

PS_AIO_Software_min

PSSWCORE

QuickTime

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Segoe UI

Shockwave Director 10.2

Skype Click to Call

Skype™ 5.10

SmartWebPrinting

SolutionCenter

SoundMAX

Spector Photo Software

Status

Symantec AntiVirus

Toolbox

TrayApp

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition

Update voor Windows Internet Explorer 7 (KB976749)

Update voor Windows Internet Explorer 7 (KB980182)

Update voor Windows Internet Explorer 8 (KB976662)

Update voor Windows XP (KB2141007)

Update voor Windows XP (KB2345886)

Update voor Windows XP (KB2541763)

Update voor Windows XP (KB2607712)

Update voor Windows XP (KB2616676)

Update voor Windows XP (KB2641690)

Update voor Windows XP (KB2661254-v2)

Update voor Windows XP (KB2718704)

Update voor Windows XP (KB2736233)

Update voor Windows XP (KB2749655)

Update voor Windows XP (KB951072-v2)

Update voor Windows XP (KB951978)

Update voor Windows XP (KB955759)

Update voor Windows XP (KB955839)

Update voor Windows XP (KB961503)

Update voor Windows XP (KB967715)

Update voor Windows XP (KB968389)

Update voor Windows XP (KB971029)

Update voor Windows XP (KB971737)

Update voor Windows XP (KB973687)

Update voor Windows XP (KB973815)

VideoToolkit01

WebFldrs XP

WebReg

Windows Communication Foundation Language Pack - NLD

Windows Defender

Windows Driver Package - Microsoft (USBCCID) SmartCardReader (08/01/2006 5.2.3790.2724)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Internet Explorer 7

Windows Internet Explorer 8

Windows Live - Hulpprogramma voor uploaden

Windows Live aanmeldhulp

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Format 11 runtime

Windows Media Format SDK Hotfix - KB891122

Windows Media Player 11

Windows Presentation Foundation

Windows Presentation Foundation Language Pack (NLD)

Windows Workflow Foundation NL Language Pack

Windows XP Service Pack 3

WinRAR archiver

WinZip

X Codec Pack

XML Paper Specification Shared Components Language Pack 1.0

XML Paper Specification Shared Components Pack 1.0

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\Filip\Application Data\Mozilla\Firefox\Profiles\sn07wbf2.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Added to C:\Documents and Settings\Filip\Application Data\Mozilla\Firefox\Profiles\sn07wbf2.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== System Specs ======================

Windows: Windows XP Professional Service Pack 3 (Build 2600)

Internet Explorer: 8.0.6001.18702

Memory (RAM): 2046 MB

CPU Info: Intel® Core2 CPU 6300 @ 1.86GHz

CPU Speed: 1822,4 MHz

Sound Card: SoundMAX HD Audio |

Display Adapters: 256MB ATI Radeon X1300PRO | 256MB ATI Radeon X1300PRO Secondary | NetMeeting driver | RDPDD Chained DD

Monitors: 1x; Plug en Play-monitor |

Screen Resolution: 1024 X 768 - 32 bit

Network: Network Present

Network Adapters: Broadcom NetXtreme 57xx Gigabit Controller - Pakketplanner-minipoort

CD / DVD Drives: 1x (F: | ) F: TSSTcorpDVD+-RW TS-H653A

Ports: COM1 LPT1

Mouse: 16 Button Wheel Mouse Present

Hard Disks: C: 74,5GB | D: 39,1GB | E: 75,4GB

Hard Disks - Free: C: 25,1GB | D: 20,9GB | E: 27,6GB

Manufacturer *: Dell Inc.

BIOS Info: AT/AT COMPATIBLE | 05/21/07 | DELL - 14

Time Zone: West-Europa (standaardtijd)

Motherboard *: Dell Inc. 0HR330

Sun Java version: 1.6.0_11

Country: België

Language: NLB

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\Filip\LOCALS~1\Temp ====

====== C:\WINDOWS\system32 =====

2013-05-04 18:35:18 DDF3B9CC3F0E8E1EC094D1CE89046C4A 1824 ----a-w- C:\WINDOWS\System32\.crusader

====== C:\WINDOWS\system32\drivers =====

2013-05-06 17:32:30 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2013-05-04 18:38:28 05E0D8EE7D6FAB5CB672FEC3AAD93AA0 30464 ----a-w- C:\WINDOWS\System32\drivers\hitmanpro37.sys

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

======= C: =====

2013-05-07 17:45:41 F1024A172708F9AAC4DC277F4E68B725 3340 ----a-w- C:\AdwCleaner[s1].txt

====== C:\Documents and Settings\Filip\Application Data ======

2013-05-04 17:58:52 -------- d-----w- C:\Documents and Settings\All Users\Application Data\HitmanPro

2013-05-04 14:26:14 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Documents and Settings\All Users\Application Data\as98213.txt

====== C:\Documents and Settings\Filip ======

2013-05-04 15:52:46 -------- d-sh--w- C:\Documents and Settings\Administrator\PrivacIE

2013-05-04 15:52:36 -------- d-sh--w- C:\Documents and Settings\Administrator\IETldCache

====== C: exe-files ==

2013-05-07 17:43:45 A95866BA166A09E360BB88DA72D4531D 628743 ----a-w- C:\Documents and Settings\Filip\Mijn documenten\Downloads\adwcleaner.exe

2013-05-06 17:30:52 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Documents and Settings\Filip\Mijn documenten\Downloads\mbam-setup-1.75.0.1300.exe

=== C: other files ==

2013-05-06 17:32:30 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t"

[HKEY_USERS\S-1-5-21-1177238915-1770027372-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe runtime -Delay"

"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe"

"Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe /P Belgacom"

"ExtraFilmHemmaAgent"="C:\Program Files\Spector Photo Software\Agent.exe"

"beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup"

"dcmsvc"="C:\Program Files\dcmsvc\dcmsvc.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"IsaKbcCertUpdate"="C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"KernelFaultCheck"="%systemroot%\system32\dumprep 0 -k"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\C-Media Mixer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Mixer"

"hkey"="HKLM"

"command"="Mixer.exe /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTFMON.EXE]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ctfmon"

"hkey"="HKCU"

"command"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HPWuSchd2"

"hkey"="HKLM"

"command"="C:\\Program Files\\Hewlett-Packard\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="igfxtray"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KernelFaultCheck]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="dumprep 0 -k"

"hkey"="HKLM"

"command"="%systemroot%\\system32\\dumprep 0 -k"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NeroCheck"

"hkey"="HKLM"

"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="igfxpers"

"hkey"="HKLM"

"command"="C:\\WINDOWS\\system32\\igfxpers.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="qttask"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="jusched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Java\\jre6\\bin\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk]

"path"="C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\WinZip Quick Pick.lnk"

"backup"="C:\\WINDOWS\\pss\\WinZip Quick Pick.lnkCommon Startup"

"command"="C:\\PROGRA~1\\WinZip\\WZQKPICK.EXE "

"item"="WinZip Quick Pick"

==== Startup Folders ======================

2009-02-15 11:11:46 1879 -c--a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\HP Digital Imaging Monitor.lnk

2013-02-14 21:56:11 1763 ----a-w- C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\McAfee Security Scan Plus.lnk

2013-04-21 17:32:59 951 ----a-w- C:\Documents and Settings\Filip\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a--c--- ::C:\Program Files\Apple Software Update\SoftwareUpdate.exe []

C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1182406226.job --a--c--- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [09/04/2003 17:56]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/08/2012 14:05]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/08/2012 14:05]

C:\WINDOWS\tasks\MP Scheduled Scan.job --ah----- C:\Program Files\Windows Defender\MpCmdRun.exe [03/11/2006 19:20]

C:\WINDOWS\tasks\User_Feed_Synchronization-{DFC984F9-C404-45D9-A4CD-D6135A44C127}.job --ah-c--- C:\WINDOWS\system32\msfeedssync.exe [08/03/2009 05:31]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Filip\Application Data\Mozilla\Firefox\Profiles\sn07wbf2.default

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be.xpi

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Filip\Application Data\Mozilla\Firefox\Profiles\sn07wbf2.default

3D928B3FE97C403A33F803B3D1A260C9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll - Google Update

47299371607DC2FB234444EEACB1639E - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash

75300E5ED4CD5B4363C3DBBB2D03269C - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll - McAfee Security Scanner +

A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In

21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat

21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

BA31D3FB803BBA92413D9D7D4E214D52 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9

BA31D3FB803BBA92413D9D7D4E214D52 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.9

C41576CBD076B6895C20B465CDC26958 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9

C41576CBD076B6895C20B465CDC26958 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.9

D8F8E45ACC404661CF0787F2A0888180 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9

D8F8E45ACC404661CF0787F2A0888180 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.9

7B55FEF2BA47A2420BB49CD93320077A - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9

7B55FEF2BA47A2420BB49CD93320077A - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.9

D9F5A433758BC151850E53690D57663A - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9

D9F5A433758BC151850E53690D57663A - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.9

2FE95733EB36CD762EAE54BBE9D8B11C - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9

2FE95733EB36CD762EAE54BBE9D8B11C - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.9

8FD41344CB62DDB06E2A339F2C5F1947 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9

8FD41344CB62DDB06E2A339F2C5F1947 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.6.9

BCA175A4D68910B97C9391F2B5F02A4D - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

1AFEEF6369E3153BD6A9050133FC291C - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll - Java Platform SE 6 U11

918822F22226B3C15ED4F17BB3670110 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java Platform SE 6 U11

7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox

AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.iepersebc.be/"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.iepersebc.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on Users Desktops ======================

C:\Documents and Settings\Filip\Bureaublad\HiJackThis.lnk - C:\Documents and Settings\Filip\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts on All Users Desktop ======================

C:\Documents and Settings\All Users\Bureaublad\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

==== shortcuts in Users Start Menu ======================

C:\Documents and Settings\Filip\Menu Start\Programma's\HiJackThis\HiJackThis.lnk - C:\Documents and Settings\Filip\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Documents and Settings\Filip\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr

==== shortcuts in All Users Start Menu ======================

C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Scanner and Camera Wizard.lnk - C:\WINDOWS\system32\wiaacmgr.exe -SelectDevice

C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm

C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

==== shortcuts in Quick Launch ======================

C:\Documents and Settings\Bert\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Filip\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk - C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

C:\Documents and Settings\Filip\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk - C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Uninstall List x86 ======================

32 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}]

Adobe AIR [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FDB3B167-F4FA-461D-976F-286304A57B2A}]

Adobe AIR [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]

Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]

Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin]

Adobe Reader XI - Nederlands [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AB0000000001}]

Adobe Shockwave Player 11.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player]

AIO_Scan [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}]

Apple Application Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE6097DD-05F4-4178-9719-D3170BF098E8}]

Apple Software Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}]

ATI - Software Uninstall Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\All ATI Software]

ATI Catalyst Control Center [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2CA41BA1-9842-4819-8ABB-76FDC14AB9EA}]

ATI Display Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ATI Display Driver]

Belgacom Genius [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FDE9FC7A-BF6D-4347-850D-05A16E6FEE17}]

Belgium e-ID middleware 3.5.6 (build 6954) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{824563DE-75AD-4166-9DC0-B6482F206954}]

Broadcom Gigabit Integrated Controller [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7E369B27-13E2-41A5-9879-358EE1C8B5AD}]

BufferChm [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E2662C24-B31E-4349-A084-32EB76E8B760}]

C4200 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C39E671D-0528-4c5e-A034-8470C5BC393A}]

C4200_doccd [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}]

c4200_Help [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}]

Colin McRae Rally 2005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CC67770B-581D-4E96-B72A-A7907CE18725}]

Copy [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1753255A-0AEB-4220-8C75-607B73F0C133}]

CustomerResearchQFolder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}]

dcmsvc 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\dcmsvc_is1]

Dell Resource CD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2764CA82-DFB9-4498-AF85-719340BF5305}]

Destination Component [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}]

DeviceDiscovery [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{22466889-7642-488d-AA0E-F619704CF7AB}]

DeviceManagementQFolder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}]

DocProc [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}]

DocProcQFolder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87E2B986-07E8-477a-93DC-AF0B6758B192}]

drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CC411308-0458-4950-AB07-58A5703BE3C4}]

Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox]

eSupportQFolder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}]

Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]

Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]

Google Toolbar for Internet Explorer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}]

Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]

HiJackThis [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45A66726-69BC-466B-A7A4-12FCBA4883D7}]

HP-software voor foto- en beeldbewerking 2.0 - All-in-One [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9867A917-5D17-40DE-83BA-BEA5293194B1}]

HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}]

HP-software voor foto- en beeldbewerking 2.0 - HP psc 1200 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP PSC 1200 Series]

HP Customer Participation Program 9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPExtendedCapabilities]

HP Imaging Device Functions 9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Imaging Device Functions]

HP OCR Software 9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HPOCR]

HP Photosmart All-In-One Software 9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B09BCBF6-87EE-4403-A336-3A9510856535}]

HP Photosmart Essential 2.01 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Photosmart Essential]

HP Photosmart Essential2.01 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8389382B-53BA-4A87-8854-91E3D80A5AC7}]

hp psc 1200 series [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C900EF06-2E76-49C7-8DB0-41F629B21DC5}]

HP Smart Web Printing 4.60 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Smart Web Printing]

HP Solution Center 9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HP Solution Center & Imaging Support Tools]

HP Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}]

HPProductAssistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AEA07F97-9088-497c-8821-0F36BD5DC251}]

HPSSupply [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}]

Intel® Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HDMI]

IP Camera [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IP Camera]

IrfanView (remove only) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IrfanView]

Java 6 Update 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216011FF}]

Java 6 Update 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}]

Java SE Runtime Environment 6 Update 1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160010}]

KaraFun 1.18 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\KaraFun_is1]

KBC-beveiligingscomponenten [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DFB06B7E-33CE-4BB6-95DF-31AD7B9BFE49}]

LiveUpdate 2.6 (Symantec Corporation) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdate]

Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]

MarketingReg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{04441EE4-3631-43DB-813A-9D031380C8E5}]

MarketResearch [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13F00518-807A-4B3A-83B0-A7CD90F3A398}]

McAfee Security Scan Plus [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]

Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]

Microsoft .NET Framework 1.1 Dutch Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}]

Microsoft .NET Framework 1.1 Security Update (KB2698023) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\M2698023]

Microsoft .NET Framework 1.1 Security Update (KB2742597) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\M2742597]

Microsoft .NET Framework 1.1 Security Update (KB979906) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\M979906]

Microsoft .NET Framework 2.0 Language Pack - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D610D81C-36EE-4E1B-8346-1F515A5AF032}]

Microsoft .NET Framework 2.0 Service Pack 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}]

Microsoft .NET Framework 3.0 Dutch Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{64371D22-A18B-436E-863B-2E12DA8042FF}]

Microsoft .NET Framework 3.0 Service Pack 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}]

Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}]

Microsoft Choice Guard [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}]

Microsoft Compression Client Pack 1.0 for Windows XP [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MSCompPackV1]

Microsoft Internationalized Domain Names Mitigation APIs [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IDNMitigationAPIs]

Microsoft National Language Support Downlevel APIs [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NLSDownlevelMapping]

Microsoft Office Enterprise 2007 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ENTERPRISER]

Microsoft Office Live Add-in 1.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}]

Microsoft Search Enhancement Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}]

Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]

Microsoft User-Mode Driver Framework Feature Pack 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wudf01000]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]

Modem Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7F142D56-3326-11D5-B229-002078017FBF}]

Mozilla Firefox 20.0.1 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 20.0.1 (x86 nl)]

Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService]

MSVCRT [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}]

MSXML 4.0 SP2 (KB936181) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C04E32E0-0416-434D-AFB9-6969D703A9EF}]

MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]

MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]

MSXML 6 Service Pack 2 (KB973686) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}]

Nero 7 Premium [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EBD4524C-5C6D-442E-AE40-FA38A2CC1043}]

OGA Notifier 2.0.0048.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}]

PCI Audio Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCI Audio Driver]

PDFCreator [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}]

Playchess [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{97DB07C0-7E43-4C4A-8766-26396935F177}]

PS_AIO_ProductContext [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FD7F242B-9AA0-40c3-941E-3A9821D19C09}]

PS_AIO_Software [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D8B7A682-20DA-4797-8415-B1FB14D4D32B}]

PS_AIO_Software_min [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}]

PSSWCORE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F72E2DDC-3DB8-4190-A21D-63883D955FE7}]

QuickTime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{57752979-A1C9-4C02-856B-FBB27AC4E02C}]

Scan [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}]

Security Update for CAPICOM (KB931906) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}]

Segoe UI [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}]

Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}]

Skype™ 5.10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}]

SmartWebPrinting [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}]

SolutionCenter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}]

SoundMAX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0A37341-D692-11D4-A984-009027EC0A9C}]

Spector Photo Software [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spector Photo Software]

Status [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}]

Symantec AntiVirus [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3248E093-5288-4CA9-B3AB-11A675FEA1F9}]

Toolbox [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}]

TrayApp [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{10E1E87C-656C-4D08-86D6-5443D28583BE}]

UnloadSupport [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{543E938C-BDC4-4933-A612-01293996845F}]

VideoToolkit01 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{824D3839-DAA1-4315-A822-7AE3E620E528}]

WebFldrs XP [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{350C9413-3D7C-4EE8-BAA9-00BCB3D54227}]

WebReg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}]

Windows Communication Foundation Language Pack - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18BA2F73-9F8E-4938-860E-F7BC31531608}]

Windows Defender [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A06275F4-324B-4E85-95E6-87B2CD729401}]

Windows Driver Package - Microsoft (USBCCID) SmartCardReader (08/01/2006 5.2.3790.2724) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\435403D41CB143EFFFCE801AFA6A0778EBC1DB1F]

Windows Genuine Advantage Notifications (KB905474) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WgaNotify]

Windows Genuine Advantage Validation Tool (KB892130) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WGA]

Windows Imaging Component [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WIC]

Windows Internet Explorer 7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ie7]

Windows Internet Explorer 8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ie8]

Windows Live - Hulpprogramma voor uploaden [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{205C6BDD-7B73-42DE-8505-9A093F35A238}]

Windows Live aanmeldhulp [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1BD6AE96-4742-4498-9D03-9451C7E5A214}]

Windows Live Call [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C20C2630-B3A7-44BA-BDD0-31E256AE490E}]

Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}]

Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}]

Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite_Wave3]

Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CC38A00D-7EED-46CE-9281-D1D97B81F22A}]

Windows Media Format 11 runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime]

Windows Media Format 11 runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WMFDist11]

Windows Media Player 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Player]

Windows Media Player 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wmp11]

Windows Presentation Foundation [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BAF78226-3200-4DB4-BE33-4D922A799840}]

Windows Presentation Foundation Language Pack (NLD) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{655A0785-CB7A-42C2-A1AE-B3FE1BFB2617}]

Windows Workflow Foundation NL Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A06BD059-8EDE-41F3-B91A-73C2C6811187}]

Windows XP Service Pack 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows XP Service Pack]

WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]

WinZip [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip]

X Codec Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\X Codec Pack]

XML Paper Specification Shared Components Language Pack 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\XPSEPSCLP]

XML Paper Specification Shared Components Pack 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\XpsEPSC]

==== Silent Runners ======================

"Silent Runners.vbs", revision 69.2, Silent Runners - Adware? Disinfect, don't reformat!

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [Nero AG]

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe [MS]

swg = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [Google Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

SoundMAXPnP = C:\Program Files\Analog Devices\Core\smax4pnp.exe [Analog Devices, Inc.]

HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe [intel Corporation]

ATICCC = "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay [null data]

ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [symantec Corporation]

vptray = C:\PROGRA~1\SYMANT~1\VPTray.exe [symantec Corporation]

Belgacom = "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom [supportSoft, Inc.]

ExtraFilmHemmaAgent = "C:\Program Files\Spector Photo Software\Agent.exe" [null data]

beid = "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup [belgian Government]

dcmsvc = C:\Program Files\dcmsvc\dcmsvc.exe [null data]

GrooveMonitor = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [MS]

QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime [Apple Inc.]

KernelFaultCheck = C:\WINDOWS\system32\dumprep 0 -k

IsaKbcCertUpdate = C:\Program Files\Common Files\Isabel\isa_kbc_certupdate.exe [isabel SA/NV]

Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{0347C33E-8762-4905-BF09-768834316C61}\(Default) = HP Print Enhancer

-> {HKLM...CLSID} = HP Print Enhancer

\InProcServer32\(Default) = C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [Hewlett-Packard Co.]

{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\(Default) = MSS+ Identifier

-> {HKLM...CLSID} = MSS+ Identifier

\InProcServer32\(Default) = C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [McAfee, Inc.]

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub

-> {HKLM...CLSID} = Adobe PDF Link Helper

\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated]

{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}\(Default) = Search Helper

-> {HKLM...CLSID} = Search Helper

\InProcServer32\(Default) = C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [MS]

{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided)

-> {HKLM...CLSID} = Groove GFS Browser Helper

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

-> {HKLM...CLSID} = Java Plug-In SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre6\bin\ssv.dll [sun Microsystems, Inc.]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)

-> {HKLM...CLSID} = Windows Live Aanmelden - Help

\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]

{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)

-> {HKLM...CLSID} = Google Toolbar Helper

\InProcServer32\(Default) = C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.]

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO

-> {HKLM...CLSID} = Skype Browser Helper

\InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)

-> {HKLM...CLSID} = Google Toolbar Notifier BHO

\InProcServer32\(Default) = C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [Google Inc.]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)

-> {HKLM...CLSID} = Java Plug-In 2 SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre6\bin\jp2ssv.dll [sun Microsystems, Inc.]

{E7E6F031-17CE-4C07-BC86-EABFE594F69C}\(Default) = JQSIEStartDetectorImpl

-> {HKLM...CLSID} = JQSIEStartDetectorImpl Class

\InProcServer32\(Default) = C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [sun Microsystems, Inc.]

{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\(Default) = HP Smart BHO Class

-> {HKLM...CLSID} = HP Smart BHO Class

\InProcServer32\(Default) = C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [Hewlett-Packard Co.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

DropboxExt4\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = {99FD978C-D287-4F50-827F-B2C658EDA8E7}

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = {920E6DB1-9907-4370-B3A0-BAFC03D81399}

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = {16F3DD56-1AF5-4347-846D-7C10C4192619}

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{88895560-9AA2-1069-930E-00AA0030EBC8} = HyperTerminal-pictogramuitbreiding

-> {HKLM...CLSID} = HyperTerminal Icon Ext

\InProcServer32\(Default) = C:\WINDOWS\system32\hticons.dll [Hilgraeve, Inc.]

{E0D79304-84BE-11CE-9641-444553540000} = WinZip

-> {HKLM...CLSID} = WinZip

\InProcServer32\(Default) = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [WinZip Computing, Inc.]

{E0D79305-84BE-11CE-9641-444553540000} = WinZip

-> {HKLM...CLSID} = WinZip

\InProcServer32\(Default) = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [WinZip Computing, Inc.]

{E0D79306-84BE-11CE-9641-444553540000} = WinZip

-> {HKLM...CLSID} = WinZip

\InProcServer32\(Default) = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [WinZip Computing, Inc.]

{E0D79307-84BE-11CE-9641-444553540000} = WinZip

-> {HKLM...CLSID} = WinZip

\InProcServer32\(Default) = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [WinZip Computing, Inc.]

{BDA77241-42F6-11d0-85E2-00AA001FE28C} = LDVP Shell Extensions

-> {HKLM...CLSID} = VpshellEx Class

\InProcServer32\(Default) = C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll [symantec Corporation]

{B327765E-D724-4347-8B16-78AE18552FC3} = NeroDigitalIconHandler

-> {HKLM...CLSID} = NeroDigitalIconHandler Class

\InProcServer32\(Default) = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll [Nero AG]

{7F1CF152-04F8-453A-B34C-E609530A9DC8} = NeroDigitalPropSheetHandler

-> {HKLM...CLSID} = NeroDigitalPropSheetHandler Class

\InProcServer32\(Default) = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll [Nero AG]

{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper

-> {HKLM...CLSID} = Groove GFS Browser Helper

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = Groove GFS Explorer Bar

-> {HKLM...CLSID} = Groove Folder Synchronization

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{A449600E-1DC6-4232-B948-9BD794D62056} = Groove GFS Stub Icon Handler

-> {HKLM...CLSID} = Groove GFS Stub Icon Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook

-> {HKLM...CLSID} = Groove GFS Stub Execution Hook

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{6C467336-8281-4E60-8204-430CED96822D} = Groove GFS Context Menu Handler

-> {HKLM...CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{387E725D-DC16-4D76-B310-2C93ED4752A0} = Groove XML Icon Handler

-> {HKLM...CLSID} = Groove XML Icon Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{16F3DD56-1AF5-4347-846D-7C10C4192619} = Groove Explorer Icon Overlay 3 (GFS Folder)

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} = Groove Explorer Icon Overlay 2 (GFS Stub)

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} = Groove Explorer Icon Overlay 4 (GFS Unread Mark)

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{99FD978C-D287-4F50-827F-B2C658EDA8E7} = Groove Explorer Icon Overlay 1 (GFS Unread Stub)

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{920E6DB1-9907-4370-B3A0-BAFC03D81399} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)

-> {HKLM...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler

-> {HKLM...CLSID} = Outlook File Icon Extension

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL [MS]

{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler

-> {HKLM...CLSID} = Microsoft Office Outlook

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL [MS]

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search

-> {HKLM...CLSID} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL [MS]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\msohevi.dll [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler

-> {HKLM...CLSID} = Microsoft Office Metadata Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler

-> {HKLM...CLSID} = Microsoft Office Thumbnail Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

<<!>> {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} = Microsoft AntiMalware ShellExecuteHook

-> {HKLM...CLSID} = Microsoft AntiMalware ShellExecuteHook

\InProcServer32\(Default) = C:\PROGRA~1\WIFD1F~1\MpShHook.dll [MS]

<<!>> {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook

-> {HKLM...CLSID} = Groove GFS Stub Execution Hook

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\

<<!>> igfxcui\DLLName = igfxdev.dll [intel Corporation]

<<!>> NavLogon\DLLName = C:\WINDOWS\system32\NavLogon.dll [symantec Corporation]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945}

-> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> grooveLocalGWS\CLSID = {88FED34C-F0CA-4636-A375-3CB6248B04CD}

-> {HKLM...CLSID} = Local Groove Web Services Protocol

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [MS]

<<!>> livecall\CLSID = {828030A1-22C1-4009-854F-8E305202313F}

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL [MS]

<<!>> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294}

-> {HKLM...CLSID} = HxProtocol Class

\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [MS]

<<!>> msnim\CLSID = {828030A1-22C1-4009-854F-8E305202313F}

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL [MS]

<<!>> skype-ie-addon-data\CLSID = {91774881-D725-4E58-B298-07617B9B86A8}

-> {HKLM...CLSID} = Skype IE add-on Pluggable Protocol

\InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

<<!>> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}

-> {HKLM...CLSID} = IEProtocolHandler Class

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL [skype Technologies]

HKCU\Software\Classes\*\shellex\ContextMenuHandlers\

DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

LDVPMenu\(Default) = {BDA77241-42F6-11d0-85E2-00AA001FE28C}

-> {HKLM...CLSID} = VpshellEx Class

\InProcServer32\(Default) = C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll [symantec Corporation]

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000}

-> {HKLM...CLSID} = WinZip

\InProcServer32\(Default) = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [WinZip Computing, Inc.]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM...CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}\(Default) = (no title provided)

-> {HKLM...CLSID} = NBShellHook Class

\InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG]

HKLM\SOFTWARE\Classes\*\shellex\DragDropHandlers\

NBShellHook\(Default) = {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}

-> {HKLM...CLSID} = NBShellHook Class

\InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

-> {HKLM...CLSID} = MBAMShlExt Class

\InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM...CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\

DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000}

-> {HKLM...CLSID} = WinZip

\InProcServer32\(Default) = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [WinZip Computing, Inc.]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM...CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000}

-> {HKLM...CLSID} = WinZip

\InProcServer32\(Default) = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [WinZip Computing, Inc.]

HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\

DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Documents and Settings\Filip\Application Data\Dropbox\bin\DropboxExt.17.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}

-> {HKLM...CLSID} = GraphicsShellExt Class

\InProcServer32\(Default) = C:\WINDOWS\system32\igfxpph.dll [intel Corporation]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM...CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = NeroDigitalExt.NeroDigitalColumnHandler

-> {HKLM...CLSID} = NeroDigitalColumnHandler Class

\InProcServer32\(Default) = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll [Nero AG]

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info

-> {HKLM...CLSID} = PDF Shell Extension

\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

LDVPMenu\(Default) = {BDA77241-42F6-11d0-85E2-00AA001FE28C}

-> {HKLM...CLSID} = VpshellEx Class

\InProcServer32\(Default) = C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll [symantec Corporation]

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

-> {HKLM...CLSID} = MBAMShlExt Class

\InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000}

-> {HKLM...CLSID} = WinZip

\InProcServer32\(Default) = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [WinZip Computing, Inc.]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM...CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}\(Default) = (no title provided)

-> {HKLM...CLSID} = NBShellHook Class

\InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

NBShellHook\(Default) = {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}

-> {HKLM...CLSID} = NBShellHook Class

\InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG]

WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000}

-> {HKLM...CLSID} = WinZip

\InProcServer32\(Default) = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [WinZip Computing, Inc.]

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\

disableregistrytools = (REG_DWORD) dword:0x00000000

{User Configuration|Administrative Templates|System|

Prevent access to registry editing tools}

HKCU\Software\Policies\Microsoft\Windows\System\

disablecmd = (REG_DWORD) dword:0x00000000

{User Configuration|Administrative Templates|System|

Disable the command prompt}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

DisableRegistryTools = (REG_DWORD) dword:0x00000000

{unrecognized setting}

Active Desktop and Wallpaper:

-----------------------------

Active Desktop may be enabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

Wallpaper = C:\WINDOWS\system32\config\systemprofile\Bureaublad\ANN&GHISLAIN_-21.jpg

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

Wallpaper = C:\Documents and Settings\Filip\Local Settings\Application Data\Microsoft\Wallpaper1.bmp

Enabled Screen Saver:

---------------------

HKCU\Control Panel\Desktop\

SCRNSAVE.EXE = C:\WINDOWS\system32\ssstars.scr [MS]

Windows Portable Device AutoPlay Handlers

-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

DropboxAutoplayProxy\

Provider = Dropbox

InvokeProgID = Dropbox.AutoplayEventHandlerProxy

InvokeVerb = import

HKLM\SOFTWARE\Classes\Dropbox.AutoplayEventHandlerProxy\shell\import\DropTarget\CLSID = {F38F335B-BC2E-450E-8FC6-0E13E17FC8FE}

-> {HKLM...CLSID} = Dropbox Autoplay Proxy COM Server

\LocalServer32\(Default) = C:\Program Files\Dropbox\DropboxProxy.exe /autoplayproxy [Dropbox, Inc.]

HPAutoplayPSE\

Provider = HP Photosmart Essential 2.01

InvokeProgID = HpqPSApl.Autoplay

InvokeVerb = Play

HKLM\SOFTWARE\Classes\HpqPSApl.Autoplay\shell\Play\DropTarget\CLSID = {A6873065-D632-4615-A3A9-C5F05EE109C1}

-> {HKLM...CLSID} = (no title provided)

\LocalServer32\(Default) = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqPsApl.exe [Hewlett-Packard]

MSWPDShellNamespaceHandler\

Provider = @%SystemRoot%\System32\WPDShextRes.dll,-501

CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}

InitCmdLine =

-> {HKLM...CLSID} = WPDShextAutoplay

\LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS]

NeroAutoPlay7AudioToNeroDigital\

Provider = Nero Burning ROM

InvokeProgID = Nero.AutoPlay7

InvokeVerb = AudioToNeroDigital_PlayCDAudioOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\AudioToNeroDigital_PlayCDAudioOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L [Nero AG]

NeroAutoPlay7CDAudio\

Provider = Nero Express

InvokeProgID = Nero.AutoPlay7

InvokeVerb = CDAudio_HandleCDBurningOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CDAudio_HandleCDBurningOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /New:AudioCD [Nero AG]

NeroAutoPlay7CopyCD\

Provider = Nero Burning ROM

InvokeProgID = Nero.AutoPlay7

InvokeVerb = CopyCD_PlayMusicFilesOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CopyCD_PlayMusicFilesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:DiscCopy %L [Nero AG]

NeroAutoPlay7DataDisc\

Provider = Nero Express

InvokeProgID = Nero.AutoPlay7

InvokeVerb = DataDisc_HandleCDBurningOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\DataDisc_HandleCDBurningOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /New:ISODisc [Nero AG]

NeroAutoPlay7LaunchNeroStartSmart\

Provider = Nero StartSmart

InvokeProgID = Nero.AutoPlay7

InvokeVerb = LaunchNeroStartSmart_HandleCDBurningOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe /AutoPlay [Nero AG]

NeroAutoPlay7PlayAudioCD\

Provider = Nero ShowTime

InvokeProgID = Nero.AutoPlay7

InvokeVerb = PlayAudioCD_PlayMusicFilesOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayAudioCD_PlayMusicFilesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L [Nero AG]

NeroAutoPlay7PlayDVD\

Provider = Nero ShowTime

InvokeProgID = Nero.AutoPlay7

InvokeVerb = PlayDVD_PlayVideoFilesOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayDVD_PlayVideoFilesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L [Nero AG]

NeroAutoPlay7RipCD\

Provider = Nero Burning ROM

InvokeProgID = Nero.AutoPlay7

InvokeVerb = RipCD_PlayCDAudioOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\RipCD_PlayCDAudioOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L [Nero AG]

NeroAutoPlay7TranscodeVideo\

Provider = Nero Recode

InvokeProgID = Nero.AutoPlay7

InvokeVerb = TranscodeVideo_PlayDVDMovieOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\TranscodeVideo_PlayDVDMovieOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero Recode\Recode.exe /New:CopyDVDVideo [Nero AG]

NeroAutoPlay7VideoCapture\

Provider = Nero Vision

ProgID = Shell.HWEventHandlerShellExecute

InitCmdLine = /New:VideoCapture

HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}

-> {HKLM...CLSID} = ShellExecute HW Event Handler

\LocalServer32\(Default) = rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS]

NeroAutoPlay7ViewPhotos\

Provider = Nero PhotoSnap Viewer

InvokeProgID = Nero.AutoPlay7

InvokeVerb = ViewPhotos_ShowPicturesOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\ViewPhotos_ShowPicturesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero PhotoSnap\PhotoSnapViewer.exe / [Nero AG]

Startup items in "Filip" & "All Users" startup folders:

-------------------------------------------------------

C:\Documents and Settings\Filip\Menu Start\Programma's\Opstarten {++}

OneNote 2007 Schermopname en Snel starten -> shortcut to: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [MS]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten {++}

HP Digital Imaging Monitor -> shortcut to: C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [Hewlett-Packard Co.]

McAfee Security Scan Plus -> shortcut to: C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [McAfee, Inc.]

Enabled Scheduled Tasks: {++}

------------------------

AppleSoftwareUpdate -> launches: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.]

FRU Task #Hewlett-Packard#hp psc 1200 series#1182406226 -> launches: C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe -I "#Hewlett-Packard#hp psc 1200 series#1182406226" [empty string]

GoogleUpdateTaskMachineCore -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /c [Google Inc.]

GoogleUpdateTaskMachineUA -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]

MP Scheduled Scan -> launches: C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges [MS]

User_Feed_Synchronization-{DFC984F9-C404-45D9-A4CD-D6135A44C127} -> launches: C:\WINDOWS\system32\msfeedssync.exe sync [MS]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

000000000002\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

000000000003\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15

%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05

Toolbars, Explorer Bars, Extensions:

------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\

{2318C2B1-4965-11D4-9B18-009027A5CD4F}

-> {HKLM...CLSID} = Google Toolbar

\InProcServer32\(Default) = C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.]

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\

{2318C2B1-4965-11D4-9B18-009027A5CD4F} = (no title provided)

-> {HKLM...CLSID} = Google Toolbar

\InProcServer32\(Default) = C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.]

Explorer Bars

HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = Groove Folder Synchronization

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Classes\CLSID\{555D4D79-4BD2-4094-A395-CFC534424A05}\(Default) = HP Smart Web Printing

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_bho.dll [Hewlett-Packard Co.]

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\

{2670000A-7350-4F3C-8081-5663EE0C6C49}\

ButtonText = Verzenden naar OneNote

MenuText = Verz&enden naar OneNote

CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C}

-> {HKLM...CLSID} = Send to OneNote from Internet Explorer button

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll [MS]

{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\

ButtonText = Skype Click to Call

MenuText = Skype Click to Call

CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5}

-> {HKLM...CLSID} = Skype Browser Helper

\InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\

ButtonText = Research

BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

-> {HKLM...CLSID} = &Onderzoeken

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [MS]

{DDE87865-83C5-48C4-8357-2F5B1AA84522}\

ButtonText = Toon of verberg HP Smart Web Printing

CLSIDExtension = {DDE87865-83C5-48c4-8357-2F5B1AA84522}

-> {HKLM...CLSID} = ClipBookBtn Class

\InProcServer32\(Default) = C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [Hewlett-Packard Co.]

{E2E2DD38-D088-4134-82B7-F2BA38496583}\

MenuText = @xpsp3res.dll,-20001

Exec = %windir%\Network Diagnostic\xpnetdiag.exe [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\

ButtonText = Messenger

MenuText = Windows Messenger

Exec = C:\Program Files\Messenger\msmsgs.exe [MS]

Miscellaneous IE Hijack Points

------------------------------

HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\

<<H>> _Tabs = res://ieframe.dll/tabswelcome.htm [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, C:\WINDOWS\system32\Ati2evxx.exe [ATI Technologies Inc.]

HP CUE DeviceDiscovery-service, hpqddsvc, C:\WINDOWS\system32\svchost.exe -k hpdevmgmt {C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll [Hewlett-Packard Co.]}

hpqcxs08, hpqcxs08, C:\WINDOWS\system32\svchost.exe -k hpdevmgmt {C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [Hewlett-Packard Co.]}

Java Quick Starter, JavaQuickStarterService, "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [sun Microsystems, Inc.]

Machine Debug Manager, MDM, "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" [MS]

Net Driver HPZ12, Net Driver HPZ12, C:\WINDOWS\System32\svchost.exe -k HPZ12 {C:\WINDOWS\system32\HPZinw12.dll [Hewlett-Packard]}

Pml Driver HPZ12, Pml Driver HPZ12, C:\WINDOWS\System32\svchost.exe -k HPZ12 {C:\WINDOWS\system32\HPZipm12.dll [Hewlett-Packard]}

PnkBstrA, PnkBstrA, C:\WINDOWS\system32\PnkBstrA.exe [null data]

PnkBstrB, PnkBstrB, C:\WINDOWS\system32\PnkBstrB.exe [null data]

SeaPort, SeaPort, "C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [MS]

SupportSoft Sprocket Service (belgacom), sprtsvc_belgacom, C:\Program Files\Belgacom\bin\sprtsvc.exe /service /p belgacom [supportSoft, Inc.]

Symantec AntiVirus, Symantec AntiVirus, "C:\Program Files\Symantec AntiVirus\Rtvscan.exe" [symantec Corporation]

Symantec AntiVirus Definition Watcher, DefWatch, "C:\Program Files\Symantec AntiVirus\DefWatch.exe" [symantec Corporation]

Symantec Event Manager, ccEvtMgr, "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" [symantec Corporation]

Symantec Settings Manager, ccSetMgr, "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" [symantec Corporation]

Windows Defender, WinDefend, "C:\Program Files\Windows Defender\MsMpEng.exe" [MS]

Safe Mode Drivers & Services (subkey name, subkey default value):

-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\

<<!>> hitmanpro37,

<<!>> hitmanpro37.sys,

<<!>> HitmanPro37Crusader,

<<!>> HitmanPro37CrusaderBoot,

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> hitmanpro37,

<<!>> hitmanpro37.sys,

<<!>> HitmanPro37Crusader,

<<!>> HitmanPro37CrusaderBoot,

<<!>> SupportSoft RemoteAssist, Service

Print Monitors:

---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\

hpzsnt07\Driver = hpzsnt07.dll [HP]

PCL Language Monitor\Driver = hpz3l5ha.dll [Hewlett-Packard Company]

PDFCreator\Driver = pdfcmnnt.dll [null data]

Send To Microsoft OneNote Monitor\Driver = msonpmon.dll [MS]

<<H>>: Suspicious data at a browser hijack point.

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Bert\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Filip\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Filip\Local Settings\Application Data\Mozilla\Firefox\Profiles\sn07wbf2.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Filip\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\Filip\LOCALS~1\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Filip\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

kweezie wabbit · 13 mei 2013

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Download Java Runtime Environment (JRE) 7 Update 21.

Selecteer "Accept License Agreement"
Klik op de jre-7u21-windows-i586.exe link en bewaar het naar je Bureaublad.
Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm > Software of Start > Configuratiescherm > Programma's en onderdelen (bij Vista) en verwijder alle oudere versies van Java uit de Softwarelijst.
Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart je pc.
Dubbelklik vervolgens op jre-7u21-windows-i586.exe op je Bureaublad om de nieuwste versie van Java te installeren.
Na de installatie mag je het bestand jre-7u21-windows-i586.exe weer verwijderen.

bdeweerdt · 16 mei 2013

Update geïnstalleerd. Zijn er nog te ondernemen stappen?

Bedankt!

kweezie wabbit · 17 mei 2013

Als je geen problemen meer ondervind, mag je nog het volgende doen.

Download "Delfix by Xplode"

Start de tool middels dubbelklik.

Zet nu vinkjes voor de volgende items:

Remove disinfection tools
Create registry backup
Purge System Restore
Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”.

Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”.

Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse van het register niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Als dit allemaal zonder problemen verlopen is, mag je dit onderwerp afsluiten door een klik op de knop +Markeer als opgelost.

Nog veel computerplezier

bdeweerdt · 21 mei 2013

Nogmaals dank!

# DelFix v10.2 - Logfile created 21/05/2013 at 11:30:47

# Updated 02/04/2013 by Xplode

# Username : Filip - PC_DEWEERDT

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\Program Files\Trend Micro\Hijackthis

Deleted : C:\AdwCleaner[s1].txt

Deleted : C:\ComboFix.txt

Deleted : C:\zoek-results.log

Deleted : C:\Documents and Settings\Filip\Bureaublad\HiJackThis.lnk

Deleted : C:\Documents and Settings\Filip\Bureaublad\hijackthis.log

Deleted : C:\Documents and Settings\Filip\Bureaublad\zoek.exe

Deleted : C:\Documents and Settings\Filip\Mijn documenten\Downloads\adwcleaner.exe

Deleted : C:\Documents and Settings\Filip\Mijn documenten\Downloads\HiJackThis.msi

Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\HijackThis

Deleted : HKLM\SOFTWARE\AdwCleaner

Deleted : HKLM\SOFTWARE\Swearware

Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #1 [Controlepunt van systeem | 05/10/2013 16:57:13]

Deleted : RP #2 [Controlepunt van systeem | 05/11/2013 17:30:41]

Deleted : RP #3 [Controlepunt van systeem | 05/12/2013 17:59:55]

Deleted : RP #4 [Controlepunt van systeem | 05/13/2013 18:15:02]

Deleted : RP #5 [software Distribution Service 3.0 | 05/14/2013 15:45:46]

Deleted : RP #6 [software Distribution Service 3.0 | 05/15/2013 16:19:13]

Deleted : RP #7 [software Distribution Service 3.0 | 05/15/2013 21:14:05]

Deleted : RP #8 [software Distribution Service 3.0 | 05/16/2013 15:58:19]

Deleted : RP #9 [Removed Java 6 Update 11 | 05/16/2013 19:20:03]

Deleted : RP #10 [Removed Java 6 Update 3 | 05/16/2013 19:20:53]

Deleted : RP #11 [Removed Java SE Runtime Environment 6 Update 1 | 05/16/2013 19:21:43]

Deleted : RP #12 [installed Java 7 Update 21 | 05/16/2013 19:56:51]

Deleted : RP #13 [software Distribution Service 3.0 | 05/17/2013 12:12:54]

Deleted : RP #14 [Controlepunt van systeem | 05/20/2013 20:19:32]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Inloggen

Federal Computer Crime Unit Virus

Aanbevolen berichten

kweezie wabbit

Link naar reactie

Delen op andere sites

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Geplaatste afbeeldingen

bdeweerdt

Link naar reactie

Delen op andere sites

kweezie wabbit

Link naar reactie

Delen op andere sites

bdeweerdt

Link naar reactie

Delen op andere sites

kweezie wabbit

Link naar reactie

Delen op andere sites

bdeweerdt

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie