Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Hotbar?

None
64 antwoorden
  • Gisteren scande ik mijn PC met Spyware Doctor en die vond 390 infecties van Hotbar in de registry (in HKCR\Interface en HKCR\Typelib). Deze werden door Spyware Doctor in quarantaine geplaatst.
    Na herstart van de PC en scannen met Spyware Doctor werden weer dezelfde 390 infecties gevonden. Ik heb vervolgens een aantal verwijdertools voor Hotbar geprobeerd, maar de infecties blijven aanwezig. De Symantec Adware.Hotbar Removal Tool meldt overigens dat Hotbar niet op mijn PC is aangetroffen.
    Ik heb nooit Hotbar op mijn PC geïnstalleerd en op mijn harde schijf is ook geen enkele map met die naam o.i.d. aanwezig. Ook in Configuratiescherm Software is niets over Hotbar te vinden.
    Wie weet hoe ik definitief van die spyware afkom?
  • Maak even een hijackthislogje en post dit.
  • [quote:a086c1dbeb="M@rc"]Maak even een hijackthislogje en post dit.[/quote:a086c1dbeb]
    Da's makkelijker gevraagd dan gedaan. Ik zou niet weten wat je bedoelt.
  • Download HijackThis.
    Unzip het. Sla het bestand op in een eigen map. Niet op je bureaublad of in je Temp-files. HijackThis maakt namelijk backups in de map waar het opgestart wordt.
    Run het programma. Klik op scan, save log en sla het log op als een .txt bestand.
    Kopieer en plak de volledige inhoud van dit logbestand in je volgende bericht.
  • <knip>
  • Log is moeilijk leesbaar zo.

    Ga naar Start - Uitvoeren en tik in: notepad.exe
    Klik op OK.
    Ga in Kladblok naar Opmaak, en haal het vinkje voor "Automatische terugloop" weg.
    Sluit Notepad terug af.

    Maak een nieuwe HijackThislog. Post deze.
  • [quote:b7edfcd82a="M@rc"]Log is moeilijk leesbaar zo.

    Ga naar Start - Uitvoeren en tik in: notepad.exe
    Klik op OK.
    Ga in Kladblok naar Opmaak, en haal het vinkje voor "Automatische terugloop" weg.
    Sluit Notepad terug af.

    Maak een nieuwe HijackThislog. Post deze.[/quote:b7edfcd82a]
    Logfile of HijackThis v1.99.1
    Scan saved at 14:13:41, on 4-11-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Stardock\SDMCP.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Portrait Displays, Inc\Pivot Software\wpctrl.exe
    C:\WINDOWS\StartupMonitor.exe
    C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
    C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\WINDOWS\system32\WTablet\TabUserW.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Portrait Displays, Inc\Pivot Software\floater.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
    C:\Program Files\Logitech\Easy Synchronization\LogitechEasySync.exe
    C:\Program Files\Norton AntiVirus
    avapsvc.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\WINDOWS\system32\Tablet.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Norton AntiVirus\OPScan.exe
    C:\Temp\hjt\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration783.dll
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

    O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe

    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays, Inc.\Pivot Software\wpctrl.exe"
    O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
    O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Save with Download Manager… - file://C:\Program Files\J River\Media Center 11\DMDownload.htm
    O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin
    pjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin
    pjpi150_04.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6E2D6932-3885-4FA2-8DD4-DB63FFE33797} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkCnv.cab
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
    O18 - Protocol: bw+0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: Festoon - (no CLSID) - (no file)
    O18 - Protocol: offline-8876480 - {D892F583-DD43-4882-8873-D3F85D9AB568} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: vskype - (no CLSID) - (no file)
    O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll
    O20 - Winlogon Notify: LBTServ - C:\Program Files\Common Files\Logitech\Bluetooth\lbtserv.dll
    O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll
    O20 - Winlogon Notify: WBSrv - C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
    O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files\Stardock\Object Desktop\IconPackager\iprepair.dll
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Program Files\Logitech\Easy Synchronization\servicestub.exe
    O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus
    avapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe







  • Het volledig quoten van mijn posts is een beetje zinloos.

    Indien je geen gebruik maakt van de Logitech Desktop Messenger, kan je deze best deïnstalleren.

    Je hebt HijackThis gestart vanuit je Temp-map. HijackThis maakt backups van de sleutels die je verwijdert. In je Temp-map gaan deze backups heel makkelijk verloren. Verplaats daarom Hijacktis.exe naar een eigen map (vb.: c:\hijackthis) en start HijackThis vanuit die map.

    Sluit alle open vensters, run HijackThis nog een keer en plaats een vinkje bij de volgende items:

    [b:52ade92811]O18 - Protocol: Festoon - (no CLSID) - (no file)
    O18 - Protocol: vskype - (no CLSID) - (no file)[/b:52ade92811]

    Klik daarna op "Fix checked" en sluit HijackThis af.

    Scan de computer met een geupdate Ad-Aware SE. Instructies vind je hier.
    Doe dit bij voorkeur in veilige modus.
  • Alles gedaan wat je hebt geadviseerd.
    Ad-aware vindt niets (vond dat overigens ook eerder al niet, terwijl Spyware Doctor dat dus wel deed).
    Als ik nu Hijackthis draai staan de twee door jou genoemde items er overigens nog gewoon in.
    Spyware Doctor vindt opnieuw 390 infecties.
  • Kan je posten wat Spyware doctor vindt?

    Download de Registry Search Tool hier. Unzip en run het script. Krijg je een reactie van je antivirusprogramma dan moet je Script blocking uitschakelen in het anti-virusprogramma. In het Zoekveld geef je het volgende in:
    [b:c6144a19f7]Festoon[/b:c6144a19f7]
    Post het resultaat.

    Doe hetzelfde voor [b:c6144a19f7]vskype[/b:c6144a19f7]
  • Dit is wat Spyware Doctor vindt (390 items):

    Infection Name Location Risk
    HotBar HKCR\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87} Low
    HotBar HKCR\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}## Low
    HotBar HKCR\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}\ProxyStubClsid Low
    HotBar HKCR\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}\TypeLib Low
    HotBar HKCR\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}\TypeLib## Low
    HotBar HKCR\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}\TypeLib##Version Low
    HotBar HKCR\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909} Low
    HotBar HKCR\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909}## Low
    HotBar HKCR\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909}\ProxyStubClsid Low
    HotBar HKCR\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909}\TypeLib Low
    HotBar HKCR\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909}\TypeLib## Low
    HotBar HKCR\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909}\TypeLib##Version Low
    HotBar HKCR\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B} Low
    HotBar HKCR\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B}## Low
    HotBar HKCR\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B}\ProxyStubClsid Low
    HotBar HKCR\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B}\TypeLib Low
    HotBar HKCR\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B}\TypeLib## Low
    HotBar HKCR\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B}\TypeLib##Version Low
    HotBar HKCR\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007} Low
    HotBar HKCR\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007}## Low
    HotBar HKCR\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007}\ProxyStubClsid Low
    HotBar HKCR\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007}\TypeLib Low
    HotBar HKCR\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007}\TypeLib## Low
    HotBar HKCR\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007}\TypeLib##Version Low
    HotBar HKCR\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790} Low
    HotBar HKCR\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790}## Low
    HotBar HKCR\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790}\ProxyStubClsid Low
    HotBar HKCR\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790}\TypeLib Low
    HotBar HKCR\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790}\TypeLib## Low
    HotBar HKCR\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790}\TypeLib##Version Low
    HotBar HKCR\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2} Low
    HotBar HKCR\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2}## Low
    HotBar HKCR\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2}\ProxyStubClsid Low
    HotBar HKCR\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2}\TypeLib Low
    HotBar HKCR\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2}\TypeLib## Low
    HotBar HKCR\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2}\TypeLib##Version Low
    HotBar HKCR\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B} Low
    HotBar HKCR\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B}## Low
    HotBar HKCR\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B}\ProxyStubClsid Low
    HotBar HKCR\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B}\TypeLib Low
    HotBar HKCR\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B}\TypeLib## Low
    HotBar HKCR\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B}\TypeLib##Version Low
    HotBar HKCR\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098} Low
    HotBar HKCR\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098}## Low
    HotBar HKCR\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098}\ProxyStubClsid Low
    HotBar HKCR\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098}\TypeLib Low
    HotBar HKCR\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098}\TypeLib## Low
    HotBar HKCR\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098}\TypeLib##Version Low
    HotBar HKCR\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F} Low
    HotBar HKCR\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F}## Low
    HotBar HKCR\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F}\ProxyStubClsid Low
    HotBar HKCR\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F}\TypeLib Low
    HotBar HKCR\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F}\TypeLib## Low
    HotBar HKCR\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F}\TypeLib##Version Low
    HotBar HKCR\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5} Low
    HotBar HKCR\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5}## Low
    HotBar HKCR\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5}\ProxyStubClsid Low
    HotBar HKCR\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5}\TypeLib Low
    HotBar HKCR\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5}\TypeLib## Low
    HotBar HKCR\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5}\TypeLib##Version Low
    HotBar HKCR\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68} Low
    HotBar HKCR\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68}## Low
    HotBar HKCR\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68}\ProxyStubClsid Low
    HotBar HKCR\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68}\TypeLib Low
    HotBar HKCR\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68}\TypeLib## Low
    HotBar HKCR\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68}\TypeLib##Version Low
    HotBar HKCR\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979} Low
    HotBar HKCR\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979}## Low
    HotBar HKCR\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979}\ProxyStubClsid Low
    HotBar HKCR\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979}\TypeLib Low
    HotBar HKCR\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979}\TypeLib## Low
    HotBar HKCR\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979}\TypeLib##Version Low
    HotBar HKCR\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44} Low
    HotBar HKCR\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44}## Low
    HotBar HKCR\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44}\ProxyStubClsid Low
    HotBar HKCR\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44}\TypeLib Low
    HotBar HKCR\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44}\TypeLib## Low
    HotBar HKCR\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44}\TypeLib##Version Low
    HotBar HKCR\Interface\{47146231-B550-4B13-B9E7-4257F740F39D} Low
    HotBar HKCR\Interface\{47146231-B550-4B13-B9E7-4257F740F39D}## Low
    HotBar HKCR\Interface\{47146231-B550-4B13-B9E7-4257F740F39D}\ProxyStubClsid Low
    HotBar HKCR\Interface\{47146231-B550-4B13-B9E7-4257F740F39D}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{47146231-B550-4B13-B9E7-4257F740F39D}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{47146231-B550-4B13-B9E7-4257F740F39D}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{47146231-B550-4B13-B9E7-4257F740F39D}\TypeLib Low
    HotBar HKCR\Interface\{47146231-B550-4B13-B9E7-4257F740F39D}\TypeLib## Low
    HotBar HKCR\Interface\{47146231-B550-4B13-B9E7-4257F740F39D}\TypeLib##Version Low
    HotBar HKCR\Interface\{5C61669E-F0CE-4126-B365-316588E6228F} Low
    HotBar HKCR\Interface\{5C61669E-F0CE-4126-B365-316588E6228F}## Low
    HotBar HKCR\Interface\{5C61669E-F0CE-4126-B365-316588E6228F}\ProxyStubClsid Low
    HotBar HKCR\Interface\{5C61669E-F0CE-4126-B365-316588E6228F}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{5C61669E-F0CE-4126-B365-316588E6228F}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{5C61669E-F0CE-4126-B365-316588E6228F}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{5C61669E-F0CE-4126-B365-316588E6228F}\TypeLib Low
    HotBar HKCR\Interface\{5C61669E-F0CE-4126-B365-316588E6228F}\TypeLib## Low
    HotBar HKCR\Interface\{5C61669E-F0CE-4126-B365-316588E6228F}\TypeLib##Version Low
    HotBar HKCR\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4} Low
    HotBar HKCR\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4}## Low
    HotBar HKCR\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4}\ProxyStubClsid Low
    HotBar HKCR\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4}\TypeLib Low
    HotBar HKCR\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4}\TypeLib## Low
    HotBar HKCR\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4}\TypeLib##Version Low
    HotBar HKCR\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135} Low
    HotBar HKCR\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135}## Low
    HotBar HKCR\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135}\ProxyStubClsid Low
    HotBar HKCR\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135}\TypeLib Low
    HotBar HKCR\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135}\TypeLib## Low
    HotBar HKCR\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135}\TypeLib##Version Low
    HotBar HKCR\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E} Low
    HotBar HKCR\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E}## Low
    HotBar HKCR\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E}\ProxyStubClsid Low
    HotBar HKCR\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E}\TypeLib Low
    HotBar HKCR\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E}\TypeLib## Low
    HotBar HKCR\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E}\TypeLib##Version Low
    HotBar HKCR\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D} Low
    HotBar HKCR\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D}## Low
    HotBar HKCR\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D}\ProxyStubClsid Low
    HotBar HKCR\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D}\TypeLib Low
    HotBar HKCR\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D}\TypeLib## Low
    HotBar HKCR\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D}\TypeLib##Version Low
    HotBar HKCR\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5} Low
    HotBar HKCR\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5}## Low
    HotBar HKCR\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5}\ProxyStubClsid Low
    HotBar HKCR\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5}\TypeLib Low
    HotBar HKCR\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5}\TypeLib## Low
    HotBar HKCR\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5}\TypeLib##Version Low
    HotBar HKCR\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A} Low
    HotBar HKCR\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A}## Low
    HotBar HKCR\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A}\ProxyStubClsid Low
    HotBar HKCR\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A}\TypeLib Low
    HotBar HKCR\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A}\TypeLib## Low
    HotBar HKCR\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A}\TypeLib##Version Low
    HotBar HKCR\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2} Low
    HotBar HKCR\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2}## Low
    HotBar HKCR\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2}\ProxyStubClsid Low
    HotBar HKCR\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2}\TypeLib Low
    HotBar HKCR\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2}\TypeLib## Low
    HotBar HKCR\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2}\TypeLib##Version Low
    HotBar HKCR\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702} Low
    HotBar HKCR\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702}## Low
    HotBar HKCR\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702}\ProxyStubClsid Low
    HotBar HKCR\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702}\TypeLib Low
    HotBar HKCR\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702}\TypeLib## Low
    HotBar HKCR\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702}\TypeLib##Version Low
    HotBar HKCR\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E} Low
    HotBar HKCR\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E}## Low
    HotBar HKCR\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E}\ProxyStubClsid Low
    HotBar HKCR\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E}\TypeLib Low
    HotBar HKCR\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E}\TypeLib## Low
    HotBar HKCR\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E}\TypeLib##Version Low
    HotBar HKCR\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A} Low
    HotBar HKCR\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A}## Low
    HotBar HKCR\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A}\ProxyStubClsid Low
    HotBar HKCR\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A}\TypeLib Low
    HotBar HKCR\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A}\TypeLib## Low
    HotBar HKCR\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A}\TypeLib##Version Low
    HotBar HKCR\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D} Low
    HotBar HKCR\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D}## Low
    HotBar HKCR\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D}\ProxyStubClsid Low
    HotBar HKCR\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D}\TypeLib Low
    HotBar HKCR\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D}\TypeLib## Low
    HotBar HKCR\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D}\TypeLib##Version Low
    HotBar HKCR\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD} Low
    HotBar HKCR\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD}## Low
    HotBar HKCR\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD}\ProxyStubClsid Low
    HotBar HKCR\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD}\TypeLib Low
    HotBar HKCR\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD}\TypeLib## Low
    HotBar HKCR\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD}\TypeLib##Version Low
    HotBar HKCR\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147} Low
    HotBar HKCR\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147}## Low
    HotBar HKCR\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147}\ProxyStubClsid Low
    HotBar HKCR\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147}\TypeLib Low
    HotBar HKCR\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147}\TypeLib## Low
    HotBar HKCR\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147}\TypeLib##Version Low
    HotBar HKCR\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5} Low
    HotBar HKCR\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5}## Low
    HotBar HKCR\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5}\ProxyStubClsid Low
    HotBar HKCR\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5}\TypeLib Low
    HotBar HKCR\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5}\TypeLib## Low
    HotBar HKCR\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5}\TypeLib##Version Low
    HotBar HKCR\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726} Low
    HotBar HKCR\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726}## Low
    HotBar HKCR\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726}\ProxyStubClsid Low
    HotBar HKCR\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726}\TypeLib Low
    HotBar HKCR\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726}\TypeLib## Low
    HotBar HKCR\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726}\TypeLib##Version Low
    HotBar HKCR\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673} Low
    HotBar HKCR\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673}## Low
    HotBar HKCR\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673}\ProxyStubClsid Low
    HotBar HKCR\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673}\TypeLib Low
    HotBar HKCR\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673}\TypeLib## Low
    HotBar HKCR\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673}\TypeLib##Version Low
    HotBar HKCR\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7} Low
    HotBar HKCR\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7}## Low
    HotBar HKCR\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7}\ProxyStubClsid Low
    HotBar HKCR\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7}\TypeLib Low
    HotBar HKCR\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7}\TypeLib## Low
    HotBar HKCR\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7}\TypeLib##Version Low
    HotBar HKCR\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324} Low
    HotBar HKCR\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324}## Low
    HotBar HKCR\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324}\ProxyStubClsid Low
    HotBar HKCR\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324}\TypeLib Low
    HotBar HKCR\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324}\TypeLib## Low
    HotBar HKCR\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324}\TypeLib##Version Low
    HotBar HKCR\Interface\{D80AC53D-E102-4A55-A265-529A626515E5} Low
    HotBar HKCR\Interface\{D80AC53D-E102-4A55-A265-529A626515E5}## Low
    HotBar HKCR\Interface\{D80AC53D-E102-4A55-A265-529A626515E5}\ProxyStubClsid Low
    HotBar HKCR\Interface\{D80AC53D-E102-4A55-A265-529A626515E5}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{D80AC53D-E102-4A55-A265-529A626515E5}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{D80AC53D-E102-4A55-A265-529A626515E5}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{D80AC53D-E102-4A55-A265-529A626515E5}\TypeLib Low
    HotBar HKCR\Interface\{D80AC53D-E102-4A55-A265-529A626515E5}\TypeLib## Low
    HotBar HKCR\Interface\{D80AC53D-E102-4A55-A265-529A626515E5}\TypeLib##Version Low
    HotBar HKCR\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378} Low
    HotBar HKCR\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378}## Low
    HotBar HKCR\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378}\ProxyStubClsid Low
    HotBar HKCR\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378}\TypeLib Low
    HotBar HKCR\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378}\TypeLib## Low
    HotBar HKCR\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378}\TypeLib##Version Low
    HotBar HKCR\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C} Low
    HotBar HKCR\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C}## Low
    HotBar HKCR\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C}\ProxyStubClsid Low
    HotBar HKCR\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C}\TypeLib Low
    HotBar HKCR\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C}\TypeLib## Low
    HotBar HKCR\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C}\TypeLib##Version Low
    HotBar HKCR\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04} Low
    HotBar HKCR\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04}## Low
    HotBar HKCR\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04}\ProxyStubClsid Low
    HotBar HKCR\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04}\TypeLib Low
    HotBar HKCR\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04}\TypeLib## Low
    HotBar HKCR\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04}\TypeLib##Version Low
    HotBar HKCR\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83} Low
    HotBar HKCR\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83}## Low
    HotBar HKCR\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83}\ProxyStubClsid Low
    HotBar HKCR\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83}\TypeLib Low
    HotBar HKCR\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83}\TypeLib## Low
    HotBar HKCR\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83}\TypeLib##Version Low
    HotBar HKCR\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF} Low
    HotBar HKCR\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF}## Low
    HotBar HKCR\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF}\ProxyStubClsid Low
    HotBar HKCR\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF}\TypeLib Low
    HotBar HKCR\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF}\TypeLib## Low
    HotBar HKCR\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF}\TypeLib##Version Low
    HotBar HKCR\Interface\{F7919641-3978-4668-8388-7310329C800E} Low
    HotBar HKCR\Interface\{F7919641-3978-4668-8388-7310329C800E}## Low
    HotBar HKCR\Interface\{F7919641-3978-4668-8388-7310329C800E}\ProxyStubClsid Low
    HotBar HKCR\Interface\{F7919641-3978-4668-8388-7310329C800E}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{F7919641-3978-4668-8388-7310329C800E}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{F7919641-3978-4668-8388-7310329C800E}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{F7919641-3978-4668-8388-7310329C800E}\TypeLib Low
    HotBar HKCR\Interface\{F7919641-3978-4668-8388-7310329C800E}\TypeLib## Low
    HotBar HKCR\Interface\{F7919641-3978-4668-8388-7310329C800E}\TypeLib##Version Low
    HotBar HKCR\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9} Low
    HotBar HKCR\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9}## Low
    HotBar HKCR\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9}\ProxyStubClsid Low
    HotBar HKCR\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9}\TypeLib Low
    HotBar HKCR\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9}\TypeLib## Low
    HotBar HKCR\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9}\TypeLib##Version Low
    HotBar HKCR\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723} Low
    HotBar HKCR\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723}## Low
    HotBar HKCR\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723}\ProxyStubClsid Low
    HotBar HKCR\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723}\ProxyStubClsid## Low
    HotBar HKCR\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723}\ProxyStubClsid32 Low
    HotBar HKCR\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723}\ProxyStubClsid32## Low
    HotBar HKCR\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723}\TypeLib Low
    HotBar HKCR\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723}\TypeLib## Low
    HotBar HKCR\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723}\TypeLib##Version Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E} Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}## Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2 Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2## Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2\0 Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2\0## Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2\0\win32 Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2\0\win32## Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2\FLAGS Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2\FLAGS## Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2\HELPDIR Low
    HotBar HKCR\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}\3.2\HELPDIR## Low


    Festoon is inmiddels verdwenen in Hijackthis, omdat ik het inmiddels heb gedeïnstalleerd.
    Vskype kan ik niet deïnstalleren omdat dat niet voorkomt in Configuratiescherm Software.
    Je suggestie over de registry searchtool ga ik zodadelijk uitvoeren.
  • [quote:f476073cc6="M@rc"]Kan je posten wat Spyware doctor vindt?

    Download de Registry Search Tool hier. Unzip en run het script. Krijg je een reactie van je antivirusprogramma dan moet je Script blocking uitschakelen in het anti-virusprogramma. In het Zoekveld geef je het volgende in:
    [b:f476073cc6]Festoon[/b:f476073cc6]
    Post het resultaat.

    Doe hetzelfde voor [b:f476073cc6]vskype[/b:f476073cc6][/quote:f476073cc6]
    Het resultaat van Registry Search Tool voor 'vskype'
    REGEDIT4
    ; RegSrch.vbs © Bill James

    ; Registry search results for string "vskype" 4-11-2005 15:17:21

    ; NOTE: This file will be deleted when you close WordPad.
    ; You must manually save this file to a new location if you want to refer to it again later.
    ; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
    "C:\\Program Files\\Santa Cruz Networks\\vSkype\"=""

    [HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Communicatie\Internet\Skype\vSkype]

    [HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\vSkype]

    [HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004\Software\Classes\PROTOCOLS\Handler\vskype]

    [HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004_Classes\PROTOCOLS\Handler\vskype]
  • Registry Search Tool meldt voor 'festoon'het volgende:

    REGEDIT4
    ; RegSrch.vbs © Bill James

    ; Registry search results for string "festoon" 4-11-2005 15:25:26

    ; NOTE: This file will be deleted when you close WordPad.
    ; You must manually save this file to a new location if you want to refer to it again later.
    ; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


    [HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Communicatie\Internet\Skype\Festoon]

    [HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Festoon]

    [HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004\Software\mlin\StartupCPL\Disabled\HKLM-Run]
    "Festoon"="C:\\Program Files\\Santa Cruz Networks\\Festoon\\Festoon.exe"

    [HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004\Software\Santa Cruz Networks\FestoonClient]

    UPDATE
    Overigens vond ik op internet ook nog dat Vskype nu Festoon is.
  • Open een kladblokbestand.
    Kopieer onderstaande code in dit kladblokbestand.
    Ga naar Bestand - Opslaan als.
    Bij "Opslaan in" kies je: Bureaublad
    Bij "Bestandsnaam" zet je: fix.reg
    Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
    Klik op de knop Opslaan.
    [code:1:0d1d50bde1]REGEDIT4

    [-HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004\Software\Classes\PROTOCOLS\Handler\vskype]

    [-HKEY_USERS\S-1-5-21-796845957-1637723038-839522115-1004_Classes\PROTOCOLS\Handler\vskype]
    [/code:1:0d1d50bde1]
    Dubbelklik op de fix.reg file en laat de wijzigingen aan het register toevoegen.
    Dat verwijdert die andere O18 in je log.

    De registersleutels van die scan zeggen me weinig.
    Ben je vertrouwd met werken in het register?
    Anders gooi je ze weg.

    Ik kan een regfile maken om die sleutels te verwijderen, maar ik kan je niet garanderen dat deze sleutels inderdaad gerelateerd zijn aan Hotbar.
  • De fix.reg heeft inderdaad vskype uit Hijackthis verwijderd.
    Ik heb alle sleutels m.b.t. festoon en vskype uit de registry verwijderd.
    Helaas blijft Spyware Doctor de hotbar-infecties vinden.
    In elk geval bedankt voor de genomen moeite.
  • Nomaals, ik kan de sleutels niet thuisbrengen, en weet echt niet of ze gerelateerd zijn aan Hotbar.
    Onderstaande regfile zou de sleutels moeten verwijderen, maar je doet dit uiteraard op eigen risico.

    Open een kladblokbestand.
    Kopieer onderstaande code in dit kladblokbestand.
    Ga naar Bestand - Opslaan als.
    Bij "Opslaan in" kies je: Bureaublad
    Bij "Bestandsnaam" zet je: fix2.reg
    Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
    Klik op de knop Opslaan.
    [code:1:0c080ce366]REGEDIT4

    [-HKEY_CLASSES_ROOT\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}]

    [-HKEY_CLASSES_ROOT\Interface\{0B8EDB8D-4575-4942-9C34-55591E415909}]

    [-HKEY_CLASSES_ROOT\Interface\{278EAD7A-2A45-4D4E-ACB4-A1A4AD9BB54B}]

    [-HKEY_CLASSES_ROOT\Interface\{2B539D9C-127A-4F10-855F-EF31C83D2007}]

    [-HKEY_CLASSES_ROOT\Interface\{2D91877A-468C-4802-8CD7-21F6BF776790}]

    [-HKEY_CLASSES_ROOT\Interface\{3120A5E4-552D-4EDF-8C48-70C5D5FF22D2}]

    [-HKEY_CLASSES_ROOT\Interface\{31CE2164-4D5C-4508-BCA7-B10E11D08E6B}]

    [-HKEY_CLASSES_ROOT\Interface\{359A062F-CDA8-4A9C-9B28-588446D35098}]

    [-HKEY_CLASSES_ROOT\Interface\{35EFAD55-134A-47BF-912A-44A9D9FD556F}]

    [-HKEY_CLASSES_ROOT\Interface\{38F95B22-32BF-4378-B3EC-47B2C09DE1F5}]

    [-HKEY_CLASSES_ROOT\Interface\{3D177BA8-BF8C-45E2-8CA2-20ACA6269A68}]

    [-HKEY_CLASSES_ROOT\Interface\{3E1392BB-3B66-4A39-BBD0-259FC2BDC979}]

    [-HKEY_CLASSES_ROOT\Interface\{45128C11-A7E5-46D2-A164-3D1273E92C44}]

    [-HKEY_CLASSES_ROOT\Interface\{47146231-B550-4B13-B9E7-4257F740F39D}]

    [-HKEY_CLASSES_ROOT\Interface\{5C61669E-F0CE-4126-B365-316588E6228F}]

    [-HKEY_CLASSES_ROOT\Interface\{60E5F55E-236F-422D-A5F9-560F1778CCD4}]

    [-HKEY_CLASSES_ROOT\Interface\{62B6A513-3764-42CD-8410-9B81E8DFF135}]

    [-HKEY_CLASSES_ROOT\Interface\{6A5D680A-8F9F-4752-A056-2C0273F60B4E}]

    [-HKEY_CLASSES_ROOT\Interface\{6CCD925E-E833-4BE3-A62E-D3C8838C5D6D}]

    [-HKEY_CLASSES_ROOT\Interface\{6CDD1F89-FC3B-401C-B1F1-932C48F45EB5}]

    [-HKEY_CLASSES_ROOT\Interface\{78412EB9-E06B-4484-BC85-0B1594F6E23A}]

    [-HKEY_CLASSES_ROOT\Interface\{7EE495F3-345B-4CC1-AAB7-A255ED85EED2}]

    [-HKEY_CLASSES_ROOT\Interface\{82B58FCB-73F3-46DC-A52D-74D3FE359702}]

    [-HKEY_CLASSES_ROOT\Interface\{86797248-1A4E-41D0-A0C3-2175A36B3D0E}]

    [-HKEY_CLASSES_ROOT\Interface\{919DF860-D321-4D02-AC3D-1C25EFAE551A}]

    [-HKEY_CLASSES_ROOT\Interface\{AA6CCB5D-0F97-4A37-A077-8B49FB5BC60D}]

    [-HKEY_CLASSES_ROOT\Interface\{C18D120C-B7AB-4499-8BDC-0CD2BD0861FD}]

    [-HKEY_CLASSES_ROOT\Interface\{C1DFD382-E253-434D-B22D-2E47233B6147}]

    [-HKEY_CLASSES_ROOT\Interface\{C52D8C84-C5DD-457B-993B-04E997B330E5}]

    [-HKEY_CLASSES_ROOT\Interface\{CACB61E0-AEEA-404D-88E1-7F3BCA8B8726}]

    [-HKEY_CLASSES_ROOT\Interface\{CD5B9523-6EAF-4D63-8FE8-C081C51D1673}]

    [-HKEY_CLASSES_ROOT\Interface\{D45B0772-5801-4E61-9CBA-84120557A4D7}]

    [-HKEY_CLASSES_ROOT\Interface\{D7E6FB7C-A22F-4A9D-A89D-653D1AA37324}]

    [-HKEY_CLASSES_ROOT\Interface\{D80AC53D-E102-4A55-A265-529A626515E5}]

    [-HKEY_CLASSES_ROOT\Interface\{DBCAD616-BFD4-4C72-8D87-C5926921D378}]

    [-HKEY_CLASSES_ROOT\Interface\{E16F1874-C5B1-4400-A9F0-08E7FD4D3F8C}]

    [-HKEY_CLASSES_ROOT\Interface\{E3EC74BB-5522-462D-A00F-2728C53FCA04}]

    [-HKEY_CLASSES_ROOT\Interface\{EBB4EBA9-D546-4C85-A05A-167BF875FB83}]

    [-HKEY_CLASSES_ROOT\Interface\{F71D2854-2609-4A63-B4BF-BF2BA61A61CF}]

    [-HKEY_CLASSES_ROOT\Interface\{F7919641-3978-4668-8388-7310329C800E}]

    [-HKEY_CLASSES_ROOT\Interface\{F961CE9D-AE2B-4CFB-887C-3A055FF685C9}]

    [-HKEY_CLASSES_ROOT\Interface\{FFBBDECE-4363-4B4D-B35E-39EFF228C723}]

    [-HKEY_CLASSES_ROOT\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}]

    [/code:1:0c080ce366]
    Dubbelklik op fix2.reg en laat de wijzigingen aan het register toevoegen.
  • Ik heb je suggestie opgevolgd en daarna de PC opnieuw opgestart.
    Spyware Doctor vindt nog steeds dezelfde infecties.
    Lijkt erop dat iets bij het opstarten van het systeem de spyware steeds weer opnieuw installeert. Maar wat?
  • Niet noodzakelijk hoor.
    Het kan ook zijn dat dit een rechtenprobleem is.
    Ben je ingelogd met een beheerdersaccount als je scant met dat programma of als je de regfix uitvoert?

    Probeer de regfix en de in veilige modus te doen.

    Lukt dat niet dan vrees ik dat het register in moet.
    Ben je vertrouwd met werken in het register?
  • [quote:ffacaa951a="M@rc"]Niet noodzakelijk hoor.
    Ben je ingelogd met een beheerdersaccount als je scant met dat programma of als je de regfix uitvoert?
    Probeer de regfix en de in veilige modus te doen.
    Ben je vertrouwd met werken in het register?[/quote:ffacaa951a]
    Ik ben inderdaad ingelogd met een beheerdersaccount.
    Ik heb de regfix en Spyware Doctor ook in de veilige modus uitgevoerd.
    Ik kan wel een beetje met het register overweg.
  • Let goed op wat je doet, je gaat nu werken in je register.
    Als je iets verkeerd verwijdert, is er geen weg terug. (geen undo-functie aanwezig)
    Maak misschien eerst best een systeemherstelpunt aan voor je start.
    Controleer elke handeling die je doet.

    Download Reglite: http://www.resplendence.com/download
    eglite.exe .
    Installeer en run het programma. In het scherm dat opent geef je bij Adress het volgende in:
    [code:1:d5bfab6b29]HKEY_CLASSES_ROOT\Interface\{0A95BE2D-1543-46BE-AD6D-18653034BF87}[/code:1:d5bfab6b29].
    In het linkerscherm is de map {0A95BE2D-1543-46BE-AD6D-18653034BF87} paars geselecteerd. Controleer dit.
    Indien dit niet zo is stop je, indien wel ga je verder.
    Rechtsklik op deze map, kies Properties en klik op Take Ownership.
    Klik op OK.
    De map {0A95BE2D-1543-46BE-AD6D-18653034BF87} moet nu nog steeds paars geselecteerd zijn in het linkervenster. (controleer dit).
    Rechtsklik op deze map, en kies Delete.

    Laat me weten of dit lukt.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.