Hierbij plaats ik een logje van mijn vader zijn pc. Hij krijgt telkens hij z'n pc opstart een installer tevoorschijn met de naam Status. Hij heeft dit gekregen nadat hij alles heeft verwijderd ivm zijn gps Garmin en het programma MyPoi. Omdat die ook telkens een fout melding gaf en hij wou ze opnieuw installeren maar na de deïnstallatie krijgt hij nu telkens die installer van Status en hij weet niet van waar het komt. Doordat programma kan hij ook geen systeemherstel doen. Ik hoop dat jullie vinden wat het is.
Alvast bedankt

Hier is het logje:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:55:37, on 18/12/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSP Mirage.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\MsiExec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2088433
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
R3 - URLSearchHook: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\tbTogg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\tbTogg.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file)
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\s wg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\tbTogg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSP Mirage.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZKfox000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell Services - C:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXE
O23 - Service: Google Update Service (gupdate1c98b62fe418e3b) (gupdate1c98b62fe418e3b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\Program Files\Common Files\X10\Common\X10nets.exe

--
End of file - 11114 bytes

Het gaat om het bestand status.msi dit had ik er vergeten bij te melden.

Hallo, sorry voor het storen, maar bij de downloads staat er een programmaatje die zo'n bestanden kan verwijderen:
http://www.minatica.be/downloads.php?do=file&id=356

Hallo, sorry voor het storen, maar bij de downloads staat er een programmaatje die zo'n bestanden kan verwijderen:
http://www.minatica.be/downloads.php?do=file&id=356
Dit progamma werkt enkel als je weet welk bestand er tegenwerkt. Maar wij hebben geen idee welk bestand er tegen werkt. Deze installer is er plots opgekomen en we krijgen het niet weg. En hij zoekt het bestand status.msi , maar hij vindt het niet.

Hoi,

verwijder in software volgende: MyWebSearch

Rechtsklik op C:\Program Files\Trend Micro\HijackThis\HijackThis.exe en kies voor "Als Administrator uitvoeren.
Bevestig de melding die je krijgt van Gebruikersaccountbeheer, door op "Toestaan" te klikken.
Klik daarna op knop "Scan".
Plaats een vinkje bij de volgende items:

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\2.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\M3PLUGIN.DLL,UPF
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE

Sluit alle open vensters, behalve HijackThis, en klik op Fix Checked. Sluit HijackThis.

Download MalwareBytes' Anti-Malware (http://www.besttechie.net/mbam/mbam-setup.exe) en sla het op je bureaublad op.
Dubbelklik op mbam-setup.exe om het programma te installeren.


Zorg dat er na de installatie een vinkje is geplaatst bij:

Update MalwareBytes' Anti-Malware
Start MalwareBytes' Anti-Malware
Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.
Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
Druk vervolgens op "Scannen" om de scan te starten.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.
MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.
Plaats dit logje samen met een nieuw logje van HijackThis (Als Admin uitvoeren).

logje:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:43:22, on 19/12/2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSP Mirage.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2088433
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\tbTogg.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\s wg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\tbTogg.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] "C:\Program Files\ExtraFilm PhotoAssistant\Agent.exe"
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSP Mirage.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer BE NL\EFUploadSrv.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Packard Bell Services - C:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXE
O23 - Service: Google Update Service (gupdate1c98b62fe418e3b) (gupdate1c98b62fe418e3b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\Program Files\Common Files\X10\Common\X10nets.exe

--
End of file - 9851 bytes


Malware byte log:

Malwarebytes' Anti-Malware 1.42
Database versie: 3392
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

19/12/2009 15:39:04
mbam-log-2009-12-19 (15-39-04).txt

Scan type: Snelle Scan
Objecten gescand: 101882
Verstreken tijd: 5 minute(s), 24 second(s)

Geheugenprocessen geïnfecteerd: 3
Geheugenmodulen geïnfecteerd: 5
Registersleutels geïnfecteerd: 148
Registerwaarden geïnfecteerd: 6
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 15
Bestanden geïnfecteerd: 70

Geheugenprocessen geïnfecteerd:
C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Unloaded process successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Unloaded process successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.

Geheugenmodulen geïnfecteerd:
C:\Program Files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.

Registersleutels geïnfecteerd:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillersche duler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillersche duler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercon trolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercon trolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager. 1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager. 1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutt on (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutt on.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersetting scontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersetting scontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplu gin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplu gin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugi n (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugi n.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin .1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverin staller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverin staller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e24211b3-a78a-c6a9-d317-70979ace5058} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NetProject (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlo ok\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\ Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Bestanden geïnfecteerd:
C:\Program Files\MyWebSearch\bar\2.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\2.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\System32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\Gery Verburgh\downloads\regtool.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Gery Verburgh\downloads\WebfettiSetup2.3.50.26.ZKfox000 .exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3REGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\2.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Users\Gery Verburgh\Favorites\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Dit scherm is eigenlijk het probleem dat telkens terug komt.

http://img199.imageshack.us/i/screenoo.jpg/http://img199.imageshack.us/img199/5036/screenoo.jpg (http://img199.imageshack.us/i/screenoo.jpg/)

http://img199.imageshack.us/i/screenoo.jpg/

Download Combofix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) naar je Bureaublad en gebruik het volgens deze handleiding (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden).

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen! Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Klik op OK in het "NirCmd" venstertje.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.Post dit logje in je volgende antwoord.[/quote]

Log van combofix

ComboFix 09-12-19.01 - Gery Verburgh 20/12/2009 12:25:36.2.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.3071.2217 [GMT 1:00]
Gestart vanuit: c:\users\Gery Verburgh\Downloads\ComboFix.exe
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Voorgaande Run -------
.
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\users\Gery Verburgh\AppData\Roaming\inst.exe
c:\users\Gery Verburgh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videos.url
c:\users\Gery Verburgh\Favorites\Videos.url
c:\users\GERYVE~1\FAVORI~1\Videos.url

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BHDRVX86
-------\Service_BHDrvx86


(((((((((((((((((((( Bestanden Gemaakt van 2009-11-20 to 2009-12-20 ))))))))))))))))))))))))))))))
.

2009-12-20 11:31 . 2009-12-20 11:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-20 10:52 . 2009-12-18 18:04 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 9.020\NAVENG.SYS
2009-12-20 10:52 . 2009-12-18 18:04 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 9.020\EECTRL.SYS
2009-12-20 10:52 . 2009-12-18 18:04 2747440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 9.020\CCERASER.DLL
2009-12-20 10:52 . 2009-12-18 18:04 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 9.020\ECMSVR32.DLL
2009-12-20 10:52 . 2009-12-18 18:04 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 9.020\NAVENG32.DLL
2009-12-20 10:52 . 2009-12-18 18:04 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 9.020\NAVEX32A.DLL
2009-12-20 10:52 . 2009-12-18 18:04 1323568 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 9.020\NAVEX15.SYS
2009-12-20 10:52 . 2009-12-18 18:04 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 9.020\ERASER.SYS
2009-12-19 14:32 . 2009-12-19 14:32 -------- d-----w- c:\users\Gery Verburgh\AppData\Roaming\Malwarebytes
2009-12-19 14:32 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-19 14:32 . 2009-12-19 14:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-19 14:32 . 2009-12-19 14:32 -------- d-----w- c:\programdata\Malwarebytes
2009-12-19 14:32 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-19 14:06 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217. 002\IDSvix86.sys
2009-12-19 14:06 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217. 002\IDSXpx86.sys
2009-12-19 14:06 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217. 002\Scxpx86.dll
2009-12-19 14:06 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217. 002\IDSxpx86.dll
2009-12-19 14:06 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217. 002\IDSviA64.sys
2009-12-18 16:42 . 2009-12-18 16:42 -------- d-----w- c:\program files\CCleaner
2009-12-18 16:11 . 2009-12-18 16:35 -------- d-----w- c:\program files\Unlocker
2009-12-18 11:36 . 2009-12-18 16:38 -------- d-----w- c:\users\Gery Verburgh\AppData\Roaming\Reg Tool
2009-12-18 11:35 . 2009-12-18 16:42 -------- d-----w- c:\program files\Reg Tool
2009-12-18 10:55 . 2009-12-18 10:55 -------- d-----w- c:\program files\Trend Micro
2009-12-18 02:36 . 2009-12-18 02:36 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 8.003\naveng.sys
2009-12-18 02:36 . 2009-12-18 02:36 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 8.003\eeCtrl.sys
2009-12-18 02:36 . 2009-12-18 02:36 2747440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 8.003\cceraser.dll
2009-12-18 02:36 . 2009-12-18 02:36 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 8.003\ecmsvr32.dll
2009-12-18 02:36 . 2009-12-18 02:36 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 8.003\naveng32.dll
2009-12-18 02:36 . 2009-12-18 02:36 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 8.003\navex32a.dll
2009-12-18 02:36 . 2009-12-18 02:36 1323568 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 8.003\navex15.sys
2009-12-18 02:36 . 2009-12-18 02:36 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009121 8.003\eraser.sys
2009-12-17 12:54 . 2009-12-17 13:28 -------- d-----w- c:\windows\F43C97F72F8C462C85DD2166C98CCF9E.TMP
2009-12-17 12:54 . 2009-12-17 13:28 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-14 16:05 . 2009-12-14 16:05 -------- d-----w- c:\users\Gery Verburgh\AppData\Local\Diagnostics
2009-12-04 12:42 . 2009-12-04 12:42 34816 ----a-w- c:\users\Gery Verburgh\AppData\Roaming\Thinstall\Microsoft Office Enterprise 2007\300000005700002h\WINWORD.EXE
2009-12-04 12:42 . 2009-12-04 12:42 -------- d-----w- c:\users\Gery Verburgh\AppData\Roaming\Thinstall
2009-11-26 12:02 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-12-20 10:55 . 2009-02-10 09:35 -------- d-----w- c:\programdata\Google Updater
2009-12-18 16:35 . 2009-09-18 17:37 -------- d-----w- c:\program files\Netlog Uploader
2009-12-18 16:35 . 2009-09-08 14:26 -------- d-----w- c:\program files\Apple Software Update
2009-12-18 16:35 . 2009-08-31 15:22 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2009-12-18 16:35 . 2009-08-06 17:29 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-18 16:35 . 2008-10-29 09:01 -------- d-----w- c:\program files\LimeWire Plus
2009-12-18 16:35 . 2008-09-12 12:56 -------- d-----w- c:\program files\ExtraFilm PhotoAssistant
2009-12-18 16:35 . 2008-06-15 10:45 -------- d-----w- c:\program files\PhotoScape
2009-12-17 15:40 . 2009-07-03 09:29 -------- d-----w- c:\programdata\Hema Album Software be-nl Advanced
2009-12-17 15:39 . 2009-04-28 11:37 -------- d-----w- c:\program files\GRETECH
2009-12-17 13:28 . 2009-09-08 14:27 -------- d-----w- c:\program files\QuickTime
2009-12-17 13:28 . 2009-11-20 10:27 -------- d-----w- c:\programdata\Apple Computer
2009-12-17 13:28 . 2008-06-17 06:42 -------- d-----w- c:\users\Gery Verburgh\AppData\Roaming\Arcsoft
2009-12-17 13:28 . 2008-06-12 17:24 -------- d-----w- c:\programdata\HP Product Assistant
2009-12-17 12:06 . 2008-07-14 12:37 -------- d-----w- c:\program files\Mio Technology
2009-12-17 12:06 . 2008-06-28 17:23 -------- d-----w- c:\programdata\MyPoiWorld
2009-12-11 10:45 . 2008-10-29 09:02 -------- d-----w- c:\users\Gery Verburgh\AppData\Roaming\LimeWirePlus
2009-12-10 20:45 . 2008-06-23 10:57 -------- d-----w- c:\users\Gery Verburgh\AppData\Roaming\Skype
2009-12-10 20:44 . 2009-02-21 13:04 -------- d-----w- c:\users\Gery Verburgh\AppData\Roaming\skypePM
2009-12-10 13:15 . 2008-04-16 12:34 -------- d-----w- c:\programdata\Microsoft Help
2009-12-06 16:54 . 2009-07-14 08:27 701592 ----a-w- c:\windows\system32\perfh013.dat
2009-12-06 16:54 . 2009-07-14 08:27 134946 ----a-w- c:\windows\system32\perfc013.dat
2009-12-05 10:52 . 2008-01-25 13:55 -------- d-----w- c:\program files\Google
2009-12-04 13:46 . 2008-01-25 13:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-04 11:12 . 2008-10-17 14:53 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-03 18:06 . 2009-12-03 18:06 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-11-12 16:06 . 2008-06-12 17:20 176281 ----a-w- c:\windows\hpoins21.dat
2009-11-06 09:50 . 2008-04-23 12:21 -------- d-----w- c:\program files\Messenger Plus! Live
2009-11-05 10:55 . 2009-11-05 10:55 -------- d-----w- c:\users\Gery Verburgh\AppData\Roaming\Blitware
2009-11-03 14:31 . 2008-01-25 13:43 -------- d-----w- c:\programdata\NVIDIA
2009-10-31 20:28 . 2009-10-31 20:28 140600 ----a-w- c:\users\Gery Verburgh\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-31 20:28 . 2009-10-31 20:28 101 ----a-w- c:\users\Gery Verburgh\AppData\Local\fusioncache.dat
2009-10-31 20:25 . 2009-10-31 20:25 -------- d-sh--we c:\programdata\Sjablonen
2009-10-31 20:25 . 2009-10-31 20:25 -------- d-sh--we c:\programdata\Menu Start
2009-10-31 20:25 . 2009-10-31 20:25 -------- d-sh--we c:\programdata\Favorieten
2009-10-31 20:25 . 2009-10-31 20:25 -------- d-sh--we c:\programdata\Documenten
2009-10-31 20:25 . 2009-10-31 20:25 -------- d-sh--we c:\programdata\Bureaublad
2009-10-31 20:10 . 2009-10-31 20:10 22160 ----a-w- c:\windows\system32\emptyregdb.dat
2009-10-31 19:49 . 2009-07-30 14:47 -------- d-----w- c:\programdata\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
2009-10-31 19:48 . 2009-07-30 14:35 -------- d-----w- c:\programdata\Norton
2009-10-31 19:47 . 2009-04-28 11:42 -------- d-----w- c:\program files\VistaCodecPack
2009-10-31 19:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-10-31 19:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-10-31 19:47 . 2009-10-16 12:10 -------- d-----w- c:\program files\ToggleDU
2009-10-31 19:47 . 2009-07-30 14:44 -------- d-----w- c:\program files\Symantec
2009-10-31 19:47 . 2008-01-25 14:02 -------- d-----r- c:\program files\Skype
2009-10-31 19:47 . 2008-05-11 10:00 -------- d-----w- c:\program files\Seagate
2009-10-31 19:47 . 2008-04-20 17:20 -------- d-----w- c:\program files\Sega
2009-10-31 19:47 . 2008-01-25 13:55 -------- d-----w- c:\program files\Roxio
2009-10-31 19:47 . 2008-01-25 13:48 -------- d-----w- c:\program files\Realtek
2009-10-31 19:47 . 2009-06-22 14:38 -------- d-----w- c:\program files\PopCap Games
2009-10-31 19:47 . 2008-01-25 13:46 -------- d-----w- c:\program files\Packard Bell
2009-10-31 19:47 . 2009-02-23 09:40 -------- d-----w- c:\program files\OpenOffice.org 3
2009-10-31 19:45 . 2008-11-13 13:29 -------- d-----w- c:\program files\Microsoft
2009-10-31 19:45 . 2008-04-16 12:10 -------- d-----w- c:\program files\Logitech
2009-10-31 19:45 . 2009-08-16 14:13 -------- d-----w- c:\program files\LG PC Suite II
2009-10-31 19:45 . 2009-08-16 14:14 -------- d-----w- c:\program files\LG Electronics
2009-10-31 19:45 . 2008-04-16 12:49 -------- d-----w- c:\program files\Java
2009-10-31 19:45 . 2009-09-22 11:57 -------- d-----w- c:\program files\iPhone-configuratieprogramma
2009-10-31 19:45 . 2009-01-15 14:53 -------- d-----w- c:\program files\IVT Corporation
2009-10-31 19:45 . 2008-06-12 17:22 -------- d-----w- c:\program files\HP
2009-10-31 19:45 . 2008-01-25 13:51 -------- d-----w- c:\program files\HDReg
2009-10-31 19:44 . 2008-10-17 10:49 -------- d-----w- c:\program files\ExtraFilm Designer BE NL
2009-10-31 19:44 . 2008-11-28 10:17 -------- d-----w- c:\program files\DVD Shrink
2009-10-31 19:44 . 2008-07-05 07:15 -------- d-----w- c:\program files\DIFX
2009-10-31 19:44 . 2008-01-25 13:47 -------- d-----w- c:\program files\CyberLink
2009-10-31 19:42 . 2008-06-17 06:42 -------- d-----w- c:\program files\ArcSoft
2009-10-31 19:42 . 2009-10-16 12:10 -------- d-----w- c:\program files\3D-WinBrick2001
2009-10-31 19:37 . 2009-10-31 19:37 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_ 00.Wdf
2009-10-30 14:49 . 2008-09-02 09:49 12 ----a-w- c:\windows\bthservsdp.dat
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID Svix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID SXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Sc xpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID Sxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID SviA64.sys
2009-10-16 12:10 . 2009-10-16 12:10 4912718 ----a-w- c:\windows\s&f_UnIn.exe
2009-10-16 11:47 . 2009-02-23 09:46 1 ----a-w- c:\users\Gery Verburgh\AppData\Roaming\OpenOffice.org\3\user\uno _packages\cache\stamp.sys
2009-10-15 09:30 . 2008-10-08 17:01 2380538 ----a-w- c:\programdata\ArcSoft\Global Deploy\CheckUpdate\ArcConnect.exe
2009-10-02 04:06 . 2009-10-31 20:48 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-27 16:47 . 2009-09-27 16:47 2173544 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-27 16:47 . 2009-09-27 16:47 92776 ----a-w- c:\windows\system32\nvmctray.dll
2009-09-27 16:47 . 2009-09-27 16:47 805480 ----a-w- c:\windows\system32\nvsvc.dll
2009-09-27 16:47 . 2009-09-27 16:47 4033128 ----a-w- c:\windows\system32\nvvitvs.dll
2009-09-27 16:47 . 2009-09-27 16:47 3553896 ----a-w- c:\windows\system32\nvgames.dll
2009-09-27 16:47 . 2009-09-27 16:47 3172968 ----a-w- c:\windows\system32\nvwss.dll
2009-09-27 16:47 . 2009-09-27 16:47 215656 ----a-w- c:\windows\system32\nvvsvc.exe
2009-09-27 16:47 . 2009-09-27 16:47 195176 ----a-w- c:\windows\system32\nvmccss.dll
2009-09-27 16:47 . 2009-09-27 16:47 150120 ----a-w- c:\windows\system32\nvshext.dll
2009-09-27 16:47 . 2009-09-27 16:47 1309288 ----a-w- c:\windows\system32\nvsvs.dll
2009-09-27 16:47 . 2009-09-27 16:47 1292904 ----a-w- c:\windows\system32\nvmobls.dll
2009-09-27 16:46 . 2009-09-27 16:46 4942440 ----a-w- c:\windows\system32\nvdisps.dll
2009-09-27 16:46 . 2009-09-27 16:46 13949544 ----a-w- c:\windows\system32\nvcpl.dll
2009-03-31 20:47 . 2008-08-01 18:36 324976 ----a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb 108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}]
2009-07-02 08:18 2215960 ----a-w- c:\program files\ToggleDU\tbTogg.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}"= "c:\program files\ToggleDU\tbTogg.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1}"= "c:\program files\ToggleDU\tbTogg.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-02-10 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-11 4702208]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264]
"ExtraFilmHemmaAgent"="c:\program files\ExtraFilm PhotoAssistant\Agent.exe" [2007-11-05 323584]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2009-08-05 647520]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 81920]
"MSPService"="c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSP Mirage.exe" [2007-06-12 102400]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-12-03 1394000]

c:\users\Gery Verburgh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\N360\030502 0.00B\SymEFA.sys [12/09/2009 8:11 310320]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\N360\0305020. 00B\cchpx86.sys [12/09/2009 8:11 482432]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091217. 002\IDSvix86.sys [19/12/2009 15:06 343088]
R2 EFUploadSrv;ExtraFilm upload service;c:\program files\ExtraFilm Designer BE NL\EFUploadSrv.exe [1/10/2008 14:01 1712128]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [12/09/2009 8:11 117640]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [30/09/2007 9:16 51816]
R3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\System32\drivers\AVerBDA3x.sys [25/01/2008 22:58 1180672]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [26/08/2009 9:00 102448]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\N360\0305020.00 B\symndisv.sys [12/09/2009 8:11 48688]
S2 gupdate1c98b62fe418e3b;Google Update Service (gupdate1c98b62fe418e3b);c:\program files\Google\Update\GoogleUpdate.exe [10/02/2009 10:36 133104]
S3 fssfltr;fssfltr;c:\windows\System32\drivers\fssflt r.sys [12/10/2009 18:35 54632]
S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 21:48 704864]
S3 netr73;Gigabyte RT73 Wireless Driver for Vista for Vista;c:\windows\System32\drivers\netr73.sys [25/01/2008 22:58 247808]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2088433
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Search
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Gery Verburgh\AppData\Roaming\Mozilla\Firefox\Profiles\ agddpghl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2088433&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.zita.be/
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZKfox000&fl=0&ptb=WRSz_vtMcczEoaK2EPqNUw&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn. dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl. dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.d ll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.d ll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug. dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Gery Verburgh\AppData\Roaming\Mozilla\Firefox\Profiles\ agddpghl.default\extensions\moveplayer@movenetwork s.com\platform\WINNT_x86-msvc\plugins\npmnqmp071303000006.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS VERWIJDERD - - - -

MSConfigStartUp-gStart - c:\garmin\gStart.exe



[HKEY_LOCAL_MACHINE\system\ControlSet001\services\N 360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-279042182-1526350775-1722408798-1002\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)

[HKEY_USERS\S-1-5-21-279042182-1526350775-1722408798-1002\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{7356A2E1-C728-41A3-9D81-CB6AE3E5D895}"=""
"{9F750B48-FDD5-49FA-B28A-72578A650DC2}"=""
"{6D9E39B3-FB0E-4838-AE94-58ECA66CFF34}"=""
"{C5A724A4-3E23-4CDD-8F9D-834695EF2124}"=""
"{0A8E688E-5FD0-4ACC-9842-3BD238573944}"=""
"{9E2E1BEC-02B6-45EE-86BE-31DC3FD71154}"=""
"{04A44D7D-9E9A-4EA7-A36F-B8DE3C028670}"=""
"{6010CB0F-1F1C-43FE-BF7C-C73FB6C17EC8}"=""
"{F7990829-4D95-4E81-8E54-6FE88F608710}"=""
"{D9D0EB46-778F-48C0-A4EA-AE8B9C425CD1}"=""
"{ED807582-6854-4E74-9335-584DDAC70FEB}"=""
"{D21DE0E3-9CFD-4956-92D9-C621EBBC225A}"=""
"{24EF528B-468B-4A41-9F53-DD03FED9A577}"=""
"{698170AF-A75B-49AF-B70C-F90225ED5158}"=""
"{8808D602-AB91-4010-BE5F-B0C6E2B84BB1}"=""
"{E94189AE-E242-4271-906D-85E88DC9F355}"=""
"{2980CA00-8435-44C1-8C64-AB3BE39FC19E}"=""
"{1EBB21DB-CCEB-4380-A545-5DD9CEF66AA0}"=""
"{43C33FAF-E952-49E0-BFA0-B6F67EEBDB0B}"=""
"{EDCC33E0-3F03-4E0B-8453-0F1A3D3CC54C}"=""
"{188E9526-1B7A-49CD-96DF-0643B1A38D57}"=""
"{9ADCACDB-0B42-4D9A-8251-C567AC1E79EE}"=""
"{E69F78A2-2864-41A4-9DF8-FAC5965CFFC3}"=""
"{92E798D7-FBD2-4E9B-8139-DDA3988C7F03}"=""
"{CD173A04-22AE-4C5C-91A7-9AC62BB5BCA6}"=""
"{350FAD8A-9CA9-43CB-AEDF-C955717A9FC7}"=""
"{FD3D1A53-A3C8-4C02-A733-7BBA28AA7BF0}"=""
"{35697CC0-CF10-4CF3-9F72-74E58CC5A77C}"=""
"{4A0209F4-17DA-4055-AEFF-7CEA7B3D5D10}"=""
"{D54E1AC8-1582-4144-8F1C-1D158BB97ECE}"=""
"{AA8B3F07-A555-48FB-A30B-5C463DA8058B}"=""
"{2B787861-45F3-4C45-BAA2-693F92E99906}"=""
"{9B83259C-21EC-4D36-8975-A200D9946A16}"=""
"{DC9E00B7-A204-4296-B1A9-785B467505B7}"=""
"{493DE38A-152E-4630-B066-FA8FC727562F}"=""
"{5B50081E-CD04-4535-9163-A619FF5C9AC1}"=""
"{587A41F2-161D-4973-9FD1-BB4447CC41B6}"=""
"{3E1E4ED5-2023-4783-A345-8DC1F8A48304}"=""
"{665DB3D6-B905-40EB-B4E3-7407B2AACDD1}"=""
"{F5D5094A-B631-4DEF-9F22-9845EF4FAC47}"=""
"{A09E8B95-1C68-4FD4-AA79-FE19DE46A504}"=""
"{E142EBBB-A179-493E-9F7D-7436D2344F50}"=""
"{C954C482-EB72-4CC0-AF94-3CB722C6CCF6}"=""
"{3D5CA105-AF52-4FC4-8A5D-7E8A596DFDA9}"=""
"{138223BB-A65C-4595-8829-D619B57BEB9F}"=""
"{F4EA51B6-72D9-40D5-A3F3-C2228C729CD5}"=""
"{CB18BD14-F2B2-40C2-9B0E-432DE852983B}"=""
"{39F90335-2E00-4116-95A0-4D0756E19873}"=""
"{92C00D7E-5DB9-4722-A929-EB1DF3F20A05}"=""
"{458208C8-6302-4965-9954-7831651834C2}"=""
"{F63A68A1-BCE6-4864-A26F-2F6B316CABF5}"=""
"{6BD99C56-E1B4-43A2-AFB0-48AEED84B8DA}"=""
"{4A5442A7-F893-4476-9204-B9C706E199C1}"=""
"{E93F90A8-8D6D-47F2-9938-BDB5BE74CABD}"=""
"{D55A528C-D933-4BEE-964F-C4D2E46D5B63}"=""
"{25DC51EC-2C06-4075-9556-DDA828B90D96}"=""
"{E778C350-EC93-4458-8B35-E2767DDD6CE2}"=""
"{D97D3AFF-92E9-434B-885D-9DEDC2D0D5DE}"=""
"{73D56D3E-3B25-463C-B469-22BDB12C9BBC}"=""
"{B8F84130-8DD0-4C93-A4E9-3E743C63AC7C}"=""
"{59758199-09C6-421A-B6E5-EF464BBFF6B0}"=""
"{AC9039ED-516A-4224-8917-E04E74EC81A4}"=""
"{8EAC5F41-C2DC-4B86-BC76-701693BDB8BA}"=""
"{3EE79C12-3BD5-48BD-8E60-294B99E96C76}"=""
"{0F457700-52BB-4F73-A459-26DD28D81458}"=""
"{E686B893-A199-45D9-BF9D-595BD52C82E2}"=""
"{FDB02354-C733-43BD-A63C-0587C9269994}"=""
"{4B32BC39-E9AB-414C-A4A3-743B9FC2EDA0}"=""
"{25565B4A-F930-49D4-B5F3-E0C1256EF674}"=""
"{70F27923-5212-48BD-B73A-632AF33264A5}"=""
"{724DA9F8-A118-4E91-801C-9E9355111430}"=""
"{AF2FD214-C0E4-426C-A153-500BF542F6F9}"=""
"{48BB2BC1-6679-4CFE-A1B8-F265490BD160}"=""
"{63A8F04A-8675-4E35-91BE-25A58BFCDD12}"=""
"{DC793AA5-9A57-4BDD-9BBF-943E408F1300}"=""
"{E96198FE-04F3-4938-982E-3BA4DAA5B7EB}"=""
"{5A391997-F776-4CA4-A3D4-693C6608BFA1}"=""
"{831F9496-8557-414A-BC26-E4CE4FA45656}"=""
"{C6CBDCA9-50B5-4338-BD7D-6F90C92E5251}"=""
"{9BE4EB7E-A156-4649-A5BB-C1144C61BB71}"=""
"{D3B10BB1-1073-437E-9395-34531A1ACBB4}"=""
"{EEAAA028-09DD-48A6-A532-B278BDCCBD29}"=""
"{34E0211A-F3F9-4FDC-A030-1E91946F1FAD}"=""
"{149EF5C5-0DCB-4D74-B562-1678EC0A0F64}"=""
"{0ED64009-D7C0-4ED1-9A42-3DC745A5CE81}"=""
"{EEDFB008-7C9F-4D13-BF85-5E4DE6C706D2}"=""
"{EBF2F760-3304-43BF-B7CE-4F8957D45376}"=""
"{7FCF0B9F-D7D3-4A35-A418-9A7E5ABF8D8E}"=""
"{A3516082-E23A-4491-842C-25DC0A28878A}"=""
"{675E982F-8BA5-4CB0-B011-EB7BCC47D378}"=""
"{18A3DD32-571D-43EF-A2C7-085A200E6BED}"=""
"{1F9913EA-2CDA-4873-A476-D654F87CB5F6}"=""
"{399B4CD1-1D56-4CAE-BBD5-86232B6BE317}"=""
"{3F228F6D-7A98-49B5-90C9-3889BAB5A5B1}"=""
"{889A29E2-B73E-4D05-9010-A997C94368FE}"=""
"{B6A24E94-8270-4E40-A70A-778C440B026D}"=""
"{E2544FDE-C633-484C-81CA-AE3F261B0251}"=""

[HKEY_LOCAL_MACHINE\software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)

[HKEY_LOCAL_MACHINE\software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession_1008"="{A1E45FFC-ED0B-4A63-9552-CA2ADB885B0A}"
"ccSvcHst_UserSession_1656"="{E10F8241-BFEA-4EB2-88CD-6FE466E4C9A9}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}2"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}2"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"AvProdSession_02"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"AvProdSession_Options_02"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"AvProdSession_Scanless_02"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"clt::AlertChannel_02"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"SDKCHANNEL2"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"ToasterNotify\\SessionID_2"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}2"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"AccountServices_2"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"FormHandler_2"="{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"
"ccSvcHst_UserSession_3620"="{9D9760BA-6808-4027-BC6E-2A7E73A289A0}"
"ccSvcHst_UserSession_3952"="{E2A72755-0329-4983-9C2D-3933AFB0496A}"
"ccSvcHst_UserSession_4056"="{9C3F6137-7D38-4E1E-9F89-2383609E055F}"
"ccSvcHst_UserSession_3296"="{C167B303-5F8D-48B5-BFF6-772E09358128}"
"BashIPCChannel"="{71AA427F-8098-4D65-841B-B04EB74F9AE5}"
"ccSvcHst_UserSession_3612"="{601D4300-D036-4EC1-9850-72634596D1D7}"
"ccSvcHst_N360"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"QuickStart{4302D82E-BA29-4be2-A0EF-72589D61BCD3}"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"IPS_COMMAND_CHANNEL"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"uiPerf_Service_Channel"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"ccGenericEvent_Global_EM"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"ccGenericEvent_Global_LM"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"SNDServiceRequestChannel"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"SNDLocationChannel"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"ccGenericLog_Manager"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"ccSettingsService"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"_isDataPrComm_"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"SymRedirSvcRequestChannel"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"Tuneup_Context_Switch_Channel"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"_buSvcComm_"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"ccSvcHst_UserSession_2428"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"AvProdSession_01"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"AvProdSession_Options_01"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"AvProdSession_Scanless_01"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"_buUIComm_"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"clt::AlertChannel_01"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}1"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"TRUSTCHANNEL"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"SDKCHANNEL1"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"ToasterNotify\\SessionID_1"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"NortonNetServiceIPC"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"NetMapServiceIPC"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"FWAlert"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"g_coVistaProxyChannel"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"_AvProdSvcComm_"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"_StatisticsCommand_"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"AccountServices_1"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"FormHandler_1"="{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"
"_TrustSvcComm_"="{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"

[HKEY_LOCAL_MACHINE\software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{A1E45FFC-ED0B-4A63-9552-CA2ADB885B0A}"=""
"{CCD27F68-7C84-47A3-A4D4-3F0AD72D52F3}"=""
"{3B0D64E5-2301-4612-BDA1-3C7187A4D958}"=""
"{392885BA-40E8-452E-9682-520C8D36949B}"=""
"{F8E4E9AF-ECF3-4CF7-8431-BDA55B56A4D6}"=""
"{0D032FB7-DF99-4608-B116-1EACC53A382F}"=""
"{746FB064-E4C0-4D83-B26A-ACE67350FE31}"=""
"{14CB8D5F-6E09-485B-A71D-BA56A08B7A0F}"=""
"{547FEDC2-F3CC-4A49-9671-81A1CEC4E0F4}"=""
"{1F0C05BE-C782-45A3-AC23-DF177AC47581}"=""
"{8BD3F60C-2D64-4857-9EB1-7D3C0A8CF864}"=""
"{5D3C9715-C606-4F99-A70F-49391272AA25}"=""
"{07B33189-10E3-4B3C-B02B-EB8098991E03}"=""
"{CFE9D7C8-D2EE-4433-9566-21BD452F8E3C}"=""
"{2CD9266C-9903-41FD-B734-078AED6FDEEA}"=""
"{3E3A99A0-DFAE-4896-9C40-18BE57B6ABCB}"=""
"{3C56BE70-CCB6-4F81-85BE-C0C1ABBF3E3A}"=""
"{1927824B-97CD-4756-A6A3-46AB20AE6AE9}"=""
"{76B294F1-C197-498B-A8EC-35B6D1ED8296}"=""
"{4D77BA67-8ABE-481B-9803-1656064523DC}"=""
"{E10F8241-BFEA-4EB2-88CD-6FE466E4C9A9}"=""
"{F8C8DA8E-8FA7-41C0-8D04-1426B9379D2B}"=""
"{0C51914D-E706-444E-93E3-6F409C99A2F5}"=""
"{E641393D-171E-421E-BBA2-A720457A8C51}"=""
"{5A8073DD-F701-4A61-94C2-75F3DAC5FB93}"=""
"{9A57F89E-E65C-4967-93C2-82E3DF64CDC1}"=""
"{6F82A920-E11E-4EFC-A9A8-029A44CF8C42}"=""
"{8A28426F-4D82-4C1B-B044-212D86C1D8C0}"=""
"{7C33C050-4410-4006-8FFA-BCF96E9905AB}"=""
"{6385B68D-10A4-47F9-B88B-13672E393AD7}"=""
"{EE782A19-FF4E-4486-A0E0-BBCC08960801}"=""
"{735C2278-B6FB-4239-BA12-8A406BB09B39}"=""
"{AF7B77C4-99C9-424D-86EC-6E40DF238033}"=""
"{7D2C6D01-FFF6-4F49-ACA5-C0C45210A773}"=""
"{88350A10-9B08-43AA-BCE6-0EBAC901395E}"=""
"{0A96EF84-FBF2-4E8B-BE17-9CCCA7A44539}"=""
"{062A558B-4CC8-49E0-BFC4-1B0845B799A2}"=""
"{F61E11FA-9F4D-41C5-80D2-B85ACA6A52F8}"=""
"{34BAB886-15BB-4CE3-B943-971065E0082C}"=""
"{C1E7AE8E-368A-403B-A1B6-C9F0D4024650}"=""
"{BF77966F-7527-4C74-A348-9690003C06C1}"=""
"{3396C43D-E487-4899-AB46-A220C2B79C17}"=""
"{1EBC908F-E127-4F15-ABEA-53F4424CE2AF}"=""
"{2B8D8139-F9DE-4224-A1C6-D745C8BBA1CC}"=""
"{B04887B5-AC28-4CB7-91CC-423412F651DD}"=""
"{83878F12-3612-41C7-96AA-72DC2D516EB1}"=""
"{63A759D7-8236-44AB-931A-D579253593C3}"=""
"{B4F543AD-9F07-4FBE-B3BF-ADB99CCECAEB}"=""
"{75B92B72-4A10-4FD9-A958-A8ED56B56AC8}"=""
"{3A6DED0A-24E9-4228-A98C-628FCFFC5649}"=""
"{621F1944-C43A-4283-963F-5BEAA8B46908}"=""
"{CD3AD587-5D64-432E-86C3-811FA68BBA77}"=""
"{583084A0-3002-40A7-8E4F-A0303AE5A48B}"=""
"{6EB7ECEC-080F-4885-A609-1AC9FB1BBB42}"=""
"{9F301003-21CD-4E68-B80E-C6691C2493DC}"=""
"{8FBA3B90-97BB-42DA-B95B-868241EE0343}"=""
"{7F31A249-E435-4CE2-85DE-8F6A22B54F26}"=""
"{326BB0A6-2875-423D-94B1-42609AD500BE}"=""
"{008E9DBD-4C91-4F1E-AF4E-81809A873418}"=""
"{D3ED4F57-DDC1-4471-A40A-2AF084D90D6C}"=""
"{8E017E77-0A2C-4247-8D77-4E9FCD876E5A}"=""
"{D1242BC6-EA8D-4BEB-8447-70304D79990B}"=""
"{76A5B591-44BC-4320-94C3-FCE540C3DC72}"=""
"{90A06971-E4F8-408C-9B03-6C3DF6BFF15B}"=""
"{D6545794-C2E1-4E3F-92A1-6FDE1504F9EC}"=""
"{9BF6AF2E-50F8-45C1-ABC5-0416DEB90A81}"=""
"{D848FC31-F5C3-4C6A-9EF3-6AA367BC38C8}"=""
"{EF87CDC8-0F8A-4D3A-A2B2-AF56CAF5CCB7}"=""
"{A32E6836-BD95-41F3-A4F4-1824EED60496}"=""
"{75776770-9472-4A29-8EC0-7E7586FB9282}"=""
"{8FFEABB0-304B-488E-A99B-9AB3B6AFD543}"=""
"{823720F4-61F8-48A9-B3C5-5B472D214557}"=""
"{9C6F394E-C9B2-44E6-B591-CBDF5D345603}"=""
"{6C501518-ADF4-4884-BA95-E9541332F1E0}"=""
"{E3BE8552-26EC-4331-8B49-C4BCF278A45F}"=""
"{55C04081-9AD7-4C87-BC68-E10C5289C58F}"=""
"{84050080-8D73-413D-B56D-05D9DD8D5379}"=""
"{8EB3C525-06AA-45DD-A38C-77AA15AEC1ED}"=""
"{226F9204-6ABE-4260-9433-F7ED96B5208F}"=""
"{36570BED-5C8F-464E-8A4C-321C383CE439}"=""
"{04025E29-F2EE-49D7-A15A-C8BCD2082E8D}"=""
"{CE2D679F-43C4-49B7-BEDA-AA444B256176}"=""
"{7DB3B48F-49E0-4298-9B88-B365F81BCDDF}"=""
"{A2E3E90F-4273-43D2-AEF2-0D9CE87B79EE}"=""
"{EC5BF078-C2AF-442C-8C68-2914902BA032}"=""
"{7028386F-AE1C-4A43-86F4-29D64A34EDC4}"=""
"{73D9698B-90F5-4737-B8A1-913D2BC661A2}"=""
"{E878F09C-8463-4459-8F36-EC4728E27F8F}"=""
"{3A1A81E6-78C1-4B6C-9C46-585305DD88DF}"=""
"{5FE18D69-1355-4680-A80F-3D22B332BA29}"=""
"{5EEBB3E3-1D31-4A48-84FD-DDE28EB1E93D}"=""
"{E52AF0F7-6B0F-4DD0-B859-37AC56D38A36}"=""
"{30372189-E455-4D5D-9F03-72A3F0768831}"=""
"{625473CF-0F31-47EE-9D4C-E74BDDC815AF}"=""
"{DF266A5E-46C3-41E1-A98E-B80D10AE39D4}"=""
"{4F1EBFA9-B5DC-4CC8-A2CF-D2453C5CFE52}"=""
"{08CC19DC-EBCE-49F3-A8BF-F92BD52749FF}"=""
"{AB82E45E-42F6-4415-829A-9AA3BEB43D50}"=""
"{00C6DEBC-1C33-4057-88A1-16990B23C195}"=""
"{E766C53B-8A22-4E42-BD78-341B81A11481}"=""
"{19AED884-95E3-44E0-943C-799CCD2710FC}"=""
"{E1964A7D-EFCA-4637-B607-1C8A279E75D0}"=""
"{84E801CA-AC72-4222-813D-268C81EAE84E}"=""
"{C1CEA8B9-7F78-4A2A-8247-6DF5412F76CD}"=""
"{765FE019-BB0B-4363-927B-F627A06FAA4B}"=""
"{0B5484CF-D6D0-4099-B26C-863BCDC01CB8}"=""
"{9D84E754-2442-495E-82D5-BAE275E038BE}"=""
"{2E390338-1567-4614-8D2C-8C18B04A639B}"=""
"{A0DEAD94-3407-46E5-85CE-3C082B42A4AF}"=""
"{4C69D329-2315-489B-9FA3-582EB6785DA2}"=""
"{9BFE2FC9-D754-44F3-A5B6-AA394FC7C142}"=""
"{9A5C82BD-3D72-4297-AC16-7945218BF7A9}"=""
"{C779173D-A0E4-457B-A8A2-9955C1F97CA4}"=""
"{8749C0B4-EB46-404A-93E3-C272790A60FD}"=""
"{61AB957B-DEF6-409A-A88F-22BD1F70359C}"=""
"{661B161F-6709-4FE0-94D0-8D96B879BE25}"=""
"{8300DDEF-7C69-4AD2-9686-7830799926D7}"=""
"{698F9AF3-6E2E-4219-A655-86326D8D5262}"=""
"{B497E580-5C9A-45AB-844B-236701F31715}"=""
"{D1E2828D-AE9F-4891-8448-88C4000AE839}"=""
"{CA9F9CA7-4568-4E5D-9725-AF4EE865743C}"=""
"{39DB6D42-72C1-4AB6-8670-88CF2C209026}"=""
"{D4810DB1-C3FE-4358-A4F6-0B766B58A961}"=""
"{04C8D76F-C4A4-4769-B204-D22E68D0C998}"=""
"{15B93EBF-0F6B-495C-8E84-42A730C73AFF}"=""
"{C1F02332-B7E9-4839-8200-551331B8A91C}"=""
"{16CE6EDA-3253-43AB-8EDA-F8A9D031C57D}"=""
"{7DA71C41-AC48-45E9-A52E-691AAE922903}"=""
"{D96BB04F-7EA7-42FA-A9D5-2485C6AF4DC6}"=""
"{B9F80931-9490-441B-9339-2773FB1D78C5}"=""
"{CE489325-DDED-4C19-BDD1-C5A93CC7B5BD}"=""
"{537BD813-0050-463A-8354-9CFDFC377B17}"=""
"{A02E52DD-13F9-4D58-B503-314F3A4FC9A8}"=""
"{C7D978D6-241A-4246-AEB5-47661E16190E}"=""
"{9D9760BA-6808-4027-BC6E-2A7E73A289A0}"=""
"{74631E9F-F880-4085-8C25-284FDB5EB733}"=""
"{5B8C7F85-1706-413E-A326-34D3950ACD81}"=""
"{66A5A8B0-1039-4968-9FD2-0381FF85EFCF}"=""
"{C2CCACB5-7247-4939-A5F9-413DCFA66F8D}"=""
"{267BC13C-14E2-4B39-9CCD-9C6D75A974F1}"=""
"{6142F83A-9DD3-45A5-81EC-8E373827E13A}"=""
"{4501D616-BEEB-4549-ACD9-A82A7E0B13B3}"=""
"{1543AADF-401C-4EC8-8057-15093113DA6A}"=""
"{3E8EFACA-2313-41BD-9689-50134B47BCD1}"=""
"{E2A72755-0329-4983-9C2D-3933AFB0496A}"=""
"{9DE3CBAD-0E52-415A-822B-642F20C4301B}"=""
"{71206C1F-7CEA-41B1-8B41-CFAFCECA60A2}"=""
"{FB97D88B-C8CC-485F-A08E-DCC9D865D9B2}"=""
"{9C3F6137-7D38-4E1E-9F89-2383609E055F}"=""
"{3E8B0373-3E12-4006-884F-FA9F0A31F65B}"=""
"{A74C0CF9-0929-458B-B910-AD0EE718F7B4}"=""
"{4FA61256-2204-485F-AC95-833BF1826B45}"=""
"{19003DBB-C466-44A1-9D3A-4A54045E5212}"=""
"{9F9FB8E8-D9F3-49DE-B113-FCB2E1C19906}"=""
"{7BF6D1C4-CA8A-4717-8653-78CF6FB26689}"=""
"{1BC94B0A-B5F6-493E-95DC-77A7E6F9D54D}"=""
"{4E758F89-B7C7-4F7C-A43A-AC79E8620816}"=""
"{6DE2296F-167A-457F-9E19-CD7991C5860E}"=""
"{71AA427F-8098-4D65-841B-B04EB74F9AE5}"=""
"{C167B303-5F8D-48B5-BFF6-772E09358128}"=""
"{3DC2CAB3-8BBC-40E8-8A6C-BD48AAE2E875}"=""
"{601D4300-D036-4EC1-9850-72634596D1D7}"=""
"{4A6A98EA-4A77-439F-B790-7CBB8A91478C}"=""
"{26278893-3CCD-4813-A532-79472C2108D6}"=""
"{1660E35C-E10B-4668-8E8A-1A8FE9FB3604}"=""
"{09B5A929-B30A-49D7-A695-48E0EA7CC4D3}"=""

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(7932)
c:\windows\System32\gameux.dll
c:\windows\system32\mlang.dll
g:\windows\system32\mlang.dll
g:\windows\system32\mlang.dll
g:\windows\system32\mlang.dll
.
Voltooingstijd: 2009-12-20 12:33:46
ComboFix-quarantined-files.txt 2009-12-20 11:33

Pre-Run: 365.871.726.592 bytes beschikbaar
Post-Run: 365.790.175.232 bytes beschikbaar

- - End Of File - - E0CB2BEBC75C147AD28706BC9DC893BD

Krijg je die melding nu nog? Zoja, kun je de gehele tekst eens posten van dit die onder use source komt te staan?

C:\Users\GERYVE~1\AppData\Local\Temp\7zS4F5D\setup \Status\

Dit komt onder de use source te staan.
Heb de map zelf al opgezocht maar hij staat niet op de pc

* Leeg de Cache and Cookies in IE: Sluit Internet Explorer.
Ga naar Configuratiescherm > Internet Opties > tab Algemeen
Klik de Cookies verwijderen knop
Klik op de Bestanden verwijderen knop ernaast
Vink aan: Ook alle off line items verwijderen, klik OK* Leeg de Cache and Cookies in Firefox (In geval Firefox geïnstalleerd is): Ga naar Extra > Opties.
Klik Privacy in het menu.
Klik op de knop Wissen (Geschiedenis, Cookies, Cache).
Klik OK om het venster opnieuw te sluiten. * Leeg andere Temporary files + Prullenbak Ga naar Start > Uitvoeren en typ: cleanmgr en klik ok.
Laat het je systeem scannen op bestanden die moeten verwijderd worden
Zorg er wel voor dat je daar enkel maar 'tijdelijke bestanden', 'tijdelijke internetbestanden'en 'prullenbak'staan aangevinkt.
Klik daarna op OK.
* Defragmenteer de harde schijf eens
Dit raad ik je aan om in veilige modus (http://users.pandora.be/marcvn/spyware/1378056.htm) te doen. Indien je opstart in veilige modus is handig dat je al het onderstaande opslaat en/of uit print omdat je de verdere instructies niet kunt terug vinden in veilige modus:
Ga naar Start -- Uitvoeren
Typ in: dfrg.msc en druk op Ok.
Druk nu op 'Defragmenteren'.
Als dit klaar is kan je de PC weer herstarten.

Heb alles gedaan wat je hierboven vermelde. Maar het blijft steeds terug komen. Ik denk dat de enige oplossing zal zijn de pc te formateren en windows opnieuw te installeren.

C:\Users\GERYVE~1\AppData\Local\Temp\7zS4F5D\setup \Status\

Dit komt onder de use source te staan.
Heb de map zelf al opgezocht maar hij staat niet op de pc

Kijk eens op deze manier of je de map terugvind:

Ga naar Start en klik op Deze computer.
In de menubalk selecteer je Extra en dan Mapopties.
Selecteer de tab Weergave.
Bij Verborgen bestanden en mappen selecteer je Verborgen bestanden en mappen weergeven.
Bij Bestanden en mappen haal je het vinkje weg bij: Beveiligde besturingssysteembestanden verbergen (aanbevolen).
Klik op Ja om dit te bevestigen.
Klik op OK.


Indien je ze vind mag je ze leegmaken!!!

Kijk eens op deze manier of je de map terugvind:

Ga naar Start en klik op Deze computer.
In de menubalk selecteer je Extra en dan Mapopties.
Selecteer de tab Weergave.
Bij Verborgen bestanden en mappen selecteer je Verborgen bestanden en mappen weergeven.
Bij Bestanden en mappen haal je het vinkje weg bij: Beveiligde besturingssysteembestanden verbergen (aanbevolen).
Klik op Ja om dit te bevestigen.
Klik op OK.


Indien je ze vind mag je ze leegmaken!!!
Hij vindt de map niet. Heb bovenstaande dingen uitgevoerd. Heb de map opgezocht maar vindt ze nog niet.

Hmmmmmm, raar geval!! Even raad vragen aan de collega's.

We hebben vanmiddag de pc vanmiddag gerecoverd me recover cd's en alles is nu opgelost. Toch bedankt voor de moeite.

Bedankt voor de melding.