Mededeling

Collapse
No announcement yet.

Help! Mijn pc is aan 't flippen! CPU 100%

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Help! Mijn pc is aan 't flippen! CPU 100%

    CPU loopt steeds tot 100%, mijn pc begint plots allerlei programma's die ik niet ken te openen en andere zonder reden af te sluiten of begint foutmeldingen te geven?
    Dit duurt nu al een hele tijd, heb vroeger ook al problemen gehad met deze computer: Dell, windows XP Professional, 78 GB.
    Hij liep dan steeds vast, startte soms zelfs niet meer op en gaf steeds een blauw scherm met allerlei codes als ik hem opstartte (in veilige modus, want anders ging dat niet meer).
    Uiteindelijk na veel mensen ernaar te laten kijken (informatici), heb ik hem volledig geformateerd, de programma's opnieuw geïnstalleerd en toen ging het weer een tijdje goed... Maar dan op een dag begon het weer: blauw scherm etc..
    Ik heb me een externe harde schijf gekocht voor het geval dat hij zou crashen!
    Sindsdien geeft hij bij het opstarten nog een melding dat er een *.dll-bestand onvindbaar is, maar volgens een van die informatici zal het een bestand zijn dat ik niet echt nodig heb...
    Aangezien ik onlangs weer een blauw scherm kreeg (heb ik wel direct kunnen heropstarten) en mijn CPU steeds tot 100% loopt, heb ik zo'n log aangemaakt in de hoop dat jullie me kunnen helpen? Op dit ogenblik lopen de 'niet-actieve systeemprocessen tot 99 CPU, waarvan het geheugengebruik slechts 16kB is???
    Hier dus de logfile van vandaag:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:44:22, on 18-02-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Tablet.exe
    C:\Program Files\Bouwsoft\UseSocketService.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Bouwsoft\usesocketservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
    D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\PROGRA~1\Magentic\bin\MgApp.exe
    C:\WINDOWS\system32\WTablet\TabUserW.exe
    C:\Program Files\Bouwsoft\Tools\Werkstation\beheer.exe
    C:\Program Files\RegistrySmart\RegistrySmart.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.priorweb.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - Default URLSearchHook is missing
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Hotbar /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B9499803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Hotbar\bin\10.0.356.0\HostIE.dll (file missing)
    O2 - BHO: {fa45729f-d05e-f8fa-8d24-3b3d83887a92} - {29a78838-d3b3-42d8-af8f-e50df92754af} - C:\WINDOWS\system32\wudhvgjs.dll (file missing)
    O2 - BHO: (no name) - {2E027518-8AC4-4319-88D0-803B521F8E08} - C:\WINDOWS\system32\jkhhg.dll (file missing)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
    O3 - Toolbar: Hotbar - {07AA283A-43D7-4CBE-A064-32A21112D94D} - C:\Program Files\Hotbar\bin\10.0.356.0\HostIE.dll (file missing)
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
    O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
    O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
    O4 - HKLM\..\Run: [HotbarSA] "C:\Program Files\Hotbar\bin\10.0.356.0\HotbarSA.exe"
    O4 - HKLM\..\Run: [0056d174] rundll32.exe "C:\WINDOWS\system32\pjgtqojw.dll",sitypnow
    O4 - HKLM\..\Run: [NI.UGESM_0001_N122M2811] "c:\documents and settings\d'hoker peter\application data\setup_nl[1].exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [rtasks] C:\Program Files\BedreigingsMonitoor\rtasks.exe
    O4 - HKLM\..\Run: [RegistrySmart] C:\Program Files\RegistrySmart\RegistrySmart.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
    O4 - HKCU\..\Run: [WeatherDPA] "C:\Program Files\Hotbar\bin\10.0.356.0\Weather.exe" -auto
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
    O4 - Startup: Bouwsoft Beheer.lnk = C:\Program Files\Bouwsoft\Tools\Werkstation\beheer.exe
    O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://fotobook.foto.com/NewUploader/ImageUploader4.cab
    O16 - DPF: {DD170420-92CF-11D4-9304-005004043EB5} (FortisIsaLiteDll) - https://finance.fortisbusiness.com/ISWB0101/ISWB/downloads/FortisIsaLite.cab
    O20 - Winlogon Notify: hggefed - hggefed.dll (file missing)
    O20 - Winlogon Notify: jkhhg - C:\WINDOWS\system32\jkhhg.dll (file missing)
    O20 - Winlogon Notify: mllji - C:\WINDOWS\system32\mllji.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: pgsql82 (pgsql-8.2) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.2\bin\pg_ctl.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
    O23 - Service: UseSocketService - Unknown owner - C:\Program Files\Bouwsoft\UseSocketService.exe

    --
    End of file - 13453 bytes

    Alvast bedankt!

  • #2
    Download: RVAXO.exe
    • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
    • Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
      Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
    • Daarna zal je PC herstarten, na de herstart opent het cmd-venster van RVAXO opnieuw.
      Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
    • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
    • Post de inhoud van de logfile in je volgende bericht.


    Download Combofix (mirror) naar je Bureaublad.
    Dubbelklik op Combofix.exe
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
    Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen(je kan hem ook hier vinden: C:\Combofix.txt)
    Plaats deze log in je volgende post.

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.

    Comment


    • #3
      Beste

      Bedankt voor je snelle reactie, ik heb alles uitgevoerd en hieronder staan de logs.

      RVAXO:---RVAXO.exe Updated: 2008-02-20---first run---
      Files found:
      C:\WINDOWS\system32\orqss.ini
      C:\WINDOWS\Installer\$PatchCache$\Managed\00002159250031400000000000F01FEC\12.0.4518\OGL.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\00002159250031400000000000F01FEC\12.0.4518\VVIEWDWG.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\00002159250031400000000000F01FEC\12.0.4518\VVIEWER.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\ALRTINTL.DLL_10 33
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\BLNMGR.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\CDLMSO.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\DWDCW20.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FM20.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPCUTL.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPDB.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPDTC.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPEDITAX.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPEDSAT.DLL_103 3
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPEXPSAT.DLL_10 33
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPSRVUTL.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPUTLSAT.DLL_10 33
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPWEC.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\FPWEL.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\HTMLCHKR.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\HTMLCSAT.DLL_10 33
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\IEAWSDC.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\INTLDATE.DLL_00 01
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\LCCWIZ.DLL_1033
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MCPS.DLL_0001
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MICROSOFT_OFFIC E_FP_WFCHOST.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MODHELP.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSCDM.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSCONV97.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSDMENG.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSDMINE.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSMDCB80.DLL_00 01
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSMDGD80.DLL_00 01
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSMDUN80.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSO.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOCF.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOCFU.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOEURO.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOINTL.DLL_103 3
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOLAP80.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSOLUI80.DLL_00 01
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\MSTORES.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OISAPP.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OISCTRL.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OISINTL.DLL_103 3
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OWC10.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OWC11.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OWCI10.DLL_1033
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OWCI11.DLL_1033
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\OWSCLT.DLL_0001
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\RICHED20.DLL_00 01
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\SLINTL.DLL_1033
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\STSUPLD.DLL_000 1
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\USP10.DLL_0002
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.5614\VBE6.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.7969\MSO.DLL
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.7969\RICHED20.DLL_00 01
      C:\WINDOWS\Installer\$PatchCache$\Managed\9040710900063D11C8EF10054038389C\11.0.7969\VBE6.DLL
      C:\WINDOWS\Installer\{B1A9CD45-A702-4E3B-91ED-8CD562869901}\CustomRes.dll
      C:\WINDOWS\Installer\{B1A9CD45-A702-4E3B-91ED-8CD562869901}\InstBasicUI.dll
      C:\WINDOWS\Installer\{B1A9CD45-A702-4E3B-91ED-8CD562869901}\InstRes.dll
      C:\WINDOWS\system32\ghhkj.ini2
      C:\WINDOWS\system32\ghhkj.bak1
      C:\WINDOWS\system32\ijllm.bak1
      C:\WINDOWS\system32\orqss.bak1
      C:\WINDOWS\system32\ghhkj.bak2
      C:\WINDOWS\system32\ijllm.bak2
      C:\WINDOWS\system32\orqss.bak2
      C:\Documents and Settings\D'Hoker Peter\ResErrors.log
      C:\WINDOWS\system32\mcrh.tmp
      C:\WINDOWS\system32\netlogun.exe
      C:\Install
      C:\WINDOWS\system32\actskn45.ocx

      Uninstallers:


      Folders Found:

      C:\UGA6PM
      C:\Program Files\Common Files\AntiVirusScherm
      C:\Documents and Settings\D'Hoker Peter\Application Data\BedreigingsMonitoor

      Hosts-file was reset, If you use a custom hosts file please replace it...

      --------------RVAXO.exe last run---------------

      Files found:

      C:\Documents and Settings\D'Hoker Peter\Mijn documenten\Mijn ontvangen bestanden\Oprit.zip
      Folders Found:

      --------------RVAXO.exe finished----------------


      Dit is de Combolog:
      ComboFix 08-02-21 - D'Hoker Peter 2008-02-21 13:24:47.2 - NTFSx86
      Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.552 [GMT 1:00]
      Gestart vanuit: C:\Documents and Settings\D'Hoker Peter\Bureaublad\ComboFix.exe

      WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
      .

      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      ---- Previous Run -------
      .
      C:\Documents and Settings\D'Hoker Peter\Application Data\HbTools
      C:\Documents and Settings\D'Hoker Peter\Application Data\HbTools\HbTools.log
      C:\Documents and Settings\Kim\Application Data\Hotbar
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\ads.cdf
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\btntrans.idx
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\btntrans1.dat
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\business_promo.htm
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\cursors.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_1000.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_2000.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_3000.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bar.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_bbar1.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_logos.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_other.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_weather.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_511745-514279.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz1.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz10.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz11.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz12.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz13.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz14.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz15.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz16.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz17.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz18.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz19.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz2.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz20.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz3.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz4.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz5.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz6.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz7.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz8.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_bidz9.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_comparison.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_em_PROFL_CA_flow_b_IEB.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-Mails.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-people.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Games.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hide.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hotbarcom.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hotmail.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_jemster.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_jemsterie.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_jemsteruk.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_jobsearch.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Mails.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_new.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_reun.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_ringtones.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_SearchBoxTrapper.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\email-def-511724-548964.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\email-def-511724-9595.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\gamesmenu.cdf
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\gamesMenu.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\hb_ie_menu.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar-premium-hotbar-premium.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar-premium.cdf
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar_promo.htm
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\icons2.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\ie_games_icon.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\ie_video.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords.idx
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords1.dat
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\linkpathlegal.txt
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\more.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\new_games.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\progress.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\s_icons_buttons.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\sales_buttons.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\t2_bg.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\theweb.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\top7.cdf
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\Top7_theweb.mnu
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\tsd_bg.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\2\weathericon.res
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ads.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\BtnTrans.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\BtnTrans1.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\business_promo.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\cursors.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_2000.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_3000.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bar.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_bbar1.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_logos.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_other.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_weather.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\gamesmenu.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hb_ie_menu.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar-premium.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\icons2.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ie_games_icon.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\ie_video.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords1.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\linkpathlegal.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\more.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\progress.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\s_icons_buttons.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\sales_buttons.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\t2_bg.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\tsd_bg.xip
      C:\Documents and Settings\Kim\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\weathericon.xip
      C:\Documents and Settings\Kim\Bureaublad\Free PC Wallpapers.lnk
      C:\Documents and Settings\Kim\ResErrors.log
      C:\WINDOWS\cookies.ini

      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

      .
      -------\LEGACY_FMTR




      (((((((((((((((((((( Bestanden Gemaakt van 2008-01-21 to 2008-02-21 ))))))))))))))))))))))))))))))
      .

      2008-02-21 12:48 . 2008-02-21 13:13 <DIR> d----c--- C:\RVAXO
      2008-02-21 12:43 . 2008-02-21 11:37 707,330 --a------ C:\WINDOWS\system32\RVAXO.bat
      2008-02-21 12:43 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\system32\remove.exe
      2008-02-16 12:19 . 2008-02-16 12:19 <DIR> d-------- C:\Program Files\Lavasoft
      2008-02-16 12:19 . 2008-02-16 12:24 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2008-02-16 12:17 . 2008-02-16 12:17 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
      2008-02-16 12:13 . 2008-02-16 13:53 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
      2008-02-16 12:13 . 2008-02-16 12:23 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-02-16 12:00 . 2008-02-16 12:00 <DIR> d-------- C:\Program Files\Trend Micro
      2008-02-16 10:57 . 2008-02-16 10:57 <DIR> d-------- C:\Program Files\RegistrySmart
      2008-02-16 10:57 . 2008-02-16 11:53 <DIR> d-------- C:\Documents and Settings\D'Hoker Peter\Application Data\RegistrySmart
      2008-02-11 10:03 . 2008-02-11 10:03 <DIR> d-------- C:\Documents and Settings\D'Hoker Peter\Application Data\CyberLink

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-02-21 11:42 --------- d-----w C:\Program Files\Bouwsoft
      2008-02-21 11:39 --------- d-----w C:\Documents and Settings\D'Hoker Peter\Application Data\postgresql
      2008-02-21 07:00 --------- d-----w C:\Documents and Settings\D'Hoker Peter\Application Data\AVG7
      2008-02-16 12:55 --------- d-----w C:\Program Files\BearShare Applications
      2008-02-14 18:19 --------- d-----w C:\Program Files\Google
      2008-02-14 14:00 --------- d-----w C:\Program Files\MSN Messenger
      2008-02-11 05:28 --------- d-----w C:\Program Files\Common Files\Adobe
      2008-02-05 06:34 --------- d-----w C:\Program Files\Magentic
      2008-01-21 09:30 --------- d-----w C:\Program Files\iTunes
      2008-01-21 07:00 --------- d-----w C:\Documents and Settings\Kim\Application Data\AVG7
      2008-01-17 18:55 745,547 ----a-w C:\WINDOWS\system32\Magentic Screensaver.scr
      2008-01-17 09:58 --------- d-----w C:\Program Files\QuickTime
      2008-01-13 09:39 --------- d-----w C:\Documents and Settings\Kim\Application Data\BedreigingsMonitoor
      2008-01-08 05:47 --------- d-----w C:\Documents and Settings\D'Hoker Peter\Application Data\AdobeUM
      2007-12-31 12:57 19,479 ----a-w C:\Documents and Settings\D'Hoker Peter\Application Data\mdbu.bin
      2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
      2007-12-07 02:18 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
      2007-12-06 14:56 103,432 ----a-w C:\Documents and Settings\D'Hoker Peter\Application Data\GDIPFONTCACHEV1.DAT
      2007-12-04 18:42 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
      2007-05-19 07:19 7,237,824 ------w C:\Program Files\Kruidvat-Fotoservice.exe
      2007-02-13 08:56 36,808,256 ------w C:\Program Files\iTunesSetup.exe
      2006-10-21 09:14 20,675 ----a-w C:\Documents and Settings\Kim\program.bin
      2005-08-19 02:45 64 ----a-w C:\Documents and Settings\Kim\prefer.dat
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{07AA283A-43D7-4CBE-A064-32A21112D94D}]

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{29a78838-d3b3-42d8-af8f-e50df92754af}]
      C:\WINDOWS\system32\wudhvgjs.dll

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2E027518-8AC4-4319-88D0-803B521F8E08}]
      C:\WINDOWS\system32\jkhhg.dll

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sonic RecordNow!"=""
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-13 19:53 15360]
      "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
      "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-03-20 18:36 208946]
      "Magentic"="C:\PROGRA~1\Magentic\bin\Magentic.exe" [2008-01-17 19:55 475180]
      "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-11-13 21:10 335872]
      "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2003-08-06 01:04 114741]
      "StorageGuard"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-13 01:01 155648]
      "Dell AIO Printer A940"="C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe" [2003-06-25 16:29 294998]
      "Acrobat Assistant 7.0"="D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12 483328]
      "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-12-21 08:11 579072]
      "CTSysVol"="C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 09:18 49152]
      "CTDVDDet"="C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 01:00 45056]
      "CTHelper"="CTHELPER.EXE" [2003-02-20 23:45 28672 C:\WINDOWS\system32\CTHELPER.EXE]
      "AsioReg"="REGSVR32.exe" [2004-09-13 20:03 12288 C:\WINDOWS\system32\regsvr32.exe]
      "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 03:23 75520]
      "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 12:20 227328]
      "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20 866584]
      "TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [ ]
      "0056d174"="C:\WINDOWS\system32\pjgtqojw.dll" [ ]
      "NI.UGESM_0001_N122M2811"="c:\documents and settings\d'hoker peter\application data\setup_nl[1].exe" [ ]
      "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
      "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
      "RegistrySmart"="C:\Program Files\RegistrySmart\RegistrySmart.exe" [2008-02-13 09:08 4351216]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2007-10-23 07:11 219136]
      "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [ ]
      "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
      "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 15:38 39264]

      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
      TabUserW.exe.lnk - C:\WINDOWS\system32\WTablet\TabUserW.exe [2007-10-12 13:12:12 114688]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hggefed]
      hggefed.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkhhg]
      C:\WINDOWS\system32\jkhhg.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mllji]
      C:\WINDOWS\system32\mllji.dll

      R2 pgsql-8.2;pgsql82;"C:\Program Files\PostgreSQL\8.2\bin\pg_ctl.exe" runservice -N "pgsql-8.2"
      R2 UseSocketService;UseSocketService;C:\Program Files\Bouwsoft\UseSocketService.exe [2007-12-06 12:12]

      .
      Inhoud van de 'Gedeelde Taken' map
      "2008-02-18 13:36:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
      - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
      "2008-02-04 16:23:00 C:\WINDOWS\Tasks\Backup maandelijks.job"
      - C:\WINDOWS\system32\ntbackup.exeUbackup
      "2008-01-04 20:21:00 C:\WINDOWS\Tasks\Backup.job"
      - C:\WINDOWS\system32\ntbackup.exeSbackup
      "2008-02-21 12:24:01 C:\WINDOWS\Tasks\Controleren op updates voor Windows Live Toolbar.job"
      - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
      "2008-02-21 12:17:08 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
      - C:\Program Files\Windows Defender\MpCmdRun.exe
      "2008-02-18 16:19:00 C:\WINDOWS\Tasks\Planning Backup.job"
      - C:\WINDOWS\system32\ntbackup.exeŠbackup
      "2008-02-21 12:17:01 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job"
      - C:\Program Files\RegistrySmart\RegistrySmart.ex
      - C:\Program Files\RegistrySmart
      .
      **************************************************************************

      catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-02-21 13:31:32
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************
      .
      Voltooingstijd: 2008-02-21 13:34:10
      ComboFix-quarantined-files.txt 2008-02-21 12:34:06
      .
      2008-02-20 02:46:04 --- E O F ---


      Het *.dll bestand dat hij niet kan vinden is het volgende: C:/windows/system32/pjgtqojw.dll, misschien helpt deze info?
      Ook probeert RegistrySmart me te laten registreren, is dit aan te bevelen?
      Is er verder nog iets wat ik kan doen om mijn pc veilig te houden?


      Bedankt!

      Comment


      • #4
        Zover ik het weet is RegisterySmart een onbetrouwbaar programma.
        Ga naar Configuratiescherm - Software en probeer deze daat te deïnstalleren.

        Open de map RVAXO op je bureaublad en dubbelklik Uninstall.cmd
        Dit zal alles van RVAXO doen verwijderen.

        Post even een nieuw logje van Hijackthis

        Comment


        • #5
          Nieuwe log: (heb de indruk dat mijn pc al sneller werkt! aan wat zou het gelegen hebben?)

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 17:08:51, on 21-02-2008
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v7.00 (7.00.6000.16608)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\Ati2evxx.exe
          C:\WINDOWS\system32\svchost.exe
          C:\Program Files\Windows Defender\MsMpEng.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\svchost.exe
          C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          C:\WINDOWS\system32\LEXBCES.EXE
          C:\WINDOWS\system32\spoolsv.exe
          C:\WINDOWS\system32\LEXPPS.EXE
          C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
          C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
          C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
          C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
          C:\WINDOWS\system32\CTsvcCDA.exe
          C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\Tablet.exe
          C:\Program Files\Bouwsoft\UseSocketService.exe
          C:\WINDOWS\system32\MsPMSPSv.exe
          C:\Program Files\Bouwsoft\usesocketservice.exe
          C:\WINDOWS\system32\dla\tfswctrl.exe
          C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
          D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
          C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
          C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
          C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
          C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
          C:\WINDOWS\system32\CTHELPER.EXE
          C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
          C:\Program Files\Windows Defender\MSASCui.exe
          C:\Program Files\QuickTime\QTTask.exe
          C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\PROGRA~1\Magentic\bin\MgApp.exe
          C:\WINDOWS\system32\WTablet\TabUserW.exe
          C:\Program Files\Bouwsoft\Tools\Werkstation\beheer.exe
          C:\Program Files\RegistrySmart\RegistrySmart.exe
          C:\PROGRA~1\INCRED~1\bin\IMApp.exe
          C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
          C:\WINDOWS\explorer.exe
          C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
          C:\Program Files\Internet Explorer\IEXPLORE.EXE
          C:\WINDOWS\system32\wuauclt.exe
          C:\WINDOWS\system32\msiexec.exe
          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.priorweb.be/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
          O2 - BHO: Hotbar /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B9499803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
          O2 - BHO: {fa45729f-d05e-f8fa-8d24-3b3d83887a92} - {29a78838-d3b3-42d8-af8f-e50df92754af} - C:\WINDOWS\system32\wudhvgjs.dll (file missing)
          O2 - BHO: (no name) - {2E027518-8AC4-4319-88D0-803B521F8E08} - C:\WINDOWS\system32\jkhhg.dll (file missing)
          O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
          O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
          O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
          O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
          O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
          O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
          O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
          O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
          O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
          O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
          O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
          O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
          O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
          O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
          O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
          O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
          O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
          O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
          O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
          O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
          O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
          O4 - HKLM\..\Run: [0056d174] rundll32.exe "C:\WINDOWS\system32\pjgtqojw.dll",sitypnow
          O4 - HKLM\..\Run: [NI.UGESM_0001_N122M2811] "c:\documents and settings\d'hoker peter\application data\setup_nl[1].exe"
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
          O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
          O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
          O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
          O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
          O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
          O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
          O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Netwerkservice')
          O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
          O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
          O4 - Startup: Bouwsoft Beheer.lnk = C:\Program Files\Bouwsoft\Tools\Werkstation\beheer.exe
          O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
          O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
          O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
          O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
          O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
          O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
          O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
          O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
          O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
          O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
          O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
          O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
          O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
          O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
          O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
          O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
          O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab
          O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://fotobook.foto.com/NewUploader/ImageUploader4.cab
          O16 - DPF: {DD170420-92CF-11D4-9304-005004043EB5} (FortisIsaLiteDll) - https://finance.fortisbusiness.com/ISWB0101/ISWB/downloads/FortisIsaLite.cab
          O20 - Winlogon Notify: hggefed - hggefed.dll (file missing)
          O20 - Winlogon Notify: jkhhg - C:\WINDOWS\system32\jkhhg.dll (file missing)
          O20 - Winlogon Notify: mllji - C:\WINDOWS\system32\mllji.dll (file missing)
          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
          O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
          O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
          O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
          O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
          O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
          O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
          O23 - Service: pgsql82 (pgsql-8.2) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.2\bin\pg_ctl.exe
          O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
          O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
          O23 - Service: UseSocketService - Unknown owner - C:\Program Files\Bouwsoft\UseSocketService.exe

          --
          End of file - 12439 bytes

          Comment


          • #6
            Start HijackThis nog een keer en plaats alleen een vinkje voor de volgende regels:
            O2 - BHO: Hotbar /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B9499803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
            O2 - BHO: {fa45729f-d05e-f8fa-8d24-3b3d83887a92} - {29a78838-d3b3-42d8-af8f-e50df92754af} - C:\WINDOWS\system32\wudhvgjs.dll (file missing)
            O2 - BHO: (no name) - {2E027518-8AC4-4319-88D0-803B521F8E08} - C:\WINDOWS\system32\jkhhg.dll (file missing)
            O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
            O3 - Toolbar: (no name) - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
            O4 - HKLM\..\Run: [0056d174] rundll32.exe "C:\WINDOWS\system32\pjgtqojw.dll",sitypnow
            O4 - HKLM\..\Run: [NI.UGESM_0001_N122M2811] "c:\documents and settings\d'hoker peter\application data\setup_nl[1].exe"
            O20 - Winlogon Notify: hggefed - hggefed.dll (file missing)
            O20 - Winlogon Notify: jkhhg - C:\WINDOWS\system32\jkhhg.dll (file missing)
            O20 - Winlogon Notify: mllji - C:\WINDOWS\system32\mllji.dll (file missing)

            Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

            Je Java software is verouderd.
            Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
            Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:
            • Download Java Runtime Environment (JRE) 6u4 en bewaar het naar je Bureaublad.
            • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
            • Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
            • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
            • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
            • Herhaal dit tot alle oudere versies verdwenen zijn.
            • Na het verwijderen van alle oudere versies, herstart je pc.
            • Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.

            Post een nieuw logje van Hijackthis ter controle

            Comment


            • #7
              Heb alles gedaan wat je zei, nu komt er geen melding meer van de *.dll!
              Ik heb 1 versie kunnen verwijderen van Java.
              Hieronder het logje:

              Logfile of Trend Micro HijackThis v2.0.2
              Scan saved at 7:54:46, on 22-02-2008
              Platform: Windows XP SP2 (WinNT 5.01.2600)
              MSIE: Internet Explorer v7.00 (7.00.6000.16608)
              Boot mode: Normal

              Running processes:
              C:\WINDOWS\System32\smss.exe
              C:\WINDOWS\system32\winlogon.exe
              C:\WINDOWS\system32\services.exe
              C:\WINDOWS\system32\lsass.exe
              C:\WINDOWS\system32\Ati2evxx.exe
              C:\WINDOWS\system32\svchost.exe
              C:\Program Files\Windows Defender\MsMpEng.exe
              C:\WINDOWS\System32\svchost.exe
              C:\WINDOWS\system32\svchost.exe
              C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
              C:\WINDOWS\Explorer.EXE
              C:\WINDOWS\system32\LEXBCES.EXE
              C:\WINDOWS\system32\spoolsv.exe
              C:\WINDOWS\system32\LEXPPS.EXE
              C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
              C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
              C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
              C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
              C:\WINDOWS\system32\CTsvcCDA.exe
              C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
              C:\WINDOWS\system32\svchost.exe
              C:\WINDOWS\system32\Tablet.exe
              C:\Program Files\Bouwsoft\UseSocketService.exe
              C:\WINDOWS\system32\dla\tfswctrl.exe
              C:\WINDOWS\system32\MsPMSPSv.exe
              C:\Program Files\Bouwsoft\usesocketservice.exe
              C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe
              C:\Program Files\Dell AIO Printer A940\dlbabmon.exe
              D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
              C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
              C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
              C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
              C:\WINDOWS\system32\CTHELPER.EXE
              C:\Program Files\Windows Defender\MSASCui.exe
              C:\Program Files\QuickTime\QTTask.exe
              C:\WINDOWS\system32\ctfmon.exe
              C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
              C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
              C:\WINDOWS\system32\WTablet\TabUserW.exe
              C:\PROGRA~1\Magentic\bin\MgApp.exe
              C:\WINDOWS\system32\wuauclt.exe
              C:\Program Files\Bouwsoft\Tools\Werkstation\beheer.exe
              C:\PROGRA~1\INCRED~1\bin\IMApp.exe
              C:\WINDOWS\system32\msiexec.exe
              C:\Program Files\Internet Explorer\IEXPLORE.EXE
              C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webmail.priorweb.be/
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
              R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
              R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
              O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
              O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
              O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
              O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
              O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
              O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
              O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
              O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
              O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
              O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
              O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
              O4 - HKLM\..\Run: [Dell AIO Printer A940] "C:\Program Files\Dell AIO Printer A940\dlbabmgr.exe"
              O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "D:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
              O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
              O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
              O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
              O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
              O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
              O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
              O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
              O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
              O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
              O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
              O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
              O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
              O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
              O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
              O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
              O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
              O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
              O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
              O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Lokale service')
              O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Netwerkservice')
              O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
              O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
              O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
              O4 - Startup: Bouwsoft Beheer.lnk = C:\Program Files\Bouwsoft\Tools\Werkstation\beheer.exe
              O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
              O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files\IncrediMail\bin\resources\WebMenuImg.htm
              O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
              O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
              O8 - Extra context menu item: Convert link target to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
              O8 - Extra context menu item: Convert link target to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
              O8 - Extra context menu item: Convert selected links to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
              O8 - Extra context menu item: Convert selected links to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
              O8 - Extra context menu item: Convert selection to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
              O8 - Extra context menu item: Convert selection to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
              O8 - Extra context menu item: Convert to Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
              O8 - Extra context menu item: Convert to existing PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
              O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
              O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
              O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
              O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
              O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
              O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
              O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
              O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
              O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
              O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
              O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
              O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab
              O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://fotobook.foto.com/NewUploader/ImageUploader4.cab
              O16 - DPF: {DD170420-92CF-11D4-9304-005004043EB5} (FortisIsaLiteDll) - https://finance.fortisbusiness.com/ISWB0101/ISWB/downloads/FortisIsaLite.cab
              O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
              O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
              O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
              O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
              O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
              O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
              O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
              O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
              O23 - Service: pgsql82 (pgsql-8.2) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.2\bin\pg_ctl.exe
              O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
              O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
              O23 - Service: UseSocketService - Unknown owner - C:\Program Files\Bouwsoft\UseSocketService.exe

              --
              End of file - 11321 bytes


              Is er nog iets waar ik op moet letten?

              Comment


              • #8
                Doe dit nog maar even:

                Download ATF cleaner (mirror)(gemaakt door Atribune)

                Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

                Dubbelklik op ATF cleaner om het programma te starten.
                Op het tabblad "Main", plaats je een vinkje bij Select All.
                Klik op de knop Empty Selected.

                Het volgende doen als je ook FireFox als browser hebt:
                Klik op tabblad "Firefox", plaats een vinkje bij Select All.
                Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                (dit haalt het vinkje weer weg bij "Firefox saved passwords")
                Klik op de knop Empty Selected.

                Het volgende doen als je ook Opera als browser hebt:
                Klik op tabblad "Opera", plaats een vinkje bij Select All.
                Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                Klik op de knop Empty Selected.
                Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

                Ga naar Start - Uitvoeren en geef hier het volgende in:
                Combofix /U
                Druk daarna op OK.
                Let op: Er moet een spatie tussen Combofix en /U zitten.

                Dit zal Combofix deïnstalleren.

                Dan denk ik dat alles weer OK is

                Comment


                • #9
                  Ok, alles is gebeurd, echt mercikes!!
                  Aan wat lag het dan eigelijk en hoe kan ik dat voorkomen voor in de toekomst?
                  Malware: wat is dat precies?

                  Comment


                  • #10
                    Graag gedaan hoor

                    Je had een zogenaamde Vundo infectie.
                    Malware is een verzamelnaam voor allerlei onbetrouwbare programma's: virussen, spyware, adware e.d

                    Kijk ook naar deze link:

                    Comment


                    • #11
                      Echt je hebt me uit de nood geholpen, mijn pc is héél belangrijk voor mij en ons bedrijf! Hopelijk heb ik nu geen problemen meer, maar als dat wel zo is mag ik je dan weer contacteren? Je kent er blijkbaar heel wat van!
                      Er hebben al zovelen me proberen helpen, en jou lukt het meteen! Echt schapoo!

                      Bye the way, ik heb die link bekeken en nu had ik nog een vraagje: het verwondert mij van Internet Explorer, wat is dan het beste: Opera of
                      Mozilla Firefox? En gaat dit geen problemen opleveren met andere programma's of links? Is het dezelfde werkwijze?

                      Groetjes en nog es mercikes!!!

                      Comment


                      • #12
                        Opera schijnt de betere van de 2 te zijn, al heb ik die zelf nog niet gebruikt.
                        Voor zover ik het weet levert het gebruik van die browser geen problemen op met andere programma's

                        Comment

                        Sorry, you are not authorized to view this page
                        Working...
                        X