Logfile of HijackThis v1.99.1
Scan saved at 13:45:01, on 17/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\LEXBCES.EXE
E:\Program Files\Common Files\PFShared\UmxCfg.exe
E:\WINDOWS\system32\LEXPPS.EXE
E:\Program Files\Tiny Firewall Pro\UmxFwHlp.exe
E:\Program Files\Common Files\PFShared\UmxPol.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Tiny Firewall Pro\UmxAgent.exe
E:\Program Files\Tiny Firewall Pro\UmxTray.exe
E:\Program Files\Eset\nod32krn.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\PFShared\umxlu.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\RunDll32.exe
E:\PROGRA~1\PESTPA~1\PPControl.exe
E:\PROGRA~1\PESTPA~1\PPMemCheck.exe
E:\PROGRA~1\PESTPA~1\CookiePatrol.exe
E:\Program Files\MessengerPlus! 3\MsgPlus.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
E:\Program Files\Eset\nod32kui.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Spy Emergency 2005\SpyEmergency.exe
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
E:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
E:\Program Files\MSN Messenger\msnmsgr.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Documents and Settings\Ethell\Bureaublad\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - E:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PestPatrol Control Center] E:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] E:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] E:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AMonitor] E:\Program Files\Tiny Firewall Pro\amon.exe
O4 - HKCU\..\Run: [SpyEmergency] "E:\Program Files\Spy Emergency 2005\SpyEmergency.exe"
O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Snelle start.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SANTIS USB and PC Card Utility.lnk = E:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe
O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Gelijkwaardige pagina's - res://e:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://e:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://e:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O16 - DPF: {1358E11F-ADE8-4D2B-9135-1A4CB9A23D7B} (Install Class) - https://genius.belgacom.be/esupport/download/IPGInstaller.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.be/clients/ImageUploader3.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: PFW - E:\WINDOWS\SYSTEM32\UmxWnp.Dll
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - E:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\System32\HPZipm12.exe
O23 - Service: FW Event Manager (UmxAgent) - Computer Associates International, Inc. - E:\Program Files\Tiny Firewall Pro\UmxAgent.exe
O23 - Service: FW Configuration Interpreter (UmxCfg) - Computer Associates International, Inc. - E:\Program Files\Common Files\PFShared\UmxCfg.exe
O23 - Service: FW User-Mode Helper (UmxFwHlp) - Computer Associates International, Inc. - E:\Program Files\Tiny Firewall Pro\UmxFwHlp.exe
O23 - Service: FW Live Update (UmxLU) - Computer Associates International, Inc. - E:\Program Files\Common Files\PFShared\umxlu.exe
O23 - Service: FW Policy Manager (UmxPol) - Computer Associates International, Inc. - E:\Program Files\Common Files\PFShared\UmxPol.exe

hallo is er iemand?????

Rustig blijven, onze specialisten kunnen niet overal tegelijk zijn ;)

Ga naar Configuratiescherm - Software - Programma's wijzigen of verwijderen. Deïnstalleer indien aanwezig het volgende programma:
NeWdotnet

Herstart dan je pc, en maak dan nog eens een nieuw logje met hijackthis.

* ga naar start==>configuratiescherm==>software en de-installeer indien aanwezig:
Spy Emergency 2005 <== dubieus antispyware progje, geef valse meldingen, zie hier voor meer info:
http://www.spywarewarrior.com/rogue_anti-spyware.htm

* open hijackthis en vink volgende regels aan:

R3 - URLSearchHook: (no name) - - (no file)
O4 - HKCU\..\Run: [SpyEmergency] "E:\Program Files\Spy Emergency 2005\SpyEmergency.exe"

* sluit dan alle venster behalve hijackthis en klik op 'fix checked'

* verwijder volgende map indien aanwezig:

E:\Program Files\Spy Emergency 2005

* herstart je pc en post een nieuw hijackthis logje hier

Rustig blijven, onze specialisten kunnen niet overal tegelijk zijn ;)ja sorry maar is de pc van mijn moeder en loppt heel traag en daar ik zag dat een ander al antwoord heeft gekregen begon ik mij al vragen te stellen of het wel lukte ben heier al een beetje vertrouwd met de site daarmee,eb omdat ik hier nog ne leek in ben met dit soort zaken begon ik al te paniekeren sorry,nu weet ik toch dat ik er niet alleen voor sta:) :) :) :)

Logfile of HijackThis v1.99.1
Scan saved at 16:59:48, on 17/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\LEXBCES.EXE
E:\Program Files\Common Files\PFShared\UmxCfg.exe
E:\WINDOWS\system32\LEXPPS.EXE
E:\Program Files\Tiny Firewall Pro\UmxFwHlp.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\PFShared\UmxPol.exe
E:\Program Files\Tiny Firewall Pro\UmxAgent.exe
E:\Program Files\Tiny Firewall Pro\UmxTray.exe
E:\Program Files\ewido\security suite\ewidoctrl.exe
E:\Program Files\ewido\security suite\ewidoguard.exe
E:\Program Files\Eset\nod32krn.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\PFShared\umxlu.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\RunDll32.exe
E:\PROGRA~1\PESTPA~1\PPControl.exe
E:\PROGRA~1\PESTPA~1\PPMemCheck.exe
E:\PROGRA~1\PESTPA~1\CookiePatrol.exe
E:\Program Files\MessengerPlus! 3\MsgPlus.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
E:\Program Files\Eset\nod32kui.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Macrogaming\SweetIM\SweetIM.exe
E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
E:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe
E:\WINDOWS\system32\wuauclt.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
E:\Documents and Settings\Ethell\Bureaublad\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - E:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PestPatrol Control Center] E:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] E:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] E:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AMonitor] E:\Program Files\Tiny Firewall Pro\amon.exe
O4 - HKCU\..\Run: [SweetIM] E:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SANTIS USB and PC Card Utility.lnk = E:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe
O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Gelijkwaardige pagina's - res://e:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://e:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://e:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'e:\program files\newdotnet\newdotnet6_90.dll' missing
O16 - DPF: {1358E11F-ADE8-4D2B-9135-1A4CB9A23D7B} (Install Class) - https://genius.belgacom.be/esupport/download/IPGInstaller.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.be/clients/ImageUploader3.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: PFW - E:\WINDOWS\SYSTEM32\UmxWnp.Dll
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - E:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - E:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\System32\HPZipm12.exe
O23 - Service: FW Event Manager (UmxAgent) - Computer Associates International, Inc. - E:\Program Files\Tiny Firewall Pro\UmxAgent.exe
O23 - Service: FW Configuration Interpreter (UmxCfg) - Computer Associates International, Inc. - E:\Program Files\Common Files\PFShared\UmxCfg.exe
O23 - Service: FW User-Mode Helper (UmxFwHlp) - Computer Associates International, Inc. - E:\Program Files\Tiny Firewall Pro\UmxFwHlp.exe
O23 - Service: FW Live Update (UmxLU) - Computer Associates International, Inc. - E:\Program Files\Common Files\PFShared\umxlu.exe
O23 - Service: FW Policy Manager (UmxPol) - Computer Associates International, Inc. - E:\Program Files\Common Files\PFShared\UmxPol.exe

1) Ga naar Configuratiescherm > Software. Kijk of New.net Domains of New.net Application in de softwarelijst staat en, zo ja, deïnstalleer dit.
Staat het niet in de softwarelijst of lukt het deïnstalleren niet, ga dan naar 2).

2) Kijk in de map C:\Program Files\NewDotNet of daarin een uninstaller staat. Die uninstaller heet uninstallX_XX.exe (waarbij de X'en staan voor cijfers). Zo ja, dubbelklik daarop om New.net te verwijderen.
Lukt het op deze manier niet, ga dan naar 3).

3) Kijk in de map C:\Windows of daarin een uninstaller staat. Die uninstaller heet NDNuninstallx_xx.exe (waarbij de X'en staan voor cijfers). Zo ja, dubbelklik daarop om New.net te verwijderen.
Lukt het op deze manier niet, ga dan naar 4).

4) Download deze uninstaller (http://www.new.net/support/NNuninstall.exe), plaats het op je bureaublad. Dubbelklik op NNuninstall.exe, dat nu op je bureaublad staat, om New.net te verwijderen.

Na het verwijderen van New.net, moet de pc opnieuw worden opgestart. Maak daarna een nieuw HijackThis-log en plaats dat hier.

1) Ga naar Configuratiescherm > Software. Kijk of New.net Domains of New.net Application in de softwarelijst staat en, zo ja, deïnstalleer dit.
Staat het niet in de softwarelijst of lukt het deïnstalleren niet, ga dan naar 2).

2) Kijk in de map C:\Program Files\NewDotNet of daarin een uninstaller staat. Die uninstaller heet uninstallX_XX.exe (waarbij de X'en staan voor cijfers). Zo ja, dubbelklik daarop om New.net te verwijderen.
Lukt het op deze manier niet, ga dan naar 3).

3) Kijk in de map C:\Windows of daarin een uninstaller staat. Die uninstaller heet NDNuninstallx_xx.exe (waarbij de X'en staan voor cijfers). Zo ja, dubbelklik daarop om New.net te verwijderen.
Lukt het op deze manier niet, ga dan naar 4).

4) Download deze uninstaller (http://www.new.net/support/NNuninstall.exe), plaats het op je bureaublad. Dubbelklik op NNuninstall.exe, dat nu op je bureaublad staat, om New.net te verwijderen.

Na het verwijderen van New.net, moet de pc opnieuw worden opgestart. Maak daarna een nieuw HijackThis-log en plaats dat hier. hey heb alles geprobeerd maar het lukt niet ik ga nu de log doorsturen ik weet hoe dit werkt maar mijn ma heeft serieuze problemen met haar pc sorry(a) (a) (a) (a)

Logfile of HijackThis v1.99.1
Scan saved at 17:14:22, on 17/12/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\LEXBCES.EXE
E:\Program Files\Common Files\PFShared\UmxCfg.exe
E:\WINDOWS\system32\LEXPPS.EXE
E:\Program Files\Tiny Firewall Pro\UmxFwHlp.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\PFShared\UmxPol.exe
E:\Program Files\Tiny Firewall Pro\UmxAgent.exe
E:\Program Files\Tiny Firewall Pro\UmxTray.exe
E:\Program Files\ewido\security suite\ewidoctrl.exe
E:\Program Files\ewido\security suite\ewidoguard.exe
E:\Program Files\Eset\nod32krn.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\PFShared\umxlu.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\RunDll32.exe
E:\PROGRA~1\PESTPA~1\PPControl.exe
E:\PROGRA~1\PESTPA~1\PPMemCheck.exe
E:\PROGRA~1\PESTPA~1\CookiePatrol.exe
E:\Program Files\MessengerPlus! 3\MsgPlus.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
E:\Program Files\Eset\nod32kui.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\system32\rundll32.exe
E:\Program Files\Macrogaming\SweetIM\SweetIM.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
E:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
E:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
E:\Documents and Settings\Ethell\Bureaublad\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - E:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PestPatrol Control Center] E:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] E:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] E:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [nod32kui] "E:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AMonitor] E:\Program Files\Tiny Firewall Pro\amon.exe
O4 - HKCU\..\Run: [SweetIM] E:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SANTIS USB and PC Card Utility.lnk = E:\Program Files\Siemens\SANTIS WLAN\WlanMonitor.exe
O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Gelijkwaardige pagina's - res://e:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Koppelingspagina's - res://e:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://e:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'e:\program files\newdotnet\newdotnet6_90.dll' missing
O16 - DPF: {1358E11F-ADE8-4D2B-9135-1A4CB9A23D7B} (Install Class) - https://genius.belgacom.be/esupport/download/IPGInstaller.CAB
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.be/clients/ImageUploader3.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: PFW - E:\WINDOWS\SYSTEM32\UmxWnp.Dll
O23 - Service: ewido security suite control - ewido networks - E:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - E:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - E:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\System32\HPZipm12.exe
O23 - Service: FW Event Manager (UmxAgent) - Computer Associates International, Inc. - E:\Program Files\Tiny Firewall Pro\UmxAgent.exe
O23 - Service: FW Configuration Interpreter (UmxCfg) - Computer Associates International, Inc. - E:\Program Files\Common Files\PFShared\UmxCfg.exe
O23 - Service: FW User-Mode Helper (UmxFwHlp) - Computer Associates International, Inc. - E:\Program Files\Tiny Firewall Pro\UmxFwHlp.exe
O23 - Service: FW Live Update (UmxLU) - Computer Associates International, Inc. - E:\Program Files\Common Files\PFShared\umxlu.exe
O23 - Service: FW Policy Manager (UmxPol) - Computer Associates International, Inc. - E:\Program Files\Common Files\PFShared\UmxPol.exe