Hoi, nou ik heb paar problemen


1- trage pc

2- ad-aware kan ik niet meer update.. als ik t probeer, krijg ik een melding van SSL download failed.... ik heb adaware verwijdert en opnieuw geinstallert, toch is t probleem nog niet opgelost

3- bij spybot krijg ik altijd dezelfde meldingen van:
-Doubleclick
-Hitbox
-Kuasio.Ka
-Mediaplex
-Right Media
-Zlob.DNSChanger

4- bij elke opstart van mijn pc, verschijnt een venster met de melding:
Er is een fout opgetreden tijdens het laden van
C:\Users\007\AppData\Local\Temp\hgGvssSj.dll
Kan de opgegeven module niet vinden.

Er is een fout opgetreden tijdens het laden van
C:\Users\007\AppData\Local\Temp\xgnxinea.dll
Kan de opgegeven module niet vinden.

Er is een fout opgetreden tijdens het laden van
C:\Users\007\AppData\Local\Temp\nnNGaArp.dll
Kan de opgegeven module niet vinden.




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:33:09, on 28/07/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Avant Browser\avant.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\explorer.exe
C:\Users\007\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [dmutk.exe] C:\Windows\system32\dmutk.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [dmolz.tmp] C:\Windows\system32\dmolz.tmp
O4 - HKCU\..\Run: [dmgsl.tmp] C:\Windows\system32\dmgsl.tmp
O4 - HKCU\..\Run: [dmqbr.tmp] C:\Windows\system32\dmqbr.tmp
O4 - HKCU\..\Run: [dmvxz.tmp] C:\Windows\system32\dmvxz.tmp
O4 - HKCU\..\Run: [dmcnc.tmp] C:\Windows\system32\dmcnc.tmp
O4 - HKCU\..\Run: [dmxbu.tmp] C:\Windows\system32\dmxbu.tmp
O4 - HKCU\..\Run: [dmrka.tmp] C:\Windows\system32\dmrka.tmp
O4 - HKCU\..\Run: [dmeis.tmp] C:\Windows\system32\dmeis.tmp
O4 - HKCU\..\Run: [dmkuy.tmp] C:\Windows\system32\dmkuy.tmp
O4 - HKCU\..\Run: [dmhmz.tmp] C:\Windows\system32\dmhmz.tmp
O4 - HKCU\..\Run: [dmbyj.tmp] C:\Windows\system32\dmbyj.tmp
O4 - HKCU\..\Run: [dmcgq.tmp] C:\Windows\system32\dmcgq.tmp
O4 - HKCU\..\Run: [dmksc.tmp] C:\Windows\system32\dmksc.tmp
O4 - HKCU\..\Run: [dmjwx.tmp] C:\Windows\system32\dmjwx.tmp
O4 - HKCU\..\Run: [dmoku.tmp] C:\Windows\system32\dmoku.tmp
O4 - HKCU\..\Run: [dmdye.tmp] C:\Windows\system32\dmdye.tmp
O4 - HKCU\..\Run: [dmyts.tmp] C:\Windows\system32\dmyts.tmp
O4 - HKCU\..\Run: [dmbpu.tmp] C:\Windows\system32\dmbpu.tmp
O4 - HKCU\..\Run: [dmvwv.tmp] C:\Windows\system32\dmvwv.tmp
O4 - HKCU\..\Run: [dmalu.tmp] C:\Windows\system32\dmalu.tmp
O4 - HKCU\..\Run: [dmclz.tmp] C:\Windows\system32\dmclz.tmp
O4 - HKCU\..\Run: [dmjxl.tmp] C:\Windows\system32\dmjxl.tmp
O4 - HKCU\..\Run: [dmiiz.tmp] C:\Windows\system32\dmiiz.tmp
O4 - HKCU\..\Run: [dmnje.tmp] C:\Windows\system32\dmnje.tmp
O4 - HKCU\..\Run: [dmabn.tmp] C:\Windows\system32\dmabn.tmp
O4 - HKCU\..\Run: [dmnlz.tmp] C:\Windows\system32\dmnlz.tmp
O4 - HKCU\..\Run: [dmsup.tmp] C:\Windows\system32\dmsup.tmp
O4 - HKCU\..\Run: [dmfff.tmp] C:\Windows\system32\dmfff.tmp
O4 - HKCU\..\Run: [dmsdo.tmp] C:\Windows\system32\dmsdo.tmp
O4 - HKCU\..\Run: [dmlta.tmp] C:\Windows\system32\dmlta.tmp
O4 - HKCU\..\Run: [dmgjg.tmp] C:\Windows\system32\dmgjg.tmp
O4 - HKCU\..\Run: [dmslw.tmp] C:\Windows\system32\dmslw.tmp
O4 - HKCU\..\Run: [dmzes.tmp] C:\Windows\system32\dmzes.tmp
O4 - HKCU\..\Run: [dmgcf.tmp] C:\Windows\system32\dmgcf.tmp
O4 - HKCU\..\Run: [dmyra.tmp] C:\Windows\system32\dmyra.tmp
O4 - HKCU\..\Run: [dmlnq.tmp] C:\Windows\system32\dmlnq.tmp
O4 - HKCU\..\Run: [dmsep.tmp] C:\Windows\system32\dmsep.tmp
O4 - HKCU\..\Run: [dmxqy.tmp] C:\Windows\system32\dmxqy.tmp
O4 - HKCU\..\Run: [dmpqb.tmp] C:\Windows\system32\dmpqb.tmp
O4 - HKCU\..\Run: [dmoss.tmp] C:\Windows\system32\dmoss.tmp
O4 - HKCU\..\Run: [dmjvh.tmp] C:\Windows\system32\dmjvh.tmp
O4 - HKCU\..\Run: [dmsza.tmp] C:\Windows\system32\dmsza.tmp
O4 - HKCU\..\Run: [dmxhj.tmp] C:\Windows\system32\dmxhj.tmp
O4 - HKCU\..\Run: [dmncp.tmp] C:\Windows\system32\dmncp.tmp
O4 - HKCU\..\Run: [dmfmk.tmp] C:\Windows\system32\dmfmk.tmp
O4 - HKCU\..\Run: [dmsfp.tmp] C:\Windows\system32\dmsfp.tmp
O4 - HKCU\..\Run: [dmobc.tmp] C:\Windows\system32\dmobc.tmp
O4 - HKCU\..\Run: [dmgzd.tmp] C:\Windows\system32\dmgzd.tmp
O4 - HKCU\..\Run: [dmggw.tmp] C:\Windows\system32\dmggw.tmp
O4 - HKCU\..\Run: [dmced.tmp] C:\Windows\system32\dmced.tmp
O4 - HKCU\..\Run: [dmdfy.tmp] C:\Windows\system32\dmdfy.tmp
O4 - HKCU\..\Run: [dmehh.tmp] C:\Windows\system32\dmehh.tmp
O4 - HKCU\..\Run: [dmgdn.tmp] C:\Windows\system32\dmgdn.tmp
O4 - HKCU\..\Run: [dmrbw.tmp] C:\Windows\system32\dmrbw.tmp
O4 - HKCU\..\Run: [dmtdd.tmp] C:\Windows\system32\dmtdd.tmp
O4 - HKCU\..\Run: [dmlwy.tmp] C:\Windows\system32\dmlwy.tmp
O4 - HKCU\..\Run: [dmdmc.tmp] C:\Windows\system32\dmdmc.tmp
O4 - HKCU\..\Run: [dmiac.tmp] C:\Windows\system32\dmiac.tmp
O4 - HKCU\..\Run: [dmsky.tmp] C:\Windows\system32\dmsky.tmp
O4 - HKCU\..\Run: [dmvyz.tmp] C:\Windows\system32\dmvyz.tmp
O4 - HKCU\..\Run: [dmoub.tmp] C:\Windows\system32\dmoub.tmp
O4 - HKCU\..\Run: [dmwcc.tmp] C:\Windows\system32\dmwcc.tmp
O4 - HKCU\..\Run: [dmadi.tmp] C:\Windows\system32\dmadi.tmp
O4 - HKCU\..\Run: [dmypf.tmp] C:\Windows\system32\dmypf.tmp
O4 - HKCU\..\Run: [dmctv.tmp] C:\Windows\system32\dmctv.tmp
O4 - HKCU\..\Run: [dmhpu.tmp] C:\Windows\system32\dmhpu.tmp
O4 - HKCU\..\Run: [dmbvu.tmp] C:\Windows\system32\dmbvu.tmp
O4 - HKCU\..\Run: [dmsfm.tmp] C:\Windows\system32\dmsfm.tmp
O4 - HKCU\..\Run: [dmqfh.tmp] C:\Windows\system32\dmqfh.tmp
O4 - HKCU\..\Run: [dmuli.tmp] C:\Windows\system32\dmuli.tmp
O4 - HKCU\..\Run: [dmhnb.tmp] C:\Windows\system32\dmhnb.tmp
O4 - HKCU\..\Run: [dmise.tmp] C:\Windows\system32\dmise.tmp
O4 - HKCU\..\Run: [dmlnm.tmp] C:\Windows\system32\dmlnm.tmp
O4 - HKCU\..\Run: [dmlsx.tmp] C:\Windows\system32\dmlsx.tmp
O4 - HKCU\..\Run: [dmfir.tmp] C:\Windows\system32\dmfir.tmp
O4 - HKCU\..\Run: [dmifk.tmp] C:\Windows\system32\dmifk.tmp
O4 - HKCU\..\Run: [dmozr.tmp] C:\Windows\system32\dmozr.tmp
O4 - HKCU\..\Run: [dmbhz.tmp] C:\Windows\system32\dmbhz.tmp
O4 - HKCU\..\Run: [dmqfy.tmp] C:\Windows\system32\dmqfy.tmp
O4 - HKCU\..\Run: [dmeex.tmp] C:\Windows\system32\dmeex.tmp
O4 - HKCU\..\Run: [dmabb.tmp] C:\Windows\system32\dmabb.tmp
O4 - HKCU\..\Run: [dmpru.tmp] C:\Windows\system32\dmpru.tmp
O4 - HKCU\..\Run: [dmjoj.tmp] C:\Windows\system32\dmjoj.tmp
O4 - HKCU\..\Run: [dmvec.tmp] C:\Windows\system32\dmvec.tmp
O4 - HKCU\..\Run: [dmrmb.tmp] C:\Windows\system32\dmrmb.tmp
O4 - HKCU\..\Run: [dmilz.tmp] C:\Windows\system32\dmilz.tmp
O4 - HKCU\..\Run: [dmqta.tmp] C:\Windows\system32\dmqta.tmp
O4 - HKCU\..\Run: [dmkck.tmp] C:\Windows\system32\dmkck.tmp
O4 - HKCU\..\Run: [dmewc.tmp] C:\Windows\system32\dmewc.tmp
O4 - HKCU\..\Run: [dmlxt.tmp] C:\Windows\system32\dmlxt.tmp
O4 - HKCU\..\Run: [dmsmr.tmp] C:\Windows\system32\dmsmr.tmp
O4 - HKCU\..\Run: [dmhyn.tmp] C:\Windows\system32\dmhyn.tmp
O4 - HKCU\..\Run: [dmzhl.tmp] C:\Windows\system32\dmzhl.tmp
O4 - HKCU\..\Run: [dmdto.tmp] C:\Windows\system32\dmdto.tmp
O4 - HKCU\..\Run: [dmkoe.tmp] C:\Windows\system32\dmkoe.tmp
O4 - HKCU\..\Run: [dmykg.tmp] C:\Windows\system32\dmykg.tmp
O4 - HKCU\..\Run: [dmszy.tmp] C:\Windows\system32\dmszy.tmp
O4 - HKCU\..\Run: [dmixq.tmp] C:\Windows\system32\dmixq.tmp
O4 - HKCU\..\Run: [dmrxe.tmp] C:\Windows\system32\dmrxe.tmp
O4 - HKCU\..\Run: [dmwzz.tmp] C:\Windows\system32\dmwzz.tmp
O4 - HKCU\..\Run: [dmvnq.tmp] C:\Windows\system32\dmvnq.tmp
O4 - HKCU\..\Run: [dmfbp.tmp] C:\Windows\system32\dmfbp.tmp
O4 - HKCU\..\Run: [dmwza.tmp] C:\Windows\system32\dmwza.tmp
O4 - HKCU\..\Run: [dmihr.tmp] C:\Windows\system32\dmihr.tmp
O4 - HKCU\..\Run: [dmook.tmp] C:\Windows\system32\dmook.tmp
O4 - HKCU\..\Run: [dmecy.tmp] C:\Windows\system32\dmecy.tmp
O4 - HKCU\..\Run: [dmwsn.tmp] C:\Windows\system32\dmwsn.tmp
O4 - HKCU\..\Run: [dmjjn.tmp] C:\Windows\system32\dmjjn.tmp
O4 - HKCU\..\Run: [dmudc.tmp] C:\Windows\system32\dmudc.tmp
O4 - HKCU\..\Run: [dmjkg.tmp] C:\Windows\system32\dmjkg.tmp
O4 - HKCU\..\Run: [dmrpy.tmp] C:\Windows\system32\dmrpy.tmp
O4 - HKCU\..\Run: [dmepq.tmp] C:\Windows\system32\dmepq.tmp
O4 - HKCU\..\Run: [dmysu.tmp] C:\Windows\system32\dmysu.tmp
O4 - HKCU\..\Run: [dmgia.tmp] C:\Windows\system32\dmgia.tmp
O4 - HKCU\..\Run: [dmzbr.tmp] C:\Windows\system32\dmzbr.tmp
O4 - HKCU\..\Run: [dmfqd.tmp] C:\Windows\system32\dmfqd.tmp
O4 - HKCU\..\Run: [dmraw.tmp] C:\Windows\system32\dmraw.tmp
O4 - HKCU\..\Run: [dmxbv.tmp] C:\Windows\system32\dmxbv.tmp
O4 - HKCU\..\Run: [dmcuq.tmp] C:\Windows\system32\dmcuq.tmp
O4 - HKCU\..\Run: [dmsyw.tmp] C:\Windows\system32\dmsyw.tmp
O4 - HKCU\..\Run: [dmfnf.tmp] C:\Windows\system32\dmfnf.tmp
O4 - HKCU\..\Run: [dmmui.tmp] C:\Windows\system32\dmmui.tmp
O4 - HKCU\..\Run: [dmafg.tmp] C:\Windows\system32\dmafg.tmp
O4 - HKCU\..\Run: [dmdga.tmp] C:\Windows\system32\dmdga.tmp
O4 - HKCU\..\Run: [dmzbu.tmp] C:\Windows\system32\dmzbu.tmp
O4 - HKCU\..\Run: [dmokg.tmp] C:\Windows\system32\dmokg.tmp
O4 - HKCU\..\Run: [dmbbl.tmp] C:\Windows\system32\dmbbl.tmp
O4 - HKCU\..\Run: [dmwfh.tmp] C:\Windows\system32\dmwfh.tmp
O4 - HKCU\..\Run: [dmjts.tmp] C:\Windows\system32\dmjts.tmp
O4 - HKCU\..\Run: [dmdtw.tmp] C:\Windows\system32\dmdtw.tmp
O4 - HKCU\..\Run: [dmdmq.tmp] C:\Windows\system32\dmdmq.tmp
O4 - HKCU\..\Run: [dmquk.tmp] C:\Windows\system32\dmquk.tmp
O4 - HKCU\..\Run: [dmnfy.tmp] C:\Windows\system32\dmnfy.tmp
O4 - HKCU\..\Run: [dmrhd.tmp] C:\Windows\system32\dmrhd.tmp
O4 - HKCU\..\Run: [dmnxg.tmp] C:\Windows\system32\dmnxg.tmp
O4 - HKCU\..\Run: [dmbsx.tmp] C:\Windows\system32\dmbsx.tmp
O4 - HKCU\..\Run: [dmlwl.tmp] C:\Windows\system32\dmlwl.tmp
O4 - HKCU\..\Run: [dmgci.tmp] C:\Windows\system32\dmgci.tmp
O4 - HKCU\..\Run: [dmthu.tmp] C:\Windows\system32\dmthu.tmp
O4 - HKCU\..\Run: [dmqrh.tmp] C:\Windows\system32\dmqrh.tmp
O4 - HKCU\..\Run: [dmewt.tmp] C:\Windows\system32\dmewt.tmp
O4 - HKCU\..\Run: [dmnim.tmp] C:\Windows\system32\dmnim.tmp
O4 - HKCU\..\Run: [dmvbz.tmp] C:\Windows\system32\dmvbz.tmp
O4 - HKCU\..\Run: [dmjjc.tmp] C:\Windows\system32\dmjjc.tmp
O4 - HKCU\..\Run: [dmqvx.tmp] C:\Windows\system32\dmqvx.tmp
O4 - HKCU\..\Run: [dmbhb.tmp] C:\Windows\system32\dmbhb.tmp
O4 - HKCU\..\Run: [dmxhv.tmp] C:\Windows\system32\dmxhv.tmp
O4 - HKCU\..\Run: [dmcsh.tmp] C:\Windows\system32\dmcsh.tmp
O4 - HKCU\..\Run: [dmavn.tmp] C:\Windows\system32\dmavn.tmp
O4 - HKCU\..\Run: [dmlna.tmp] C:\Windows\system32\dmlna.tmp
O4 - HKCU\..\Run: [dmgey.tmp] C:\Windows\system32\dmgey.tmp
O4 - HKCU\..\Run: [dmhzb.tmp] C:\Windows\system32\dmhzb.tmp
O4 - HKCU\..\Run: [dmvja.tmp] C:\Windows\system32\dmvja.tmp
O4 - HKCU\..\Run: [dmxej.tmp] C:\Windows\system32\dmxej.tmp
O4 - HKCU\..\Run: [dmhpr.tmp] C:\Windows\system32\dmhpr.tmp
O4 - HKCU\..\Run: [dmhmd.tmp] C:\Windows\system32\dmhmd.tmp
O4 - HKCU\..\Run: [dmdth.tmp] C:\Windows\system32\dmdth.tmp
O4 - HKCU\..\Run: [dmwga.tmp] C:\Windows\system32\dmwga.tmp
O4 - HKCU\..\Run: [dmwvj.tmp] C:\Windows\system32\dmwvj.tmp
O4 - HKCU\..\Run: [dmxvr.tmp] C:\Windows\system32\dmxvr.tmp
O4 - HKCU\..\Run: [dmxzm.tmp] C:\Windows\system32\dmxzm.tmp
O4 - HKCU\..\Run: [dmauv.tmp] C:\Windows\system32\dmauv.tmp
O4 - HKCU\..\Run: [dmxjf.tmp] C:\Windows\system32\dmxjf.tmp
O4 - HKCU\..\Run: [dmviu.tmp] C:\Windows\system32\dmviu.tmp
O4 - HKCU\..\Run: [dmmjr.tmp] C:\Windows\system32\dmmjr.tmp
O4 - HKCU\..\Run: [dmdtx.tmp] C:\Windows\system32\dmdtx.tmp
O4 - HKCU\..\Run: [dmrkk.tmp] C:\Windows\system32\dmrkk.tmp
O4 - HKCU\..\Run: [dmedk.tmp] C:\Windows\system32\dmedk.tmp
O4 - HKCU\..\Run: [dmurw.tmp] C:\Windows\system32\dmurw.tmp
O4 - HKCU\..\Run: [dmids.tmp] C:\Windows\system32\dmids.tmp
O4 - HKCU\..\Run: [dmypo.tmp] C:\Windows\system32\dmypo.tmp
O4 - HKCU\..\Run: [dmjyd.tmp] C:\Windows\system32\dmjyd.tmp
O4 - HKCU\..\Run: [dmsht.tmp] C:\Windows\system32\dmsht.tmp
O4 - HKCU\..\Run: [dmrrg.tmp] C:\Windows\system32\dmrrg.tmp
O4 - HKCU\..\Run: [dmlau.tmp] C:\Windows\system32\dmlau.tmp
O4 - HKCU\..\Run: [dmwwf.tmp] C:\Windows\system32\dmwwf.tmp
O4 - HKCU\..\Run: [dmgjz.tmp] C:\Windows\system32\dmgjz.tmp
O4 - HKCU\..\Run: [dmcel.tmp] C:\Windows\system32\dmcel.tmp
O4 - HKCU\..\Run: [dmope.tmp] C:\Windows\system32\dmope.tmp
O4 - HKCU\..\Run: [dmzzi.tmp] C:\Windows\system32\dmzzi.tmp
O4 - HKCU\..\Run: [dmntx.tmp] C:\Windows\system32\dmntx.tmp
O4 - HKCU\..\Run: [dmmyi.tmp] C:\Windows\system32\dmmyi.tmp
O4 - HKCU\..\Run: [dmjvt.tmp] C:\Windows\system32\dmjvt.tmp
O4 - HKCU\..\Run: [dmifm.tmp] C:\Windows\system32\dmifm.tmp
O4 - HKCU\..\Run: [dmibj.tmp] C:\Windows\system32\dmibj.tmp
O4 - HKCU\..\Run: [dmplx.tmp] C:\Windows\system32\dmplx.tmp
O4 - HKCU\..\Run: [dmhjv.tmp] C:\Windows\system32\dmhjv.tmp
O4 - HKCU\..\Run: [dmbxx.tmp] C:\Windows\system32\dmbxx.tmp
O4 - HKCU\..\Run: [dmhpi.tmp] C:\Windows\system32\dmhpi.tmp
O4 - HKCU\..\Run: [dmnge.tmp] C:\Windows\system32\dmnge.tmp
O4 - HKCU\..\Run: [dmgsy.tmp] C:\Windows\system32\dmgsy.tmp
O4 - HKCU\..\Run: [dmxqx.tmp] C:\Windows\system32\dmxqx.tmp
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [dmedz.tmp] C:\Windows\system32\dmedz.tmp
O4 - HKCU\..\Run: [dmcvm.tmp] C:\Windows\system32\dmcvm.tmp
O4 - HKCU\..\Run: [dmscb.tmp] C:\Windows\system32\dmscb.tmp
O4 - HKCU\..\Run: [dmrsk.tmp] C:\Windows\system32\dmrsk.tmp
O4 - HKCU\..\Run: [dmdam.tmp] C:\Windows\system32\dmdam.tmp
O4 - HKCU\..\Run: [dmeox.tmp] C:\Windows\system32\dmeox.tmp
O4 - HKCU\..\Run: [dmiig.tmp] C:\Windows\system32\dmiig.tmp
O4 - HKCU\..\Run: [dmefe.tmp] C:\Windows\system32\dmefe.tmp
O4 - HKCU\..\Run: [dmuux.tmp] C:\Windows\system32\dmuux.tmp
O4 - HKCU\..\Run: [dmlpi.tmp] C:\Windows\system32\dmlpi.tmp
O4 - HKCU\..\Run: [dmvlf.tmp] C:\Windows\system32\dmvlf.tmp
O4 - HKCU\..\Run: [dmaol.tmp] C:\Windows\system32\dmaol.tmp
O4 - HKCU\..\Run: [dmjao.tmp] C:\Windows\system32\dmjao.tmp
O4 - HKCU\..\Run: [dmina.tmp] C:\Windows\system32\dmina.tmp
O4 - HKCU\..\Run: [dmpiu.tmp] C:\Windows\system32\dmpiu.tmp
O4 - HKCU\..\Run: [dmoja.tmp] C:\Windows\system32\dmoja.tmp
O4 - HKCU\..\Run: [dmdyi.tmp] C:\Windows\system32\dmdyi.tmp
O4 - HKCU\..\Run: [dmklh.tmp] C:\Windows\system32\dmklh.tmp
O4 - HKCU\..\Run: [dmkiw.tmp] C:\Windows\system32\dmkiw.tmp
O4 - HKCU\..\Run: [dmsau.tmp] C:\Windows\system32\dmsau.tmp
O4 - HKCU\..\Run: [dmaul.tmp] C:\Windows\system32\dmaul.tmp
O4 - HKCU\..\Run: [dmbxv.tmp] C:\Windows\system32\dmbxv.tmp
O4 - HKCU\..\Run: [dmtwl.tmp] C:\Windows\system32\dmtwl.tmp
O4 - HKCU\..\Run: [dmnfn.tmp] C:\Windows\system32\dmnfn.tmp
O4 - HKCU\..\Run: [dmbdj.tmp] C:\Windows\system32\dmbdj.tmp
O4 - HKCU\..\Run: [dmjty.tmp] C:\Windows\system32\dmjty.tmp
O4 - HKCU\..\Run: [dmgmg.tmp] C:\Windows\system32\dmgmg.tmp
O4 - HKCU\..\Run: [dmhxs.tmp] C:\Windows\system32\dmhxs.tmp
O4 - HKCU\..\Run: [Host Process] C:\Users\007\svchost.exe
O4 - HKCU\..\Run: [dmvrc.tmp] C:\Windows\system32\dmvrc.tmp
O4 - HKCU\..\Run: [dmxqw.tmp] C:\Windows\system32\dmxqw.tmp
O4 - HKCU\..\Run: [dmjal.tmp] C:\Windows\system32\dmjal.tmp
O4 - HKCU\..\Run: [dmwpu.tmp] C:\Windows\system32\dmwpu.tmp
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\007\AppData\Local\Temp\efCUOihf.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\007\AppData\Local\Temp\nnNGaArP.dll,c
O4 - HKCU\..\Run: [BMe9f74032] Rundll32.exe "C:\Users\007\AppData\Local\Temp\xgnxinea.dll",s
O4 - HKCU\..\Run: [eac473ae] rundll32.exe "C:\Users\007\AppData\Local\Temp\ymdvcivi.dll",b
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: OSM Manager Bar - {BFB5F154-9212-46F3-B547-AC6106030A54} - (no file)
O9 - Extra 'Tools' menuitem: OSM Manager Bar - {BFB5F154-9212-46F3-B547-AC6106030A54} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{937F65B5-CB24-4554-9318-A467306E15BF}: NameServer = 85.255.115.66,85.255.112.185
O17 - HKLM\System\CCS\Services\Tcpip\..\{D72BCC81-C91C-401F-BBA2-87B6A16D2469}: NameServer = 85.255.115.66,85.255.112.185
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.66 85.255.112.185
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.66 85.255.112.185
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.66 85.255.112.185
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 22956 bytes

Print dit advies even uit en/of kopieer het naar een leeg kladblokbestand en sla het op op je bureaublad, want je zult moeten herstarten gedurende de fix

Download FixWareout van een van deze twee sites:
http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe

Let op! Als je antivirus een scriptblokker heeft krijg je een waarschuwing zoals "malicious script warning" wanneer je dit tooltje gaat draaien. Je kunt deze waarschuwing negeren en rustig het vbs.bestandje voor een minuut laten draaien.

Sla het tooltje op naar je bureaublad en run het. Klik op “next”, dan op “install” . Zorg ervoor dat "Run fixit" is aangevinkt and klik “finish”.
De fix zal nu beginnen en je kunt de opdrachten uitvoeren die worden gegeven. Er zal worden gevraagd je computer te herstarten; voer dit ook uit. Klik “OK” na de herstart en wacht rustig totdat het scannen is gebeurd.

Zodra de pc opnieuw is opgestart kun je op je bureublad een bestandje vinden report.txt. Bewaar dit, ik heb het straks nodig.

Note: Als je problemen hebt met de internet verbinding, voer dan het volgende uit:

Ga naar Start > Uitvoeren
Type (of plak) het volgende in de balk: ipconfig /flushdns
Klik OK.

Ga naar het Configuratiescherm en klik op "Netwerkverbindingen". Rechtsklik op je standaard verbinding en kies "Eigenschappen".
Klik op het tabblad "Algemeen" en dubbelklik op "Internet-Protocol (TCP/IP)". Selecteer "Automatisch een DNS-serveradres laten toewijzen".

Download MBAM (Malwarebytes' Anti-Malware) via hier (http://www.besttechie.net/tools/mbam-setup.exe) of hier (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html).
Dubbelklik op mbam-setup.exe om het programma te installeren.
Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder)
De log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in MBAM.
Kopieer en plak de inhoud van het logje in je volgend antwoord, samen met een nieuw HijackThis log en report.txt van WaroutFix.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken.
Daarna zal het vragen om de Computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Ik denk dat Fixwareout niet geschikt is voor Windows Vista.. na t installeren krijg ik vensters met de melding:
This batch will remove WareOut, KillNclean, SpyMarshal, UnSpyPC, SpyVampire and the normaly associated rootkit from your system.

Use at your own risk.

Fix will require a reboot, when ready
Druk op een toets om door te gaan..._

dat doe ik, en dan de volgende venster:
..Working, wait please
Unspupported Windows version
Druk op een toets om door te gaan..._

dat doe ik ook en dan verdwijnt de venster en gebeurd niks meer :eek:

Voer dan de instructies van MBAM maar uit! En post dan deze log samen met een nieuw HijackThis log.

Malwarebytes' Anti-Malware 1.23
Database versie: 1008
Windows 6.0.6001 Service Pack 1
16:10:43 30/07/2008
mbam-log-7-30-2008 (16-10-40).txt
Scan type: Volledige Scan (C:\|D:\|G:\|H:\|I:\|J:\|)
Objecten gescand: 137483
Verstreken tijd: 3 hour(s), 59 minute(s), 20 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 1
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\cmds (Malware.Trace) -> No action taken.
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:15:39, on 30/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Avant Browser\avant.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\hp\kbd\kbd.exe
C:\Windows\System32\wsqmcons.exe
C:\Users\007\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [dmutk.exe] C:\Windows\system32\dmutk.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BMe9f74032] Rundll32.exe "C:\Users\007\AppData\Local\Temp\xgnxinea.dll",s
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 9285 bytes

Hoi,

open HijackThis, klik op do a scan only en vink volgende regels aan:

O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O4 - HKLM\..\Run: [dmutk.exe] C:\Windows\system32\dmutk.exe
O4 - HKCU\..\Run: Rundll32.exe "C:\Users\007\AppData\Local\Temp\xgnxinea.dll" ,s

Sluit alle open vensters, behalve Hijackthis, en klik op [b]Fix Checked. Sluit HijackThis.

Herstart je PC en post een nieuw HijackThis logje. Laat me weten hoe alles werkt.

ziet er goed uit thnx :good:



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:14:28, on 31/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\WINDOWS\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Avant Browser\avant.exe
C:\Users\007\Desktop\HiJackThis.exe
C:\hp\kbd\kbd.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.shareazaweb.com/be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=73&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: XBTB08033 - {AAAE1C1A-89F7-4AF6-ABD1-F8FBCFA47408} - C:\PROGRA~1\OFMMAN~1\OFMTOO~1.DLL
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - (no file)
O3 - Toolbar: OFM Manager Bar - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\OFM Manager Bar\ofmtoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [dmutk.exe] C:\Windows\system32\dmutk.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Update Service] C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: OFM Manager Bar - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\OFM Manager Bar\ofmtoolbar.dll
O9 - Extra 'Tools' menuitem: OFM Manager Bar - {BFB5F154-9212-46F3-B547-AC6106030A54} - C:\Program Files\OFM Manager Bar\ofmtoolbar.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {34635AA6-B593-4F06-9EDD-5FF60FC13310} (Speaky Chat) - http://download.speakyweb.com/speakyldr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 9697 bytes

Je Java software is verouderd.
Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:

* Download Java Runtime Environment (JRE) 6u7 (http://java.sun.com/javase/downloads/index.jsp).
Scroll omlaag naar : "Java Runtime Environment (JRE) 6u7".
Klik op de "Download" knop aan de rechterkant.
Vink aan: "Accept License Agreement".
De pagina zal herladen.
Klik op de link om Windows Offline Installation te downloaden met Meerdere-talen, en bewaar het naar je Bureaublad.
Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart je pc.
Dubbelklik vervolgens op jre-6u7-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.

Vervolgens,
Lees je alvast deze Preventie pagina (http://users.telenet.be/bluepatchy/miekiemoes/preventie.html) met info en tips hoe dit in de toekomst te voorkomen.
En lees deze pagina (http://users.telenet.be/bluepatchy/miekiemoes/tragecomputer.html) om je computer terug te optimaliseren na het verwijderen van malware.

Extra nota: Zorg ervoor dat je programma's up to date zijn - want oudere versies kunnen Security Leaks bevatten. Om na te gaan welke programma's je moet updaten, voer de Secunia Software Inspector (http://secunia.com/software_inspector/) Scan uit.

ok de oude is vervangen door een nieuwe thnx again :good:

Dan gaat deze op slot. Wil je het topic terug geopend stuur dan iemand van het team een PM met de link van deze topic.