Wim1982

ComboFix 10-08-12.03 - Wim 14/08/2010 16:03:05.1.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.511.231 [GMT 2:00] Gestart vanuit: c:\documents and settings\Wim\Bureaublad\ComboFix.exe AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Wim\jre-6u5-windows-i586-p.exe c:\documents and settings\Wim\winamp5093_full_hawthorne_emusic-7plus.exe . (((((((((((((((((((( Bestanden Gemaakt van 2010-07-14 to 2010-08-14 )))))))))))))))))))))))))))))) . 2010-08-14 13:33 . 2010-08-14 13:33 -------- d--h--r- c:\documents and settings\Wim\Onlangs geopend 2010-08-12 10:51 . 2010-08-12 10:51 -------- d-----w- c:\documents and settings\Wim\Application Data\Malwarebytes 2010-08-12 10:50 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-08-12 10:50 . 2010-08-12 10:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-08-12 10:50 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-12 10:50 . 2010-08-12 10:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-08-12 10:11 . 2010-08-12 10:11 -------- d-----w- c:\program files\CodeStuff 2010-08-12 10:01 . 2010-08-12 10:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters 2010-08-10 14:46 . 2010-08-10 14:46 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google 2010-08-10 14:41 . 2010-08-10 14:41 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2010-08-10 14:41 . 2010-08-10 14:41 -------- d-----w- c:\program files\CCleaner 2010-08-10 14:35 . 2010-08-10 14:35 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2010-08-10 14:34 . 2010-08-10 14:34 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2010-08-03 08:07 . 2010-08-03 08:07 -------- d-----w- c:\documents and settings\Wim\Local Settings\Application Data\Threat Expert 2010-08-03 07:06 . 2010-08-03 07:06 388096 ----a-r- c:\documents and settings\Wim\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-08-03 07:06 . 2010-08-03 07:06 -------- d-----w- c:\program files\Trend Micro 2010-07-18 17:00 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-12 05:44 . 1979-12-31 22:00 55432 ----a-w- c:\windows\system32\perfc013.dat 2010-08-12 05:44 . 1979-12-31 22:00 367658 ----a-w- c:\windows\system32\perfh013.dat 2010-06-30 12:33 . 2004-08-04 10:00 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-24 12:27 . 2004-08-04 10:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 09:03 . 2004-08-04 10:00 1852032 ----a-w- c:\windows\system32\win32k.sys 2010-06-21 15:27 . 2004-08-04 10:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-17 14:03 . 2004-08-04 10:00 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2004-09-14 16:59 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\HelpSvc.exe 2010-06-14 07:43 . 2004-08-04 10:00 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-06-12 16:16 . 2009-07-01 16:25 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2010-06-12 16:16 . 2009-07-01 16:25 29568 ----a-w- c:\windows\system32\LMIport.dll 2010-06-12 16:16 . 2009-07-01 16:25 87424 ----a-w- c:\windows\system32\LMIinit.dll 2005-03-11 17:25 . 2005-03-11 17:24 512 ----a-w- c:\program files\CA2KWI3.key . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2004-08-13 73728] "VTTrayp"="VTtrayp.exe" [2004-06-22 143360] "VTTimer"="VTTimer.exe" [2004-09-01 53248] "preload"="c:\windows\RUNXMLPL.exe" [2004-04-20 40960] "PowerKey"="c:\program files\Launch Manager\PowerKey.exe" [2002-08-30 94208] "PCMService"="c:\program files\Arcade\PCMService.exe" [2004-08-27 81920] "LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2002-11-25 172032] "LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048] "LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2004-09-08 245760] "LManager"="c:\program files\Launch Manager\HotkeyApp.exe" [2004-07-15 49152] "LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2004-08-06 32768] "CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2004-01-28 184320] "AGRSMMSG"="AGRSMMSG.exe" [2003-07-25 88363] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 257752] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 2010-06-12 16:16 87424 ----a-w- c:\windows\system32\LMIinit.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\21584378483241153391685569056860 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "gusvc"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1107000.00C\symds.sys [26/05/2010 20:17 328752] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1107000.00C\symefa.sys [26/05/2010 20:17 173104] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100719.001\BHDrvx86.sys [20/07/2010 1:28 692272] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1107000.00C\cchpx86.sys [26/05/2010 20:17 501888] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1107000.00C\ironx86.sys [26/05/2010 20:17 116784] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24/07/2008 18:46 12856] R2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\17.7.0.12\ccsvchst.exe [26/05/2010 20:16 126392] R2 NkPtpEnumP2;NkPtpEnumP2;c:\program files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe [17/06/2005 11:11 24064] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [16/03/2010 19:23 102448] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100813.004\IDSXpx86.sys [14/08/2010 15:32 331640] R3 IPN2220;acer IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [18/09/2004 2:33 140288] R3 POWERKEY;POWERKEY;c:\program files\Launch Manager\POWERKEY.SYS [2/01/2003 22:53 2343] R3 VBus;Virtual Bus;c:\windows\system32\drivers\NkVBus.sys [17/06/2005 11:11 17664] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?] S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?] S1 mailKmd;mailKmd; [x] S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?] . Inhoud van de 'Gedeelde Taken' map 2010-08-14 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 09:20] 2010-05-24 c:\windows\Tasks\SmartDefrag.job - c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-03-12 13:30] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.google.be/ mSearch Bar = hxxp://www.skynet.be/search mWindow Title = Telenet Internet uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - Welcome to Windows Live DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . - - - - ORPHANS VERWIJDERD - - - - HKLM-Run-NSLauncher - c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe HKLM-Run-ISTray - c:\program files\Spyware Doctor\pctsTray.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-08-14 16:11 Windows 5.1.2600 Service Pack 3 FAT NTAPI scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NAV] "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\17.7.0.12\diMaster.dll\" /prefetch:1" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(996) c:\windows\system32\LMIinit.dll c:\windows\system32\LMIRfsClientNP.dll . Voltooingstijd: 2010-08-14 16:14:51 ComboFix-quarantined-files.txt 2010-08-14 14:14 Pre-Run: 13.546.160.128 bytes beschikbaar Post-Run: 13.513.113.600 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect - - End Of File - - B5B58D0923EE23B421C0A90FBCA20EBD

Al veel beter, maar als ik naar de lopende processen kijk blijft dit een hele lijst. Of is dit normaal? En niet te vergeten, BEDANKT HOOR!!

Dit zijn de resultaten die ik bekom nadat ik uw raad heb opgevolgd. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:44:04, on 12/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe C:\Program Files\Launch Manager\Wbutton.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Launch Manager\PowerKey.exe C:\Program Files\Arcade\PCMService.exe C:\Program Files\ltmoh\Ltmoh.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\CtrlVol.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Skynet.be - LE portail belge – DE Belgische portaalsite! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe O23 - Service: NkPtpEnumP2 - Nikon Corporation - C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) -- End of file - 7995 bytes Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4421 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 12/08/2010 12:59:48 mbam-log-2010-08-12 (12-59-48).txt Scantype: Snelle scan Objecten gescand: 136401 Verstreken tijd: 6 minuut/minuten, 48 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)

Hallo, Is het normaal dat er veel processen lopen? Kan er iemand mijn Hijack controleren? Alvast bedankt Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:42:03, on 12/08/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\eManager\anbmServ.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe C:\Program Files\Launch Manager\Wbutton.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Launch Manager\PowerKey.exe C:\Program Files\ltmoh\Ltmoh.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Launch Manager\OSDCtrl.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Launch Manager\CtrlVol.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Skynet.be - LE portail belge – DE Belgische portaalsite! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1082\nl-nl\msntb.dll/search.htm O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe O23 - Service: NkPtpEnumP2 - Nikon Corporation - C:\Program Files\Nikon\Wireless Camera Setup Utility\NkPtpEnum.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) -- End of file - 10129 bytes