trojan-clicker

Oke,

Hier is ie dan, de log van jotti.org! Ik deed hem per ongeluk twee keer en de eerste keer kreeg ik dit:

Scanner Malware name

AntiVir Java/ClassLoader.D

ArcaVir Trojan.Downloader.Vbs.Small.S

Avast VBS:Malware

AVG Antivirus X

BitDefender Trojan.Java.Classloader.C

ClamAV Java.ClassLoader.24564

Dr.Web Exploit.ByteVerify

F-Prot Antivirus destructive program

Fortinet JS/Zapchast.A-dldr

Kaspersky Anti-Virus Trojan-Downloader.JS.Zapchast.a

NOD32 Java/Exploit.Bytverify.F

Norman Virus Control HTML/Exploit_based

UNA Trojan.Java.ClassLoader

VBA32 Trojan.Java.ClassLoader.c

De tweede keer:

Scanner Malware name

AntiVir Trojan/PSW.Linch.PG

ArcaVir X

Avast X

AVG Antivirus PSW.Ldpinch.JV

BitDefender X

ClamAV Trojan.LdPinch-24

Dr.Web Trojan.PWS.LDPinch.234

F-Prot Antivirus unknown virus

Fortinet X

Kaspersky Anti-Virus Trojan-PSW.Win32.LdPinch.gen

NOD32 a variant of Win32/PSW.LdPinch

Norman Virus Control X

UNA X

VBA32 Embedded.TrojanSpy.Win32.Small.s

Dit is de log van de dll's die hijackthis laat zien:

Process list saved on 17:22:16, on 7-11-2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

336 C:\WINDOWS\System32\smss.exe 5.1.2600.2180 Microsoft Corporation

408 C:\WINDOWS\system32\winlogon.exe 5.1.2600.2180 Microsoft Corporation

452 C:\WINDOWS\system32\services.exe 5.1.2600.2180 Microsoft Corporation

464 C:\WINDOWS\system32\lsass.exe 5.1.2600.2180 Microsoft Corporation

632 C:\WINDOWS\system32\svchost.exe 5.1.2600.2180 Microsoft Corporation

720 C:\WINDOWS\System32\svchost.exe 5.1.2600.2180 Microsoft Corporation

844 C:\Program Files\Common Files\Symantec Shared\ccProxy.exe 103.5.6.3 Symantec Corporation

868 C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe 103.5.6.3 Symantec Corporation

916 C:\Program Files\Norton Internet Security\ISSVC.exe 8.5.0.113 Symantec Corporation

936 C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe 5.5.1.6 Symantec Corporation

984 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe 1.5.1.3 Symantec Corporation

1044 C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe 103.5.6.3 Symantec Corporation

1248 C:\WINDOWS\Explorer.EXE 6.0.2900.2180 Microsoft Corporation

1448 C:\WINDOWS\system32\spoolsv.exe 5.1.2600.2696 Microsoft Corporation

1604 C:\WINDOWS\SOUNDMAN.EXE 5.1.0.2 Realtek Semiconductor Corp.

1632 C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe 1.0.0.1

1640 C:\WINDOWS\Dit.exe

1648 C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe 2003.0.0.775 Symantec Corporation

1664 C:\PROGRA~1\CASEMA~1\SMARTB~1\MotiveSB.exe 5.6.11.-13504 Motive Communications, Inc.

1672 C:\PROGRA~1\PESTPA~1\PPControl.exe 4.4.4.73 Computer Associates International

1684 C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

1700 C:\PROGRA~1\PESTPA~1\CookiePatrol.exe 4.4.4.82 Computer Associates International

1732 C:\Program Files\Common Files\Symantec Shared\ccApp.exe 103.5.6.3 Symantec Corporation

1756 C:\WINDOWS\system32\ctfmon.exe 5.1.2600.2180 Microsoft Corporation

1848 C:\WINDOWS\DitExp.exe

1896 C:\Program Files\Hewlett-Packard\HP OfficeJet Series 600\Bin\HPOstr05.exe 2.0.0.0 Hewlett-Packard Co.

2040 C:\Program Files\Casema SnelHelp\bin\mpbtn.exe

944 C:\Program Files\Hewlett-Packard\HP OfficeJet Series 600\bin\HPOVDX05.EXE 1.4.23.0 Hewlett-Packard Co.

1524 C:\WINDOWS\System32\drivers\CDAC11BA.EXE 4.11.50.0 C-Dilla Ltd

1180 C:\PROGRA~1\NORTON~2\NORTON~2\GHOSTS~2.EXE 2003.0.0.775 Symantec Corporation

1812 C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe 0.0.1.52 Computer Associates

2092 C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe 7.0.9064.9150 Microsoft Corporation

2108 C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe 11.5.7.2 Symantec Corporation

2132 C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE 16.0.0.22 Symantec Corporation

2160 C:\WINDOWS\System32\nvsvc32.exe 6.14.10.5216 NVIDIA Corporation

2248 C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe 7.0.0.24 Symantec Corporation

2272 C:\WINDOWS\System32\svchost.exe 5.1.2600.2180 Microsoft Corporation

2308 C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe 1.8.54.841 Symantec Corporation

2624 C:\WINDOWS\system32\hpoipm07.exe 4.5.0.767 HP

2808 C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe 1.0.0.1 X10

3168 C:\Program Files\Outlook Express\msimn.exe 6.0.2900.2180 Microsoft Corporation

1744 C:\Program Files\Internet Explorer\iexplore.exe 6.0.2900.2180 Microsoft Corporation

1856 C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe 8.5.0.113 Symantec Corporation

2208 C:\Documents and Settings\Eric\Mijn documenten\hijackthis.exe 1.99.0.1 Soeperman Enterprises Ltd.

1592 C:\Program Files\Messenger\msmsgs.exe 4.7.0.3001 Microsoft Corporation

DLLs loaded by process C:\Program Files\Internet Explorer\iexplore.exe:

C:\WINDOWS\system32\ntdll.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\kernel32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\USER32.dll 5.1.2600.2622 Microsoft Corporation

C:\WINDOWS\system32\GDI32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\SHLWAPI.dll 6.0.2900.2753 Microsoft Corporation

C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\SHDOCVW.dll 6.0.2900.2753 Microsoft Corporation

C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\MSASN1.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 Microsoft Corporation

C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\WININET.dll 6.0.2900.2753 Microsoft Corporation

C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll 6.0.2900.2180 Microsoft Corporation

C:\WINDOWS\system32\SHELL32.dll 6.0.2900.2763 Microsoft Corporation

C:\WINDOWS\system32\comctl32.dll 5.82.2900.2180 Microsoft Corporation

C:\WINDOWS\system32\uxtheme.dll 6.0.2900.2180 Microsoft Corporation

C:\PROGRA~1\CASEMA~1\SMARTB~1\SBHook.dll 5.6.11.-13504 Motive Communications, Inc.

C:\PROGRA~1\COMMON~1\SYMANT~1\ANTISPAM\asOEHook.dll 2006.1.0.28 Symantec Corporation

C:\WINDOWS\system32\MSVCR71.dll 7.10.3052.4 Microsoft Corporation

C:\WINDOWS\system32\MSCTF.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\BROWSEUI.dll 6.0.2900.2753 Microsoft Corporation

C:\WINDOWS\system32\browselc.dll 6.0.2900.2180 Microsoft Corporation

C:\WINDOWS\system32\appHelp.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.308 Microsoft Corporation

C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258 Microsoft Corporation

C:\WINDOWS\system32\urlmon.dll 6.0.2900.2753 Microsoft Corporation

C:\WINDOWS\system32\Secur32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\System32\cscui.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.2180 Microsoft Corporation

C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll 8.5.0.113 Symantec Corporation

C:\WINDOWS\system32\MSVCP71.dll 7.10.3077.0 Microsoft Corporation

C:\Program Files\Common Files\Symantec Shared\ccL35.dll 103.5.6.3 Symantec Corporation

C:\WINDOWS\system32\WS2_32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\msi.dll 3.1.4000.2435 Microsoft Corporation

C:\WINDOWS\system32\SXS.DLL 5.1.2600.2180 Microsoft Corporation

C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx 1.0.0.1

C:\Program Files\Spybot - Search & Destroy\SDHelper.dll 1.3.0.12 Safer Networking Limited

C:\WINDOWS\system32\olepro32.dll 5.1.2600.2180 Microsoft Corporation

C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll 11.5.7.2 Symantec Corporation

C:\WINDOWS\system32\ATL71.DLL 7.10.3077.0 Microsoft Corporation

C:\WINDOWS\system32\WSOCK32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\shdoclc.dll 6.0.2900.2180 Microsoft Corporation

C:\WINDOWS\system32\mlang.dll 6.0.2900.2180 Microsoft Corporation

C:\WINDOWS\system32\mswsock.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\hnetcfg.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\System32\wshtcpip.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\RASAPI32.DLL 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\rasman.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\TAPI32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\rtutils.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\msv1_0.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\sensapi.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\DNSAPI.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\rasadhlp.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\System32\mshtml.dll 6.0.2900.2769 Microsoft Corporation

C:\WINDOWS\System32\msls31.dll 3.10.349.0 Microsoft Corporation

C:\WINDOWS\System32\msimtf.dll 5.1.2600.2180 Microsoft Corporation

C:\Program Files\Microsoft Office\Office10\msohev.dll 10.0.2609.0 Microsoft Corporation

C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 Microsoft Corporation

C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll 11.5.7.2 Symantec Corporation

C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll 11.5.7.2 Symantec Corporation

C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll 103.5.6.3 Symantec Corporation

C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 Microsoft Corporation

c:\windows\system32\jscript.dll 5.6.0.8820 Microsoft Corporation

C:\WINDOWS\System32\iepeers.dll 6.0.2900.2753 Microsoft Corporation

C:\WINDOWS\System32\WINSPOOL.DRV 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\System32\mshtmled.dll 6.0.2900.2753 Microsoft Corporation

C:\WINDOWS\System32\actxprxy.dll 6.0.2900.2180 Microsoft Corporation

C:\WINDOWS\system32\wdmaud.drv 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\msacm32.drv 5.1.2600.0 Microsoft Corporation

C:\WINDOWS\system32\MSACM32.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\midimap.dll 5.1.2600.2180 Microsoft Corporation

C:\WINDOWS\system32\ImgUtil.dll 6.0.2900.2180 Microsoft Corporation

C:\WINDOWS\System32\pngfilt.dll 6.0.2900.2753 Microsoft Corporation

C:\WINDOWS\System32\mshtmler.dll 6.0.2900.2180 Microsoft Corporation

Dit is de log van Hijackthis met calculate md5…:

Logfile of HijackThis v1.99.1

Scan saved at 17:29:19, on 7-11-2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Norton Internet Security\ISSVC.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe

C:\WINDOWS\Dit.exe

C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe

C:\PROGRA~1\CASEMA~1\SMARTB~1\MotiveSB.exe

C:\PROGRA~1\PESTPA~1\PPControl.exe

C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

C:\PROGRA~1\PESTPA~1\CookiePatrol.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\DitExp.exe

C:\Program Files\Hewlett-Packard\HP OfficeJet Series 600\Bin\HPOstr05.exe

C:\Program Files\Casema SnelHelp\bin\mpbtn.exe

C:\Program Files\Hewlett-Packard\HP OfficeJet Series 600\bin\HPOVDX05.EXE

C:\WINDOWS\System32\drivers\CDAC11BA.EXE

C:\PROGRA~1\NORTON~2\NORTON~2\GHOSTS~2.EXE

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\hpoipm07.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe

C:\Documents and Settings\Eric\Mijn documenten\hijackthis.exe

C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.altavista.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx (filesize 37808 bytes, MD5 8394ABFC1BE196A62C9F532511936DF7)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (filesize 744960 bytes, MD5 ABF5BA518C6A5ED104496FF42D19AD88)

O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (filesize 104064 bytes, MD5 F997F86E5F2C10E2D84498F1C3896BF0)

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (filesize 218736 bytes, MD5 D520F4CFD7599734B224D66CB742DD41)

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (filesize 104064 bytes, MD5 F997F86E5F2C10E2D84498F1C3896BF0)

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (filesize 218736 bytes, MD5 D520F4CFD7599734B224D66CB742DD41)

O4 - HKLM\..\Run: SOUNDMAN.EXE (filesize 55296 bytes, MD5 6761B10EEFC1D97971222DD5E239EF79)

O4 - HKLM\..\Run: RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup (filesize 33792 bytes, MD5 16C68603123832BFD177B8334E9D9CB2)

O4 - HKLM\..\Run: nwiz.exe /install (filesize 741376 bytes, MD5 A4AE9BA1E10CB9F6C0949C4DB91A1F72)

O4 - HKLM\..\Run: “C:\Program Files\Medion Home Cinema XL II\PowerCinema\PCMService.exe” (filesize 61440 bytes, MD5 3A1406E4258830ACA422D863B6C48D0A)

O4 - HKLM\..\Run: Dit.exe (filesize 73728 bytes, MD5 49FA074F302D291BDA0931F7E09AF45F)

O4 - HKLM\..\Run: C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exeC:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe

O4 - HKLM\..\Run: C:\WINDOWS\System32\PSDrvCheck.exeC:\WINDOWS\System32\PSDrvCheck.exe

O4 - HKLM\..\Run: C:\PROGRA~1\CASEMA~1\SMARTB~1\MotiveSB.exeC:\PROGRA~1\CASEMA~1\SMARTB~1\MotiveSB.exe

O4 - HKLM\..\Run: C:\PROGRA~1\PESTPA~1\PPControl.exeC:\PROGRA~1\PESTPA~1\PPControl.exe

O4 - HKLM\..\Run: C:\PROGRA~1\PESTPA~1\PPMemCheck.exeC:\PROGRA~1\PESTPA~1\PPMemCheck.exe

O4 - HKLM\..\Run: C:\PROGRA~1\PESTPA~1\CookiePatrol.exeC:\PROGRA~1\PESTPA~1\CookiePatrol.exe

O4 - HKLM\..\Run: %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: “C:\Program Files\Common Files\Symantec Shared\ccApp.exe” (filesize 48752 bytes, MD5 C9AB8AB4576EFD3B26A2D108B7F6AC01)

O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: C:\Program Files\MalwareSweeper.com\Malware Sweeper\MalSwep.exe

O4 - Startup: Registration-InstantCopy.lnk = C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\Pixie\RegTool.exe (filesize 245760 bytes, MD5 35D183CB9D58F97F4E2E52FA738DD75C)

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (filesize 113664 bytes, MD5 C2FF17734176CD15221C10044EF0BA1A)

O4 - Global Startup: Casema SnelHelp.lnk = C:\Program Files\Casema SnelHelp\bin\matcli.exe (filesize 217088 bytes, MD5 C4F199B6C6B7EFBF37B5BC8E768342D4)

O4 - Global Startup: HP OfficeJet Series 600 Opstartmenu.lnk = C:\Program Files\Hewlett-Packard\HP OfficeJet Series 600\Bin\HPOstr05.exe (filesize 1175552 bytes, MD5 0578A72E1709BB4E18BE4BA4590B1125)

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (filesize 83360 bytes, MD5 5BC65464354A9FD3BEAA28E18839734A)

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1694208 bytes, MD5 74E6E96C6F0E2ECA4EDBB7F7A468F259)

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (filesize 1694208 bytes, MD5 74E6E96C6F0E2ECA4EDBB7F7A468F259)

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-30.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.com/scan8/oscan8.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1130703437328

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.bitdefender.com/scan/Msie/bitdefender.cab

O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab

O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXEC:\WINDOWS\System32\drivers\CDAC11BA.EXE

O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exeC:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe

O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exeC:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exeC:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exeC:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exeC:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\GHOSTS~2.EXEC:\PROGRA~1\NORTON~2\NORTON~2\GHOSTS~2.EXE

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exeC:\Program Files\Norton Internet Security\ISSVC.exe

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exeC:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exeC:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exeC:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXEC:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\System32\nvsvc32.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exeC:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exeC:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exeC:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exeC:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Lange log maar ik hoop dat je wat kan vinden.

THANX!!!!!!!

EBO

Avondsmurf

EBO

pablo

EBO

RBO

EBO

pablo

EBO

pablo