Mededeling

Collapse
No announcement yet.

pc slaat plots uit

Collapse
X
Collapse
  •  
  • Page of 2
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige 1 2 template Volgende
  • #1

    pc slaat plots uit

    Hallo even een logje

    Onze PC slaat plots uit zonder enige waarschuwing

    Wie helpt?
    THX

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:05:53, on 27/12/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\System32\PAStiSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\BitTorrent_DNA\dna.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\mama\Bureaublad\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [timemapithirdblah] C:\Documents and Settings\All Users\Application Data\TheHelpTimeMapi\Soapglue.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [FileZilla Server Interface] "I:\FileZilla Server\FileZilla Server Interface.exe"
    O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~2\Navapw32.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [Spiceworks] C:\Program Files\Spiceworks\bin\spicetray_silent.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/ricochet/ReflexiveWebGameLoader.cab
    O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - http://www.e-games.com.my/com/EGamesPlugin.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://snellevinder.spaces.live.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.arcadetown.com/swf/luxor/mjolauncher.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - I:\FileZilla Server\FileZilla Server.exe (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

    --
    End of file - 10397 bytes
    Labels: Geen
    • Citaat
  • #2
    H E L P

    Hij slaaty nu helemaal tilt!!!
    zelfs in veilige modus slaat hij binnen 3 minuten uit!!
    kan dus zelfs geen virusscan etc uitvoeren om te zien hoe en wat
    niemand een idee?
    • Citaat

    Comment

    • #3
      Ik weet niet of dit het gaat oplossen.

      Start HijackThis nog een keer, kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regels:
      O4 - HKLM\..\Run: [timemapithirdblah] C:\Documents and Settings\All Users\Application Data\TheHelpTimeMapi\Soapglue.exe
      O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...tml?p=ZNfox000
      Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

      Herstart even je computer.

      Download dit bestand: Deljob.exe (mirror)
      Plaats het op je bureaublad.
      Indien je virusscanner de download van deljob.exe blokkeert,
      schakel dan tijdelijk je virusscanner uit of download de zip-versie
      deljob.zip en pak deze uit naar je Bureaublad.
      Dubbelklik Deljob.exe.
      Een logje(logit.txt) zal openen, het bestandje kan je ook terugvinden op je bureaublad.
      Post de inhoud van logit.txt in je volgende bericht.
      Post ook een nieuw logje van HijackThis

      Groeten smeenk
      • Citaat

      Comment

      • #4
        --------------------------------------------------------
        No LOP jobs found
        --------------------------------------------------------
        Files remaining after cleaning

        AppleSoftwareUpdate.job
        Norton AntiVirus - Mijn computer scannen.job
        Symantec NetDetect.job
        --------------------------------------------------------
        App data folders

        Het volume in station C heeft geen naam.
        Het volumenummer is D0A3-C153

        Map van C:\Documents and Settings\mama\Application Data

        15/12/2007 16:56 <DIR> .
        15/12/2007 16:56 <DIR> ..
        27/05/2007 16:24 <DIR> Adobe
        07/03/2006 11:23 <DIR> AdobeUM
        02/03/2007 15:49 <DIR> Ahead
        28/03/2006 19:32 <DIR> APPLEC~1 Apple Computer
        20/10/2007 13:25 <DIR> ArcSoft
        23/04/2007 09:28 <DIR> ATI
        25/10/2007 11:31 <DIR> BITTOR~2 BitTorrent
        29/12/2007 09:48 <DIR> BITTOR~1 BitTorrent DNA
        27/10/2007 18:53 <DIR> Canon
        01/10/2006 17:26 <DIR> EA
        21/08/2007 09:31 <DIR> FUNWEB~1 FunWebProducts
        22/02/2006 15:10 <DIR> Help
        27/12/2007 13:25 <DIR> IDENTI~1 Identities
        10/01/2007 09:12 <DIR> Inobe
        19/02/2006 18:15 <DIR> INTERV~1 InterVideo
        17/02/2007 13:26 <DIR> KETNET~1 KetnetKick
        26/06/2006 19:20 <DIR> Lavasoft
        09/05/2006 09:26 <DIR> LEADER~1 Leadertech
        23/02/2006 14:06 <DIR> MACROM~1 Macromedia
        28/08/2006 07:18 <DIR> MATTRI~1 Mattricks
        27/11/2007 08:13 <DIR> MICROS~1 Microsoft
        19/02/2006 13:55 <DIR> Mozilla
        27/02/2006 10:36 <DIR> MSN6
        04/10/2007 18:56 <DIR> Nokia
        24/11/2007 13:59 <DIR> NOKIAM~1 Nokia Multimedia Player
        04/10/2007 18:44 <DIR> PCSUIT~1 PC Suite
        26/06/2006 18:37 <DIR> PCTOOL~1 PC Tools
        10/08/2007 20:38 <DIR> PLAYFI~1 PlayFirst
        15/03/2006 12:18 <DIR> Real
        07/09/2007 12:27 <DIR> ScanSoft
        28/04/2007 11:12 <DIR> SECOND~1 SecondLife
        24/08/2007 06:57 <DIR> Skype
        23/08/2007 16:50 <DIR> SONYCO~1 Sony Corporation
        20/02/2006 18:10 <DIR> Sun
        12/01/2007 11:42 <DIR> Symantec
        19/02/2006 13:55 <DIR> Talkback
        17/05/2006 11:33 <DIR> Template
        16/12/2006 14:37 <DIR> think3
        19/02/2006 13:55 <DIR> THUNDE~1 Thunderbird
        23/08/2007 16:36 <DIR> U3
        26/06/2006 18:34 <DIR> Webroot
        28/07/2007 19:38 <DIR> yoclient
        21/02/2007 19:12 <DIR> Zylom
        0 bestand(en) 0 bytes
        45 map(pen) 2.983.727.104 bytes beschikbaar
        Het volume in station C heeft geen naam.
        Het volumenummer is D0A3-C153

        Map van C:\Documents and Settings\All Users\Application Data

        27/12/2007 13:25 <DIR> .
        27/12/2007 13:25 <DIR> ..
        19/09/2007 20:44 <DIR> Adobe
        02/03/2007 15:13 <DIR> Ahead
        28/06/2007 07:51 <DIR> APPLEC~1 Apple Computer
        07/09/2007 12:17 <DIR> CanonBJ
        01/10/2006 17:26 <DIR> EA
        04/10/2007 18:36 <DIR> INSTAL~2 Installations
        17/02/2006 21:20 <DIR> INSTAL~1 InstallShield
        03/11/2007 13:41 <DIR> MICROS~1 Microsoft
        27/02/2006 10:35 <DIR> MSN6
        16/06/2007 19:09 <DIR> MSSCAN~1 MSScanAppDataDir
        08/11/2006 17:03 <DIR> MUMBOJ~1 MumboJumbo
        29/08/2006 18:09 <DIR> NVIEW_~1 nView_Profiles
        04/10/2007 18:47 <DIR> PCSUIT~1 PC Suite
        26/11/2007 20:17 <DIR> PopCap
        07/09/2007 12:27 <DIR> ScanSoft
        20/02/2006 16:16 <DIR> Skype
        19/07/2006 12:31 <DIR> SPYBOT~1 Spybot - Search & Destroy
        16/08/2007 16:18 <DIR> SWIFTS~1 SwiftSwitch
        22/09/2007 18:50 <DIR> Symantec
        03/03/2007 19:42 <DIR> TEMP
        20/12/2006 18:45 <DIR> think3
        18/05/2007 08:41 <DIR> Trymedia
        20/09/2007 22:16 <DIR> ULEADS~1 Ulead Systems
        09/08/2007 19:53 <DIR> VICEVE~1 ViceVersa PRO 2
        10/10/2006 21:02 <DIR> WHITEC~1 WhiteCap (Holiday Edition)
        17/02/2006 22:26 <DIR> WINDOW~1 Windows Genuine Advantage
        24/07/2007 16:19 <DIR> Zylom
        0 bestand(en) 0 bytes
        29 map(pen) 2.983.727.104 bytes beschikbaar
        --------------------------------------------------------
        • Citaat

        Comment

        • #5
          Na deljob logje nu hijack logje
          Logfile of HijackThis v1.99.1
          Scan saved at 13:02:22, on 29-12-2007
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v7.00 (7.00.6000.16574)

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\HijackThis\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
          R3 - Default URLSearchHook is missing
          O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
          O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
          O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
          O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
          O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
          O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
          O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
          O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
          O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
          O4 - HKLM\..\Run: [GNKI Agent] C:\WINDOWS\system32\Sys32\GNKI.exe
          O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
          O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
          O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~2\Navapw32.exe
          O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
          O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
          O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
          O4 - HKLM\..\Run: [Spiceworks] C:\Program Files\Spiceworks\bin\spicetray_silent.exe
          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
          O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - &#37;windir%\Network Diagnostic\xpnetdiag.exe (file missing)
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O11 - Options group: [INTERNATIONAL] International*
          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
          O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
          O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip.com/ricochet/ReflexiveWebGameLoader.cab
          O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - http://www.e-games.com.my/com/EGamesPlugin.cab
          O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://snellevinder.spaces.live.com//PhotoUpload/MsnPUpld.cab
          O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
          O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
          O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.arcadetown.com/swf/luxor/mjolauncher.cab
          O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
          O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
          O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
          O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
          O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
          O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
          O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
          O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
          O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
          O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
          O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
          O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
          O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
          O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
          O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
          O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - I:\FileZilla Server\FileZilla Server.exe (file missing)
          O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
          O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
          O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
          O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
          O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
          O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
          O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
          O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
          O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
          • Citaat

          Comment

          • #6
            Download Combofix naar je Bureaublad.
            Dubbelklik op Combofix.exe
            Kies voor "Continue" door 1 te typen gevolgd door ENTER.
            Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
            Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
            Plaats deze log in je volgende post.

            NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
            • Citaat

            Comment

            • #7
              Al ongeveer een half uuur staat volgende mededeling op t scherm van de besmette PC

              na t starten van combofix

              "Zoeken naar besmette bestanden ...
              Dit duurt gewoonlijk niet langer dan 10 minuten
              De scantijd voor zwaar besmette computers kunnen dubbel zo lang duren

              ComboFix heeft uw klokinstellingen gewijzigd.
              Gelieve dit niet te veranderen. Dit zal later worden hersteld.


              Voltooid Deel_1"


              Is dit normaal of kan t komen doordat ik Windows in veilige modus 'met netwerkmogelijkheden' heb opgestart?
              • Citaat

              Comment

              • #8
                PC toch maar opnieuw opgestart en nu komt ie niet verder dan deel 7


                Maar ook volgende foutmelding: fvwd.cfexe is beschadigd, voer chkdsk uit.
                Waar enz niet kunnen opschrijven omdat t zo snel verdween
                • Citaat

                Comment

                • #9
                  Doe dit eens:
                  Check je HD op fouten.
                  • Open Windows explorer
                  • Rechtsklik de C-schijf (of andere disk die je wilt scannen)
                  • Kies > eigenschappen > tabblad extra
                  • Kies het volume op fouten controleren
                  • Vink aan “Fouten in bestandssysteem automatisch corrigeren” en “Beschadigde sectoren zoeken en repareren”
                    Het systeem zal om een herstart vragen
                  • Sluit alle programma’s en herstart de computer
                  • Onderbreek de schijfcontrole na herstart niet.


                  Verwijder Combofix en download het opnieuw, probeer daarna opnieuw een logje hiermee te maken
                  • Citaat

                  Comment

                  • #10
                    Hier is, na tig pogingen.. eindelijk een combofix logje

                    ComboFix 07-12-30.1 - Eigenaar 2007-12-31 9:11:16.10 - NTFSx86 MINIMAL
                    Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.1788 [GMT 1:00]Gestart vanuit: C:\Documents and Settings\Eigenaar\Bureaublad\ComboFix.exe
                    .

                    (((((((((((((((((((( Bestanden Gemaakt van 2007-11-28 to 2007-12-31 ))))))))))))))))))))))))))))))
                    .

                    2007-12-29 14:45 . 2007-12-29 14:45 <DIR> d----c--- C:\spoolerlogs
                    2007-12-18 15:33 . 2007-12-19 06:54 <DIR> d-------- C:\Program Files\WYGrapLKR
                    2007-12-18 15:29 . 2007-12-19 06:54 <DIR> d----c--- C:\WYGRAPPORT
                    2007-12-15 22:57 . 2007-12-15 22:57 <DIR> dr-h----- C:\Documents and Settings\NetworkService\Onlangs geopend
                    2007-12-01 19:15 . 2006-11-08 09:51 62,336 --------- C:\WINDOWS\system32\drivers\rspndr.sys
                    2007-12-01 19:15 . 2006-11-08 09:51 10,752 --------- C:\WINDOWS\system32\rspndr.exe
                    2007-11-30 18:16 . 2007-12-29 13:17 <DIR> d-------- C:\Program Files\HT Ratings
                    2007-11-30 18:16 . 2007-11-30 18:21 48,690 --a------ C:\WINDOWS\ST6UNST.001
                    2007-11-28 12:23 . 2007-11-28 12:23 <DIR> d-------- C:\Program Files\Common Files\CANON
                    2007-11-28 09:51 . 2006-09-05 11:28 38,480 --------- C:\WINDOWS\system32\IJRMF.exe
                    2007-11-27 08:43 . 2007-12-10 12:45 54,156 --ah----- C:\WINDOWS\QTFont.qfn
                    2007-11-27 08:43 . 2007-11-27 08:43 1,409 --a------ C:\WINDOWS\QTFont.for
                    2007-11-27 08:11 . 2007-11-27 08:11 <DIR> d-------- C:\Program Files\MSECache
                    2007-11-26 20:17 . 2007-11-26 20:17 <DIR> d----c--- C:\Documents and Settings\All Users\Application Data\PopCap
                    2007-11-26 18:53 . 2007-11-26 20:15 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
                    2007-11-24 19:15 . 2007-11-26 20:17 <DIR> d-------- C:\Program Files\InterVideo Information Service
                    2007-11-21 12:05 . 2007-11-21 12:05 <DIR> d-------- C:\Program Files\BitTorrent
                    2007-11-05 16:27 . 2007-11-05 16:27 <DIR> d-------- C:\Program Files\Google
                    2007-11-04 10:04 . 2007-11-04 10:08 <DIR> d-------- C:\Documents and Settings\Eigenaar\Application Data\U3
                    2007-11-03 15:59 . 2007-11-03 15:59 <DIR> d-------- C:\Program Files\BitTorrent_DNA

                    .
                    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    2007-12-29 14:29 --------- d-----w C:\Program Files\Norton AntiVirus
                    2007-12-27 12:24 --------- d-----w C:\Program Files\Zylom Games
                    2007-12-16 06:50 --------- d--h--w C:\Program Files\InstallShield Installation Information
                    2007-12-15 21:59 304,160 -c--a-w C:\StiImg.dat
                    2007-12-04 18:30 --------- d-----w C:\Program Files\Opwekking 2005
                    2007-11-30 17:23 286,720 ------w C:\WINDOWS\Setup1.exe
                    2007-11-28 18:55 --------- d-----w C:\Program Files\Canon
                    2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
                    2007-11-04 09:26 --------- d-----w C:\Program Files\Common Files\EasyInfo
                    2007-10-29 22:45 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
                    2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
                    2007-03-06 15:08 774,144 ----a-w C:\Program Files\RngInterstitial.dll
                    2006-09-16 17:20 32 -c--a-r C:\Documents and Settings\All Users\hash.dat
                    2006-07-01 09:24 30,736 ----a-w C:\Documents and Settings\Eigenaar\Application Data\GDIPFONTCACHEV1.DAT
                    2006-02-18 08:50 65 ----a-w C:\Program Files\Common Files\appop.log
                    2004-08-20 18:09 62,865 ----a-w C:\WINDOWS\inf\IM\odysseyIM3.sys
                    2004-08-20 18:09 45,056 ----a-w C:\WINDOWS\inf\IM\imdinst.exe
                    2004-08-20 18:09 12,739 ----a-w C:\WINDOWS\inf\IM\odNetInstall.dll
                    .

                    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                    .
                    .
                    REGEDIT4
                    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

                    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]
                    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03]

                    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                    "NvCplDaemon"="RUNDLL32.exe" [2004-08-04 01:03 C:\WINDOWS\system32\rundll32.exe]
                    "NvMediaCenter"="RUNDLL32.exe" [2004-08-04 01:03 C:\WINDOWS\system32\rundll32.exe]
                    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
                    "SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 C:\WINDOWS\soundman.exe]
                    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 08:41]
                    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-01 15:51]
                    "GNKI Agent"="C:\WINDOWS\system32\Sys32\GNKI.exe" [2007-08-16 16:14]
                    "OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 11:45]
                    "NAV CfgWiz"="C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe" [2003-09-02 18:16]
                    "NAV Agent"="C:\PROGRA~1\NORTON~2\Navapw32.exe" [2003-04-20 17:02]
                    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2003-09-02 13:31]
                    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-09-22 19:22]
                    "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 14:10]
                    "Spiceworks"="C:\Program Files\Spiceworks\bin\spicetray_silent.exe"

                    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
                    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 01:03]
                    "Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52]
                    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17]
                    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [2003-08-28 16:31]

                    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
                    "AllowLegacyWebView"= 1 (0x1)
                    "AllowUnhashedWebView"= 1 (0x1)

                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^AutoStart IR.lnk]
                    path=C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\AutoStart IR.lnk
                    backup=C:\WINDOWS\pss\AutoStart IR.lnkCommon Startup

                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
                    C:\WINDOWS\system32\NeroCheck.exe

                    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
                    2007-05-14 23:22 35328 --a------ C:\Program Files\Winamp\winampa.exe

                    R0 ivicd;Ivi CDVD Filter Driver;C:\WINDOWS\system32\drivers\ivicd.sys [2005-01-12 06:29]
                    S2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-04 03:47]
                    S3 epstw2k;SCM-SCSI stuurprogramma voor parallele poort;C:\WINDOWS\system32\DRIVERS\epstw2k.sys [2001-08-17 21:50]
                    S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-18 00:00]
                    S3 iviudf;iviudf;C:\WINDOWS\system32\drivers\IviUdf.sys [2005-01-12 20:28]
                    S3 odysseyIM3;Odyssey Network Services Miniport;C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys [2004-08-20 19:09]
                    S3 PAC207;SoC [email protected];C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 11:29]
                    S3 s3m;s3m;C:\WINDOWS\system32\DRIVERS\s3m.sys [2001-08-17 21:50]
                    S3 scsiscan;Stuurprogramma voor SCSI-scanner;C:\WINDOWS\system32\DRIVERS\scsiscan.sys [2001-08-17 21:53]
                    S3 USBNET_XP;Instant Wireless XP USB Network Adapter ver.2.6 Driver;C:\WINDOWS\system32\DRIVERS\netusbxp.sys [2002-02-19 19:34]
                    S3 W8100PCI;ASUS 802.11b/g Driver for Windows XP;C:\WINDOWS\system32\DRIVERS\mrv8k51.sys [2003-12-24 12:43]

                    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82064913-a643-11db-abe6-0013d4f48a49}]
                    \Shell\AutoRun\command - D:\LaunchU3.exe -a

                    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cf02ad33-4800-11dc-ad19-0013d4f48a49}]
                    \Shell\AutoRun\command - H:\setupSNK.exe

                    .
                    Inhoud van de 'Gedeelde Taken' map
                    "2007-12-25 13:28:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
                    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
                    "2007-12-21 19:04:59 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen.job"
                    - C:\PROGRA~1\NORTON~2\Navw32.exeh/task:
                    "2007-12-30 21:15:42 C:\WINDOWS\Tasks\Symantec NetDetect.job"
                    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
                    .
                    **************************************************************************

                    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                    Rootkit scan 2007-12-31 12:44:11
                    Windows 5.1.2600 Service Pack 2 NTFS

                    scannen van verborgen processen ...

                    scannen van verborgen autostart items ...

                    scannen van verborgen bestanden ...

                    Scan succesvol afgerond
                    verborgen bestanden: 0

                    **************************************************************************
                    .
                    Voltooingstijd: 2007-12-31 12:45:21
                    C:\qoobox\ComboFix-quarantined-files.txt 2007-12-31 11:44:42
                    C:\qoobox\ComboFix2.txt 2007-12-05 18:26:20
                    • Citaat

                    Comment

                    • #11
                      hij slaat nog steeds uit en af en toe een blue screen...
                      nog een hijack logje nodig of moet er eerst nog iets anders gebeuren?
                      & Iedereen die dit leest alvast een goede jaarwisseling
                      • Citaat

                      Comment

                      • #12
                        Je bent hier ook al bezig zie ik: http://www.nationaalcomputerforum.nl...ad.php?t=33464

                        Staat je log ook nog op andere fora?
                        • Citaat

                        Comment

                        • #13
                          nee, dat was een andere keer en een andere pc
                          • Citaat

                          Comment

                          • #14
                            meer precies, dat is mijn laptop, en die is nu binnen bij de leverancier voor garantie
                            • Citaat

                            Comment

                            • #15
                              Zou kunnen, ik heb die topic ook niet echt goed bekeken.

                              Download ATF cleaner (mirror)(gemaakt door Atribune)

                              Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

                              Dubbelklik op ATF cleaner om het programma te starten.
                              Op het tabblad "Main", plaats je een vinkje bij Select All.
                              Klik op de knop Empty Selected.

                              Het volgende doen als je ook FireFox als browser hebt:
                              Klik op tabblad "Firefox", plaats een vinkje bij Select All.
                              Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                              (dit haalt het vinkje weer weg bij "Firefox saved passwords")
                              Klik op de knop Empty Selected.

                              Het volgende doen als je ook Opera als browser hebt:
                              Klik op tabblad "Opera", plaats een vinkje bij Select All.
                              Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                              Klik op de knop Empty Selected.
                              Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

                              Ga naar Start - Uitvoeren en geef hier het volgende in:
                              Combofix /U
                              Druk daarna op OK.
                              Let op: Er moet een spatie tussen Combofix en /U zitten.

                              Dit zal Combofix deïnstalleren.

                              Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
                              Kijk hier hoe je je systeemherstel moet uitschakelen.
                              Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

                              Post nog een nieuw logje van Hijackthis ter controle en vertel of er nog problemen zijn
                              • Citaat

                              Comment

                              Vorige 1 2 template Volgende
                              Sorry, you are not authorized to view this page
                              Working...
                              X