Hopelijk kunnen julie me helpen, enige tijd geleden viel mijn pc uit en herstarte vanzelf terug op. Ik heb al verscheidene tests gedaan, memtest, harde schijf, temperatuur is ok, geen virus of spyware gevonden met eigen virusscanner en online door housecall. Ik heb dan mijn grafische kaart (Nvidia geforce fx 5200 veranderd door een mx440 die een vriend nog liggen had) Toen was het probleem blijkbaar opgelost. Nu heb ik een format c gedaan en een ati radeon 9250 gestoken met de laatste drivers. Nu zijn we een maand verder en terug hetzelfde probleem. Ik heb het vinkje 'de computer automatisch terug opstarten' uitgevinkt, maar ik krijg geen foutcode.
Daarom post ik mijn logje.
Alvast bedankt

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:13:26, on 7/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Bureaublad\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
--

Lijkt me een echt hardware probleem, ik zie niks van spyware malware of virus.

We zullen er een tool tegenaan gooien om een dieper te kijken.
Download Combofix (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) naar je Bureaublad.
Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

Dubbelklik op Combofix.exe
Volg de instructies, aanvaard de disclaimer door 1 (continue) te typen, gevolgd door ENTER.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Plaats deze log in je volgende post samen met een nieuw HijackThis log.

Ok toch al bedankt om naar de log te kijken. Nu ben ik zeker dat het hardware is. Ga dit progje eens proberen en post later de log

Hierbij de logs
ComboFix 07-12-09.1 - Administrator 2007-12-10 15:54:43.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1043.18.170 [GMT 1:00]
Gestart vanuit: C:\Documents and Settings\Administrator\Bureaublad\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((( Bestanden Gemaakt van 2007-11-10 to 2007-12-10 ))))))))))))))))))))))))))))))
.
2007-12-02 13:17 . 2007-12-02 13:17 <DIR> d-------- C:\Program Files\Native Instruments
2007-12-02 12:59 . 2007-12-02 13:04 <DIR> d-------- C:\Program Files\B-News
2007-12-02 12:59 . 2000-12-05 23:00 415,176 --------- C:\WINDOWS\system32\COMCT332.OCX
2007-12-02 12:59 . 2000-12-05 23:00 109,248 --------- C:\WINDOWS\system32\MSWINSCK.OCX
2007-12-02 12:59 . 1999-06-15 14:30 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2007-11-26 17:40 . 2007-11-26 17:40 <DIR> d-------- C:\Program Files\iTunes
2007-11-26 17:40 . 2007-11-26 17:40 <DIR> d-------- C:\Program Files\iPod
2007-11-26 17:40 . 2007-11-26 17:40 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2007-11-26 17:40 . 2007-12-10 15:47 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-11-26 17:40 . 2007-11-26 17:41 1,409 --a------ C:\WINDOWS\QTFont.for
2007-11-26 17:39 . 2007-11-26 17:39 <DIR> d-------- C:\Program Files\QuickTime
2007-11-26 17:39 . 2007-11-26 17:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-26 17:38 . 2007-11-26 17:38 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-11-26 17:38 . 2007-11-26 17:38 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-11-26 17:38 . 2007-11-26 17:38 <DIR> d-------- C:\Program Files\Apple Software Update
2007-11-26 17:38 . 2007-11-26 17:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-11-26 13:25 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-11-26 13:25 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2007-11-26 13:25 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-11-26 13:25 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2007-11-26 13:25 . 2007-11-26 13:25 419 --a------ C:\WINDOWS\BRWMARK.INI
2007-11-26 13:25 . 2007-11-26 13:25 184 --a------ C:\WINDOWS\system32\brsvc01a.bsi
2007-11-26 13:25 . 2007-11-26 13:25 30 --a------ C:\WINDOWS\system32\brss01a.ini
2007-11-26 13:25 . 2007-11-26 13:25 27 --a------ C:\WINDOWS\BRPP2KA.INI
2007-11-26 13:24 . 2007-11-26 13:24 <DIR> d-------- C:\Program Files\Brother
2007-11-26 13:22 . 2003-09-24 11:36 27,019 --a------ C:\WINDOWS\maxlink.ini
2007-11-26 13:21 . 2007-11-26 13:21 <DIR> d-------- C:\Program Files\ScanSoft
2007-11-26 13:21 . 2007-11-26 13:21 <DIR> d-------- C:\Program Files\Common Files\ScanSoft Shared
2007-11-26 13:21 . 2007-11-26 13:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ScanSoft
2007-11-26 13:21 . 2007-11-26 13:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-11-26 13:20 . 2007-11-26 13:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Brother
2007-11-23 10:46 . 2007-11-23 10:46 7,984,970 --a------ C:\Progr
2007-11-22 13:13 . 2006-05-03 11:57 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2007-11-22 13:12 . 2007-11-22 13:12 <DIR> d-------- C:\Program Files\ATI Technologies
2007-11-22 12:49 . 2007-11-22 13:02 16 --a------ C:\WINDOWS\WININIT.INI
2007-11-22 12:23 . 2002-07-24 04:30 32,128 --a------ C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2007-11-22 12:19 . 2007-11-22 12:19 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2007-11-22 12:19 . 2001-12-18 14:45 3,279 --a------ C:\WINDOWS\system32\drivers\VIAPFD.SYS
2007-11-20 10:54 . 2007-11-22 12:47 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\ATI
2007-11-17 17:59 . 2007-11-17 17:59 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-16 21:15 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-16 21:15 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-16 21:15 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-16 21:12 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-11-16 21:11 . 2007-11-16 21:11 <DIR> d-------- C:\Program Files\Microsoft Works
2007-11-16 21:09 . 2007-11-16 21:09 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-11-16 21:07 . 2007-11-16 21:07 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2007-11-16 21:06 . 2007-11-16 21:10 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-11-16 21:06 . 2007-11-17 18:00 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-11-16 21:05 . 2007-11-16 21:05 <DIR> dr-h----- C:\MSOCache
2007-11-16 20:56 . 2007-11-16 20:56 <DIR> d-------- C:\Program Files\Lavasoft
2007-11-16 20:56 . 2007-11-16 20:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-16 20:55 . 2007-11-16 20:55 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-16 18:54 . 2007-11-16 18:54 <DIR> d---s---- C:\Documents and Settings\Administrator\UserData
2007-11-14 23:43 . 2007-11-14 23:43 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2007-11-14 23:43 . 2007-11-14 23:43 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2007-11-13 20:55 . 2007-11-13 20:55 <DIR> d-------- C:\WINDOWS\Sun
2007-11-13 13:44 . 2007-11-13 13:57 <DIR> d-------- C:\FRACTURE
2007-11-10 18:09 . 2007-11-10 18:09 <DIR> d-------- C:\Program Files\MSXML 4.0
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2007-12-07 19:29 --------- d-----w C:\Program Files\DC++
2007-12-02 11:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-01 08:47 --------- d-----w C:\Documents and Settings\Administrator\Application Data\LimeWire
2007-11-26 12:24 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-11-26 10:23 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Ahead
2007-11-26 09:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-11-16 20:11 --------- d-----w C:\Program Files\MSBuild
2007-11-09 19:52 --------- d-----w C:\Program Files\Common Files\Ahead
2007-11-09 19:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2007-11-09 19:50 --------- d-----w C:\Program Files\Nero
2007-11-09 19:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2007-11-09 17:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-09 17:25 --------- d-----w C:\Program Files\Symantec
2007-11-09 17:25 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-11-09 17:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Symantec
2007-11-09 16:24 --------- d-----w C:\Program Files\MSXML 6.0
2007-11-09 14:46 167,936 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-11-09 14:46 --------- d-----w C:\Program Files\Illustrate
2007-11-09 11:30 --------- d-----w C:\Program Files\MP3Gain
2007-11-09 10:59 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Mp3tag
2007-11-09 10:36 --------- d-----w C:\Program Files\Java
2007-11-09 10:27 --------- d-----w C:\Program Files\Creative
2007-11-09 10:25 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Winamp
2007-11-08 21:12 --------- d-----w C:\Program Files\VSTplugins
2007-11-08 21:12 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Sony
2007-11-08 21:12 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Publish Providers
2007-11-08 21:11 --------- d-----w C:\Program Files\Sony
2007-11-08 20:50 --------- d-----w C:\Program Files\Reference Assemblies
2007-11-08 20:43 --------- d-----w C:\Program Files\Sony Setup
2007-11-08 20:40 --------- d-----w C:\Program Files\Common Files\Adobe
2007-11-08 20:37 --------- d-----w C:\Program Files\Winamp
2007-11-08 20:25 --------- d-----w C:\Program Files\Mp3tag
2007-11-08 20:15 --------- d-----w C:\Program Files\DVD Decrypter
2007-11-08 20:14 --------- d-----w C:\Documents and Settings\Administrator\Application Data\RipIt4Me
2007-11-08 20:13 --------- d-----w C:\Program Files\DVD Shrink
2007-11-08 20:09 --------- d-----w C:\Program Files\LimeWire
2007-11-08 20:08 --------- d-----w C:\Program Files\Common Files\Java
2007-11-08 19:36 --------- d-----w C:\Program Files\Alwil Software
2007-11-08 19:01 --------- d-----w C:\Program Files\AvRack
2007-11-08 19:01 --------- d-----w C:\Program Files\Avance Sound Manager
2007-11-08 17:40 --------- d-----w C:\Program Files\microsoft frontpage
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
REGEDIT4
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Gr oove Explorer Icon Overlay 1 (GFS Unread Stub)]
@={99FD978C-D287-4F50-827F-B2C658EDA8E7}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Gr oove Explorer Icon Overlay 2 (GFS Stub)]
@={AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Gr oove Explorer Icon Overlay 2.5 (GFS Unread Folder)]
@={920E6DB1-9907-4370-B3A0-BAFC03D81399}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Gr oove Explorer Icon Overlay 3 (GFS Folder)]
@={16F3DD56-1AF5-4347-846D-7C10C4192619}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Gr oove Explorer Icon Overlay 4 (GFS Unread Mark)]
@={2916C86E-86A6-43FE-8112-43ABE6BF8DCC}
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Of fline Files]
[HKEY_CLASSES_ROOT\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}]
2006-10-27 00:48 2210608 --a------ C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
[HKEY_CLASSES_ROOT\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}]
2006-10-27 00:48 2210608 --a------ C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
[HKEY_CLASSES_ROOT\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}]
2006-10-27 00:48 2210608 --a------ C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
[HKEY_CLASSES_ROOT\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}]
2006-10-27 00:48 2210608 --a------ C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
[HKEY_CLASSES_ROOT\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}]
2006-10-27 00:48 2210608 --a------ C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2002-06-18 11:44 C:\WINDOWS\SOUNDMAN.EXE]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"WINDVDPatch"="CTHELPER.EXE" [2002-07-02 17:56 C:\WINDOWS\system32\CTHELPER.EXE]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00]
"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 01:00]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57]
"SecurDisc"="C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe" [2007-06-25 08:47]
"InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" [2007-06-25 08:47]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 14:25]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 14:45]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-14 23:43]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 01:03]
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-11-26 13:24:46]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PCANotify]
PCANotify.dll 2006-02-14 12:00 8704 C:\WINDOWS\system32\PCANotify.dll
R1 VIAPFD;VIAPFD;C:\WINDOWS\system32\Drivers\VIAPFD.S YS
S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
************************************************** ************************
catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-10 15:56:30
Windows 5.1.2600 Service Pack 2 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
************************************************** ************************
.
Voltooingstijd: 2007-12-10 15:57:08
.
--- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:32:30, on 10/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Administrator\Bureaublad\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec pcAnywhere Host Service (awhost32) - Symantec Corporation - C:\Program Files\Symantec\pcAnywhere\awhost32.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
--
End of file - 7314 bytes

ziet er schoon uit.

Hopelijk krijg ik eens een foutmelding. Hij kan soms urenlang draaien zonder enig probleem en soms herstart ie al na het verschijnen van het windows logo.
Toch bedankt voor de moeite