amd4ever

we zijn nu 2 dagen later en ik heb nog geen enkel maal had dat hij terug restarte wat zeer goed nieuws is dus volgens mij is het opgelost! bedankt voor alle hulp ik markeer deze als OPGELOST! :)

combofix is nu unstalled ccleaner gebruik ik al [5keer perweek meerder malen tot hij niets meer vind] toch bedankt voor de tip kape ! @tutterfut messchien kan je wel gelijk hebben ik had al zo'n gedacht, ik heb de instelling verhoogd hij gerbruikte maar 2048 aanbevolen stond er 3070[heb dit nu zo ingesteld] ik laat nog iets weten MAAR zeker en vast bedankt aan kape voor de goede zorg!

Dit stond in het logje G6FTPSrv.exe;C:\Program Files\G6 FTP Server;Program.BpFTP.3;; A0109593.exe;C:\System Volume Information\_restore{292F9841-229E-42D6-B8D8-3072D31825E2}\RP103;Adware.Relevant.65;Verplaatst.; A0154650.exe;E:\System Volume Information\_restore{292F9841-229E-42D6-B8D8-3072D31825E2}\RP158;Tool.Siggen.2745;Verplaatst.; A0154651.exe;E:\System Volume Information\_restore{292F9841-229E-42D6-B8D8-3072D31825E2}\RP158;Tool.GameCrack;Verplaatst.;

ik denk dat het ongeveer het zelfde is als het vorige logje ik heb gedaan zoals je zei [dubbel klikken op combo en de txt erin slepen en laten scannen] dit is het resultaat ,straks zal ik het ander logje plaatsen van dr.web ComboFix 11-05-15.04 - Administrator 16-05-2011 10:32:36.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1650 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Administrator\Bureaublad\CFScript.txt AV: Kaspersky Anti-Virus *Disabled/Outdated* {2C4D4BC6-0793-4956-A9F9-E252435469C0} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2011-04-16 to 2011-05-16 )))))))))))))))))))))))))))))) . . 2011-05-15 20:53 . 2011-05-16 08:16 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2011-05-13 11:39 . 2011-05-13 11:39 -------- d-----w- c:\documents and settings\Administrator\Application Data\abgx360 2011-05-13 10:38 . 2011-05-13 10:38 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-05-13 10:38 . 2011-05-13 10:38 -------- d-----w- c:\program files\Trend Micro 2011-05-13 09:45 . 2011-05-13 09:47 -------- d-----w- c:\program files\abgx360 2011-05-11 11:59 . 2011-05-11 12:02 -------- d-----w- c:\program files\eMule 2011-05-11 08:58 . 2011-05-11 08:58 -------- d-----w- C:\kazaaaaa 2011-05-11 08:57 . 2011-05-11 08:57 -------- d-----w- c:\documents and settings\Administrator\Application Data\Kazaa Lite 2011-05-11 08:48 . 2011-05-11 08:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Shareaza 2011-05-11 08:48 . 2011-05-11 08:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\Shareaza 2011-05-08 20:37 . 2008-04-13 22:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2011-05-08 20:37 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2011-05-08 20:36 . 2011-05-08 20:36 -------- d-----w- c:\program files\epson 2011-05-08 20:36 . 2006-12-27 22:00 208896 ----a-w- c:\windows\system32\esint7e.dll 2011-05-08 20:36 . 2006-03-09 22:00 3584 ----a-w- c:\windows\system32\eswiaml.dll 2011-05-08 20:36 . 2006-12-27 22:00 66560 ----a-w- c:\windows\system32\eswia7e.dll 2011-04-28 16:47 . 2011-04-28 16:47 -------- d-----w- c:\program files\Microsoft Silverlight . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-12 13:04 . 2011-04-12 13:04 189248 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-04-12 13:04 . 2011-04-12 13:04 75136 ----a-w- c:\windows\system32\PnkBstrA.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ALi5289"="c:\program files\ULI5289\ALi5289.exe" [2005-03-10 405504] "SoundMan"="SOUNDMAN.EXE" [2010-12-14 577536] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-26 98304] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-11-02 365336] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programma's^Opstarten^CurseClientStartup.ccip] path=c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\CurseClientStartup.ccip backup=c:\windows\pss\CurseClientStartup.ccipStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-11-15 20:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-11-15 20:02 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series] 2007-03-01 05:01 180736 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATICAE.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2010-12-16 21:19 1242448 ----a-w- e:\steam\Steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\World of Warcraft\\Launcher.exe"= "c:\\World of Warcraft\\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe"= "e:\\steam\\Steam.exe"= "c:\\Program Files\\G6 FTP Server\\G6FTPSrv.exe"= "c:\\Program Files\\FlashFXP\\flashfxp.exe"= "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 2011\\avp.exe"= "c:\\Documents and Settings\\Administrator\\Local Settings\\Apps\\2.0\\PLMDK53Q.ZGA\\TZDA16T4.743\\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\\CurseClient.exe"= "c:\\Documents and Settings\\Administrator\\Bureaublad\\FtpList.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "e:\\steam\\steamapps\\kendy69cs@hotmail.com\\counter-strike\\hl.exe"= "e:\\steam\\steamapps\\kendy69cs@hotmail.com\\condition zero\\hl.exe"= "c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "e:\\Assassin's Creed Brotherhood\\ACBSP.exe"= "e:\\Assassin's Creed Brotherhood\\ACBMP.exe"= "e:\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"= "e:\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"= "e:\\steam\\steamapps\\kendy69cs@hotmail.com\\counter-strike source\\hl2.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 . R0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [14-12-2010 14:19 51840] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15-12-2010 1:29 691696] R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [14-12-2010 14:19 44928] R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [9-6-2010 17:43 11352] R2 ALIEHCD;ULi PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\AliEhci.sys [14-12-2010 14:19 83596] R3 aliroothub;USB 2.0 Root Hub;c:\windows\system32\drivers\AliRtHub.sys [14-12-2010 14:19 5331] R3 ip100xp;IC Plus IP100 10/100 Fast Ethernet Adapter NT Driver;c:\windows\system32\drivers\ipfnd51.sys [14-12-2010 14:31 26752] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [7-5-2010 12:06 32856] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2-11-2009 20:27 19472] . . ------- Bijkomende Scan ------- . FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1t63v6n4.default\ FF - prefs.js: browser.startup.homepage - google.be FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-05-16 10:37 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(844) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll . - - - - - - - > 'explorer.exe'(4068) c:\windows\system32\msi.dll . Voltooingstijd: 2011-05-16 10:38:59 ComboFix-quarantined-files.txt 2011-05-16 08:38 . Pre-Run: 27.192.414.208 bytes beschikbaar Post-Run: 27.181.199.360 bytes beschikbaar . - - End Of File - - 00BE18BA553F0A5F4FDEEC0C0FDF497E

ziet dit er normaal uit? ik heb nog steeds het zelfde probleem mvg amd4ever

alvast bedankt voor de reactie hier is het logje ComboFix 11-05-12.04 - Administrator 13-05-2011 18:09:22.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.2047.1491 [GMT 2:00] Gestart vanuit: c:\documents and settings\Administrator\Bureaublad\ComboFix.exe AV: Kaspersky Anti-Virus *Disabled/Outdated* {2C4D4BC6-0793-4956-A9F9-E252435469C0} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\install.exe E:\install.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-04-13 to 2011-05-13 )))))))))))))))))))))))))))))) . . 2011-05-13 11:39 . 2011-05-13 11:39 -------- d-----w- c:\documents and settings\Administrator\Application Data\abgx360 2011-05-13 10:38 . 2011-05-13 10:38 388096 ----a-r- c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-05-13 10:38 . 2011-05-13 10:38 -------- d-----w- c:\program files\Trend Micro 2011-05-13 10:37 . 2011-05-13 16:14 -------- d--h--r- c:\documents and settings\Administrator\Onlangs geopend 2011-05-13 09:45 . 2011-05-13 09:47 -------- d-----w- c:\program files\abgx360 2011-05-11 11:59 . 2011-05-11 12:02 -------- d-----w- c:\program files\eMule 2011-05-11 08:58 . 2011-05-11 08:58 -------- d-----w- C:\kazaaaaa 2011-05-11 08:57 . 2011-05-11 08:57 -------- d-----w- c:\documents and settings\Administrator\Application Data\Kazaa Lite 2011-05-11 08:48 . 2011-05-11 08:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Shareaza 2011-05-11 08:48 . 2011-05-11 08:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\Shareaza 2011-05-08 20:37 . 2008-04-13 22:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2011-05-08 20:37 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2011-05-08 20:36 . 2011-05-08 20:36 -------- d-----w- c:\program files\epson 2011-05-08 20:36 . 2006-12-27 22:00 208896 ----a-w- c:\windows\system32\esint7e.dll 2011-05-08 20:36 . 2006-03-09 22:00 3584 ----a-w- c:\windows\system32\eswiaml.dll 2011-05-08 20:36 . 2006-12-27 22:00 66560 ----a-w- c:\windows\system32\eswia7e.dll 2011-04-28 16:47 . 2011-04-28 16:47 -------- d-----w- c:\program files\Microsoft Silverlight 2011-04-13 17:46 . 2011-04-13 17:46 -------- d-----w- c:\program files\Common Files\DirectX 2011-04-13 17:38 . 2011-04-13 17:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft 2011-04-13 17:38 . 2011-04-13 17:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ubisoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-12 13:04 . 2011-04-12 13:04 189248 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-04-12 13:04 . 2011-04-12 13:04 75136 ----a-w- c:\windows\system32\PnkBstrA.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ALi5289"="c:\program files\ULI5289\ALi5289.exe" [2005-03-10 405504] "SoundMan"="SOUNDMAN.EXE" [2010-12-14 577536] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-26 98304] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-11-02 365336] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\ CurseClientStartup.ccip [2011-4-27 0] . [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Menu Start^Programma's^Opstarten^CurseClientStartup.ccip] path=c:\documents and settings\Administrator\Menu Start\Programma's\Opstarten\CurseClientStartup.ccip backup=c:\windows\pss\CurseClientStartup.ccipStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-11-15 20:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-11-15 20:02 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series] 2007-03-01 05:01 180736 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\E_FATICAE.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2010-12-16 21:19 1242448 ----a-w- e:\steam\Steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\World of Warcraft\\Launcher.exe"= "c:\\World of Warcraft\\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe"= "e:\\steam\\Steam.exe"= "c:\\Program Files\\G6 FTP Server\\G6FTPSrv.exe"= "c:\\Program Files\\FlashFXP\\flashfxp.exe"= "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 2011\\avp.exe"= "c:\\Documents and Settings\\Administrator\\Local Settings\\Apps\\2.0\\PLMDK53Q.ZGA\\TZDA16T4.743\\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\\CurseClient.exe"= "c:\\Documents and Settings\\Administrator\\Bureaublad\\FtpList.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "e:\\steam\\steamapps\\kendy69cs@hotmail.com\\counter-strike\\hl.exe"= "e:\\steam\\steamapps\\kendy69cs@hotmail.com\\condition zero\\hl.exe"= "c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "e:\\Assassin's Creed Brotherhood\\ACBSP.exe"= "e:\\Assassin's Creed Brotherhood\\ACBMP.exe"= "e:\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"= "e:\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"= "e:\\steam\\steamapps\\kendy69cs@hotmail.com\\counter-strike source\\hl2.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 . R0 m5289;m5289;c:\windows\system32\drivers\m5289.sys [14-12-2010 14:19 51840] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15-12-2010 1:29 691696] R0 uliagpkx;ULi AGP Bus Filter Driver;c:\windows\system32\drivers\AGPKX.SYS [14-12-2010 14:19 44928] R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [9-6-2010 17:43 11352] R2 ALIEHCD;ULi PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\AliEhci.sys [14-12-2010 14:19 83596] R3 aliroothub;USB 2.0 Root Hub;c:\windows\system32\drivers\AliRtHub.sys [14-12-2010 14:19 5331] R3 ip100xp;IC Plus IP100 10/100 Fast Ethernet Adapter NT Driver;c:\windows\system32\drivers\ipfnd51.sys [14-12-2010 14:31 26752] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [7-5-2010 12:06 32856] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2-11-2009 20:27 19472] . . ------- Bijkomende Scan ------- . FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1t63v6n4.default\ FF - prefs.js: browser.startup.homepage - google.be FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-ISPMonitor - c:\program files\ISP Monitor\isp.exe MSConfigStartUp-Repair Registry Pro - c:\program files\Repair Registry Pro\RepairRegistryPro.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-05-13 18:15 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(844) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll . - - - - - - - > 'explorer.exe'(3368) c:\windows\system32\msi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\windows\SOUNDMAN.EXE c:\windows\system32\PnkBstrA.exe c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Voltooingstijd: 2011-05-13 18:20:08 - machine werd herstart ComboFix-quarantined-files.txt 2011-05-13 16:20 . Pre-Run: 37.030.760.448 bytes beschikbaar Post-Run: 36.936.351.744 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 31A992FF1DDFC6551CC9527D55CD69D7

hallo beste mensen ik zit al een tijdje met een verveling dat de computer regelmatig vast loop soms heb ik er geen last van en soms loopt die 3,4x na elkaar vast en restart ik hoop dat er mij iemand kan helpen alvast bedankt ! ik gebruik regelmatig ccleaner hier komt de hijackthislog Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:39:19, on 13-5-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ULI5289\ALi5289.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Documents and Settings\Administrator\Local Settings\Apps\2.0\PLMDK53Q.ZGA\TZDA16T4.743\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\CurseClient.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtblfs.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [ALi5289] C:\Program Files\ULI5289\ALi5289.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: CurseClientStartup.ccip O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 4369 bytes