Vraag & Antwoord

Beveiliging & privacy

Computer crasht

5 antwoorden
  • Hallo, Het probleem is dat de computer op regelmatige, maar onvoorspelbaar tijden vastloopt. Hoewel ik het geheugen verdenk zou ik het op prijs stellen of iemand even naar dit log wil kijken. Dank, Maarten [code:1:738df35897] Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:56:22, on 23-8-2007 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\system32\Ati2evxx.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\System32\SCardSvr.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\System32\wltrysvc.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\bcmwltry.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\carpserv.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINNT\system32\WLTRAY.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINNT\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\WINNT\system32\internat.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Logitech\Video\AlbumDB2.exe C:\Dell\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [CARPService] carpserv.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINNT\system32\WLTRAY.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINNT\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by125fd.bay125.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156778677805 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyvz.com/statics/Aurigma/ImageUploader4.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: WLTRYSVC - Unknown owner - C:\WINNT\System32\wltrysvc.exe -- End of file - 5470 bytes [/code:1:738df35897]
  • Ik kan zosnel niks vinden in je log, om spyware uit te sluiten, zou je onderstaande tool even willen laten draaien. Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]Combofix[/url] naar je [b:4762ac4bb6]bureaublad[/b:4762ac4bb6] Dubbelklik op [u:4762ac4bb6]combofix.exe[/u:4762ac4bb6] Volg de instructies, aanvaard de disclaimer door y of Y te typen. Tijdens het runnen van de fix, [b:4762ac4bb6]NIET[/b:4762ac4bb6] in het venster klikken, want dit zal je pc doen vasthangen. Wanneer de fix voltooid is en na herstart, zal de log [b:4762ac4bb6]combofix.txt[/b:4762ac4bb6] openen. Bewaar dit logje. NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren. Plaats in je volgende antwoord het logje van combofix ([i:4762ac4bb6]combofix.txt[/i:4762ac4bb6])
  • Hierbij het gevraagde log. [list:54d6783b7b] ComboFix 07-08-17.2 - "Administrator" 2007-08-24 10:45:04.1 - NTFSx86 Microsoft Windows 2000 Professional 5.0.2195.4.1252.1.1033.18.72 [GMT 2:00] ((((((((((((((((((((((((( Files Created from 2007-07-24 to 2007-08-24 ))))))))))))))))))))))))))))))) 2007-08-24 10:45 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_340.dat 2007-08-24 10:33 51,200 --a------ C:\WINNT\nircmd.exe 2007-08-23 20:52 <DIR> d-------- C:\Program Files\Veoh Networks 2007-08-23 20:50 <DIR> d-------- C:\Program Files\Veoh 2007-07-29 13:35 <DIR> d-------- C:\WINNT\system32\ActiveScan 2007-07-29 13:13 158,208 --a------ C:\WINNT\system32\msconfig.exe 2007-07-29 13:13 <DIR> d-------- C:\WINNT\pss (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 98-12-09 11:53 99840 --a------ C:\Program Files\Common Files\IRAABOUT.DLL 98-12-09 11:53 70144 --a------ C:\Program Files\Common Files\IRAMDMTR.DLL 98-12-09 11:53 48640 --a------ C:\Program Files\Common Files\IRALPTTR.DLL 98-12-09 11:53 31744 --a------ C:\Program Files\Common Files\IRAWEBTR.DLL 98-12-09 11:53 186368 --a------ C:\Program Files\Common Files\IRAREG.DLL 98-12-09 11:53 17920 --a------ C:\Program Files\Common Files\IRASRIAL.DLL 07-08-23 20:53 --------- d--h----- C:\Program Files\InstallShield Installation Information 07-07-30 19:19 92504 --a------ C:\WINNT\system32\cdm.dll 07-07-30 19:19 549720 --a------ C:\WINNT\system32\wuapi.dll 07-07-30 19:19 53080 --a------ C:\WINNT\system32\wuauclt.exe 07-07-30 19:19 325976 --a------ C:\WINNT\system32\wucltui.dll 07-07-30 19:19 203096 --a------ C:\WINNT\system32\wuweb.dll 07-07-30 19:19 1712984 --a------ C:\WINNT\system32\wuaueng.dll 07-07-29 14:06 --------- d-------- C:\Program Files\QuickTime 07-07-29 14:04 --------- d-------- C:\Program Files\MSN Messenger 07-07-29 14:02 --------- d-------- C:\Program Files\LimeWire 07-07-29 14:01 --------- d-------- C:\Program Files\iTunes 07-07-29 14:00 --------- d-------- C:\Program Files\CCleaner 07-07-29 13:59 --------- d-------- C:\Program Files\Apoint 07-07-16 22:49 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer 07-07-16 22:46 --------- d-------- C:\Program Files\iPod 07-06-30 23:18 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Azureus 07-06-26 11:57 235280 --a------ C:\WINNT\system32\GDI32.DLL 07-06-07 08:50 1119232 --a------ C:\WINNT\system32\msxml3.dll 06-08-28 16:33 271 ---h----- C:\Program Files\desktop.ini 06-08-28 16:33 21952 ---h----- C:\Program Files\folder.htt 00-07-26 14:00 32528 --a------ C:\WINNT\inf\wbfirdma.sys ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"="mobsync.exe" [03-06-19 21:05 C:\WINNT\system32\mobsync.exe] "CARPService"="carpserv.exe" [02-10-17 11:54 C:\WINNT\system32\carpserv.exe] "Apoint"="C:\Program Files\Apoint\Apoint.exe" [02-08-22 19:28 ] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [03-01-03 17:00 ] "ATIModeChange"="Ati2mdxx.exe" [01-09-04 16:24 C:\WINNT\system32\Ati2mdxx.exe] "Broadcom Wireless Manager UI"="C:\WINNT\system32\WLTRAY.exe" [05-12-19 09:08 ] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [07-08-17 10:57 ] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [07-07-12 04:00 ] "LVCOMSX"="C:\WINNT\system32\LVCOMSX.EXE" [05-07-19 17:32 ] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [05-06-08 15:24 ] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [05-06-08 15:14 ] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [06-06-14 16:24 ] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [07-07-16 22:48 ] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "internat.exe"="internat.exe" [00-07-26 14:00 C:\WINNT\system32\internat.exe] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [05-03-30 02:28 ] "LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [05-06-08 14:44 ] "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [07-07-31 17:12 ] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^LimeWire On Startup.lnk] path=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\LimeWire On Startup.lnk backup=C:\WINNT\pss\LimeWire On Startup.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINNT\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide R1 Avg7RsNT;AVG7 Resident Driver NT;C:\WINNT\system32\Drivers\avg7rsnt.sys R2 StreamDispatcher;StreamDispatcher;C:\WINNT\system32\DRIVERS\strmdisp.sys R3 O2SCBUS;O2Micro SmartCardBus Reader;C:\WINNT\system32\DRIVERS\ozscr.sys R3 usbhub20;USB 2.0 Root Hub Support;C:\WINNT\system32\DRIVERS\usbhub20.sys ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-24 10:48:02 Windows 5.0.2195 Service Pack 4 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************** Completion time: 2007-08-24 10:49:21 --- E O F --- [/list:u:54d6783b7b]
  • Logje ziet er schoon uit, ik zou toch eens memtest laten draaien voor het geheugen.
  • Ok, bedankt voor het controleren. Mooi dat er hier niets aan de hand is. Heb inmiddels wat nieuw geheugen geplaatst. Probleem lijkt weg. Nogmaals dank voor de hulp. :P Groet, Maarten

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.