Vraag & Antwoord

Beveiliging & privacy

hijackthis log

3 antwoorden
  • :wink: Die allerlaatste regel is die normaal? Via google vind ik zowel dat het een veilig bestand is als dat het een trojan is. Logfile of HijackThis v1.99.1 Scan saved at 22:00:54, on 6/07/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Ahead\InCD\InCDsrv.exe D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe D:\Program Files\Sygate\SPF\smc.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\SOUNDMAN.EXE J:\Filezilla server\FileZilla Server.exe D:\Program Files\Eset\nod32krn.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Eset\nod32kui.exe D:\Program Files\Ahead\InCD\InCD.exe D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe D:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe J:\Winamp\winampa.exe D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe J:\Filezilla server\FileZilla Server Interface.exe J:\power cinema\PowerCinema\PCMService.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Messenger\msmsgs.exe D:\Program Files\TGTSoft\StyleXP\StyleXP.exe D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe E:\PROGRA~1\MOZILL~1\THUNDE~1.EXE D:\Program Files\SpeedFan\speedfan.exe J:\power cinema\PowerCinema\PCM2.exe J:\Azureus\Azureus.exe D:\Program Files\Java\jre1.5.0_02\bin\javaw.exe D:\Program Files\Mozilla Firefox\firefox.exe J:\dynDNS dynamic\DynDNS Updater\DynDNS.exe K:\security\Hijackthis\HijackThis-1.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] D:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [Easy-PrintToolBox] D:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon O4 - HKLM\..\Run: [WinampAgent] J:\Winamp\winampa.exe O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [FileZilla Server Interface] "J:\Filezilla server\FileZilla Server Interface.exe" O4 - HKLM\..\Run: [PCMService] "J:\power cinema\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear O4 - HKLM\..\RunOnce: [WMC_RebootCheck] D:\WINDOWS\inf\unregmp2.exe /FixUps O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups O4 - Startup: Stardock ObjectDock.lnk = J:\Program Files\Stardock\ObjectDock\ObjectDock.exe O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: 50 FREE MP3s! - {686C970F-1D7D-4469-85D1-4B35763B56CC} - http://www.emusic.com?fref=149133 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120334167890 O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - J:\Filezilla server\FileZilla Server.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - D:\Program Files\Eset\nod32krn.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - J:\OC\SiSoftware Sandra Lite 2005.SR1\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - J:\OC\SiSoftware Sandra Lite 2005.SR1\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate\SPF\smc.exe O23 - Service: StyleXPService - Unknown owner - D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
  • [quote:f127b0bd51="lycan"]Die allerlaatste regel is die normaal? Via google vind ik zowel dat het een veilig bestand is als dat het een trojan is. O23 - Service: X10 Device Network Service (x10nets) - X10 - D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe[/quote:f127b0bd51] Legaal. [quote:f127b0bd51] X10 video streaming devices. This program is non-essential process to the running of the system, but should not be terminated unless suspected to be causing problems[/quote:f127b0bd51]
  • thanx Marc :wink:

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.