Vraag & Antwoord

Beveiliging & privacy

trage pc

3 antwoorden
  • Hallo kenners Een tijdje geleden kreeg ik een pc van een kennis, ik blij natuurlijk. Het is een oudere pc met nog windows 98 erop maar vooruit, voor niks is goedkoop. Maar hij is zo traag, kan er niet iets af wat ik toch niet gebruik en hoe doe ik dat dan precies. Graag een duidelijke uitleg want zo handig met de pc ben ik nu ook weer niet. Hier is een HJT logje. Logfile of HijackThis v1.99.1 Scan saved at 19:13:28, on 20-6-06 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\DEFWATCH.EXE C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\RTVSCN95.EXE c:\windows\SYSTEM\KB891711\KB891711.EXE C:\PROGRAM FILES\KERIO\PERSONAL FIREWALL\PERSFW.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\LINKSTS.EXE C:\WINDOWS\LOADQM.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\VPTRAY.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE C:\HIJACKTHIS\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun O4 - HKLM\..\Run: [Taakcontrole] c:\windows\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [Linksts] Linksts.exe O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] c:\PROGRA~1\SYMANT~1\VPTRAY.EXE O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [DKAVSch] C:\PROGRAM FILES\COMMON FILES\ANTIVIRUS\SHARED FILES\DKAVUPSCH.EXE -run9xservice O4 - HKLM\..\RunServices: [ccEvtMgr] "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" O4 - HKLM\..\RunServices: [ccSetMgr] "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" O4 - HKLM\..\RunServices: [defwatch] c:\PROGRA~1\SYMANT~1\DEFWATCH.EXE O4 - HKLM\..\RunServices: [rtvscn95] c:\PROGRA~1\SYMANT~1\RTVSCN95.EXE O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE O4 - HKLM\..\RunServices: [PersFw] "C:\Program Files\Kerio\Personal Firewall\persfw.exe" /hide O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab en een startup list. StartupList report, 20-6-06, 19:18:33 StartupList version: 1.52.2 Started from : C:\HIJACKTHIS\HIJACKTHIS.EXE Detected: Windows 98 SE (Win9x 4.10.2222A) Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106) * Using default options ================================================== Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\DEFWATCH.EXE C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\RTVSCN95.EXE c:\windows\SYSTEM\KB891711\KB891711.EXE C:\PROGRAM FILES\KERIO\PERSONAL FIREWALL\PERSFW.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\LINKSTS.EXE C:\WINDOWS\LOADQM.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\VPTRAY.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE C:\HIJACKTHIS\HIJACKTHIS.EXE -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run ScanRegistry = c:\windows\scanregw.exe /autorun Taakcontrole = c:\windows\taskmon.exe SystemTray = SysTray.Exe LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme Linksts = Linksts.exe LoadQM = loadqm.exe ccApp = "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" vptray = c:\PROGRA~1\SYMANT~1\VPTRAY.EXE Synchronization Manager = mobsync.exe /logon -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme SchedulingAgent = mstask.exe DKAVSch = C:\PROGRAM FILES\COMMON FILES\ANTIVIRUS\SHARED FILES\DKAVUPSCH.EXE -run9xservice ccEvtMgr = "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" ccSetMgr = "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" (Default) = defwatch = c:\PROGRA~1\SYMANT~1\DEFWATCH.EXE rtvscn95 = c:\PROGRA~1\SYMANT~1\RTVSCN95.EXE KB891711 = c:\windows\SYSTEM\KB891711\KB891711.EXE PersFw = "C:\Program Files\Kerio\Personal Firewall\persfw.exe" /hide -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = c:\windows\NOTEPAD.EXE %1 -------------------------------------------------- C:\WINDOWS\WININIT.BAK listing: (Created 26/4/2006, 21:29:48) [rename] NUL=c:\windows\TEMP\GLB1A2B.EXE -------------------------------------------------- C:\AUTOEXEC.BAT listing: mode con codepage prepare=((850) c:\windows\COMMAND\ega.cpi) mode con codepage select=850 SET PATH=C:\EXACTW2\BIN;%PATH% -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (no name) - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL - {53707962-6F74-2D53-2644-206D7942484F} (no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7} -------------------------------------------------- Enumerating Task Scheduler jobs: Toepassing Optimalisatie Start.job Symantec NetDetect.job -------------------------------------------------- Enumerating Download Program Files: [Shockwave Flash Object] InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH8.OCX CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab [InstallShield International Setup Player] InProcServer32 = c:\WINDOWS\DOWNLO~1\ISETUP.DLL CODEBASE = http://www.installengine.com/engine/isetup.cab [Update Class] InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38067.9710069444 [Symantec AntiVirus scanner] InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\AVSNIFF.DLL CODEBASE = http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab [Symantec RuFSI Utility Class] InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RUFSI.DLL CODEBASE = http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab [MsnMessengerSetupDownloadControl Class] InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNMESSENGERSETUPDOWNLOADER.OCX CODEBASE = http://messenger.msn.com/download/msnmessengersetupdownloader.cab [MessengerStatsClient Class] InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MESSENGERSTATSCLIENT.DLL CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab [Minesweeper Flags Class] InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MINESWEEPER.DLL CODEBASE = http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL -------------------------------------------------- End of report, 5.854 bytes Report generated in 5,340 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only ik hoor graag van U.
  • Ik zie geen directe malware oid, misschien dat M@rc kan zeggen wat je eventueel uit kan zetten.
  • Wat zijn de specificaties van de PC? Ik zie Symantec staan als virusscanner en dat stond altijd bekend om z'n vertragende werking. Ik heb de laatste mnd niet meer gevolgd of dat inmiddels verbeterd is, maar dat lijkt me van niet. Op een 'zwak' en/of ouder systeem kan een lichtere virusscanner zoals bijvooorbeeld AVG (gratis) of Nod32 een aanzienlijke winst opleveren.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.