Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Netbook is traag - HiJack log

Abraham54
6 antwoorden
  • Goedemorgen,
    Mijn portable is traag. Nu is het maar een Asus netbook, maar toch. Wil iemand naar mijn HiJack log kijken?
    Dank, Maarten

    [list:93c07f58ce]Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:52:13, on 20-3-2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17095)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Mouse Driver\KMWDSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\EeePC\ACPI\AsEPCMon.exe
    C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
    C:\WINDOWS\system32\igfxext.exe
    C:\Program Files\Mouse Driver\StartAutorun.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Mouse Driver\KMConfig.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\PersistenceThread.exe
    C:\Program Files\Mouse Driver\KMProcess.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
    C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

    http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

    http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

    http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program

    Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program

    Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} -

    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program

    Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -

    C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -

    C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [EasyMode] "%ProgramFiles%\\ASUS\\Easy Mode\\Easy Mode.exe" –

    limitedUserImportRegister
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef

    /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE

    /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
    O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
    O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
    O4 - HKLM\..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe

    KMConfig.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe

    bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -

    atboottime
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0

    \Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0

    \AdobeARM.exe"
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes'

    Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium

    Sound\SRSPremiumSoundBig_Small.exe" /hideme
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User

    'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default

    user')
    O4 - Global Startup: SuperHybridEngine.lnk = ?
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1

    \MICROS~3\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device… - C:\Program

    Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth

    Software\btsendto_ie.htm
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -

    C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-

    8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows

    Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -

    C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -

    C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} -

    C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-

    5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

    C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-

    f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

    Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-

    00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -

    http://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

    http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

    http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -

    C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1

    \COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: igdlogin - igdlogin.dll (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-

    00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-

    BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program

    Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program

    Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -

    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program

    Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM -

    C:\Program Files\Mouse Driver\KMWDSrv.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1

    \LUCOMS~1.EXE
    O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation -

    C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
    O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. -

    C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
    O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec

    Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe


    End of file - 9733 bytes
    [/list:u:93c07f58ce]
  • Aanvullende informatie:
    Inmiddels MBAM middels een quickscan zijn werk laten doen. Die heeft een fout gevonden die ik heb verwijderd.
    zie log
    [list:c93368002e]Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 6110

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.13

    20-3-2011 12:09:03
    mbam-log-2011-03-20 (12-09-03).txt

    Scan type: Quick scan
    Objects scanned: 153658
    Time elapsed: 5 minute(s), 49 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 1
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
    [/list:u:c93368002e]
    Verder bij het opstarten foutmelding gekregen in Asus Eee PC ACPI service.
  • Vertel eens, kreeg je daarbij een BSOD, een blauw scherm met foutcodes?
  • Nee, het probleem trad op bij een reboot.
    Kreeg een melding of ik een fout rapport naar Microsoft wilde sturen.
  • Je gebruikt overigens een bedrijfsantivirusprogramma.

    Heeft dat een reden?
    Wordt je PC ook bedrijfsmatig in een zodanig netwerk gebruikt?
  • Mijn bedrijf heeft een deal met Symantec gemaakt dat we de anti virus software ook thuis kunnen gebruiken.
    Deze PC komt niet in het bedrijfsnetwerk.
    Maarten

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.