Vraag & Antwoord

Beveiliging & privacy

HijackThis log

Anoniem
Cpt.Iglo
5 antwoorden
  • zou iemand hier ff naar willen kijken? mn pc wordt steeds trager de laatste tijd.. :(

    Logfile of HijackThis v1.99.1
    Scan saved at 18:29:51, on 23-2-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\system32\Ati2evxx.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\WINDOWS\system32\spoolsv.exe
    G:\Program Files\Eset\nod32krn.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\system32\ZoneLabs\vsmon.exe
    E:\WINDOWS\system32\Ati2evxx.exe
    E:\WINDOWS\Explorer.EXE
    E:\WINDOWS\htpatch.exe
    E:\WINDOWS\system32\RunDll32.exe
    E:\Program Files\Messenger Plus! 3\MsgPlus.exe
    E:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
    G:\Winamp\winampa.exe
    G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    G:\Program Files\Eset\nod32kui.exe
    E:\WINDOWS\system32\ctfmon.exe
    G:\Mindbeat\MPower\MPower.exe
    G:\InterVideo\Common\Bin\WinCinemaMgr.exe
    E:\Program Files\MSN Messenger\msnmsgr.exe
    E:\WINDOWS\System32\svchost.exe
    G:\Winamp\winamp.exe
    E:\Program Files\Internet Explorer\IEXPLORE.EXE
    F:\Documenten van Sietse de Haan\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [HTpatch] E:\WINDOWS\htpatch.exe
    O4 - HKLM\..\Run: [SiSUSBRG] E:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [MessengerPlus3] "E:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] G:\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [nod32kui] "g:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MPower] "G:\Mindbeat\MPower\MPower.exe"
    O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [msnmsgr] "E:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = G:\InterVideo\Common\Bin\WinCinemaMgr.exe
    O4 - Global Startup: Microsoft Office.lnk = E:\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://e:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://e:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://e:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://e:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
    O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - G:\Program Files\IrfanView\Ebay\Ebay.htm
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - g:\Program Files\Eset\nod32krn.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - E:\WINDOWS\system32\ZoneLabs\vsmon.exe


    Alvast bedankt! :D
  • Geen bijzondere items gevonden in het log.
    Het volgende item mag je nog fixen (deze is niet echt nodig)
    [b:5c84ce98d6]
    O4 - Global Startup: Microsoft Office.lnk = E:\Microsoft Office\Office\OSA9.EXE
    [/b:5c84ce98d6]
    Defragmenteer de stations.

    Verwijder de bestanden in C:\Windows\Prefetch (hierdoor wordt het opstarten tijdelijk iets sneller) alle programma's die je ooit hebt gebruikt hebben een klein bestand in deze directory. Tijdens opstart worden deze bestanden ingelezen om later het bijbehorende programma sneller te kunnen starten, maar hierbij worden ook prefetch-bestanden ingelezen van programma's die je hebt verwijderd of nooit meer gebruik.

    Sjaak
  • Dank je! ik ga dr zo mee bezig. :)
  • Hier mn nieuwe log:

    Logfile of HijackThis v1.99.1
    Scan saved at 21:47:45, on 23-2-2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    E:\WINDOWS\System32\smss.exe
    E:\WINDOWS\system32\winlogon.exe
    E:\WINDOWS\system32\services.exe
    E:\WINDOWS\system32\lsass.exe
    E:\WINDOWS\system32\Ati2evxx.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\System32\svchost.exe
    E:\WINDOWS\system32\spoolsv.exe
    G:\Program Files\Eset\nod32krn.exe
    E:\WINDOWS\system32\svchost.exe
    E:\WINDOWS\system32\ZoneLabs\vsmon.exe
    E:\WINDOWS\system32\Ati2evxx.exe
    E:\WINDOWS\Explorer.EXE
    E:\WINDOWS\htpatch.exe
    E:\WINDOWS\system32\RunDll32.exe
    E:\Program Files\Messenger Plus! 3\MsgPlus.exe
    E:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
    G:\Winamp\winampa.exe
    G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    G:\Program Files\Eset\nod32kui.exe
    E:\WINDOWS\system32\ctfmon.exe
    G:\Mindbeat\MPower\MPower.exe
    G:\InterVideo\Common\Bin\WinCinemaMgr.exe
    E:\Program Files\MSN Messenger\msnmsgr.exe
    E:\WINDOWS\System32\svchost.exe
    G:\Winamp\winamp.exe
    G:\BearShare\BearShare.exe
    G:\BearShare\BearShare.exe
    E:\Program Files\SpywareGuard\sgmain.exe
    E:\Program Files\SpywareGuard\sgbhp.exe
    E:\Program Files\Internet Explorer\IEXPLORE.EXE
    E:\Program Files\Internet Explorer\IEXPLORE.EXE
    F:\Documenten van Sietse de Haan\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - E:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar2.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [HTpatch] E:\WINDOWS\htpatch.exe
    O4 - HKLM\..\Run: [SiSUSBRG] E:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [MessengerPlus3] "E:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
    O4 - HKLM\..\Run: [WinampAgent] G:\Winamp\winampa.exe
    O4 - HKLM\..\Run: [Zone Labs Client] "G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [nod32kui] "g:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\RunOnce: [InnoSetupRegFile.0000000001] E:\WINDOWS\is-46O3T.exe /REG
    O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MPower] "G:\Mindbeat\MPower\MPower.exe"
    O4 - HKCU\..\Run: [MessengerPlus3] "E:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - Startup: SpywareGuard.lnk = E:\Program Files\SpywareGuard\sgmain.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = G:\InterVideo\Common\Bin\WinCinemaMgr.exe
    O8 - Extra context menu item: &Google Search - res://e:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://e:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://e:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://e:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://e:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
    O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - G:\Program Files\IrfanView\Ebay\Ebay.htm
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - g:\Program Files\Eset\nod32krn.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - E:\WINDOWS\system32\ZoneLabs\vsmon.exe

    Is ie schoon zo? alvast bedankt! :)
  • Is in orde.
    Is Mpower van Mindbeat nodig?
    Heb wel gelezen dat het voor W98 een verbetering zou zijn voor het memory management maar ben het op XP niet eerder tegen gekomen.

    Sjaak

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.