Vraag & Antwoord

Beveiliging & privacy

hijackthis logfile

Anoniem
banaan46
9 antwoorden
 • Hallo, zou iemand willen kijken naar onderstaand logfile, mijn systeem is nml. ontzettend traag geworden .

  Logfile of HijackThis v1.99.1
  Scan saved at 21:12:28, on 6-4-2005
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\Explorer.EXE
  c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
  C:\Program Files\PopUp Killer\popupkiller.EXE
  C:\USBStorage\USBDetector.exe
  C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
  C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  c:\progra~1\mcafee.com\vso\mcvsescn.exe
  C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\McAfee\McAfee QuickClean\Plguni.exe
  C:\WINDOWS\system32\svchost.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  C:\Program Files\Messenger\msmsgs.exe
  c:\progra~1\mcafee.com\vso\mcvsftsn.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.degelderlander.nl/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O4 - HKLM\..\Run: [PopUpKiller] C:\Program Files\PopUp Killer\popupkiller.EXE
  O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
  O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
  O4 - HKLM\..\Run: [_AntiSpyware] C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
  O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
  O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
  O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
  O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
  O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] C:\Program Files\McAfee\McAfee QuickClean\Plguni.exe /START
  O4 - HKCU\..\RunOnce: [DelayShred] "C:\Program Files\McAfee\McAfee Shared Components\Shredder 5\SHRED32.EXE" /q C:\DOCUME~1\JANDEB~1\LOCALS~1\TEMPOR~1\Content.SH!
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
  O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/DownloadAccess/ie/bridge-c283.cab
  O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
  O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4429/mcfscan.cab
  O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Unknown owner - c:\progra~1\mcafee\MCAFEE~2\MssSrv.exe (file missing)
  O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

  Alvast bedankt ,

  Jan
 • Download en installeer CCleaner.
  Gebruik het programma nog niet.

  Zorg ervoor dat alle verborgen bestanden en mappen weergegeven worden.Hoe verborgen bestanden en mappen weergeven..

  Sluit alle open vensters, run HijackThis nog een keer en plaats een vinkje bij de volgende items:

  [b:a2384d49ab]O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe

  O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/DownloadAccess/ie/bridge-c283.cab[/b:a2384d49ab]

  Klik daarna op "Fix checked" en sluit HijackThis af.

  Start de computer in veilige modus.

  Zoek via Windows verkenner naar volgende bestanden of mappen, en verwijder deze indien ze nog aanwezig zijn:
  C:\Program Files\Media Access

  Start Ccleaner en klik op de knop "Opschonen".
  Herstart de computer in normale modus.

  Start HijackThis opnieuw, maak een nieuwe log en post deze.
 • Hallo, hieronder staat de nieuwe logfile :

  Logfile of HijackThis v1.99.1
  Scan saved at 19:44:23, on 7-4-2005
  Platform: Windows XP SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\PopUp Killer\popupkiller.EXE
  C:\USBStorage\USBDetector.exe
  C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
  C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
  c:\progra~1\mcafee.com\vso\mcvsescn.exe
  C:\PROGRA~1\mcafee.com\agent\mcagent.exe
  C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\McAfee\McAfee QuickClean\Plguni.exe
  C:\WINDOWS\system32\wuauclt.exe
  c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  C:\Program Files\HijackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.degelderlander.nl/
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
  O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
  O4 - HKLM\..\Run: [PopUpKiller] C:\Program Files\PopUp Killer\popupkiller.EXE
  O4 - HKLM\..\Run: [USBDetector] C:\USBStorage\USBDetector.exe
  O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
  O4 - HKLM\..\Run: [_AntiSpyware] C:\Program Files\McAfee\McAfee AntiSpyware\MssCli.exe
  O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
  O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
  O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
  O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
  O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
  O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
  O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
  O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] C:\Program Files\McAfee\McAfee QuickClean\Plguni.exe /START
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
  O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
  O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4429/mcfscan.cab
  O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Unknown owner - c:\progra~1\mcafee\MCAFEE~2\MssSrv.exe (file missing)
  O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
  O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
  O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
  O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
 • Download en installeer CCleaner.
  Start het programma en klik op de knop "Opschonen".

  Hoe is de situatie nu? Nog problemen?
 • Hallo, PC reageert heel traag of soms helemaal niet meer maar ik heb eens gekeken bij Windows Taakbeheer en daar blijft het CPU gebruik steeds op 100% staan , dat lijkt me niet goed. Weet jij misschien een oplossing?
  Groeten,
  Jan
 • Weet je ook welk proces hier verantwoordelijk voor is?
 • McShield.exe schommelt steeds tussen de 70 en 85 en MSKSrvr.exe schommelt tussen de 25 en 40.
 • [quote:7d4d98ac9b="banaan46"]McShield.exe schommelt steeds tussen de 70 en 85 en MSKSrvr.exe schommelt tussen de 25 en 40.[/quote:7d4d98ac9b]

  Zijn toch processen van McAfee Internet Security? :-?
 • Beiden behoren inderdaad toe aan McAfee:
  MSKSrvr.exe: Spamkiller
  mcshield.exe: Antivirus

  Beiden zijn nodig, zeker mcshield.exe.
  Is McAfee soms bezig met een volledige scan van je computer? Op dat moment worden heel wat computers een stuk trager en kan het cp-gebruik hoog oplopen.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.