Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

hijackthis log

Anoniem
steggel
3 antwoorden
  • :wink: Die allerlaatste regel is die normaal? Via google vind ik zowel dat het een veilig bestand is als dat het een trojan is.

    Logfile of HijackThis v1.99.1
    Scan saved at 22:00:54, on 6/07/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Ahead\InCD\InCDsrv.exe
    D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    D:\Program Files\Sygate\SPF\smc.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\SOUNDMAN.EXE
    J:\Filezilla server\FileZilla Server.exe
    D:\Program Files\Eset
    od32krn.exe
    D:\WINDOWS\System32\svchost.exe
    D:\Program Files\Eset
    od32kui.exe
    D:\Program Files\Ahead\InCD\InCD.exe
    D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    D:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    J:\Winamp\winampa.exe
    D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    J:\Filezilla server\FileZilla Server Interface.exe
    J:\power cinema\PowerCinema\PCMService.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Messenger\msmsgs.exe
    D:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    E:\PROGRA~1\MOZILL~1\THUNDE~1.EXE
    D:\Program Files\SpeedFan\speedfan.exe
    J:\power cinema\PowerCinema\PCM2.exe
    J:\Azureus\Azureus.exe
    D:\Program Files\Java\jre1.5.0_02\bin\javaw.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    J:\dynDNS dynamic\DynDNS Updater\DynDNS.exe
    K:\security\Hijackthis\HijackThis-1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telenet.be/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] D:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Easy-PrintToolBox] D:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    O4 - HKLM\..\Run: [WinampAgent] J:\Winamp\winampa.exe
    O4 - HKLM\..\Run: [SmcService] D:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [FileZilla Server Interface] "J:\Filezilla server\FileZilla Server Interface.exe"
    O4 - HKLM\..\Run: [PCMService] "J:\power cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation
    Tune\
    Tune.exe" clear
    O4 - HKLM\..\RunOnce: [WMC_RebootCheck] D:\WINDOWS\inf\unregmp2.exe /FixUps
    O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] D:\WINDOWS\inf\unregmp2.exe /Fixups
    O4 - Startup: Stardock ObjectDock.lnk = J:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin
    pjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin
    pjpi150_02.dll
    O9 - Extra button: 50 FREE MP3s! - {686C970F-1D7D-4469-85D1-4B35763B56CC} - http://www.emusic.com?fref=149133 (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120334167890
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - J:\Filezilla server\FileZilla Server.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - D:\Program Files\Eset
    od32krn.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - J:\OC\SiSoftware Sandra Lite 2005.SR1\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - J:\OC\SiSoftware Sandra Lite 2005.SR1\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
    O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - D:\Program Files\Sygate\SPF\smc.exe
    O23 - Service: StyleXPService - Unknown owner - D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe







  • [quote:f127b0bd51="lycan"]Die allerlaatste regel is die normaal? Via google vind ik zowel dat het een veilig bestand is als dat het een trojan is.

    O23 - Service: X10 Device Network Service (x10nets) - X10 - D:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe[/quote:f127b0bd51]
    Legaal.
    [quote:f127b0bd51]
    X10 video streaming devices. This program is non-essential process to the running of the system, but should not be terminated unless suspected to be causing problems[/quote:f127b0bd51]
  • thanx Marc :wink:

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.