Vraag & Antwoord
trage pc
3 antwoorden
- Hallo kenners
Een tijdje geleden kreeg ik een pc van een kennis, ik blij natuurlijk. Het is een oudere pc met nog windows 98 erop maar vooruit, voor niks is goedkoop. Maar hij is zo traag, kan er niet iets af wat ik toch niet gebruik en hoe doe ik dat dan precies. Graag een duidelijke uitleg want zo handig met de pc ben ik nu ook weer niet.
Hier is een HJT logje.
Logfile of HijackThis v1.99.1
Scan saved at 19:13:28, on 20-6-06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\DEFWATCH.EXE
C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\RTVSCN95.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAM FILES\KERIO\PERSONAL FIREWALL\PERSFW.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\LINKSTS.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\VPTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\HIJACKTHIS\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [Taakcontrole] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Linksts] Linksts.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] c:\PROGRA~1\SYMANT~1\VPTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [DKAVSch] C:\PROGRAM FILES\COMMON FILES\ANTIVIRUS\SHARED FILES\DKAVUPSCH.EXE -run9xservice
O4 - HKLM\..\RunServices: [ccEvtMgr] "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ccSetMgr] "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [defwatch] c:\PROGRA~1\SYMANT~1\DEFWATCH.EXE
O4 - HKLM\..\RunServices: [rtvscn95] c:\PROGRA~1\SYMANT~1\RTVSCN95.EXE
O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
O4 - HKLM\..\RunServices: [PersFw] "C:\Program Files\Kerio\Personal Firewall\persfw.exe" /hide
O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
en een startup list.
StartupList report, 20-6-06, 19:18:33
StartupList version: 1.52.2
Started from : C:\HIJACKTHIS\HIJACKTHIS.EXE
Detected: Windows 98 SE (Win9x 4.10.2222A)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\DEFWATCH.EXE
C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\RTVSCN95.EXE
c:\windows\SYSTEM\KB891711\KB891711.EXE
C:\PROGRAM FILES\KERIO\PERSONAL FIREWALL\PERSFW.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\LINKSTS.EXE
C:\WINDOWS\LOADQM.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\VPTRAY.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
C:\HIJACKTHIS\HIJACKTHIS.EXE
————————————————–
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
ScanRegistry = c:\windows\scanregw.exe /autorun
Taakcontrole = c:\windows\taskmon.exe
SystemTray = SysTray.Exe
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
Linksts = Linksts.exe
LoadQM = loadqm.exe
ccApp = "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
vptray = c:\PROGRA~1\SYMANT~1\VPTRAY.EXE
Synchronization Manager = mobsync.exe /logon
————————————————–
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
SchedulingAgent = mstask.exe
DKAVSch = C:\PROGRAM FILES\COMMON FILES\ANTIVIRUS\SHARED FILES\DKAVUPSCH.EXE -run9xservice
ccEvtMgr = "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ccSetMgr = "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
(Default) =
defwatch = c:\PROGRA~1\SYMANT~1\DEFWATCH.EXE
rtvscn95 = c:\PROGRA~1\SYMANT~1\RTVSCN95.EXE
KB891711 = c:\windows\SYSTEM\KB891711\KB891711.EXE
PersFw = "C:\Program Files\Kerio\Personal Firewall\persfw.exe" /hide
————————————————–
File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command
(Default) = c:\windows\NOTEPAD.EXE %1
————————————————–
C:\WINDOWS\WININIT.BAK listing:
(Created 26/4/2006, 21:29:48)
[rename]
NUL=c:\windows\TEMP\GLB1A2B.EXE
————————————————–
C:\AUTOEXEC.BAT listing:
mode con codepage prepare=((850) c:\windows\COMMAND\ega.cpi)
mode con codepage select=850
SET PATH=C:\EXACTW2\BIN;%PATH%
————————————————–
Enumerating Browser Helper Objects:
(no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
————————————————–
Enumerating Task Scheduler jobs:
Toepassing Optimalisatie Start.job
Symantec NetDetect.job
————————————————–
Enumerating Download Program Files:
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH8.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
[InstallShield International Setup Player]
InProcServer32 = c:\WINDOWS\DOWNLO~1\ISETUP.DLL
CODEBASE = http://www.installengine.com/engine/isetup.cab
[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38067.9710069444
[Symantec AntiVirus scanner]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\AVSNIFF.DLL
CODEBASE = http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
[Symantec RuFSI Utility Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RUFSI.DLL
CODEBASE = http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
[MsnMessengerSetupDownloadControl Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNMESSENGERSETUPDOWNLOADER.OCX
CODEBASE = http://messenger.msn.com/download/msnmessengersetupdownloader.cab
[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MESSENGERSTATSCLIENT.DLL
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
[Minesweeper Flags Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MINESWEEPER.DLL
CODEBASE = http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
————————————————–
Enumerating ShellServiceObjectDelayLoad items:
WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL
————————————————–
End of report, 5.854 bytes
Report generated in 5,340 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
ik hoor graag van U. - Ik zie geen directe malware oid, misschien dat M@rc kan zeggen wat je eventueel uit kan zetten.
- Wat zijn de specificaties van de PC?
Ik zie Symantec staan als virusscanner en dat stond altijd bekend om z'n vertragende werking. Ik heb de laatste mnd niet meer gevolgd of dat inmiddels verbeterd is, maar dat lijkt me van niet. Op een 'zwak' en/of ouder systeem kan een lichtere virusscanner zoals bijvooorbeeld AVG (gratis) of Nod32 een aanzienlijke winst opleveren.
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.