Vraag & Antwoord

Beveiliging & privacy

trage pc

Anoniem
gerben
3 antwoorden
  • Hallo kenners

    Een tijdje geleden kreeg ik een pc van een kennis, ik blij natuurlijk. Het is een oudere pc met nog windows 98 erop maar vooruit, voor niks is goedkoop. Maar hij is zo traag, kan er niet iets af wat ik toch niet gebruik en hoe doe ik dat dan precies. Graag een duidelijke uitleg want zo handig met de pc ben ik nu ook weer niet.

    Hier is een HJT logje.

    Logfile of HijackThis v1.99.1
    Scan saved at 19:13:28, on 20-6-06
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
    C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\DEFWATCH.EXE
    C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\RTVSCN95.EXE
    c:\windows\SYSTEM\KB891711\KB891711.EXE
    C:\PROGRAM FILES\KERIO\PERSONAL FIREWALL\PERSFW.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\LINKSTS.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
    C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\VPTRAY.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
    C:\HIJACKTHIS\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
    O4 - HKLM\..\Run: [Taakcontrole] c:\windows\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [Linksts] Linksts.exe
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] c:\PROGRA~1\SYMANT~1\VPTRAY.EXE
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [DKAVSch] C:\PROGRAM FILES\COMMON FILES\ANTIVIRUS\SHARED FILES\DKAVUPSCH.EXE -run9xservice
    O4 - HKLM\..\RunServices: [ccEvtMgr] "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
    O4 - HKLM\..\RunServices: [ccSetMgr] "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
    O4 - HKLM\..\RunServices: [defwatch] c:\PROGRA~1\SYMANT~1\DEFWATCH.EXE
    O4 - HKLM\..\RunServices: [rtvscn95] c:\PROGRA~1\SYMANT~1\RTVSCN95.EXE
    O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE
    O4 - HKLM\..\RunServices: [PersFw] "C:\Program Files\Kerio\Personal Firewall\persfw.exe" /hide
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmwordtrans.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html
    O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

    en een startup list.
    StartupList report, 20-6-06, 19:18:33
    StartupList version: 1.52.2
    Started from : C:\HIJACKTHIS\HIJACKTHIS.EXE
    Detected: Windows 98 SE (Win9x 4.10.2222A)
    Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    * Using default options
    ==================================================

    Running processes:

    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
    C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\DEFWATCH.EXE
    C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\RTVSCN95.EXE
    c:\windows\SYSTEM\KB891711\KB891711.EXE
    C:\PROGRAM FILES\KERIO\PERSONAL FIREWALL\PERSFW.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\LINKSTS.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
    C:\PROGRAM FILES\SYMANTEC ANTIVIRUS\VPTRAY.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
    C:\HIJACKTHIS\HIJACKTHIS.EXE

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    ScanRegistry = c:\windows\scanregw.exe /autorun
    Taakcontrole = c:\windows\taskmon.exe
    SystemTray = SysTray.Exe
    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    Linksts = Linksts.exe
    LoadQM = loadqm.exe
    ccApp = "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    vptray = c:\PROGRA~1\SYMANT~1\VPTRAY.EXE
    Synchronization Manager = mobsync.exe /logon

    ————————————————–

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    SchedulingAgent = mstask.exe
    DKAVSch = C:\PROGRAM FILES\COMMON FILES\ANTIVIRUS\SHARED FILES\DKAVUPSCH.EXE -run9xservice
    ccEvtMgr = "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
    ccSetMgr = "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
    (Default) =
    defwatch = c:\PROGRA~1\SYMANT~1\DEFWATCH.EXE
    rtvscn95 = c:\PROGRA~1\SYMANT~1\RTVSCN95.EXE
    KB891711 = c:\windows\SYSTEM\KB891711\KB891711.EXE
    PersFw = "C:\Program Files\Kerio\Personal Firewall\persfw.exe" /hide

    ————————————————–

    File association entry for .TXT:
    HKEY_CLASSES_ROOT\txtfile\shell\open\command

    (Default) = c:\windows\NOTEPAD.EXE %1

    ————————————————–

    C:\WINDOWS\WININIT.BAK listing:
    (Created 26/4/2006, 21:29:48)

    [rename]
    NUL=c:\windows\TEMP\GLB1A2B.EXE

    ————————————————–

    C:\AUTOEXEC.BAT listing:

    mode con codepage prepare=((850) c:\windows\COMMAND\ega.cpi)
    mode con codepage select=850
    SET PATH=C:\EXACTW2\BIN;%PATH%

    ————————————————–


    Enumerating Browser Helper Objects:

    (no name) - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL - {53707962-6F74-2D53-2644-206D7942484F}
    (no name) - c:\program files\google\googletoolbar1.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}

    ————————————————–

    Enumerating Task Scheduler jobs:

    Toepassing Optimalisatie Start.job
    Symantec NetDetect.job

    ————————————————–

    Enumerating Download Program Files:

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH8.OCX
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    [InstallShield International Setup Player]
    InProcServer32 = c:\WINDOWS\DOWNLO~1\ISETUP.DLL
    CODEBASE = http://www.installengine.com/engine/isetup.cab

    [Update Class]
    InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
    CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38067.9710069444

    [Symantec AntiVirus scanner]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\AVSNIFF.DLL
    CODEBASE = http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab

    [Symantec RuFSI Utility Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\RUFSI.DLL
    CODEBASE = http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

    [MsnMessengerSetupDownloadControl Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MSNMESSENGERSETUPDOWNLOADER.OCX
    CODEBASE = http://messenger.msn.com/download/msnmessengersetupdownloader.cab

    [MessengerStatsClient Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MESSENGERSTATSCLIENT.DLL
    CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

    [Minesweeper Flags Class]
    InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\MINESWEEPER.DLL
    CODEBASE = http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

    ————————————————–

    Enumerating ShellServiceObjectDelayLoad items:

    WebCheck: C:\WINDOWS\SYSTEM\WEBCHECK.DLL

    ————————————————–
    End of report, 5.854 bytes
    Report generated in 5,340 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only

    ik hoor graag van U.
  • Ik zie geen directe malware oid, misschien dat M@rc kan zeggen wat je eventueel uit kan zetten.
  • Wat zijn de specificaties van de PC?

    Ik zie Symantec staan als virusscanner en dat stond altijd bekend om z'n vertragende werking. Ik heb de laatste mnd niet meer gevolgd of dat inmiddels verbeterd is, maar dat lijkt me van niet. Op een 'zwak' en/of ouder systeem kan een lichtere virusscanner zoals bijvooorbeeld AVG (gratis) of Nod32 een aanzienlijke winst opleveren.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.