hijackthis log

  • Onderwerp starter Onderwerp starter rmwb
  • Startdatum Startdatum
Status
Niet open voor verdere reacties.
R

rmwb

Gebruiker
Lid geworden
16 mei 2002
Berichten
23
internet is heel erg traag. Lijkt alsof internet explorer en edonkey2000 niet tegelijkertijd snel kunnen opereren ? virusje of wat anders ?

Logfile of HijackThis v1.98.2
Scan saved at 19:01:54, on 16-9-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Common Files\BullGuard\BullGuard Communicator\xcommsvr.exe
C:\Program Files\Common Files\BullGuard\BullGuard Scan Server\bdss.exe
C:\Program Files\BullGuard\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\navsw.exe
C:\WINDOWS\System32\ndis.exe
C:\WINDOWS\System32\ssvchost.exe
C:\WINDOWS\System32\videosd32.exe
C:\WINDOWS\System32\386.exe
C:\WINDOWS\System32\syscfg32.exe
C:\WINDOWS\System32\ati2vid.exe
C:\Program Files\BullGuard\bdmcon.exe
C:\Program Files\BullGuard\bgnewsag.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\eDonkey2000\edonkey2000.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ronald\Mijn documenten\Mijn software\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.nl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [ATI VIDEO REGKEY] ati2vid.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [RealJukeboxSystray] C:\Program Files\Real\RealJukebox\tsystray.exe
O4 - HKLM\..\Run: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\Run: [window2] ssvchost.exe
O4 - HKLM\..\Run: [Win32 USB2.0 Driver] 386.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] syscfg32.exe
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\BullGuard\\bdmcon.exe
O4 - HKLM\..\Run: [BGNewsAgent] C:\Program Files\BullGuard\bgnewsag.exe
O4 - HKLM\..\Run: [Norton SpySweeper AutoUpdate] navsw.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [eDonkey2000] "C:\Program Files\eDonkey2000\edonkey2000.exe" -t
O4 - HKLM\..\Run: [NDIS Adapter] ndis.exe
O4 - HKLM\..\RunServices: [ATI VIDEO REGKEY] ati2vid.exe
O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\RunServices: [window2] ssvchost.exe
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] 386.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] syscfg32.exe
O4 - HKLM\..\RunServices: [Norton SpySweeper AutoUpdate] navsw.exe
O4 - HKLM\..\RunServices: [NDIS Adapter] ndis.exe
O4 - HKLM\..\RunOnce: [Norton SpySweeper AutoUpdate] navsw.exe
O4 - HKLM\..\RunOnce: [NDIS Adapter] ndis.exe
O4 - HKLM\..\RunOnce: [window2] ssvchost.exe
O4 - HKLM\..\RunOnce: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\RunOnce: [Win32 USB2.0 Driver] 386.exe
O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] syscfg32.exe
O4 - HKCU\..\Run: [ATI VIDEO REGKEY] ati2vid.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Win32 Configuration] videosd32.exe
O4 - HKCU\..\Run: [window2] ssvchost.exe
O4 - HKCU\..\Run: [Norton SpySweeper AutoUpdate] navsw.exe
O4 - HKCU\..\Run: [Win32 USB2.0 Driver] 386.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] syscfg32.exe
O4 - HKCU\..\Run: [NDIS Adapter] ndis.exe
O4 - HKCU\..\RunOnce: [window2] ssvchost.exe
O4 - HKCU\..\RunOnce: [Norton SpySweeper AutoUpdate] navsw.exe
O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] syscfg32.exe
O4 - HKCU\..\RunOnce: [Win32 USB2.0 Driver] 386.exe
O4 - HKCU\..\RunOnce: [Win32 Configuration] videosd32.exe
O4 - HKCU\..\RunOnce: [NDIS Adapter] ndis.exe
O4 - Startup: Watch.lnk = C:\WINDOWS\twain_32\A4CIS\WATCH.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.nl/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1094901637920
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8E7A53AF-82C6-4F72-A394-514CBBFC4680}: NameServer = 194.134.5.55 194.134.5.5
 
en nu ?

Alles opnieuw geinstalleerd, maar systeem blijft traag? biedt Bullguard genoeg veiligheid, of is het aan te raden om Norton op mijn pc te laten staan, ik heb het idee dat daardoor alles trager verloopt.

Logfile of HijackThis v1.98.2
Scan saved at 11:04:24, on 20-9-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\Common Files\BullGuard\BullGuard Communicator\xcommsvr.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\Program Files\Common Files\BullGuard\BullGuard Scan Server\bdss.exe
C:\Program Files\BullGuard\vsserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\IEXPLORE.EXE
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Apps\ActivBoard\MMKeybd.exe
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Apps\ActivBoard\TrayMon.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Apps\ActivBoard\OSD.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\BullGuard\bdmcon.exe
C:\program files\bullguard\bgnewsag.exe
C:\Program Files\eDonkey2000\eDonkey2000.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Norton Internet Security\ATRACK.EXE
C:\PROGRA~1\WINDOW~3\setup_wm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Documents and Settings\Ronald\Local Settings\Temp\Tijdelijke map 2 voor hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.wanadoo.nl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.nl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] C:\Apps\ActivBoard\MMKeybd.exe
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [ClickMe] C:\apps\ClickMe\ClickMe.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [BDMCon] C:\Program Files\BullGuard\\bdmcon.exe
O4 - HKLM\..\Run: [BGNewsAgent] C:\Program Files\BullGuard\bgnewsag.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [RealJukeboxSystray] C:\Program Files\Real\RealJukebox\tsystray.exe
O4 - HKLM\..\Run: [eDonkey2000] "C:\Program Files\eDonkey2000\eDonkey2000.exe" -t
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [Microsoft IE] IEXPLORE.EXE
O4 - HKLM\..\RunServices: [Microsoft IE] IEXPLORE.EXE
O4 - HKLM\..\RunOnce: [Microsoft IE] IEXPLORE.EXE
O4 - HKLM\..\RunOnce: [WMC_0] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\System32\wmp.dll"
O4 - HKLM\..\RunOnce: [WMC_1] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\System32\wmpshell.dll"
O4 - HKLM\..\RunOnce: [WMC_2] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\System32\wmpdxm.dll"
O4 - HKLM\..\RunOnce: [WMC_3] C:\WINDOWS\System32\regsvr32.exe /s "C:\WINDOWS\System32\wmpasf.dll"
O4 - HKLM\..\RunOnce: [WMC_4] C:\WINDOWS\System32\regsvr32.exe /s "C:\Program Files\Windows Media Player\mpvis.dll"
O4 - HKLM\..\RunOnce: [WMC_5] C:\WINDOWS\INF\unregmp2.exe /Shortcuts /RegExts
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Wanadoo Menu] C:\Program Files\Wanadoo\NL\Mnu\IGOMNU.EXE /S:T
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [Microsoft IE] IEXPLORE.EXE
O4 - HKCU\..\RunOnce: [Microsoft IE] IEXPLORE.EXE
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - Startup: Watch.lnk = C:\WINDOWS\twain_32\A4CIS\WATCH.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Agenda-herinneringen.lnk = ?
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Money Viewer - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O14 - IERESET.INF: START_PAGE_URL=www.packardbell.nl/center
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/194e6740de372a6cf605/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1095598151653
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4EF1570E-3C73-4447-B81B-37AF20C7445E}: NameServer = 194.134.5.55 194.134.5.5
 
Start opnieuw op, maak een nieuw logje aan, en post dat hier.

Diverse regels zouden dan al vanzelf verdwenen moeten zijn :)
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan