vastlopen computer

• 

  RammStijn

  14-11-2005 19:08

  Mijn computer loopt regelmatig vast of hij is heel druk bezig met iets??

  Ik heb alle stappen coorlopen en een hijack log gemaakt.

  Zou iemand hier naar willen kijken of het nu klopt.

  Bij voorbaat dank hiervoor

  m.v.g.

  Logfile of HijackThis v1.99.1

  Scan saved at 19:09:47, on 14-11-2005

  Platform: Windows XP SP2 (WinNT 5.01.2600)

  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  Running processes:

  C:\WINDOWS\System32\smss.exe

  C:\WINDOWS\system32\winlogon.exe

  C:\WINDOWS\system32\services.exe

  C:\WINDOWS\system32\lsass.exe

  C:\WINDOWS\system32\svchost.exe

  C:\WINDOWS\System32\svchost.exe

  C:\WINDOWS\system32\spoolsv.exe

  C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

  C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

  C:\WINDOWS\system32\drivers\KodakCCS.exe

  C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

  C:\Program Files\Eset\nod32krn.exe

  C:\WINDOWS\System32\nvsvc32.exe

  C:\WINDOWS\System32\ScsiAccess.EXE

  C:\WINDOWS\system32\ZoneLabs\vsmon.exe

  C:\WINDOWS\Explorer.EXE

  C:\WINDOWS\SOUNDMAN.EXE

  C:\WINDOWS\Dit.exe

  C:\Program Files\Medion\PowerCinema\My_TV\Agent.exe

  C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

  C:\WINDOWS\DitExp.exe

  C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

  C:\Antivirus\Zonealarm\ZoneAlarm\zlclient.exe

  C:\WINDOWS\system32\ctfmon.exe

  C:\Antivirus\Hijjack\HijackThis.exe

  C:\Program Files\Internet Explorer\iexplore.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

  O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ANTIVI~1\Spybot\SPYBOT~2\SDHelper.dll

  O4 - HKLM\..\Run: RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

  O4 - HKLM\..\Run: SOUNDMAN.EXE

  O4 - HKLM\..\Run: C:\WINDOWS\System32\NeroCheck.exe

  O4 - HKLM\..\Run: Dit.exe

  O4 - HKLM\..\Run: C:\Program Files\Classic PhoneTools\CapFax.EXE

  O4 - HKLM\..\Run: C:\Program Files\Medion\PowerCinema\My_TV\Agent.exe

  O4 - HKLM\..\Run: C:\Program Files\Microsoft Works\WksSb.exe /AllUsers

  O4 - HKLM\..\Run: C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

  O4 - HKLM\..\Run: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

  O4 - HKLM\..\Run: C:\Antivirus\Zonealarm\ZoneAlarm\zlclient.exe

  O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe

  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

  O8 - Extra context menu item: Get It With Kontiki - res://C:\Program Files\Kontiki\bin\bh309190.dll/201

  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

  O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

  O12 - Plugin for .MP3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

  O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll

  O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com

  O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab

  O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} - http://www.miniclip.com/platypus/miniclipGameLoader.dll

  O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} - http://www.miniclip.com/supergerball/miniclipGameLoader.dll

  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

  O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab

  O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLauncher/ActiveLauncher.cab

  O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

  O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab

  O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

  O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab

  O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/insaniquarium/popcaploader_v6.cab

  O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\programmas\autocadlt\AcPreview.ocx

  O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

  O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

  O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

  O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

  O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

  O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE

  O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

  O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

  Rapporteren
• 

  lucas

  14-11-2005 20:09

  moment ik kijk even voor je

  Rapporteren
• 

  huib

  14-11-2005 20:10

  Hoi RammStijn,

  Ik ben geen expert, maar zie geen bijzonderheden in jou logje:)

  Misschien dat een expert toch nog wat ziet:?

  Wat ik je wel kan aanraden is om Eset\nod32krn. te verwijderen want je hebt nu 2 antivirusscanners lopen en deze kunnen elkaar tegen werken;)

  Ook mag je Wollie's poetslapje ff over jou computer halen:

  http://www.virushelp.nl/onderhoud.htm

  Succes,

  Huib:)

  Rapporteren
• 

  huib

  14-11-2005 20:11

  oeps sorry Lucas,

  Had je nog niet gezien:(

  Groetjes Huib:)

  Rapporteren
• 

  lucas

  14-11-2005 20:27

  Geeft niet hoor, heb ik ook wel eens last van

  Ben het eens

  Lucas

  Rapporteren
• 

  Avondsmurf

  14-11-2005 23:36

  Ik zie wel 3 anti virus progjes……………… Smurfie

  Rapporteren
• 

  huib

  15-11-2005 19:32

  Je hebt gelijk;)

  Huib:)

  Rapporteren
• 

  pablo

  16-11-2005 12:57

  ik zie er maar een

  nod32 is in dit geval de on demand scanner van HMP en is geen volledige virusscanner

  zonealarm is hier alleen de firewall volgens mij

  paul

  Rapporteren