rleysen
23 December 2008, 13:36
Eén van mij pc's loopt verschrikkelijk traag.
Kunnen jullie eens kijken wat jullie van deze log vinden?
Tzou echt ongelooflijk zijn moest ik dit opgelost krijgen...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:01, on 23/12/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.3959)
Boot mode: Normal
Running processes:
C:\Documents and Settings\administrator.GROBBEND-G\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\NetBackup PureDisk Agent\bin\pdagent.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\ORACLE\ORA92\bin\omtsreco.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO. EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID. EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Symantec\NetBackup PureDisk Agent\bin\pdmon.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\Program Files\Captor\effnet\bin\COTray.exe
C:\Program Files\Captor\effnet\bin\COTrace.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Start NetBackup PureDisk Agent Progress Monitor.lnk = C:\Program Files\Symantec\NetBackup PureDisk Agent\bin\pdmon.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator.grobbend-g\windows\system32\mswsock.dll' missing
O15 - ESC Trusted Zone: http://www.google.be
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225758622125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = grobbend-g.be
O17 - HKLM\Software\..\Telephony: DomainName = grobbend-g.be
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B971B54-6EFC-4FF3-9E47-BC7AC4843DBF}: NameServer = 10.130.19.3,10.130.19.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = grobbend-g.be
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Veritas NetBackup PureDisk Client Agent (Agent) - Symantec - C:\Program Files\Symantec\NetBackup PureDisk Agent\bin\pdagent.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Efficient Autotask (EfficientAutotask) - Captor - C:\Program Files\Captor\effnet\bin\COSvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO. EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID. EXE
O23 - Service: OracleCIPAL_OH92ClientCache - Unknown owner - C:\ORACLE\ORA92\BIN\ONRSD.EXE
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\ORACLE\ORA92\bin\omtsreco.exe
--
End of file - 4863 bytes
Kunnen jullie eens kijken wat jullie van deze log vinden?
Tzou echt ongelooflijk zijn moest ik dit opgelost krijgen...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:01, on 23/12/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.3959)
Boot mode: Normal
Running processes:
C:\Documents and Settings\administrator.GROBBEND-G\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\NetBackup PureDisk Agent\bin\pdagent.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\ORACLE\ORA92\bin\omtsreco.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO. EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID. EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Symantec\NetBackup PureDisk Agent\bin\pdmon.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\Program Files\Captor\effnet\bin\COTray.exe
C:\Program Files\Captor\effnet\bin\COTrace.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Start NetBackup PureDisk Agent Progress Monitor.lnk = C:\Program Files\Symantec\NetBackup PureDisk Agent\bin\pdmon.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator.grobbend-g\windows\system32\mswsock.dll' missing
O15 - ESC Trusted Zone: http://www.google.be
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225758622125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = grobbend-g.be
O17 - HKLM\Software\..\Telephony: DomainName = grobbend-g.be
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B971B54-6EFC-4FF3-9E47-BC7AC4843DBF}: NameServer = 10.130.19.3,10.130.19.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = grobbend-g.be
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Veritas NetBackup PureDisk Client Agent (Agent) - Symantec - C:\Program Files\Symantec\NetBackup PureDisk Agent\bin\pdagent.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Efficient Autotask (EfficientAutotask) - Captor - C:\Program Files\Captor\effnet\bin\COSvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO. EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID. EXE
O23 - Service: OracleCIPAL_OH92ClientCache - Unknown owner - C:\ORACLE\ORA92\BIN\ONRSD.EXE
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\ORACLE\ORA92\bin\omtsreco.exe
--
End of file - 4863 bytes