soms meer dan 500 alerts zone alarm

Gestart door quantum, 05 februari 2003, 17:55:05

Vorige topic - Volgende topic

0 leden en 1 gast bekijken dit topic.

Afdrukken
Omlaag Pagina's 1 2
Gebruikersacties

Gert

#20
06 februari 2003, 20:47:09
Kijk nog een keer in dat startlist progje of newdot er nog in staat. Zoja dan heb ik een echte newdot killer klaar liggen  en kan die dan even voor je op de mail zetten  :)
Locatie: +21.3 NAP

quantum

#21
06 februari 2003, 21:18:23
Dag Gert ,zie netdot niet meer staan ?!
tof proggie startup list
Dank voor uw opvolging . ;)


List report, 06/02/2003, 21:22:27
StartupList version: 1.51
Started from : C:\WINDOWS\DESKTOP\NIEUWE MAP (3)\PROG DIE STARTUP LIJST WEERGEEFT\STARTUPLIST.EXE
Detected: Windows 98 Gold (Win9x 4.10.1998)
Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106)
* Using default options
==================================================

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\ADT DSL\BIN\WIN98\TIDSLMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\RNATHCHK.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\RSRCMTR.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\DESKTOP\NIEUWE MAP (3)\PROG DIE STARTUP LIJST WEERGEEFT\STARTUPLIST.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\WINDOWS\All Users\Start Menu\Programs\StartUp]
ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

TIxDSL = C:\PROGRA~1\ADTDSL~1\BIN\WIN98\tidslmon.exe
ScanRegistry = C:\WINDOWS\scanregw.exe /autorun
SystemTray = SysTray.Exe
NAV Agent = C:\PROGRA~1\NORTON~1\NAVAPW32.EXE
NAV DefAlert = C:\PROGRA~1\NORTON~1\DEFALERT.EXE
LoadPowerProfile = Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
TkBellExe = C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

TrueVector = C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
MiniLog = C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE -service
ScriptBlocking = "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
SchedulingAgent = mstask.exe

--------------------------------------------------

C:\WINDOWS\WININIT.BAK listing:
(Created 6/2/2003, 17:32:56)

[rename]
NUL=C:\WINDOWS\TEMP\GLB1A2B.EXE

--------------------------------------------------

C:\AUTOEXEC.BAT listing:

mode con codepage prepare=((850) C:\WINDOWS\COMMAND\ega.cpi)
mode con codepage select=850
keyb be,,C:\WINDOWS\COMMAND\keyboard.sys
SET PATH=D:\CER2000;%PATH%;C:\Program Files\Executive Software\DiskeeperWorkstation\

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - (no file) - {1678F7E1-C422-11D0-AD7D-00400515CAAA}
Bugnosis - C:\PROGRAM FILES\BUGNOSIS\WEBBUG.DLL - {3A6514CD-A457-11D4-8AF3-000102686B79}
NAV Helper - C:\Program Files\Norton AntiVirus\NavShExt.dll - {BDF3E430-B101-42AD-A544-FADC6B084872}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Toepassing Optimalisatie Start.job
Onderhoud-Schijfcontrole.job
Onderhoud-Schijfopruiming.job
Symantec NetDetect.job
Bronmeter.job

--------------------------------------------------

Enumerating Download Program Files:

[VivoActive Control]
CODEBASE = http://player.vivo.com/ie/vvweb.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

[CV3 Class]
InProcServer32 = C:\WINDOWS\SYSTEM\WUV3IS.DLL
CODEBASE = http://windowsupdate.microsoft.com/R1108/V31Controls/x86/w98/nl/actsetup.cab

[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\SYSTEM\MACROMED\DIRECTOR\SWDIR.DLL
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

[sys Class]
InProcServer32 = C:\WINDOWS\DOWNLOADED PROGRAM FILES\PCPITSTOP.DLL
CODEBASE = http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

[HouseCall Besturing]
InProcServer32 = C:\WINDOWS\DOWNLO~1\XSCAN53.OCX
CODEBASE = http://virusscan.zdnet.be/housecall/xscan53.cab

[Update Class]
InProcServer32 = C:\WINDOWS\SYSTEM\IUCTL.DLL
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37637.0265277778

--------------------------------------------------
End of report, 5 233 bytes
Report generated in 1.060 seconds

Command line options:
   /verbose  - to add additional info on each section
   /complete - to include empty sections and unsuspicious data
   /full     - to include several rarely-important sections
   /force9x  - to include Win9x-only startups even if running on WinNT
   /forcent  - to include WinNT-only startups even if running on Win9x
   /forceall - to include all Win9x and WinNT startups, regardless of platform
   /history  - to list version history only
al is uw pc nog zo snel windows die vertraagt hem wel

Gert

#22
08 februari 2003, 07:04:41
Oke, dit is een grondige analyse en af en toe kom je er trojans tegen die niet in de opstartmap staan.
Succes verder
Locatie: +21.3 NAP
Afdrukken
Omhoog Pagina's 1 2
Gebruikersacties