Vraag & Antwoord

Beveiliging & privacy

Google blijft verbinding maken.

17 antwoorden
  • Via mijn logfile van Norton Internert Security en Traffic Watch (Online Eye) zie ik dat als mijn internet verbinding aan heb staan dat google (216.239.59.104 - 66.102.9.104 - 66.102.11.99) steeds verbinding wil maken. Wie kan mij op weg helpen wat dit voor probleem is. Spybot en Adware gedraaid, Norton antivirus scan gedraaid. Alles is up to date met de laatste versie en updates. Heb ook nog even een Hijackfile er bij gedaan. O ja, als ik www.google.com intik kom ik op www.google.nl terecht, dit is volgens mij een landen instelling maar komt mij niet bekend voor. En ik heb bij mijn weten geen Google toolbar. Verbinding: www.google.com(66.102.11.104): http(80) van CC153998-A(213.51.121.178): 1072, 0 bytes verzonden, 0 bytes ontvangen, 0.046 tijdsduur Verbinding: localhost: 1071 naar localhost: 1027, 0 bytes verzonden, 142 bytes ontvangen, 0.078 tijdsduur Omgeleide verbinding: localhost: 1027 van localhost: 1071, 0 bytes verzonden, 0 bytes ontvangen, 0.078 tijdsduur Verbinding: www.google.com(66.102.11.104): http(80) van CC153998-A(213.51.121.178): 1070, 0 bytes verzonden, 0 bytes ontvangen, 0.062 tijdsduur Verbinding: localhost: 1069 naar localhost: 1027, 0 bytes verzonden, 142 bytes ontvangen, 0.062 tijdsduur Omgeleide verbinding: localhost: 1027 van localhost: 1069, 0 bytes verzonden, 0 bytes ontvangen, 0.062 tijdsduur Verbinding: www.google.com(66.102.11.104): http(80) van CC153998-A(213.51.121.178): 1068, 0 bytes verzonden, 0 bytes ontvangen, 0.062 tijdsduur Verbinding: localhost: 1067 naar localhost: 1027, 0 bytes verzonden, 142 bytes ontvangen, 0.062 tijdsduur Omgeleide verbinding: localhost: 1027 van localhost: 1067, 0 bytes verzonden, 0 bytes ontvangen, 0.062 tijdsduur Logfile of HijackThis v1.98.0 Scan saved at 21:06:53, on 4-7-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Norton Internet Security\NISUM.EXE C:\Program Files\Norton Internet Security\ccPxySvc.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\pctspk.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\Program Files\Onlineeye Pro\vcheck.exe C:\program files\onlineeye pro\onlineeye.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Internet Explorer\iexplore.exe C:\My Download Files\Hijack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-ne3.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-ne3.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.home.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ne3.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-ne3.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-ne3.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-ne3.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ne3.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe O4 - HKLM\..\Run: [USB] C:\WINDOWS\system32\usb.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKLM\..\Run: [VersionCheck] "C:\Program Files\Onlineeye Pro\vcheck.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [OnlineTime] "c:\program files\onlineeye pro\onlineeye.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/25a87a6d921e28a78618/netzip/RdxIE601.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
  • run hijackthis opnieuw en laat de volgende items repareren R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-ne3.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-ne3.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.home.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ne3.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-ne3.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-ne3.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-ne3.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ne3.hpwis.com/ O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file)
  • Heb alleen R0 niet gedaan dit is mij startpagina van Home, dus wel bekend. Logfile of HijackThis v1.98.0 Scan saved at 19:55:08, on 5-7-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Norton Internet Security\NISUM.EXE C:\Program Files\Norton Internet Security\ccPxySvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\pctspk.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\Program Files\Onlineeye Pro\vcheck.exe C:\program files\onlineeye pro\onlineeye.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\My Download Files\Hijack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.home.nl/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file) O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe O4 - HKLM\..\Run: [USB] C:\WINDOWS\system32\usb.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKLM\..\Run: [VersionCheck] "C:\Program Files\Onlineeye Pro\vcheck.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [OnlineTime] "c:\program files\onlineeye pro\onlineeye.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/25a87a6d921e28a78618/netzip/RdxIE601.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
  • lijkt me clean :wink: zijn de problemen weg?
  • Deze kan je nog laten fixen: [b:c35a4e4c55]O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file) O4 - HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/25a87a6d921e28a78618/netzip/RdxIE601.cab[/b:c35a4e4c55]
  • [quote:939cff9524="M@rc"]Deze kan je nog laten fixen: [b:939cff9524]O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file) O4 - HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/25a87a6d921e28a78618/netzip/RdxIE601.cab[/b:939cff9524][/quote:939cff9524] @marc, die 04 is van een hp printer dus mag je die echt fixen? en wat betreft die andere, morgen moet ik toch maar eens een bril halen :oops:
  • Die 04 heeft niet veel met een hpprinter te maken, en MOET het Hijacklog uit.
  • [quote:bc532fd607="De huismeester"]Die 04 heeft niet veel met een hpprinter te maken, en MOET het Hijacklog uit.[/quote:bc532fd607] ik zie het (ik had op sysinfo gekeken maar daar stonden niks anders als vraagtekens dus ik dacht laat hem maar staan voordat de boel dalijk gemold is :wink:
  • Helaas blijft verbinding zoeken. Logfile of HijackThis v1.98.0 Scan saved at 22:11:13, on 5-7-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Norton Internet Security\NISUM.EXE C:\Program Files\Norton Internet Security\ccPxySvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\windows\system\hpsysdrv.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\System32\pctspk.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Microsoft Hardware\Mouse\point32.exe C:\Program Files\Onlineeye Pro\vcheck.exe C:\program files\onlineeye pro\onlineeye.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Outlook Express\msimn.exe C:\My Download Files\Hijack This\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.home.nl/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe O4 - HKLM\..\Run: [USB] C:\WINDOWS\system32\usb.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [POINTER] point32.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe O4 - HKLM\..\Run: [VersionCheck] "C:\Program Files\Onlineeye Pro\vcheck.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [OnlineTime] "c:\program files\onlineeye pro\onlineeye.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
  • heb je niks in de ignore list staan? hij zou namelijk echt schoon moeten zijn. draai anders voor de zekerheid eens een [url=http://www.kaspersky.com/remoteviruschk.html]online scan[/url] ik verwacht er niet zoveel van maar je weet maar nooit.
  • Persoonlijk vindt ik het niet handig om alleen maar files van 1 mb te laten scannen. Maar toch bedankt voor de tip, vaak als je al een tijdje met iets bezig bent en een ander komt er bij dan komen er ook nieuwe mogelijkheden er bij om het op te lossen. Ik heb nergens iets in een ignorelist staan. De scan van vandaag van Spybot komen deze 3 te voorschijn maar dat wist ik wel: DAP is bekend dat er spyware in zit. BDE projector is een directory van KaZaa die ik niet weg krijg maar geen kwaad kan. DSP Project is algemeen bekend dat er nog lekken zijn. De scan van AD Ware geeft wel iets aan deze heb ik dan ook in de ignorelist gezet maar geeft desondanks dat het zelfde beeld. :evil: :evil: Lavasoft Ad-aware Personal Build 6.181 Logbestand gemaakt op:dinsdag 6 juli 2004 20:05:42 Created with Ad-aware Personal, free for private use. Gebruikt referentiebestand01R329 06.07.2004 ______________________________________________________ Ad-aware Settings ========================= Geactiveerd : Intensieve datascan activeren Geactiveerd : Veilige modus (altijd vragen om bevestiging) Geactiveerd : Scan actieve processen Geactiveerd : Scan register Geactiveerd : Diepe registerscan Geactiveerd : IE Favorieten scannen Geactiveerd : Scan in ZIP-archieven Geactiveerd : Scan my Hosts file 6-7-2004 20:05:42 - Scan started. (Smart mode) Lijst van geladen processen: ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ #:1 [smss.exe] FilePath : \SystemRoot\System32\ ThreadCreationTime : 6-7-2004 17:29:08 BasePriority : Normal #:2 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ThreadCreationTime : 6-7-2004 17:29:11 BasePriority : High #:3 [services.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 6-7-2004 17:29:12 BasePriority : Normal FileSize : 99 KB FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 CompanyName : Microsoft Corporation FileDescription : Services en controllertoepassingen InternalName : services.exe OriginalFilename : services.exe ProductName : Besturingssysteem Microsoft Created on : 10-1-2002 15:04:18 Last accessed : 6-7-2004 17:29:08 Last modified : 7-9-2001 4:27:26 #:4 [lsass.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 6-7-2004 17:29:12 BasePriority : Normal FileSize : 11 KB FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe OriginalFilename : lsass.exe ProductName : Microsoft Created on : 10-1-2002 15:03:49 Last accessed : 6-7-2004 17:29:08 Last modified : 9-9-2002 13:08:40 #:5 [svchost.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 6-7-2004 17:29:13 BasePriority : Normal FileSize : 12 KB FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft Created on : 10-1-2002 15:04:25 Last accessed : 6-7-2004 17:29:08 Last modified : 7-9-2001 4:27:28 #:6 [svchost.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 6-7-2004 17:29:13 BasePriority : Normal FileSize : 12 KB FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft Created on : 10-1-2002 15:04:25 Last accessed : 6-7-2004 17:29:08 Last modified : 7-9-2001 4:27:28 #:7 [explorer.exe] FilePath : C:\WINDOWS\ ThreadCreationTime : 6-7-2004 17:29:16 BasePriority : Normal FileSize : 976 KB FileVersion : 6.00.2800.1221 (xpsp2.030511-1403) ProductVersion : 6.00.2800.1221 CompanyName : Microsoft Corporation FileDescription : Windows Verkenner InternalName : explorer OriginalFilename : EXPLORER.EXE ProductName : Besturingssysteem Microsoft Created on : 29-5-2003 9:52:40 Last accessed : 6-7-2004 17:29:36 Last modified : 29-5-2003 9:52:40 #:8 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 6-7-2004 17:29:17 BasePriority : Normal FileSize : 50 KB FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe OriginalFilename : spoolsv.exe ProductName : Microsoft Created on : 10-1-2002 15:04:24 Last accessed : 6-7-2004 17:29:08 Last modified : 7-9-2001 4:27:28 #:9 [ccevtmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ThreadCreationTime : 6-7-2004 17:29:17 BasePriority : Normal FileSize : 313 KB FileVersion : 1.03.4 ProductVersion : 1.03.4 Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Event Manager Service InternalName : ccEvtMgr OriginalFilename : ccEvtMgr.exe ProductName : Event Manager Created on : 18-3-2003 20:38:01 Last accessed : 6-7-2004 17:29:08 Last modified : 6-12-2002 10:28:42 #:10 [nisum.exe] FilePath : C:\Program Files\Norton Internet Security\ ThreadCreationTime : 6-7-2004 17:29:17 BasePriority : Normal FileSize : 137 KB FileVersion : 6.02.2003 ProductVersion : 6.02.2003 Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Norton Internet Security NISUM InternalName : NISUM OriginalFilename : NISUM.exe ProductName : Norton Internet Security Created on : 25-9-2003 15:23:34 Last accessed : 6-7-2004 17:29:08 Last modified : 9-4-2003 23:58:10 #:11 [ccpxysvc.exe] FilePath : C:\Program Files\Norton Internet Security\ ThreadCreationTime : 6-7-2004 17:29:18 BasePriority : Normal FileSize : 33 KB FileVersion : 6.02.2003 ProductVersion : 6.02.2003 Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Norton Internet Security Proxy Service InternalName : ccPxySvc OriginalFilename : ccPxySvc.exe ProductName : Norton Internet Security Created on : 25-9-2003 15:23:32 Last accessed : 6-7-2004 17:29:08 Last modified : 9-4-2003 23:58:36 #:12 [navapsvc.exe] FilePath : C:\Program Files\Norton AntiVirus\ ThreadCreationTime : 6-7-2004 17:29:18 BasePriority : Normal FileSize : 113 KB FileVersion : 9.05.1015 ProductVersion : 9.05.1015 Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC OriginalFilename : NAVAPSVC.EXE ProductName : Norton AntiVirus Created on : 18-3-2003 20:37:45 Last accessed : 6-7-2004 17:29:08 Last modified : 28-11-2002 8:44:52 #:13 [nvsvc32.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 6-7-2004 17:29:18 BasePriority : Normal FileSize : 80 KB FileVersion : 6.14.10.5216 ProductVersion : 6.14.10.5216 Copyright : (C) NVIDIA Corporation. All rights reserved. CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 52.16 InternalName : NVSVC OriginalFilename : nvsvc32.exe ProductName : NVIDIA Driver Helper Service, Version 52.16 Created on : 6-10-2003 13:16:00 Last accessed : 6-7-2004 17:29:08 Last modified : 6-10-2003 13:16:00 #:14 [svchost.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 6-7-2004 17:29:19 BasePriority : Normal FileSize : 12 KB FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft Created on : 10-1-2002 15:04:25 Last accessed : 6-7-2004 17:29:08 Last modified : 7-9-2001 4:27:28 #:15 [hpsysdrv.exe] FilePath : C:\windows\system\ ThreadCreationTime : 6-7-2004 17:29:21 BasePriority : Normal FileSize : 51 KB FileVersion : 1, 7, 0, 0 ProductVersion : 1, 7, 0, 0 Copyright : Copyright CompanyName : Hewlett-Packard Company FileDescription : hpsysdrv InternalName : hpsysdrv OriginalFilename : hpsysdrv.exe ProductName : hpsysdrv Created on : 19-10-2001 9:52:03 Last accessed : 6-7-2004 17:29:08 Last modified : 8-5-1998 4:04:38 #:16 [kbd.exe] FilePath : C:\HP\KBD\ ThreadCreationTime : 6-7-2004 17:29:21 BasePriority : High FileSize : 60 KB FileVersion : 1.0.2.0 ProductVersion : 1.0.2.0 Copyright : Copyright CompanyName : Hewlett-Packard Company FileDescription : KBD EXE InternalName : KBD EXE OriginalFilename : Kbd.exe ProductName : Hewlett-Packard Company KBD EXE Created on : 19-10-2001 9:56:32 Last accessed : 6-7-2004 17:29:08 Last modified : 7-7-2001 9:56:56 #:17 [pctspk.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 6-7-2004 17:29:23 BasePriority : Normal FileSize : 152 KB FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 Copyright : Copyright (C) 2001 FileDescription : pctvoice MFC Application InternalName : pctvoice OriginalFilename : pctvoice.EXE ProductName : pctvoice Application Created on : 2-8-2001 13:37:34 Last accessed : 6-7-2004 17:29:08 Last modified : 2-8-2001 13:37:34 #:18 [hpztsb04.exe] FilePath : C:\WINDOWS\System32\spool\drivers\w32x86\3\ ThreadCreationTime : 6-7-2004 17:29:23 BasePriority : Normal FileSize : 192 KB FileVersion : 2,76,0,0 ProductVersion : 2,76,0,0 Copyright : Copyright (c) Hewlett-Packard Company 1999-2001 CompanyName : HP ProductName : HP DeskJet Created on : 15-1-2002 15:40:35 Last accessed : 6-7-2004 17:29:08 Last modified : 12-9-2001 15:47:30 #:19 [ccapp.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ThreadCreationTime : 6-7-2004 17:29:24 BasePriority : Normal FileSize : 56 KB FileVersion : 1.08.01 ProductVersion : 1.08.01 Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Common Client CC App InternalName : ccApp OriginalFilename : ccApp.exe ProductName : Common Client Created on : 28-8-2003 15:38:46 Last accessed : 6-7-2004 17:29:08 Last modified : 15-7-2003 12:56:58 #:20 [point32.exe] FilePath : C:\Program Files\Microsoft Hardware\Mouse\ ThreadCreationTime : 6-7-2004 17:29:25 BasePriority : Normal FileSize : 172 KB FileVersion : 4.10.0851.0 ProductVersion : 4.1 Copyright : Copyright (C) Microsoft Corp. 1983-2002 CompanyName : Microsoft Corporation FileDescription : Microsoft IntelliPoint InternalName : POINT32 OriginalFilename : POINT32.EXE ProductName : Microsoft IntelliPoint Created on : 11-4-2002 18:47:52 Last accessed : 6-7-2004 17:29:08 Last modified : 11-4-2002 18:47:52 #:21 [vcheck.exe] FilePath : C:\Program Files\Onlineeye Pro\ ThreadCreationTime : 6-7-2004 17:29:25 BasePriority : Normal FileSize : 140 KB FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 Copyright : Copyright (C) 2003 FileDescription : MFC-Anwendung VCheck InternalName : VCheck OriginalFilename : VCheck.EXE ProductName : Anwendung VCheck Created on : 23-6-2004 13:45:55 Last accessed : 6-7-2004 17:29:30 Last modified : 23-6-2004 13:45:55 #:22 [onlineeye.exe] FilePath : C:\program files\onlineeye pro\ ThreadCreationTime : 6-7-2004 17:29:26 BasePriority : Normal FileSize : 689 KB FileVersion : 1, 0, 0,2 ProductVersion : 1, 0, 0,2 Copyright : Copyright (C) 2001 CompanyName : pmaSoft FileDescription : OnlineTime MFC Application InternalName : OnlineTime OriginalFilename : OnlineTime.EXE ProductName : OnlineeEye Created on : 25-6-2004 8:21:19 Last accessed : 6-7-2004 17:29:37 Last modified : 25-6-2004 8:21:19 #:23 [realsched.exe] FilePath : C:\Program Files\Common Files\Real\Update_OB\ ThreadCreationTime : 6-7-2004 17:29:26 BasePriority : Normal FileSize : 176 KB FileVersion : 0.1.0.3034 ProductVersion : 0.1.0.3034 Copyright : Copyright CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp OriginalFilename : realsched.exe ProductName : RealPlayer (32-bit) Created on : 25-4-2004 19:01:22 Last accessed : 6-7-2004 17:29:08 Last modified : 15-6-2004 19:01:29 #:24 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-aware 6\ ThreadCreationTime : 6-7-2004 17:53:37 BasePriority : Normal FileSize : 668 KB FileVersion : 6.0.1.181 ProductVersion : 6.0.0.0 Copyright : Copyright CompanyName : Lavasoft Sweden FileDescription : Ad-aware 6 core application InternalName : Ad-aware.exe OriginalFilename : Ad-aware.exe ProductName : Lavasoft Ad-aware Plus Created on : 20-9-2003 19:36:17 Last accessed : 6-7-2004 18:04:45 Last modified : 12-7-2003 20:00:20 Resultaat van bestandsscan: ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Nieuwe objecten: 0 Totaal tot nu toe geïdentificeerde objecten: 0 Start scan register ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Resultaat van registerscan: ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Nieuwe objecten: 0 Totaal tot nu toe geïdentificeerde objecten: 0 Started deep registry scan ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Mogelijk browser-Hacker poging : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank Possible Browser Hijack attempt Object herkend! Typ : Reg. Bestanden Data : "about:blank" Rootkey : HKEY_LOCAL_MACHINE Object : Software\Microsoft\Internet Explorer\Main Waarde : Start Page Data : "about:blank" Resultaat diepe registerscan: ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Nieuwe objecten: 1 Totaal tot nu toe geïdentificeerde objecten: 1 ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Dieptescan van bestanden (C:) ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts) ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Hosts file scan result: ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ 0 entries scanned. Nieuwe objecten:0 Totaal tot nu toe geïdentificeerde objecten: 1 Performing conditional scans.. ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Conditional scan result: ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Nieuwe objecten: 0 Totaal tot nu toe geïdentificeerde objecten: 1 20:10:19 Systeemscan gereed Samenvatting van het onderzoek ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ Totale tijd systeemscan:00:04:36:250 Objecten gescand:50096 Objecten geïdentificeerd:1 Objecten genegeerd:0 Nieuwe objecten:1
  • Die log van ad-aware lijkt me ook clean. Die about:blank kan een 'bugje' zijn van ad-aware... We kunnen dit controleren: Download [url=http://users.pandora.be/marcvn/tools/appinit.zip]dit[/url] bestandje. Unzip het op je buroblad. Dubbelklik op appinit.bat. Er verschijnt een 'dos'box en dan wordt er een bestand aangemaakt dat windows.txt noemt. Open dit bestand en plak deze inhoud ook in je volgende post. Maar ik zie niets in je log wijst op de about:blank hijack.
  • regf       Pugf hbin  ¨ÿÿÿnk, xO Y.WÁ ÿÿÿÿ ÿÿÿÿÿÿÿÿ ° x ÿÿÿÿ 0  werW Windowssÿÿÿsk x x  Ô  „¸ È   ¤       !  €  !  ?          ?               Øÿÿÿvk  €   fùAppInit_DLLs֍æG h Ðÿÿÿvk  È   ÀUDeviceNotSelectedTimeoutðÿÿÿ1 5  _£ûóðÿÿÿ9 0  €) Ðÿÿÿvk  €'   zGDIProcessHandleQuota"þàÿÿÿvk  8   °ºSpooler2ðÿÿÿy e s h  h ˜ è  ` àÿÿÿvk  €   =pswapdiskÐÿÿÿvk  Ø   R¿TransmissionRetryTimeoutàÿÿÿh ˜ è  ` € Ð Ðÿÿÿvk  €'   erUSERProcessHandleQuotaIn
  • Feelgood, 100 % zeker dat ad-aware logje is clean.
  • Bedankt. :D Alleen nu weet ik het ook niet meer. :( :( :( :( :( :(
  • surf je met IE? instaleer die dan eens opnieuw (zal wel weinig oplossen maar wie weet)
  • Toch maar eens terug in de tijd gegaan en een herstelpunt van 26 Juni teruggezet. Wat ik zeker wist is dat ik geen nieuwe programma´s had geinstalleerd maar wel updates van verschillende programma´s had gedaan. En hij is weg. rararara hiephiep hoera :lol: :lol: :lol: :lol: :lol: :lol: :lol: :lol: :lol: :lol: :lol: :lol: :P :P :P :P In ieder geval bedankt voor jullie hulp. :wink: :wink: :wink:

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.