Mededeling

Collapse
No announcement yet.

spyware yieldmanager gametracker ?

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • spyware yieldmanager gametracker ?

    Hoi, Volgens mij heb ik spyware waar ik niet vanaf kom. Het zijn steeds de zelfde. Kunnen jullie me helpen er voor te zorgen dat ie niet meer terugkomt ?:

    obj[0]=IECache Entry : Cookie:[email protected]/server_info/213.19.131.212:27960/
    obj[1]=IECache Entry : Cookie:[email protected]/
    obj[2]=IECache Entry : Cookie:[email protected]/
    obj[3]=IECache Entry : Cookie:[email protected]/server_info/83.98.225.13:27960/
    obj[4]=IECache Entry : Cookie:[email protected]/
    obj[5]=IECache Entry : Cookie:[email protected]/
    obj[6]=IECache Entry : Cookie:[email protected]click.com/
    obj[7]=IECache Entry : Cookie:[email protected]/
    obj[8]=IECache Entry : Cookie:[email protected]/
    obj[9]=IECache Entry : Cookie:[email protected]/
    obj[10]=IECache Entry : Cookie:[email protected]/
    obj[11]=IECache Entry : Cookie:[email protected]/
    obj[12]=IECache Entry : Cookie:[email protected]/server_info/213.19.131.212:27960/b/
    obj[13]=IECache Entry : Cookie:[email protected]/
    obj[14]=IECache Entry : Cookie:[email protected]/server_info/85.92.143.13:27960/
    obj[15]=IECache Entry : Cookie:[email protected]/
    obj[16]=IECache Entry : Cookie:[email protected]/
    obj[17]=IECache Entry : Cookie:[email protected]/

    Hier is mijn Hijack log wel net na een adaware scan:

    Logfile of HijackThis v1.99.1
    Scan saved at 21:14:50, on 4-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\WinZip E-Mail Companion\loadwzco.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\comservice.exe
    C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\st121g.exe
    C:\Program Files\Xfire\xfire.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\downloads\spyware\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telegraaf.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE" /APPLY
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [WinZip E-Mail Companion OEAPI] "C:\Program Files\WinZip E-Mail Companion\loadwzco.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Com Service] comservice.exe
    O4 - HKLM\..\RunServices: [Com Service] comservice.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

    Ik hoop dat jullie me kunnen helpen. Het lijkt of mijn internet steeds trager wordt.

  • #2
    Start Hijackthis en vink alleen de volgende regels aan:
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [Com Service] comservice.exe
    O4 - HKLM\..\RunServices: [Com Service] comservice.exe

    Sluit alle openstaande vensters(behalve Hijackthis) en klik op de knop "Fix checked".

    Herstart daarna je computer.

    Post na de herstart een nieuw logje van Hijackthis

    Comment


    • #3
      spyware

      hey, bedankt voor je antwoord. Ik heb gedaan wat je zei en hierbij mijn nieuwe hijack log:

      Logfile of HijackThis v1.99.1
      Scan saved at 18:48:12, on 5-4-2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16608)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\PnkBstrA.exe
      C:\WINDOWS\system32\PnkBstrB.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\VTTimer.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
      C:\Program Files\WinZip E-Mail Companion\loadwzco.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
      C:\WINDOWS\system32\HPZipm12.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\downloads\spyware\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telegraaf.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
      O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
      O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [PRISMSVR.EXE] "C:\Program Files\Thomson SpeedTouch\SpeedTouch 121g Wireless USB Monitor\PRISMSVR.EXE" /APPLY
      O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
      O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
      O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
      O4 - HKLM\..\Run: [WinZip E-Mail Companion OEAPI] "C:\Program Files\WinZip E-Mail Companion\loadwzco.exe"
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
      O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
      O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O11 - Options group: [INTERNATIONAL] International*
      O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
      O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
      O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
      O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
      O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

      Comment


      • #4
        Download dit bestand: zoek.exe
        Dubbelklik het, na een tijdje opent er een logje.
        Post de inhoud van dit logje in je volgende bericht

        Comment


        • #5
          logje

          Sorry voor de late reactie, was effe paar daagjes weg. Hierbij het logje;

          ======C:\WINDOWS====
          ----a-w 0 2008-04-11 16:05:39 C:\WINDOWS\0.log
          --s-a-w 2,048 2008-04-11 16:05:36 C:\WINDOWS\bootstat.dat
          ----a-w 243,753 2008-04-09 21:49:48 C:\WINDOWS\comsetup.log
          ----a-w 694,944 2008-04-09 21:49:47 C:\WINDOWS\FaxSetup.log
          ----a-w 109,732 2008-04-09 21:49:48 C:\WINDOWS\iis6.log
          ----a-w 1,355 2008-04-09 21:49:41 C:\WINDOWS\imsins.BAK
          ----a-w 1,355 2008-04-09 21:49:48 C:\WINDOWS\imsins.log
          ----a-w 18,714 2008-04-09 21:49:41 C:\WINDOWS\KB941693.log
          ----a-w 12,052 2008-04-09 21:48:41 C:\WINDOWS\KB945553.log
          ----a-w 20,490 2008-04-09 21:49:37 C:\WINDOWS\KB947864-IE7.log
          ----a-w 12,727 2008-04-09 21:49:23 C:\WINDOWS\KB948590.log
          ----a-w 14,263 2008-04-09 21:49:47 C:\WINDOWS\KB948881.log
          ----a-w 35,295 2008-04-09 21:49:47 C:\WINDOWS\msgsocm.log
          ----a-w 116 2008-04-09 09:40:38 C:\WINDOWS\NeroDigital.ini
          ----a-w 146,563 2008-04-09 21:49:48 C:\WINDOWS\ntdtcsetup.log
          ----a-w 343,754 2008-04-09 21:49:47 C:\WINDOWS\ocgen.log
          ----a-w 43,318 2008-04-09 21:49:48 C:\WINDOWS\ocmsn.log
          ----a-w 32,368 2008-04-11 16:04:20 C:\WINDOWS\SchedLgU.Txt
          ----a-w 180,203 2008-03-14 18:53:53 C:\WINDOWS\setupact.log
          ----a-w 249,064 2008-04-11 16:08:25 C:\WINDOWS\setupapi.log
          ----a-w 98,304 2008-03-15 15:04:42 C:\WINDOWS\system32CmdLineExt.dll
          ----a-w 272,575 2008-04-09 21:49:48 C:\WINDOWS\tsoc.log
          ----a-w 84,306 2008-04-09 21:49:33 C:\WINDOWS\updspapi.log
          ----a-w 159 2008-04-11 16:05:38 C:\WINDOWS\wiadebug.log
          ----a-w 49 2008-04-11 16:05:38 C:\WINDOWS\wiaservc.log
          ----a-w 629 2008-03-12 22:20:14 C:\WINDOWS\win.ini
          ----a-w 1,522,081 2008-04-11 21:53:08 C:\WINDOWS\WindowsUpdate.log

          Entries: 27 (26)
          Directories: 0 Files: 27
          Bytes: 4,140,217 Blocks: 8,099
          ======C:\WINDOWS\system32=====
          ----a-w 134,872 2008-04-11 16:01:43 C:\WINDOWS\System32\FNTCACHE.DAT
          ----a-w 34,064 2008-03-28 19:13:00 C:\WINDOWS\System32\lhacm.acm
          ----a-w 19,836,024 2008-04-06 05:56:20 C:\WINDOWS\System32\MRT.exe
          ----a-w 62,480 2008-03-31 17:04:49 C:\WINDOWS\System32\perfc009.dat
          ----a-w 81,380 2008-03-31 17:04:49 C:\WINDOWS\System32\perfc013.dat
          ----a-w 401,200 2008-03-31 17:04:49 C:\WINDOWS\System32\perfh009.dat
          ----a-w 465,926 2008-03-31 17:04:49 C:\WINDOWS\System32\perfh013.dat
          ----a-w 1,022,246 2008-03-31 17:04:49 C:\WINDOWS\System32\PerfStringBackup.INI
          ----a-w 107,832 2008-04-11 16:09:08 C:\WINDOWS\System32\PnkBstrB.exe
          ----a-w 1,845,376 2008-03-20 08:10:47 C:\WINDOWS\System32\win32k.sys
          ----a-w 12,706 2008-04-11 16:01:47 C:\WINDOWS\System32\wpa.dbl
          ----a-w 41,296 2008-04-02 23:26:06 C:\WINDOWS\System32\xfcodec.dll

          Entries: 12 (12)
          Directories: 0 Files: 12
          Bytes: 24,045,402 Blocks: 46,970
          ======C:\WINDOWS\system32\drivers=====
          ----a-w 22,328 2008-04-11 16:09:52 C:\WINDOWS\System32\drivers\PnkBstrK.sys

          Entries: 1 (1)
          Directories: 0 Files: 1
          Bytes: 22,328 Blocks: 44
          =======C:\Program Files=====
          Entries: 0 (0)
          Directories: 0 Files: 0
          Bytes: 0 Blocks: 0
          =======C:=====
          ----a-w 352,449 2008-04-02 14:17:09 C:\nota1_danielKatier.jpg
          --sha-w 2,145,386,496 2008-04-11 16:05:31 C:\pagefile.sys

          Entries: 2 (1)
          Directories: 0 Files: 2
          Bytes: 2,145,738,945 Blocks: 4,190,897
          ======C:\Documents and Settings\windows\Application Data======
          ----a-w 22,112 2008-03-26 19:25:05 C:\Documents and Settings\windows\Application Data\GDIPFONTCACHEV1.DAT

          Entries: 1 (1)
          Directories: 0 Files: 1
          Bytes: 22,112 Blocks: 44
          ======C:\Temp======
          Entries: 0 (0)
          Directories: 0 Files: 0
          Bytes: 0 Blocks: 0
          ======C:\Documents and Settings\windows======
          ----a-w 4,718,592 2008-04-11 22:23:05 C:\Documents and Settings\windows\NTUSER.DAT
          ----a-w 28,672 2008-04-11 22:23:05 C:\Documents and Settings\windows\ntuser.dat.LOG
          --sh--w 288 2008-04-11 16:04:19 C:\Documents and Settings\windows\ntuser.ini

          Entries: 3 (2)
          Directories: 0 Files: 3
          Bytes: 4,747,552 Blocks: 9,273
          ======C:\WINDOWS\Downloaded Program Files====
          Entries: 0 (0)
          Directories: 0 Files: 0
          Bytes: 0 Blocks: 0
          =============


          Overigens mijn laatste scan heeft het volgende in quarantine gezet:

          obj[0]=IECache Entry : Cookie:[email protected]/server_info/213.19.131.212:27960/
          obj[1]=IECache Entry : Cookie:[email protected]/
          obj[2]=IECache Entry : Cookie:[email protected]/
          obj[3]=IECache Entry : Cookie:[email protected]/
          obj[4]=IECache Entry : Cookie:[email protected]/
          obj[5]=IECache Entry : Cookie:[email protected]/
          obj[6]=IECache Entry : Cookie:[email protected]/
          obj[7]=IECache Entry : Cookie:[email protected]/
          obj[8]=IECache Entry : Cookie:[email protected]/
          obj[9]=IECache Entry : Cookie:[email protected]/
          obj[10]=IECache Entry : Cookie:[email protected]/
          obj[11]=IECache Entry : Cookie:[email protected]/
          obj[12]=IECache Entry : Cookie:[email protected]/
          obj[13]=IECache Entry : Cookie:[email protected]/
          obj[14]=IECache Entry : Cookie:[email protected]/server_info/85.92.143.13:27960/
          obj[15]=IECache Entry : Cookie:[email protected]/server/213.19.131.212:27960/player/%2APIMP%2AAntra/
          obj[16]=IECache Entry : Cookie:[email protected]/
          obj[17]=IECache Entry : Cookie:[email protected]/
          obj[18]=IECache Entry : Cookie:[email protected]/
          obj[19]=IECache Entry : Cookie:[email protected]/

          Comment


          • #6
            Ik zie niets verkeerds meer

            Verwijder het volgende bestand als het nog aanwezig is:
            C:\WINDOWS\system32\comservice.exe

            Zijn er nog problemen?

            Comment


            • #7
              Hey,

              Kon het bestandje C:\WINDOWS\system32\comservice.exe niet vinden.
              Denk dat het wel in orde is, computer loopt goed.
              Laatste scan:

              obj[0]=IECache Entry : Cookie:[email protected]/server_info/213.19.131.212:27960/
              obj[1]=IECache Entry : Cookie:[email protected]/
              obj[2]=IECache Entry : Cookie:[email protected]/
              obj[3]=IECache Entry : Cookie:[email protected]/


              thx !

              Comment


              • #8
                Graag gedaan hoor

                Wat je net poste waren slechts enkele cookies.

                Of cookies echt een groot probleem vormen betwijfel ik

                Het is wel verstandig "indirecte" of "third party" cookies te blokkeren.
                Dat doe je als volgt:

                Internet Explorer 6:
                Extra
                Internet-opties
                tabblad Privacy
                knop Geavanceerd
                vinkje plaatsen voor "Automatische cookie-verwerking opheffen"
                onder "Indirecte cookies" een vinkje plaatsen voor: "Blokkeren"
                OK, OK

                Firefox:
                Tools
                Options
                Privacy
                Cookies
                aanvinken: "for the originating site only"


                Installeer verder SpywareBlaster, dat programma blokkeert ook tracking cookies.
                http://www.nucia.eu/toonhandleiding....ndleidingid=12.

                Met behulp van Ccleaner kan je ook cookies verwijderen, dit programma heeft een optie waarmee je instellen kan welke cookies behouden dienen te worden omdat je deze nodig hebt om in te loggen bij bepaalde websites. Alle overige cookies kunnen dan probleemloos verwijderd worden.

                Groeten smeenk

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X