Vraag & Antwoord

Beveiliging & privacy

xads offeroptimizer

8 antwoorden
  • Heb de laatste tijd veel last van xads optimizer.Zodra ik i.e.opstart komt deze ook mee en zorgt voor allerhande popups en ook voor vertraging. Is er iets aan te doen? Ron.
  • Scan eens met een geupdate Ad-aware en Spybot Search & Destroy. Probleem niet opgelost dan maak je een HijackThislog en post je deze hier. Instructies over deze programma's vind je in de spywarefaq of [url=http://users.pandora.be/marcvn/spyware/]hier[/url].
  • Ik ben vandaag op het internet wezen zoeken naar een manier om deze lastpak te verwijderen,want geen enkel spyware programma (Ad-Aware,Spybot,Spysweeper,CWshredder)helpt hiertegen! Misschien dat over een maandje wel ofzo als nieuwe definities uitkomen die de kwelgeest wel verwijderen! Vaak was het advies om bepaalde bestanden te verwijderen (biprpep.exe,localNRD.dll etc)maar die heb ik nergens kunnen vinden!Ik blijf er dus nog steeds last van houden alhoewel dit venster geminimaliseerd is.Als je hem wilt openen sluit ie zichzelf af! Dus ik zal er voorlopig nog wel even last van houden!
  • Download [url=http://computercops.biz/downloads-file-328.html]hijackthis[/url] en maak een map voor hem aan, bij voorkeur c:\program files\hijackthis oid, pak daarna de zip file uit naar die map, sluit alle vensters en run hijackthis, sla de log op en plak die volledig in je volgende post.
  • Komt ie! Logfile of HijackThis v1.98.2 Scan saved at 19:29:28, on 21/09/2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe E:\Diskeeper8\DkService.exe D:\NortonAntivirus2004\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe D:\NortonAntivirus2004\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\ICO.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\System32\ezSP_Px.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\uitils\seti@home\SETI@home.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\TGTSoft\StyleXP\StyleXP.exe D:\Internet\Roboform6\RoboTaskBarIcon.exe D:\Internet\Getright\getright.exe D:\Internet\Getright\getright.exe D:\Internet\Nuria\Nuria.exe D:\Desktop Drive Monitor\DriveMon.exe D:\Uitils\Diropus6\dopus.exe C:\WINDOWS\System32\svchost.exe D:\SpamInspector4\siMain.exe D:\SpamInspector4\siSpamFilterEngine.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe D:\DownVAIO\HijackThis\HijackThis1982.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webwereld.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webwereld.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: MultimppObj Class - {002EB272-2590-4693-B166-FBD5D9B6FEA6} - C:\WINDOWS\multimpp.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Acrobat6\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Internet\Roboform6\RoboForm.dll O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\NortonAntivirus2004\NavShExt.dll O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file) O3 - Toolbar: Hotmail Spam Filter - {58A83E4F-477A-4A3F-BF9B-B65BC2BD5598} - D:\SpamInspector4\siClientUIHotmail.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Internet\Roboform6\RoboForm.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\NortonAntivirus2004\NavShExt.dll O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [seticlient] d:\uitils\seti@home\SETI@home.exe -min O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [RoboForm] "D:\Internet\Roboform6\RoboTaskBarIcon.exe" O4 - Startup: Drive Monitor.lnk = D:\Desktop Drive Monitor\DriveMon.exe O4 - Global Startup: GetRight - Tray Icon.lnk = D:\Internet\Getright\getright.exe O4 - Global Startup: Nuria.lnk = D:\Internet\Nuria\Nuria.exe O8 - Extra context menu item: Customize Menu &4 - file://D:\Internet\Roboform6\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Download with GetRight - D:\Internet\Getright\GRdownload.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\OfficeXP\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Fill Forms &] - file://D:\Internet\Roboform6\RoboFormComFillForms.html O8 - Extra context menu item: Open with GetRight Browser - D:\Internet\Getright\GRbrowse.htm O8 - Extra context menu item: Save Forms &[ - file://D:\Internet\Roboform6\RoboFormComSavePass.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Internet\Roboform6\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Internet\Roboform6\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Internet\Roboform6\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms &[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Internet\Roboform6\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Internet\Roboform6\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Internet\Roboform6\RoboFormComShowToolbar.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://www.planet.nl/exent/classes/ExentCtl.ocx O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.euro.dell.com/global/apps/systemprofiler/PROFILER.CAB O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://servicesv4.moviesystem.com/cabs/msway.cab O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
  • ga er wel ff mee bezig
  • Sluit alle vensters en fix deze items: [list:2cb5a1b26c][b:2cb5a1b26c] O2 - BHO: MultimppObj Class - {002EB272-2590-4693-B166-FBD5D9B6FEA6} - C:\WINDOWS\multimpp.dll O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file) O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.sony-europe.com [/b:2cb5a1b26c][/list:u:2cb5a1b26c] Herstart in veilige modus en laat alle bestanden weergeven, verwijder de volgende items indien aanwezig: [list:2cb5a1b26c][b:2cb5a1b26c]C:\WINDOWS\multimpp.dll <--- file C:\Program Files\QuickSearch <--- map[/b:2cb5a1b26c][/list:u:2cb5a1b26c] Herstart en post een nieuwe log.
  • Logfile of HijackThis v1.98.2 Scan saved at 22:06:11, on 21/09/2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe E:\Diskeeper8\DkService.exe C:\WINDOWS\Explorer.EXE D:\NortonAntivirus2004\navapsvc.exe C:\WINDOWS\System32\nvsvc32.exe D:\NortonAntivirus2004\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\ICO.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\System32\ezSP_Px.exe C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\rundll32.exe D:\uitils\seti@home\SETI@home.exe C:\Program Files\TGTSoft\StyleXP\StyleXP.exe D:\Internet\Roboform6\RoboTaskBarIcon.exe D:\Internet\Getright\getright.exe D:\Internet\Getright\getright.exe D:\Internet\Nuria\Nuria.exe D:\Desktop Drive Monitor\DriveMon.exe D:\Uitils\HijackThis\HijackThis1982.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webwereld.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.sony-europe.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webwereld.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Acrobat6\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - D:\Internet\Roboform6\RoboForm.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\NortonAntivirus2004\NavShExt.dll O3 - Toolbar: Hotmail Spam Filter - {58A83E4F-477A-4A3F-BF9B-B65BC2BD5598} - D:\SpamInspector4\siClientUIHotmail.dll O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - D:\Internet\Roboform6\RoboForm.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\NortonAntivirus2004\NavShExt.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [seticlient] d:\uitils\seti@home\SETI@home.exe -min O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [RoboForm] "D:\Internet\Roboform6\RoboTaskBarIcon.exe" O4 - Startup: Drive Monitor.lnk = D:\Desktop Drive Monitor\DriveMon.exe O4 - Global Startup: GetRight - Tray Icon.lnk = D:\Internet\Getright\getright.exe O4 - Global Startup: Nuria.lnk = D:\Internet\Nuria\Nuria.exe O8 - Extra context menu item: Customize Menu &4 - file://D:\Internet\Roboform6\RoboFormComCustomizeIEMenu.html O8 - Extra context menu item: Download with GetRight - D:\Internet\Getright\GRdownload.htm O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\OfficeXP\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Fill Forms &] - file://D:\Internet\Roboform6\RoboFormComFillForms.html O8 - Extra context menu item: Open with GetRight Browser - D:\Internet\Getright\GRbrowse.htm O8 - Extra context menu item: Save Forms &[ - file://D:\Internet\Roboform6\RoboFormComSavePass.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Internet\Roboform6\RoboFormComFillForms.html O9 - Extra 'Tools' menuitem: Fill Forms &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://D:\Internet\Roboform6\RoboFormComFillForms.html O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Internet\Roboform6\RoboFormComSavePass.html O9 - Extra 'Tools' menuitem: Save Forms &[ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://D:\Internet\Roboform6\RoboFormComSavePass.html O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Internet\Roboform6\RoboFormComShowToolbar.html O9 - Extra 'Tools' menuitem: RoboForm &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://D:\Internet\Roboform6\RoboFormComShowToolbar.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://www.planet.nl/exent/classes/ExentCtl.ocx O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.euro.dell.com/global/apps/systemprofiler/PROFILER.CAB O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab Het lijkt er op dat ik mn kwelgeest kwijt ben Many Thanxxx!!!

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.