ciD spam tereur

Status
Niet open voor verdere reacties.
T

thierry41

Nieuwe gebruiker
Lid geworden
24 sep 2007
Berichten
1
hallo ik heb last van cid popups, en kom er maaar niet vanaf. wie kan mij helpen.

ik heb combifix gedraaid maar helpt niet .

HELLLLLLLLLLLLLLLLLLLLLLLLLLLLP

hier is de log ervan

Code: 
ComboFix 07-09-18.4 - "gebruiker" 2007-09-19 23:49:22.1 - NTFSx86 
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1043.18.515 [GMT 2:00]
 * Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\HbTools.log
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\566217.sdf
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\948597.sdf
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\ASPL1.dat
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\domains.txt
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\hstat\3449.dat
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\TooltipXML\56815
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\TooltipXML\64646
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\TooltipXML\87387
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\TooltipXML\91204
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\TooltipXML\97499
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\TooltipXML\97524
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\TooltipXML\99795
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\dynamic\ustat\3449.dat
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\ads.cdf
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\btntrans.idx
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\btntrans1.dat
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\business_promo.htm
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\buttondir.txt
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\components.cdf
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\d_icons_buttons_1000.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\d_icons_buttons_2000.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\d_icons_buttons_3000.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\d_icons_buttons_bar.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\d_icons_buttons_bbar1.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\d_icons_buttons_logos.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\d_icons_buttons_other.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\d_icons_weather.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\default.cdf
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_511745-514279.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz1.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz10.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz11.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz12.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz13.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz14.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz15.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz16.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz17.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz18.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz19.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz2.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz20.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz3.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz4.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz5.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz6.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz7.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz8.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_bidz9.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_categorize.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_comparison.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_em_PROFL_CA_flow_b_IEB.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_explorer-Mails.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_explorer-people.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_favorites.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_Games.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_Hide.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_hotbarcom.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_Hotmail.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_hsskin.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_jemster.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_jemsterie.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_jemsteruk.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_jobsearch.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_Mails.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_new.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_premium.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_reun.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_ringtones.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_SearchBoxTrapper.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_searchfor.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_searchgo.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_weather.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Default_yellowpages.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\email-def-511724-548964.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\email-def-511724-9595.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\email-t1-bg.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\hotbar-premium-hotbar-premium.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\hotbar-premium.cdf
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\hotbar_promo.htm
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\icons2.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\keywords.idx
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\keywords1.dat
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\layout.cdf
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\linkpathlegal.txt
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\progress.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\s_icons_buttons.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\sales_buttons.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\t2_bg.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\theweb.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\top7.cdf
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\Top7_theweb.mnu
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\1\tsd_bg.res
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\ads.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\BtnTrans.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\BtnTrans1.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\business_promo.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\buttondir.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_1000.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_2000.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_3000.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_bar.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_bbar1.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_logos.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\d_icons_buttons_other.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\d_icons_weather.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\default.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\email-t1-bg.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\hotbar-premium.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\hotbar_promo.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\icons2.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\keywords.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\keywords1.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\layout.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\linkpathlegal.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\progress.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\s_icons_buttons.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\sales_buttons.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\samplegroups2.txt
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\samplegroups2.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\t2_bg.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\top7.xip
C:\DOCUME~1\GEBRUI~1\APPLIC~1\HbTools\v3.0\HbTools\static\DownLoad\tsd_bg.xip
C:\DOCUME~1\GEBRUI~1\MENUST~1\PROGRA~1\OPSTAR~1.\TA_Start.lnk
C:\DOCUME~1\GEBRUI~1\MENUST~1\PROGRA~1\OPSTAR~1\ta_start.lnk
C:\DOCUME~1\GEBRUI~1\MENUST~1\PROGRA~1\OPSTAR~1\think-adz.lnk
C:\Program Files\HbTools
C:\Program Files\HbTools\HBTV\hbtv_gdf.dat
C:\Program Files\HbTools\HBTV\hbtv_kyf.dat
C:\Program Files\HbTools\HBTV\hbtvau.dat
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\History\search
C:\WINDOWS\system32\dwdsrngt.exe
C:\WINDOWS\system32\kwinqndt.exe
C:\WINDOWS\system32\msnav32.ax
C:\WINDOWS\system32\nsa16.dll
C:\WINDOWS\system32\winpfz32.sys
C:\WINDOWS\system32\zxdnt3d.cfg

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))


-------\npf


(((((((((((((((((((((((((   Files Created from 2007-08-19 to 2007-09-19  )))))))))))))))))))))))))))))))
.

2007-09-19 23:48	51,200	--a------	C:\WINDOWS\NirCmd.exe
2007-09-19 21:28	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\Magic Academy
2007-09-19 21:10	<DIR>	d--------	C:\Program Files\Lavasoft
2007-09-19 19:29	<DIR>	d--------	C:\Program Files\XoftSpySE
2007-09-19 18:53	<DIR>	d--------	C:\Program Files\Adssite Advanced Toolbar
2007-09-19 18:53	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\Adssite Advanced Toolbar
2007-09-17 17:44	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\TERMINAL Studio
2007-09-17 17:41	<DIR>	d--------	C:\Program Files\The Rise of Atlantis
2007-09-17 17:41	<DIR>	d--------	C:\Program Files\BFG
2007-09-16 22:18	<DIR>	d--------	C:\Program Files\SP2 Connection Patcher
2007-09-16 22:18	<DIR>	d--------	C:\Program Files\LimeWire Download Accelerator
2007-09-16 22:18	<DIR>	d--------	C:\Program Files\atomdoes
2007-09-16 22:18	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\atomdoes
2007-09-16 22:18	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site
2007-09-15 01:08	43,008	--a------	C:\WINDOWS\system32\liongres.dll
2007-09-15 01:03	<DIR>	d-a------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-09-15 01:03	<DIR>	d--------	C:\Program Files\Liong - The Dragon Dance
2007-09-15 01:03	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\AlwaysNeat
2007-09-15 01:00	<DIR>	d--------	C:\Program Files\bfgclient
2007-09-15 01:00	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache
2007-09-12 23:32	<DIR>	d--------	C:\Program Files\Jewel Match
2007-09-12 12:46	62,464	--a------	C:\WINDOWS\system32\gzmrotate.dll
2007-09-08 21:26	<DIR>	d--------	C:\Program Files\Maxis
2007-09-05 22:01	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\Shared
2007-09-05 22:01	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\LimeWire
2007-09-04 17:39	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\Incomplete
2007-09-04 17:39	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\LimeWirePlus
2007-09-02 20:00	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\SpywareBot
2007-09-02 19:03	<DIR>	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\ParetoLogic Anti-Spyware
2007-09-02 16:27	<DIR>	d--------	C:\WINDOWS\system32\Kaspersky Lab
2007-08-27 22:37	40,315	--a------	C:\WINDOWS\system32\gzmrot-uninst.exe
2007-08-27 18:52	<DIR>	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\Zylom

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-19 21:22	---------	d--------	C:\Program Files\Zylom Games
2007-09-16 23:44	---------	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\Skype
2007-09-16 20:46	---------	d--------	C:\Program Files\eMule
2007-09-16 20:45	---------	d--------	C:\Program Files\nipo.n
2007-09-04 00:50	---------	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\AdobeUM
2007-09-02 14:47	---------	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\Screenshot Sender
2007-08-15 13:24	---------	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
2007-08-15 13:20	---------	d--------	C:\Program Files\IVT Corporation
2007-08-03 01:26	---------	d--------	C:\Program Files\Font Fitting Room Deluxe
2007-08-03 01:25	---------	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\Font Fitting Room Deluxe
2007-08-01 00:17	---------	d--------	C:\Program Files\Cake Mania
2007-07-31 01:28	---------	d--------	C:\DOCUME~1\GEBRUI~1\APPLIC~1\Sandlot Games
2007-07-31 01:28	---------	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sandlot Games
2007-07-31 00:49	---------	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
2007-07-24 23:06	---------	d--------	C:\Program Files\GameHouse
2007-07-24 23:04	---------	d--------	C:\DOCUME~1\ALLUSE~1\APPLIC~1\55-68-3s-2n-40-52
2007-06-22 23:21	163081	--a------	C:\WINDOWS\Sqirlz Water Reflections Uninstaller.exe
2006-05-07 23:27	774144	--a------	C:\Program Files\RngInterstitial.dll
2004-10-01 15:00	40960	--a------	C:\Program Files\Uninstall_CDS.exe
2006-11-23 21:27:38	88	--sh--r	C:\WINDOWS\system32\527C501FFF.sys
2007-02-25 11:55:52	4,184	--sha-w	C:\WINDOWS\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
 
*Note* empty entries & legit default entries are not shown 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{36A91CEC-6C71-4758-B492-397BFC8E96A2}]
2007-09-12 12:46	62464	--a------	C:\WINDOWS\system32\gzmrotate.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D5792AA9-D373-4039-8670-2CDAB6A71F15}]
2007-02-24 00:08	225280	--a------	C:\Program Files\BitDownload\TorrentManager.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 10:35]
"nwiz"="nwiz.exe" [2005-08-02 10:35 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-08-02 10:35]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 17:35]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-03-23 17:06]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"P17Helper"="P17.dll" [2005-05-03 13:38 C:\WINDOWS\system32\P17.dll]
"CTSysVol"="C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-02-15 16:10]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00]
"BigDogPath"="C:\WINDOWS\VM_STI.exe" [2005-02-28 17:53]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-09-13 16:45]
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2006-03-16 11:34]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 16:57]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-08-20 23:18]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2005-07-19 11:06]
"{FE-EF-FD-D4-ZN}"="c:\windows\system32\dwdsrngt.exe" [2007-09-19 23:55]
"memo site kind that"="C:\Documents and Settings\All Users\Application Data\Grid Blue Memo Site\bin deaf.exe" [2007-09-19 23:55]
"hid_start"="C:\WINDOWS\system32\gzmrotate.dll" [2007-09-12 12:46]
"ExploreUpdSched"="C:\WINDOWS\system32\rwinnldt.exe" [2007-09-19 23:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 18:23]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 18:25]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2006-10-31 15:06]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2005-07-19 11:14]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 23:53]
"Gram data"="C:\DOCUME~1\GEBRUI~1\APPLIC~1\atomdoes\inter itch 64.exe" []

C:\DOCUME~1\ALLUSE~1\MENUST~1\PROGRA~1\OPSTAR~1\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-07-17 21:14:54]
Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2003-04-06 00:37:10]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 01:06:58]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04]

C:\DOCUME~1\GEBRUI~1\MENUST~1\PROGRA~1\OPSTAR~1\
TA_Start.lnk - C:\WINDOWS\system32\dwdsrngt.exe [2007-09-19 23:55:05]
Think-Adz.lnk - C:\WINDOWS\system32\rwinnldt.exe [2007-09-19 23:55:20]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winzlo32] 
winzlo32.dll 

R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
R3 P17;Sound Blaster Audigy;C:\WINDOWS\system32\drivers\P17.sys
S3 BTNetFilter;Bluetooth Network Filter;\??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
S3 memsysdrv;Memory System;\??\C:\WINDOWS\system32\drivers\memsysdrv.sys
S3 ovt530;AV301P;C:\WINDOWS\system32\Drivers\ov530vid.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-09-19 21:00:00 C:\WINDOWS\Tasks\A93A2FDA90D5A5E6.job"
- c:\docume~1\gebrui~1\applic~1\atomdoes\Bin more flap.exe
"2006-08-06 20:01:30 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2100 series#1146945617.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
"2007-09-04 16:00:00 C:\WINDOWS\Tasks\Pareto UNS.job"
- C:\Program Files\Common Files\ParetoLogic\UUS\UUS.dll\Pareto_Update.exe
"2007-09-08 01:00:00 C:\WINDOWS\Tasks\SpywareBot Scheduled Scan.job"
- C:\Program Files\SpywareBot\SpywareBot.exe
.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url]http://www.gmer.net[/url]
Rootkit scan 2007-09-19 23:54:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\winpfz32.sys
C:\WINDOWS\system32\zxdnt3d.cfg

scan completed successfully
hidden files: 2

**************************************************************************
.
Completion time: 2007-09-19 23:55:58 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-19 23:55
.
	--- E O F ---
 
Laatst bewerkt door een moderator:
Welkom op Helpmij.:)

Maak even een Hijackthis log en laat die door een expert nakijken op een ander forum.

Lees dit bericht goed door:
http://www.nucia.nl/forum/showthread.php?t=12

Kijk hier voor uitleg Hijackthis:
http://www.nucia.nl/toonhandleiding.php?handleidingid=9

Plaats daarna je Hijackthis log in de volgende sectie:
http://www.nucia.nl/forum/forumdisplay.php?f=38

Vermeld daar ook je probleem erbij.

Je moet je wel even registreren daar, maar dat is net als op Helpmij gratis en eenmalig.

PS
Vermeld op het andere forum er even bij, dat je met Combofix aan de gang bent gegaan.
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan