problemen met mails en andere afbeeldingen

clarkie · 22 oktober 2011

klik op deze link en download combofix.

fa088505 · 22 oktober 2011

ik heb dat gedaan ik heb 2x uitvoeren gedaan en dan zie ik niets meer grtjs Agnes

---------- Post toegevoegd om 10:25 ---------- Vorige post was om 10:13 ----------

ik heb nog eens op deze link geklikt en gedownlaod 2x uitvoeren en dan zie ik niets meer! zou ik het toch niet juist doen? alvast bedankt Agnes

kape · 22 oktober 2011

Indien je op die link klikt, start na korte tijd een pop-up van het programma Combofix. Dit bestand moet je dan opslaan op je bureaublad. En daarna kan je daarmee een logje van Combofix maken.

Kurtt · 22 oktober 2011

Indien je op die link klikt, start na korte tijd een pop-up van het programma Combofix.

Die pop up verschijnt niet (meer) bij mij.

@fa088505

Hier kan u combofix downloaden:

http://download.bleepingcomputer.com/protected/5a2de40ba13fc9751e13ef711f0c9b47/4ea2b644/ComboFix.exe

22 oktober 2011 aangepast door Kurtt

fa088505 · 22 oktober 2011

Het me gelukt van het progje ComboFix te downloaden en een log te maken zie hieronder, eindelijk hopelijk kunnen jullie me nog verder helpen.

alvast heel erg bedankt

groetjes Agnes

ComboFix 11-10-21.06 - Agnes 22/10/2011 14:58:13.1.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.2302.1711 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Agnes\Bureaublad\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\Agnes\Application Data\PriceGong

c:\documents and settings\Agnes\Application Data\PriceGong\Data\1.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\a.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\b.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\c.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\d.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\e.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\f.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\g.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\h.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\i.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\J.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\k.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\l.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\m.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\n.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\o.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\p.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\q.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\r.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\s.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\t.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\u.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\v.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\w.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\x.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\y.xml

c:\documents and settings\Agnes\Application Data\PriceGong\Data\z.xml

c:\documents and settings\Agnes\WINDOWS

c:\documents and settings\All Users\Application Data\page

c:\documents and settings\All Users\Application Data\page\page.ico

c:\documents and settings\All Users\Application Data\page\page.URL

c:\program files\Uninstall.exe

c:\program files\Uninstall.ini

c:\windows\isRS-000.tmp

c:\windows\IsUn0413.exe

c:\windows\system32\d3d9caps.dat

c:\windows\system32\Thumbs.db

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-09-22 to 2011-10-22 ))))))))))))))))))))))))))))))

.

2011-10-22 09:16 . 2011-10-22 12:26 -------- d--h--r- c:\documents and settings\Agnes\Onlangs geopend

2011-10-22 09:02 . 2011-10-22 09:02 -------- d-----w- c:\windows\system32\wbem\Repository

2011-10-22 09:02 . 2011-10-22 09:02 -------- d-----w- c:\documents and settings\Agnes\Local Settings\Application Data\PackageAware

2011-10-21 13:40 . 2011-10-22 09:02 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}

2011-10-21 13:40 . 2011-10-21 13:40 -------- d-----w- c:\program files\Uniblue

2011-10-21 10:48 . 2011-10-21 10:48 388096 ----a-r- c:\documents and settings\Agnes\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-10-21 07:18 . 2011-10-21 07:18 -------- d-----w- c:\program files\Trend Micro

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-11 08:41 . 2011-08-22 20:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-09-26 09:41 . 2008-07-29 17:59 614912 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 09:41 . 2008-04-15 12:00 23040 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-26 09:41 . 2008-04-15 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-09 09:12 . 2008-04-15 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll

2011-09-06 20:45 . 2011-01-22 11:00 41184 ----a-w- c:\windows\avastSS.scr

2011-09-06 20:45 . 2009-08-10 21:17 199304 ----a-w- c:\windows\system32\aswBoot.exe

2011-09-06 20:38 . 2011-04-21 07:50 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-09-06 20:37 . 2009-08-10 21:17 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-09-06 20:36 . 2009-08-10 21:17 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-09-06 20:36 . 2009-08-10 21:17 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-09-06 20:36 . 2009-08-10 21:17 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2011-09-06 20:36 . 2009-08-10 21:17 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys

2011-09-06 20:36 . 2009-08-10 21:17 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-09-06 20:33 . 2009-08-10 21:17 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2011-09-06 14:09 . 2008-04-15 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys

2011-08-22 23:41 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:41 . 2008-04-15 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:41 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:58 . 2008-04-15 12:00 385024 ----a-w- c:\windows\system32\html.iec

2011-08-17 13:49 . 2008-04-15 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2008-12-10 11:55 . 2008-12-10 11:55 1815552 -c--a-w- c:\program files\Album_USB.exe

2008-12-10 11:51 . 2008-12-10 11:51 3867136 -c--a-w- c:\program files\Album.exe

2008-11-16 09:09 . 2010-02-25 21:19 588553 -c--a-w- c:\program files\Album_DS_5.5_Key.exe

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-09-06 20:45 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen Pro"="c:\program files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe" [2009-02-28 516096]

"RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-08-18 67456]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]

"Adobe Version Cue CS2"="c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-06 856064]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

[HKLM\~\startupfolder\C:^Documents and Settings^Agnes^Menu Start^Programma's^Opstarten^Adobe Gamma.lnk]

.

[HKLM\~\startupfolder\C:^Documents and Settings^Agnes^Menu Start^Programma's^Opstarten^Seagate 2GEXNTE6 Product Registration.lnk]

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Acrobat Snelle start.lnk]

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^InterVideo WinCinema Manager.lnk]

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Status Monitor.lnk]

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]

2010-09-22 17:11 640440 -c--a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Version Cue CS2]

2005-04-06 14:53 856064 ----a-w- c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]

2007-12-21 16:57 86016 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen Pro]

2009-02-28 17:39 516096 ----a-w- c:\program files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

2005-06-10 08:44 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 20:33 1695232 ------w- c:\program files\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MysticThumbs]

2010-07-12 18:22 538624 -c--a-w- c:\program files\MysticCoder\MysticThumbs\MysticThumbsTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]

2007-08-31 08:01 328992 ----a-w- c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2/04/2010 13:22 64288]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [21/04/2011 9:50 442200]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/08/2009 23:17 320856]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/08/2009 23:17 20568]

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [26/09/2009 0:32 189736]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22/08/2011 23:00 136176]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [15/08/2008 6:46 288112]

S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [22/08/2011 23:00 136176]

S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4/02/2010 17:52 1355968]

.

Inhoud van de 'Gedeelde Taken' map

.

2011-10-21 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 21:02]

.

2011-10-22 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

.

2011-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-22 21:00]

.

2011-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-08-22 21:00]

.

2011-10-22 c:\windows\Tasks\RegistryBooster.job

- c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-10-21 09:48]

.

2011-10-22 c:\windows\Tasks\User_Feed_Synchronization-{22FFE350-E38F-452D-B2AB-1C95D655E346}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

.

2011-10-22 c:\windows\Tasks\User_Feed_Synchronization-{38B88762-6C8A-4E12-995A-8E3702CFB333}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

.

2011-10-22 c:\windows\Tasks\User_Feed_Synchronization-{5CBDFCBD-E27B-422D-AACC-991689FC9A91}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.seniorennet.be/

mStart Page = hxxp://www.shareware-ne.com/nl/index.php?rvs=hompag

uInternet Connection Wizard,ShellNext = iexplore

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.1

DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} - hxxp://www.extrafilm.be/ExtraFilmUploader6.cab

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

AddRemove-OVT Scanner - c:\windows\omniuns.exe USB\Vid_05a9&PID_1550 OVT Scanner

AddRemove-Van Dale Groot woordenboek hedendaags Nederlands - c:\windows\ISUN0413.EXE

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-10-22 15:11

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

C:\## aswSnx private storage

.

Scan succesvol afgerond

verborgen bestanden: 1

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-2052111302-1972579041-1177238915-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D9BBE1DB-56F6-7641-D36D-C49DA12E093D}*]

@Allowed: (Read) (RestrictedCode)

"napapinolnpagbeploonljfnkjog"=hex:6a,61,6c,61,6d,63,70,69,6b,63,66,64,6a,65,

68,68,70,6d,70,6b,00,00

"mafpjafcdmiaflldccpbiacheb"=hex:6a,61,6c,61,6d,63,70,69,6b,63,66,64,6a,65,68,

68,70,6d,70,6b,00,00

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]

"Version"=hex:8c,58,d0,82,86,d4,ea,83,22,50,19,aa,99,53,79,54,34,91,3e,68,8f,

56,a7,19,2c,fe,c5,29,c8,80,a9,2e,5d,e7,cd,0a,91,a2,91,ce,3c,32,7e,47,5e,09,\

.

[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]

"Version"=hex:8c,58,d0,82,86,d4,ea,83,22,50,19,aa,99,53,79,54,34,91,3e,68,8f,

56,a7,19,2c,fe,c5,29,c8,80,a9,2e,5d,e7,cd,0a,91,a2,91,ce,3c,32,7e,47,5e,09,\

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(748)

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

Voltooingstijd: 2011-10-22 15:17:04

ComboFix-quarantined-files.txt 2011-10-22 13:16

.

Pre-Run: 379.547.107.328 bytes beschikbaar

Post-Run: 379.586.306.048 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 57C2A122DFECFDE83175D3F2877C1404

kape · 22 oktober 2011

Verwijder manueel deze map c:\documents and settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}

en laat dan eens weten hoe alles nu gaat ?

clarkie · 28 oktober 2011

Verwijder manueel deze map c:\documents and settings\All Users\Application Data\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
en laat dan eens weten hoe alles nu gaat ?

Hoe ver sta je met het oplossen van je probleem?

Inloggen

problemen met mails en andere afbeeldingen

Aanbevolen berichten

clarkie

Link naar reactie

Delen op andere sites

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Geplaatste afbeeldingen

fa088505

Link naar reactie

Delen op andere sites

kape

Link naar reactie

Delen op andere sites

Kurtt

Link naar reactie

Delen op andere sites

fa088505

Link naar reactie

Delen op andere sites

kape

Link naar reactie

Delen op andere sites

clarkie

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie