Ga naar inhoud

foutmelding :google.be reageert niet meer ,webpagina herstellen


krissie705

Aanbevolen berichten

Hello kape,

Hierbij nieuwe log van combo fix ,ik was vergeten spybot uit te schakelen.

groetjes

Krissie 705

ComboFix 12-01-23.02 - chris 26/01/2012 18:28:23.2.3 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2813.1628 [GMT 1:00]

Gestart vanuit: c:\users\chris\Downloads\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

---- Voorgaande Run -------

.

C:\install.exe

c:\program files\Search Settings\kb127\SearchSettings.dll

c:\program files\Search Settings\kb127\SearchSettingsRes409.dll

c:\program files\Search Settings\SearchSettings.exe

c:\windows\animbigN.bmp

c:\windows\animsmalN.bmp

c:\windows\system32\faccbbdadfbe_z.dll

c:\windows\system32\rnaph.dll

c:\windows\system32\service\08122008_TIS17_SfFniAU.log

c:\windows\TEMP\logishrd\LVPrcInj01.dll

c:\windows\unin0413.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-12-26 to 2012-01-26 ))))))))))))))))))))))))))))))

.

.

2012-01-26 17:42 . 2012-01-26 17:47 -------- d-----w- c:\users\chris\AppData\Local\temp

2012-01-26 17:42 . 2012-01-26 17:42 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-01-26 17:42 . 2012-01-26 17:42 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2012-01-25 15:12 . 2012-01-25 15:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-01-25 15:12 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-01-21 09:05 . 2012-01-21 09:05 388096 ----a-r- c:\users\chris\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-01-21 09:05 . 2012-01-21 09:05 -------- d-----w- c:\program files\Trend Micro

2012-01-20 10:07 . 2007-09-07 10:31 3499304 ----a-w- c:\windows\system32\WacomTablet.cpl

2012-01-20 10:07 . 2007-09-07 10:40 1373480 ----a-w- c:\windows\system32\Wacom_Tablet.exe

2012-01-20 10:07 . 2007-09-07 10:33 128296 ----a-w- c:\windows\system32\Wacom_Tablet.dll

2012-01-16 11:08 . 2012-01-16 11:08 -------- d-----w- c:\users\chris\AppData\Local\ElevatedDiagnostics

2012-01-03 07:22 . 2012-01-03 07:22 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-01 10:35 . 2011-06-21 07:21 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-23 13:37 . 2011-12-19 11:06 2043904 ----a-w- c:\windows\system32\win32k.sys

2011-11-08 14:42 . 2011-12-19 11:05 2048 ----a-w- c:\windows\system32\tzres.dll

2011-11-03 22:47 . 2011-12-19 11:08 1798144 ----a-w- c:\windows\system32\jscript9.dll

2011-11-03 22:40 . 2011-12-19 11:08 1427456 ----a-w- c:\windows\system32\inetcpl.cpl

2011-11-03 22:39 . 2011-12-19 11:08 1127424 ----a-w- c:\windows\system32\wininet.dll

2011-11-03 22:31 . 2011-12-19 11:08 2382848 ----a-w- c:\windows\system32\mshtml.tlb

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-01-19 10:14 1811296 ----a-w- c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-01-19 1811296]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"Device Detection"="c:\program files\FUJIFILM\MyFinePix Studio\dd.exe" [2011-07-28 787640]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-01-19 939872]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 528384]

"RtHDVCpl"="RtHDVCpl.exe" [2008-05-28 6144000]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]

"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

"hpqSRMon"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2011-07-06 2068480]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]

"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-19 928096]

.

c:\users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Plaknotities.lnk - c:\windows\System32\StikyNot.exe [2006-11-2 289280]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2008-02-28 16:07 1828136 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]

"SunJavaUpdateSched"="c:\program files\java\jre6\bin\jusched.exe"

"toolbar_eula_launcher"=c:\program files\GoogleEULA\EULALauncher.exe

.

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2008-09-18 35712]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

rsmsvcs REG_MULTI_SZ ntmssvc

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-01-26 c:\windows\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe [2008-10-14 06:26]

.

2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-07 20:29]

.

2012-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-07 20:29]

.

.

------- Bijkomende Scan -------

.

mStart Page = hxxp://www.bigseekpro.com/somud/{F8915249-3E83-474A-A069-A218D9E9E6F3}

mWindow Title = Telenet Internet

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

TCP: DhcpNameServer = 195.130.131.129 195.130.130.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

Toolbar-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

AddRemove-SUCCES ADRESMANAGER DE LUXE - c:\windows\unin0413.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-01-26 18:45

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

.

c:\users\chris\AppData\Local\Temp\catchme.dll 53248 bytes executable

.

Scan succesvol afgerond

verborgen bestanden: 1

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'Explorer.exe'(13008)

c:\windows\TEMP\logishrd\LVPrcInj01.dll

c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll

c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL

c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr

c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\progra~1\AVG\AVG2012\avgrsx.exe

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\SYSTEM32\WISPTIS.EXE

c:\program files\Common Files\microsoft shared\ink\TabTip.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\SYSTEM32\WISPTIS.EXE

c:\program files\Common Files\microsoft shared\ink\TabTip.exe

c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\AVG\AVG2012\avgwdsvc.exe

c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe

c:\windows\system32\IoctlSvc.exe

c:\windows\system32\Pen_Tablet.exe

c:\windows\system32\Wacom_Tablet.exe

c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

c:\program files\AVG\AVG2012\avgnsx.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Spybot - Search & Destroy\SDWinSec.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\WTablet\Wacom_TabletUser.exe

c:\windows\system32\WTablet\Pen_TabletUser.exe

c:\windows\system32\WUDFHost.exe

c:\program files\AVG\AVG2012\AVGIDSAgent.exe

c:\windows\system32\Pen_Tablet.exe

c:\windows\system32\Wacom_Tablet.exe

c:\windows\system32\conime.exe

c:\windows\system32\wbem\unsecapp.exe

c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

c:\windows\servicing\TrustedInstaller.exe

.

**************************************************************************

.

Voltooingstijd: 2012-01-26 18:52:20 - machine werd herstart

ComboFix-quarantined-files.txt 2012-01-26 17:52

.

Pre-Run: 458.136.821.760 bytes beschikbaar

Post-Run: 458.781.241.344 bytes beschikbaar

.

- - End Of File - - 2891D8D913463D6D678DD39DE568B354

Link naar reactie
Delen op andere sites

Voer onderstaande uit, internet explorer wordt zo terug naar de standaardinstellingen geplaatst.

- Open Internet explorer.

- Druk op de Alt toets op je toetsenbord. Er verschijnt een menu.

- Ga naar het menu Extra en kies Internetopties.

- Op de tab Geavanceerd klik je onderaan op de knop Opnieuw instellen...

- Klik nogmaals op Opnieuw instellen.

- Klik op Sluiten en herstart internet explorer.

Opmerking:

Bovenstaande procedure kan ook volautomatisch gebeuren, door dit programma te downloaden en uit te voeren: reset IE naar standaardinstellingen (klik erop).

Meer info over het opnieuw instellen van IE, vindt u hier.

Link naar reactie
Delen op andere sites

Bedankt voor de info ... daar kunnen andere forumgebruikers misschien nog iets aan hebben bij een gelijkaardig probleem.

Ondertussen mag je ook de gebruikte tools nog verwijderen :

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.