Ga naar inhoud

Beeldscherm valt uit en gaat weer aan na +- 2min


Lainke

Aanbevolen berichten

ComboFix 12-07-06.02 - Alain 06/07/2012 22:05:17.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.648 [GMT 2:00]

Gestart vanuit: c:\users\Alain\Desktop\ComboFix.exe

AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 Premier Edition *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\security\Database\tmp.edb

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-06 to 2012-07-06 ))))))))))))))))))))))))))))))

.

.

2012-07-05 19:33 . 2012-07-05 19:33 -------- d-----w- c:\program files\Common Files\Java

2012-07-05 19:12 . 2012-07-05 19:12 -------- d-----w- c:\program files\Oracle

2012-07-05 19:11 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-07-03 21:09 . 2012-07-03 21:09 -------- d-----w- c:\users\Alain\AppData\Roaming\Malwarebytes

2012-07-03 21:09 . 2012-07-03 21:09 -------- d-----w- c:\programdata\Malwarebytes

2012-07-03 21:09 . 2012-07-03 21:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-07-03 21:09 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-02 20:51 . 2012-07-02 20:51 -------- d-----w- c:\program files\Conduit

2012-07-02 20:51 . 2012-07-02 21:03 -------- d-----w- c:\users\Alain\AppData\Local\Conduit

2012-06-24 18:49 . 2012-06-24 18:49 -------- d-----w- c:\users\Alain\AppData\Roaming\NVIDIA

2012-06-24 18:48 . 2012-06-24 21:07 -------- d-----w- c:\program files\Speccy

2012-06-23 22:08 . 2012-06-23 22:08 -------- d-----w- c:\programdata\Acer

2012-06-23 22:08 . 2012-06-23 22:08 -------- d-----w- C:\OEM

2012-06-23 22:08 . 2012-06-23 22:08 -------- d-----w- c:\program files\Acer

2012-06-21 16:47 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-21 16:47 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-21 16:47 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-21 16:47 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-21 16:45 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-21 16:45 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-21 16:45 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-21 16:44 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-21 16:44 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-13 20:25 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll

2012-06-13 20:25 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll

2012-06-13 20:25 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll

2012-06-13 20:24 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-06-13 20:24 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys

2012-06-12 15:48 . 2012-06-13 20:11 -------- d-----w- c:\windows\system32\drivers\N360\0502020.003

2012-06-07 20:56 . 2012-04-22 11:51 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys

2012-06-07 20:54 . 2012-06-07 20:54 -------- d-----w- c:\program files\PC Connectivity Solution

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-23 10:01 . 2012-04-21 08:11 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-23 10:01 . 2011-11-12 06:10 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-05-23 20:04 . 2012-05-23 20:04 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys

2012-05-16 13:33 . 2012-05-16 13:33 360448 ----a-w- c:\windows\system32\beid35applayer.dll

2012-05-16 13:32 . 2012-05-16 13:32 102400 ----a-w- c:\windows\system32\Belgium Identity Card PKCS11.dll

2012-05-16 13:32 . 2012-05-16 13:32 102400 ----a-w- c:\windows\system32\beidpkcs11.dll

2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\system32\beid35cardlayer.dll

2012-05-16 13:32 . 2012-05-16 13:32 266240 ----a-w- c:\windows\system32\beid35DlgsWin32.dll

2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\system32\eidlib.dll

2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\system32\beidlib.dll

2012-05-16 13:31 . 2012-05-16 13:31 126976 ----a-w- c:\windows\system32\beid35common.dll

2012-05-16 13:29 . 2012-05-16 13:29 352256 ----a-w- c:\windows\system32\beid_ff_pkcs11.dll

2012-05-15 10:26 . 2012-05-23 19:27 61248 ----a-w- c:\windows\system32\OpenCL.dll

2012-05-15 10:26 . 2012-05-23 19:21 8105280 ----a-w- c:\windows\system32\nvwgf2um.dll

2012-05-15 10:26 . 2012-05-23 19:21 19607872 ----a-w- c:\windows\system32\nvoglv32.dll

2012-05-15 10:26 . 2012-05-23 19:21 883008 ----a-w- c:\windows\system32\nvgenco32.dll

2012-05-15 10:26 . 2012-05-23 19:21 11354944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-05-15 10:26 . 2012-05-23 19:21 1000768 ----a-w- c:\windows\system32\nvdispco32.dll

2012-05-15 10:26 . 2012-05-23 19:21 2524992 ----a-w- c:\windows\system32\nvcuvid.dll

2012-05-15 10:26 . 2012-05-23 19:21 15322432 ----a-w- c:\windows\system32\nvd3dum.dll

2012-05-15 10:26 . 2012-05-23 19:21 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-05-15 10:26 . 2012-05-23 19:21 5982528 ----a-w- c:\windows\system32\nvcuda.dll

2012-05-15 10:26 . 2012-05-23 19:21 2368832 ----a-w- c:\windows\system32\nvapi.dll

2012-05-15 10:26 . 2012-05-23 19:21 17551680 ----a-w- c:\windows\system32\nvcompiler.dll

2012-05-15 09:28 . 2012-05-23 19:29 2561344 ----a-w- c:\windows\system32\nvsvcr.dll

2012-05-15 09:28 . 2012-05-23 19:29 645440 ----a-w- c:\windows\system32\nvvsvc.exe

2012-05-15 09:28 . 2012-05-23 19:29 62272 ----a-w- c:\windows\system32\nvshext.dll

2012-05-15 09:28 . 2012-05-23 19:29 108352 ----a-w- c:\windows\system32\nvmctray.dll

2012-05-15 09:28 . 2012-05-23 19:29 3931456 ----a-w- c:\windows\system32\nvcpl.dll

2012-05-15 09:27 . 2012-05-23 19:29 2759488 ----a-w- c:\windows\system32\nvsvc.dll

2012-05-04 17:29 . 2012-02-05 12:29 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-04-21 01:18 . 2012-05-19 16:15 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-05-16 1084840]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 1286144]

"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-08-15 772616]

"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]

"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]

.

c:\users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote-inhoudsopgave.onetoc2 [2011-5-3 3656]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 10:01]

.

2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-08 21:06]

.

2012-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-08 21:06]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.skynet.be/

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

mStart Page = hxxp://nl.intl.acer.yahoo.com

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK

LSP: %SYSTEMROOT%\system32\nvLsp.dll

Trusted Zone: citroen.com\networkservice

Trusted Zone: citroen.com\newagir-ru

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Alain\AppData\Roaming\Mozilla\Firefox\Profiles\7u4potg0.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.skynet.be/

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)

SafeBoot-Wdf01000.sys

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-07-06 22:18

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]

"ImagePath"="\"c:\program files\Norton 360 Premier Edition\Engine\5.2.2.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360 Premier Edition\Engine\5.2.2.3\diMaster.dll\" /prefetch:1"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Voltooingstijd: 2012-07-06 22:22:20

ComboFix-quarantined-files.txt 2012-07-06 20:22

.

Pre-Run: 32.285.949.952 bytes beschikbaar

Post-Run: 32.123.617.280 bytes beschikbaar

.

- - End Of File - - FD6F2AFC55C180F6A4D5D51AAA14EAF7

Link naar reactie
Delen op andere sites

Open een nieuw kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\program files\Conduit

c:\users\Alain\AppData\Local\Conduit

Sla dit bestand op je bureaublad op als CFScript

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht

Link naar reactie
Delen op andere sites

ComboFix 12-07-08.02 - Alain 09/07/2012 22:18:29.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.843 [GMT 2:00]

Gestart vanuit: c:\users\Alain\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Alain\Desktop\CFScript.txt

AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton 360 Premier Edition *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\Conduit

c:\program files\Conduit\Community Alerts\Alert.dll

c:\users\Alain\AppData\Local\Conduit

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-06-09 to 2012-07-09 ))))))))))))))))))))))))))))))

.

.

2012-07-09 20:32 . 2012-07-09 20:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-07-09 20:32 . 2012-07-09 20:32 -------- d-----w- c:\users\Gast\AppData\Local\temp

2012-07-09 20:32 . 2012-07-09 20:32 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-07-05 19:33 . 2012-07-05 19:33 -------- d-----w- c:\program files\Common Files\Java

2012-07-05 19:12 . 2012-07-05 19:12 -------- d-----w- c:\program files\Oracle

2012-07-05 19:11 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-07-03 21:09 . 2012-07-03 21:09 -------- d-----w- c:\users\Alain\AppData\Roaming\Malwarebytes

2012-07-03 21:09 . 2012-07-03 21:09 -------- d-----w- c:\programdata\Malwarebytes

2012-07-03 21:09 . 2012-07-03 21:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-07-03 21:09 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-24 18:49 . 2012-06-24 18:49 -------- d-----w- c:\users\Alain\AppData\Roaming\NVIDIA

2012-06-24 18:48 . 2012-06-24 21:07 -------- d-----w- c:\program files\Speccy

2012-06-23 22:08 . 2012-06-23 22:08 -------- d-----w- c:\programdata\Acer

2012-06-23 22:08 . 2012-06-23 22:08 -------- d-----w- C:\OEM

2012-06-23 22:08 . 2012-06-23 22:08 -------- d-----w- c:\program files\Acer

2012-06-21 16:47 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-21 16:47 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-21 16:47 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll

2012-06-21 16:47 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-21 16:45 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-21 16:45 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-21 16:45 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll

2012-06-21 16:44 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-21 16:44 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe

2012-06-13 20:25 . 2012-04-23 16:00 984064 ----a-w- c:\windows\system32\crypt32.dll

2012-06-13 20:25 . 2012-04-23 16:00 98304 ----a-w- c:\windows\system32\cryptnet.dll

2012-06-13 20:25 . 2012-04-23 16:00 133120 ----a-w- c:\windows\system32\cryptsvc.dll

2012-06-13 20:24 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-06-13 20:24 . 2012-05-15 19:51 2045440 ----a-w- c:\windows\system32\win32k.sys

2012-06-12 15:48 . 2012-06-13 20:11 -------- d-----w- c:\windows\system32\drivers\N360\0502020.003

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-23 10:01 . 2012-04-21 08:11 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-23 10:01 . 2011-11-12 06:10 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-05-23 20:04 . 2012-05-23 20:04 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys

2012-05-16 13:33 . 2012-05-16 13:33 360448 ----a-w- c:\windows\system32\beid35applayer.dll

2012-05-16 13:32 . 2012-05-16 13:32 102400 ----a-w- c:\windows\system32\Belgium Identity Card PKCS11.dll

2012-05-16 13:32 . 2012-05-16 13:32 102400 ----a-w- c:\windows\system32\beidpkcs11.dll

2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\system32\beid35cardlayer.dll

2012-05-16 13:32 . 2012-05-16 13:32 266240 ----a-w- c:\windows\system32\beid35DlgsWin32.dll

2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\system32\eidlib.dll

2012-05-16 13:32 . 2012-05-16 13:32 200704 ----a-w- c:\windows\system32\beidlib.dll

2012-05-16 13:31 . 2012-05-16 13:31 126976 ----a-w- c:\windows\system32\beid35common.dll

2012-05-16 13:29 . 2012-05-16 13:29 352256 ----a-w- c:\windows\system32\beid_ff_pkcs11.dll

2012-05-15 10:26 . 2012-05-23 19:27 61248 ----a-w- c:\windows\system32\OpenCL.dll

2012-05-15 10:26 . 2012-05-23 19:21 8105280 ----a-w- c:\windows\system32\nvwgf2um.dll

2012-05-15 10:26 . 2012-05-23 19:21 19607872 ----a-w- c:\windows\system32\nvoglv32.dll

2012-05-15 10:26 . 2012-05-23 19:21 883008 ----a-w- c:\windows\system32\nvgenco32.dll

2012-05-15 10:26 . 2012-05-23 19:21 11354944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2012-05-15 10:26 . 2012-05-23 19:21 1000768 ----a-w- c:\windows\system32\nvdispco32.dll

2012-05-15 10:26 . 2012-05-23 19:21 2524992 ----a-w- c:\windows\system32\nvcuvid.dll

2012-05-15 10:26 . 2012-05-23 19:21 15322432 ----a-w- c:\windows\system32\nvd3dum.dll

2012-05-15 10:26 . 2012-05-23 19:21 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-05-15 10:26 . 2012-05-23 19:21 5982528 ----a-w- c:\windows\system32\nvcuda.dll

2012-05-15 10:26 . 2012-05-23 19:21 2368832 ----a-w- c:\windows\system32\nvapi.dll

2012-05-15 10:26 . 2012-05-23 19:21 17551680 ----a-w- c:\windows\system32\nvcompiler.dll

2012-05-15 09:28 . 2012-05-23 19:29 2561344 ----a-w- c:\windows\system32\nvsvcr.dll

2012-05-15 09:28 . 2012-05-23 19:29 645440 ----a-w- c:\windows\system32\nvvsvc.exe

2012-05-15 09:28 . 2012-05-23 19:29 62272 ----a-w- c:\windows\system32\nvshext.dll

2012-05-15 09:28 . 2012-05-23 19:29 108352 ----a-w- c:\windows\system32\nvmctray.dll

2012-05-15 09:28 . 2012-05-23 19:29 3931456 ----a-w- c:\windows\system32\nvcpl.dll

2012-05-15 09:27 . 2012-05-23 19:29 2759488 ----a-w- c:\windows\system32\nvsvc.dll

2012-05-04 17:29 . 2012-02-05 12:29 687504 ----a-w- c:\windows\system32\deployJava1.dll

2012-04-22 11:51 . 2012-06-07 20:56 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys

2012-04-21 01:18 . 2012-05-19 16:15 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-05-16 1084840]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 1286144]

"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-08-15 772616]

"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]

"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-06-06 159744]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]

.

c:\users\Alain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote-inhoudsopgave.onetoc2 [2011-5-3 3656]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 10:01]

.

2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-08 21:06]

.

2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-11-08 21:06]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.skynet.be/

uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

mStart Page = hxxp://nl.intl.acer.yahoo.com

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*Yahoo! UK

LSP: %SYSTEMROOT%\system32\nvLsp.dll

Trusted Zone: citroen.com\networkservice

Trusted Zone: citroen.com\newagir-ru

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\Alain\AppData\Roaming\Mozilla\Firefox\Profiles\7u4potg0.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.skynet.be/

FF - prefs.js: network.proxy.type - 0

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-07-09 22:32

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\N360]

"ImagePath"="\"c:\program files\Norton 360 Premier Edition\Engine\5.2.2.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360 Premier Edition\Engine\5.2.2.3\diMaster.dll\" /prefetch:1"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Voltooingstijd: 2012-07-09 22:36:37

ComboFix-quarantined-files.txt 2012-07-09 20:36

ComboFix2.txt 2012-07-06 20:22

.

Pre-Run: 31.774.871.552 bytes beschikbaar

Post-Run: 31.761.395.712 bytes beschikbaar

.

- - End Of File - - 00BE5E1F71231D6CCDD8CED782C84E0B

Link naar reactie
Delen op andere sites

Dit ziet er goed uit.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

En hoe staat het nu met het uitvallen van het scherm?

Link naar reactie
Delen op andere sites

Helaas is het probleem nog niet opgelost :bawling:

Gisteren 3x, vandaag 2x inneens scherm uit, 2 min wachten ...... en verder werken :(

Ik heb ondertussen opgevangen dat Acer wel gekend is om problemen met het beeldscherm.

Ik vrees dat ik er zal moeten leren mee leven of een andere grafische kaart kopen of een nieuwe laptop

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.