Ga naar inhoud

Aanbevolen berichten

Geplaatst:

in veilige modes met internet gestart om 1.30 na jou bericht. avg handmatig alle onderdelen uitgezet.

in autoscan cherm melding ; "kan 10 duren of langer ...ect."

cursor knippert .de klok loopt door. alles lijkt goed te gaan.

nu 11.50 uur raak ik even mijn muis aan, weg knipperende cursor en systeem zit gelijk muurvast.

power knop uit en aan gezet.

is dit normaal dat de muis niet eens mag worden aangeraakt, omdat ie dan vastloopt ( of leest de pc dit als activiteit van ander programma en dan vast loopt ) ?

  • Reacties 39
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatst:

Download de 51a46c3b17d42-HitmanPro-logo16px.png32 of 64 bit versie van HitmanPro naar het bureaublad.

Klik hier voor een uitgebreide handleiding van HitmanPro.

  • Dubbelklik op "HitmanPro.exe" en klik op "volgende"
  • Vink de optie "Ik accepteer de voorwaarden van de gebruikersovereenkomst aan" en klik op "Volgende"
  • Klik in het setup scherm nu nogmaals op "Volgende", nu zal automatisch de scan starten, doe verder niets op de computer totdat de scan gereed is.
  • Als de scan klaar is klik je op "volgende"
  • Activeer nu de gratis licentie, hiermee kunt u 30 dagen gratis HitmanPro gebruiken en de gevonden infecties verwijderen.
  • Note: indien u reeds eerder gebruik hebt gemaakt van de 30 dagen trial-versie van HitmanPro is het niet meer mogelijk om gratis de gevonden infecties te verwijderen.
  • Als het verwijderen gereed is klik je onderin het scherm op "Save log" of "Logbestand opslaan" en sla deze op bijvoorbeeld het bureaublad op.
    Post dit logje.
  • Klik nu op de knop "Herstarten".

Geplaatst:

hitman pro log;

HitmanPro 3.7.9.212

Home - SurfRight

Computer name . . . . : UW-0HHNIT28GTA9

Windows . . . . . . . : 5.1.3.2600.X86/2

User name . . . . . . : UW-0HHNIT28GTA9\Ik

License . . . . . . . : Free

Scan date . . . . . . : 2014-02-10 15:10:41

Scan mode . . . . . . : Normal

Scan duration . . . . : 3m 29s

Disk access mode . . : Direct disk access (SRB)

Cloud . . . . . . . . : Internet

Reboot . . . . . . . : No

Threats . . . . . . . : 0

Traces . . . . . . . : 50

Objects scanned . . . : 370.085

Files scanned . . . . : 8.114

Remnants scanned . . : 50.661 files / 311.310 keys

Suspicious files ____________________________________________________________

C:\ComboFix\mbr.sys

Size . . . . . . . : 25.088 bytes

Age . . . . . . . : 0.5 days (2014-02-10 02:11:40)

Entropy . . . . . : 5.9

SHA-256 . . . . . : 6E44373119D1DECB4A420650247831C214421D7C34900A23B39ED32EE023B937

Fuzzy . . . . . . : 48.0

The file is hidden from Windows API. This is typical for malware.

The file is completely hidden from view and most antivirus products. It may belong to a rootkit.

Authors name is missing in version info. This is not common to most programs.

Version control is missing. This file is probably created by an individual. This is not typical for most programs.

Time indicates that the file appeared recently on this computer.

The file is a device driver. Device drivers run as trusted (highly privileged) code.

Forensic Cluster

-145.3s C:\WINDOWS\erdnt\Hiv-backup\Users\

-145.3s C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\

-145.2s C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT

-145.1s C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\

-145.1s C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat

-145.0s C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\

-145.0s C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT

-144.9s C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\

-144.9s C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat

-144.8s C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\

-144.8s C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT

-144.6s C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\

-144.6s C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat

-144.4s C:\ComboFix\desktop.ini

-144.4s C:\ComboFix\XP.mac

-143.3s C:\ComboFix\rar_sfx.cmd

-137.0s C:\ComboFix\setpath_N.cmd

-135.9s C:\ComboFix\DisclaimED.dat

-135.8s C:\ComboFix\VerCF.bat

-131.4s C:\ComboFix\NircmdB.exe

-131.3s C:\ComboFix\PEV.exe

-128.9s C:\ComboFix\CHCP.bat

-128.7s C:\ComboFix\NlsLanguageDefault

-127.8s C:\ComboFix\VikPev00

-124.8s C:\ComboFix\sfx.cmd

-124.8s C:\ComboFix\ATTRIB.3XE

-124.7s C:\ComboFix\CSCRIPT.3XE

-124.6s C:\ComboFix\PING.3XE

-124.5s C:\ComboFix\ROUTE.3XE

-123.7s C:\ComboFix\Resident.txt

-122.8s C:\ComboFix\

-122.8s C:\ComboFix\CF26070.3XE

-122.2s C:\ComboFix\Start_dat

-120.8s C:\ComboFix\N_\

-120.8s C:\ComboFix\NULL

-120.5s C:\ComboFix\c.mrk

-120.5s C:\ComboFix\CCS.bat

-120.3s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011371.ini

-120.0s C:\ComboFix\kmd.dat

-119.8s C:\ComboFix\erunt.dat

-119.5s C:\ComboFix\ForeignWht

-116.1s C:\ComboFix\Mirrors

-116.1s C:\ComboFix\version.txt

-115.8s C:\ComboFix\LatestVer

-115.6s C:\ComboFix\d-delA.dat

-110.7s C:\ComboFix\MWindows.dat

-110.5s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011375.exe

-110.4s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011376.exe

-110.2s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011377.exe

-110.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011378.exe

-109.8s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011379.exe

-109.7s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011380.exe

-109.5s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011381.exe

-109.3s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011382.exe

-109.1s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011383.exe

-108.9s C:\ComboFix\REGT.3XE

-108.7s C:\ComboFix\Ik.user.cf

-106.2s C:\ComboFix\badclsid

-105.2s C:\ComboFix\clsid.dat

-105.0s C:\ComboFix\clsid.hiv

-101.0s C:\ComboFix\restore_pt.dat

-99.4s C:\ComboFix\OsId.txt

-99.0s C:\ComboFix\RcVer00

-97.5s C:\ComboFix\CregC_.dat

-97.2s C:\ComboFix\progfile.dat

-97.0s C:\ComboFix\AppData.folder.dat

-97.0s C:\ComboFix\Cache.folder.dat

-97.0s C:\ComboFix\Cookies.folder.dat

-97.0s C:\ComboFix\Desktop.folder.dat

-97.0s C:\ComboFix\Favorites.folder.dat

-97.0s C:\ComboFix\History.folder.dat

-97.0s C:\ComboFix\LocalAppData.folder.dat

-97.0s C:\ComboFix\LocalSettings.folder.dat

-97.0s C:\ComboFix\Music.folder.dat

-97.0s C:\ComboFix\NetHood.folder.dat

-97.0s C:\ComboFix\Personal.folder.dat

-97.0s C:\ComboFix\Pictures.folder.dat

-97.0s C:\ComboFix\PrintHood.folder.dat

-97.0s C:\ComboFix\Profiles.Folder.dat

-97.0s C:\ComboFix\Profiles.Folder.folder.dat

-97.0s C:\ComboFix\Programs.folder.dat

-97.0s C:\ComboFix\Recent.folder.dat

-96.9s C:\ComboFix\SendTo.folder.dat

-96.9s C:\ComboFix\SetPath.bat

-96.9s C:\ComboFix\StartMenu.folder.dat

-96.9s C:\ComboFix\StartUp.folder.dat

-96.9s C:\ComboFix\SysPath.dat

-96.9s C:\ComboFix\Templates.folder.dat

-96.9s C:\ComboFix\f_system

-96.6s C:\ComboFix\ConEnv.sed

-96.6s C:\ComboFix\Vikpev01

-95.0s C:\ComboFix\RcRdy

-94.5s C:\ComboFix\Gateway

-93.5s C:\ComboFix\PreDIR

-93.3s C:\ComboFix\N_\25883

-93.3s C:\ComboFix\N_\1005

-93.3s C:\ComboFix\N_\CmdLine00

-92.8s C:\ComboFix\pend.txt

-92.8s C:\ComboFix\temp00

-92.5s C:\ComboFix\FdsvOK

-91.7s C:\WINDOWS\system32\CatRoot2\tmp.edb

-91.0s C:\ComboFix\dnd.dat

-91.0s C:\ComboFix\N_\7570

-91.0s C:\ComboFix\dll_whitelist.dat

-90.8s C:\ComboFix\whitedir.dat

-90.2s C:\ComboFix\N_\20566

-90.2s C:\ComboFix\whitedirCreated.dat

-90.2s C:\ComboFix\Env.sed

-90.2s C:\ComboFix\run.sed

-90.2s C:\ComboFix\notifykeys.dat

-90.2s C:\ComboFix\notifykeysB.dat

-90.2s C:\ComboFix\unhand.dat

-90.1s C:\ComboFix\v_wht.dat

-89.9s C:\ComboFix\vRun_DLL

-89.8s C:\ComboFix\whiteAll.dat

-89.6s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011387.pif

-89.3s C:\ComboFix\N_\24287

-89.2s C:\ComboFix\N_\16747

-89.0s C:\ComboFix\N_\7933

-89.0s C:\ComboFix\attr.dat

-87.4s C:\ComboFix\Cfiles.dat

-71.2s C:\ComboFix\3r

-70.2s C:\ComboFix\Cfolders.dat

-60.2s C:\ComboFix\GOLDUN.DAT

-60.1s C:\ComboFix\borlander_file.dat

-60.1s C:\ComboFix\autorun_infB.dat

-60.1s C:\ComboFix\borlander_folder.dat

-60.0s C:\ComboFix\vundonames.dat

-59.9s C:\ComboFix\autorun_inf.dat

-59.7s C:\ComboFix\N_\23516

-59.7s C:\ComboFix\DriveFile.dat

-56.3s C:\ComboFix\ClistB.dat

-55.7s C:\ComboFix\N_\9433

-31.1s C:\ComboFix\d-del_A.dat

-31.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011390.com

-30.7s C:\ComboFix\N_\17034

-30.7s C:\ComboFix\N_\27753

-8.9s C:\ComboFix\N_\28470

-8.7s C:\ComboFix\Drives.dat

-8.7s C:\ComboFix\Drive.folder.dat

-8.7s C:\ComboFix\ViPev00

-8.7s C:\ComboFix\Temp.dat

-8.6s C:\ComboFix\ViPev01

-7.5s C:\ComboFix\N_\6324

-7.5s C:\ComboFix\Catchme.tmp

-7.5s C:\ComboFix\katchNT-OS

-7.4s C:\ComboFix\N_\cfdummy00

-7.4s C:\ComboFix\cfdummy

-7.2s C:\ComboFix\N_\12060

-6.8s C:\ComboFix\N_\29698

-6.4s C:\ComboFix\N_\12393

-6.4s C:\ComboFix\N_\7948

-6.0s C:\ComboFix\N_\2482

-5.9s C:\ComboFix\Zlob01

-5.8s C:\ComboFix\N_\29579

-5.8s C:\ComboFix\N_\140

-5.8s C:\ComboFix\N_\21981

-5.7s C:\ComboFix\N_\26145

-4.6s C:\ComboFix\N_\6983

-1.1s C:\ComboFix\N_\18735

-1.1s C:\ComboFix\N_\1004

-0.9s C:\ComboFix\max_.dat

-0.2s C:\ComboFix\N_\981

-0.1s C:\ComboFix\N_\18025

-0.1s C:\ComboFix\N_\8489

0.0s C:\ComboFix\mbr.log

0.0s C:\ComboFix\mbr.sys

C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0009034.sys

Size . . . . . . . : 25.088 bytes

Age . . . . . . . : 1.6 days (2014-02-09 01:01:06)

Entropy . . . . . : 5.9

SHA-256 . . . . . : 6E44373119D1DECB4A420650247831C214421D7C34900A23B39ED32EE023B937

Fuzzy . . . . . . : 48.0

The file is hidden from Windows API. This is typical for malware.

The file is completely hidden from view and most antivirus products. It may belong to a rootkit.

Authors name is missing in version info. This is not common to most programs.

Version control is missing. This file is probably created by an individual. This is not typical for most programs.

Time indicates that the file appeared recently on this computer.

The file is a device driver. Device drivers run as trusted (highly privileged) code.

Forensic Cluster

-30.8s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP10\A0007321.com

0.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0009034.sys

C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0010174.sys

Size . . . . . . . : 25.088 bytes

Age . . . . . . . : 0.9 days (2014-02-09 17:51:10)

Entropy . . . . . : 5.9

SHA-256 . . . . . : 6E44373119D1DECB4A420650247831C214421D7C34900A23B39ED32EE023B937

Fuzzy . . . . . . : 48.0

The file is hidden from Windows API. This is typical for malware.

The file is completely hidden from view and most antivirus products. It may belong to a rootkit.

Authors name is missing in version info. This is not common to most programs.

Version control is missing. This file is probably created by an individual. This is not typical for most programs.

Time indicates that the file appeared recently on this computer.

The file is a device driver. Device drivers run as trusted (highly privileged) code.

Forensic Cluster

-30.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0009232.com

0.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0010174.sys

C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011224.sys

Size . . . . . . . : 25.088 bytes

Age . . . . . . . : 0.8 days (2014-02-09 19:06:08)

Entropy . . . . . : 5.9

SHA-256 . . . . . : 6E44373119D1DECB4A420650247831C214421D7C34900A23B39ED32EE023B937

Fuzzy . . . . . . : 48.0

The file is hidden from Windows API. This is typical for malware.

The file is completely hidden from view and most antivirus products. It may belong to a rootkit.

Authors name is missing in version info. This is not common to most programs.

Version control is missing. This file is probably created by an individual. This is not typical for most programs.

Time indicates that the file appeared recently on this computer.

The file is a device driver. Device drivers run as trusted (highly privileged) code.

Potential Unwanted Programs _________________________________________________

HKLM\SOFTWARE\Classes\s\ (Softonic)

Cookies _____________________________________________________________________

C:\Documents and Settings\Ik\Application Data\Mozilla\Firefox\Profiles\2z0or2io.default\cookies.sqlite:atdmt.com

C:\Documents and Settings\Ik\Application Data\Mozilla\Firefox\Profiles\2z0or2io.default\cookies.sqlite:doubleclick.net

C:\Documents and Settings\Ik\Application Data\Mozilla\Firefox\Profiles\2z0or2io.default\cookies.sqlite:serving-sys.com

C:\Documents and Settings\Ik\Application Data\Mozilla\Firefox\Profiles\2z0or2io.default\cookies.sqlite:www.googleadservices.com

C:\Documents and Settings\Ik\Cookies\ik@atdmt[1].txt

C:\Documents and Settings\Ik\Cookies\ik@c.atdmt[2].txt

C:\Documents and Settings\Ik\Cookies\ik@doubleclick[1].txt

C:\Documents and Settings\Ik\Cookies\ik@www.googleadservices[2].txt

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.360yield.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.adserver01.de

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.p161.net

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.undertone.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adtech.de

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:adtechus.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:advertising.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:apmebf.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:atdmt.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:burstnet.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:c1.atdmt.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:casalemedia.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:cheaptickets.122.2o7.net

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:doubleclick.net

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:eas.apm.emediate.eu

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:eas4.emediate.eu

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:emjcd.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:fastclick.net

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ffddela.solution.weborama.fr

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:media6degrees.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:mediaplex.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:questionmarket.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:revsci.net

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:ru4.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:serving-sys.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:smartadserver.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:stat.onestat.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:track.adform.net

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:weborama.fr

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:www4.smartadserver.com

C:\Documents and Settings\Ik\Local Settings\Application Data\Google\Chrome\User Data\Default\Cookies:xiti.com

[/code]

Geplaatst:

na opstarten Hitman gedraaid zie log hieronder;

HitmanPro 3.7.9.212
www.hitmanpro.com


  Computer name . . . . : UW-0HHNIT28GTA9
  Windows . . . . . . . : 5.1.3.2600.X86/2
  User name . . . . . . : UW-0HHNIT28GTA9\Ik
  License . . . . . . . : Trial (30 days left)


  Scan date . . . . . . : 2014-02-10 15:38:29
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 5m 38s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No


  Threats . . . . . . . : 0
  Traces  . . . . . . . : 5


  Objects scanned . . . : 370.343
  Files scanned . . . . : 7.988
  Remnants scanned  . . : 50.978 files / 311.377 keys


Suspicious files ____________________________________________________________


  C:\ComboFix\mbr.sys
     Size . . . . . . . : 25.088 bytes
     Age  . . . . . . . : 0.6 days (2014-02-10 02:11:40)
     Entropy  . . . . . : 5.9
     SHA-256  . . . . . : 6E44373119D1DECB4A420650247831C214421D7C34900A23B39ED32EE023B937
     Fuzzy  . . . . . . : 48.0
        The file is hidden from Windows API. This is typical for malware.
        The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.
     Forensic Cluster
        -145.3s C:\WINDOWS\erdnt\Hiv-backup\Users\
        -145.3s C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\
        -145.2s C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
        -145.1s C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\
        -145.1s C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
        -145.0s C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\
        -145.0s C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
        -144.9s C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\
        -144.9s C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
        -144.8s C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\
        -144.8s C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT
        -144.6s C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\
        -144.6s C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
        -144.4s C:\ComboFix\desktop.ini
        -144.4s C:\ComboFix\XP.mac
        -144.4s C:\ComboFix\XP.mac
        -143.3s C:\ComboFix\rar_sfx.cmd
        -137.0s C:\ComboFix\setpath_N.cmd
        -135.9s C:\ComboFix\DisclaimED.dat
        -135.9s C:\ComboFix\DisclaimED.dat
        -135.8s C:\ComboFix\VerCF.bat
        -131.4s C:\ComboFix\NircmdB.exe
        -131.3s C:\ComboFix\PEV.exe
        -128.9s C:\ComboFix\CHCP.bat
        -128.7s C:\ComboFix\NlsLanguageDefault
        -127.8s C:\ComboFix\VikPev00
        -124.8s C:\ComboFix\sfx.cmd
        -124.8s C:\ComboFix\ATTRIB.3XE
        -124.7s C:\ComboFix\CSCRIPT.3XE
        -124.6s C:\ComboFix\PING.3XE
        -124.5s C:\ComboFix\ROUTE.3XE
        -123.7s C:\ComboFix\Resident.txt
        -122.8s C:\ComboFix\
        -122.8s C:\ComboFix\CF26070.3XE
        -122.2s C:\ComboFix\Start_dat
        -120.8s C:\ComboFix\N_\
        -120.8s C:\ComboFix\NULL
        -120.5s C:\ComboFix\c.mrk
        -120.5s C:\ComboFix\CCS.bat
        -120.3s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011371.ini
        -120.0s C:\ComboFix\kmd.dat
        -119.8s C:\ComboFix\erunt.dat
        -119.5s C:\ComboFix\ForeignWht
        -116.1s C:\ComboFix\Mirrors
        -116.1s C:\ComboFix\version.txt
        -115.8s C:\ComboFix\LatestVer
        -115.6s C:\ComboFix\d-delA.dat
        -110.7s C:\ComboFix\MWindows.dat
        -110.5s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011375.exe
        -110.4s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011376.exe
        -110.2s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011377.exe
        -110.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011378.exe
        -109.8s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011379.exe
        -109.7s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011380.exe
        -109.5s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011381.exe
        -109.3s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011382.exe
        -109.1s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011383.exe
        -108.9s C:\ComboFix\REGT.3XE
        -108.7s C:\ComboFix\Ik.user.cf
        -106.2s C:\ComboFix\badclsid
        -105.2s C:\ComboFix\clsid.dat
        -105.0s C:\ComboFix\clsid.hiv
        -101.0s C:\ComboFix\restore_pt.dat
        -99.4s C:\ComboFix\OsId.txt
        -99.0s C:\ComboFix\RcVer00
        -97.5s C:\ComboFix\CregC_.dat
        -97.2s C:\ComboFix\progfile.dat
        -97.0s C:\ComboFix\AppData.folder.dat
        -97.0s C:\ComboFix\Cache.folder.dat
        -97.0s C:\ComboFix\Cookies.folder.dat
        -97.0s C:\ComboFix\Desktop.folder.dat
        -97.0s C:\ComboFix\Favorites.folder.dat
        -97.0s C:\ComboFix\History.folder.dat
        -97.0s C:\ComboFix\LocalAppData.folder.dat
        -97.0s C:\ComboFix\LocalSettings.folder.dat
        -97.0s C:\ComboFix\Music.folder.dat
        -97.0s C:\ComboFix\NetHood.folder.dat
        -97.0s C:\ComboFix\Personal.folder.dat
        -97.0s C:\ComboFix\Pictures.folder.dat
        -97.0s C:\ComboFix\PrintHood.folder.dat
        -97.0s C:\ComboFix\Profiles.Folder.dat
        -97.0s C:\ComboFix\Profiles.Folder.folder.dat
        -97.0s C:\ComboFix\Programs.folder.dat
        -97.0s C:\ComboFix\Recent.folder.dat
        -96.9s C:\ComboFix\SendTo.folder.dat
        -96.9s C:\ComboFix\SetPath.bat
        -96.9s C:\ComboFix\StartMenu.folder.dat
        -96.9s C:\ComboFix\StartUp.folder.dat
        -96.9s C:\ComboFix\SysPath.dat
        -96.9s C:\ComboFix\Templates.folder.dat
        -96.9s C:\ComboFix\f_system
        -96.6s C:\ComboFix\ConEnv.sed
        -96.6s C:\ComboFix\Vikpev01
        -95.0s C:\ComboFix\RcRdy
        -94.5s C:\ComboFix\Gateway
        -93.5s C:\ComboFix\PreDIR
        -93.3s C:\ComboFix\N_\25883
        -93.3s C:\ComboFix\N_\1005
        -93.3s C:\ComboFix\N_\CmdLine00
        -92.8s C:\ComboFix\pend.txt
        -92.8s C:\ComboFix\temp00
        -92.5s C:\ComboFix\FdsvOK
        -91.0s C:\ComboFix\dnd.dat
        -91.0s C:\ComboFix\N_\7570
        -91.0s C:\ComboFix\dll_whitelist.dat
        -90.8s C:\ComboFix\whitedir.dat
        -90.2s C:\ComboFix\N_\20566
        -90.2s C:\ComboFix\whitedirCreated.dat
        -90.2s C:\ComboFix\Env.sed
        -90.2s C:\ComboFix\run.sed
        -90.2s C:\ComboFix\notifykeys.dat
        -90.2s C:\ComboFix\notifykeysB.dat
        -90.2s C:\ComboFix\unhand.dat
        -90.1s C:\ComboFix\v_wht.dat
        -89.9s C:\ComboFix\vRun_DLL
        -89.8s C:\ComboFix\whiteAll.dat
        -89.6s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011387.pif
        -89.3s C:\ComboFix\N_\24287
        -89.2s C:\ComboFix\N_\16747
        -89.0s C:\ComboFix\N_\7933
        -89.0s C:\ComboFix\attr.dat
        -87.4s C:\ComboFix\Cfiles.dat
        -71.2s C:\ComboFix\3r
        -70.2s C:\ComboFix\Cfolders.dat
        -60.2s C:\ComboFix\GOLDUN.DAT
        -60.1s C:\ComboFix\borlander_file.dat
        -60.1s C:\ComboFix\autorun_infB.dat
        -60.1s C:\ComboFix\borlander_folder.dat
        -60.1s C:\ComboFix\borlander_folder.dat
        -60.0s C:\ComboFix\vundonames.dat
        -60.0s C:\ComboFix\vundonames.dat
        -59.9s C:\ComboFix\autorun_inf.dat
        -59.7s C:\ComboFix\N_\23516
        -59.7s C:\ComboFix\DriveFile.dat
        -56.3s C:\ComboFix\ClistB.dat
        -55.7s C:\ComboFix\N_\9433
        -31.1s C:\ComboFix\d-del_A.dat
        -31.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011390.com
        -30.7s C:\ComboFix\N_\17034
        -30.7s C:\ComboFix\N_\27753
        -8.9s C:\ComboFix\N_\28470
        -8.7s C:\ComboFix\Drives.dat
        -8.7s C:\ComboFix\Drive.folder.dat
        -8.7s C:\ComboFix\ViPev00
        -8.7s C:\ComboFix\Temp.dat
        -8.6s C:\ComboFix\ViPev01
        -7.5s C:\ComboFix\N_\6324
        -7.5s C:\ComboFix\Catchme.tmp
        -7.5s C:\ComboFix\katchNT-OS
        -7.4s C:\ComboFix\N_\cfdummy00
        -7.4s C:\ComboFix\cfdummy
        -7.2s C:\ComboFix\N_\12060
        -6.8s C:\ComboFix\N_\29698
        -6.4s C:\ComboFix\N_\12393
        -6.4s C:\ComboFix\N_\7948
        -6.0s C:\ComboFix\N_\2482
        -5.9s C:\ComboFix\Zlob01
        -5.8s C:\ComboFix\N_\29579
        -5.8s C:\ComboFix\N_\140
        -5.8s C:\ComboFix\N_\21981
        -5.7s C:\ComboFix\N_\26145
        -4.6s C:\ComboFix\N_\6983
        -1.1s C:\ComboFix\N_\18735
        -1.1s C:\ComboFix\N_\1004
        -0.9s C:\ComboFix\max_.dat
        -0.2s C:\ComboFix\N_\981
        -0.1s C:\ComboFix\N_\18025
        -0.1s C:\ComboFix\N_\8489
         0.0s C:\ComboFix\mbr.log
         0.0s C:\ComboFix\mbr.sys


  C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0009034.sys
     Size . . . . . . . : 25.088 bytes
     Age  . . . . . . . : 1.6 days (2014-02-09 01:01:06)
     Entropy  . . . . . : 5.9
     SHA-256  . . . . . : 6E44373119D1DECB4A420650247831C214421D7C34900A23B39ED32EE023B937
     Fuzzy  . . . . . . : 48.0
        The file is hidden from Windows API. This is typical for malware.
        The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.
     Forensic Cluster
        -30.8s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP10\A0007321.com
         0.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0009034.sys


  C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0010174.sys
     Size . . . . . . . : 25.088 bytes
     Age  . . . . . . . : 0.9 days (2014-02-09 17:51:10)
     Entropy  . . . . . : 5.9
     SHA-256  . . . . . : 6E44373119D1DECB4A420650247831C214421D7C34900A23B39ED32EE023B937
     Fuzzy  . . . . . . : 48.0
        The file is hidden from Windows API. This is typical for malware.
        The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.
     Forensic Cluster
        -30.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0009232.com
         0.0s C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0010174.sys


  C:\System Volume Information\_restore{47B113EA-49A6-41C5-998C-6CE5321200C1}\RP11\A0011224.sys
     Size . . . . . . . : 25.088 bytes
     Age  . . . . . . . : 0.9 days (2014-02-09 19:06:08)
     Entropy  . . . . . : 5.9
     SHA-256  . . . . . : 6E44373119D1DECB4A420650247831C214421D7C34900A23B39ED32EE023B937
     Fuzzy  . . . . . . : 48.0
        The file is hidden from Windows API. This is typical for malware.
        The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.




Potential Unwanted Programs _________________________________________________


  HKLM\SOFTWARE\Classes\s\ (Softonic)




Hitman gaf niet veel bedreigingen vreemd.

wat nu ?

Geplaatst: (aangepast)

Combofix, enkele oude herstelpunten en iets van Softonic worden herkend als potentiële bedreigingen, dat is inderdaad niet erg veel. Voor Softonic moet je in het register zijn. Typ even regedit in het zoekvak naast Start, dan kom je in het register en speur daar met de zoekopdracht 'Softonic' (zonder de haakjes) eens of je daarvan nog iets in het register kan vinden. Zo ja, mag je alle sleutels waarin Softonic voorkomt verwijderen.

Verwijder Combofix: Start -> typ in zoekvak ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

aangepast door kape
Geplaatst:
softonic in elke map en submap zoeken ?

[ATTACH]30266[/ATTACH]dan ben ik wel even zoet.

Je klikt bovenaan in het register op "Bewerken" en dan "Zoeken" ... en daar geef je de opdracht in. Dan zoekt de PC dat automatisch voor jou ... het was niet echt de bedoeling dat je dit manueel zou gaan doen :-)
combofix uninstall, nergens te vinden. grappig. Dan maar gewoon verwijderen handmatig de snelkoppeling ?
Deze opdracht moet je intikken in het zoekvak naast Start ... en ook dan gaat dit weer automatisch ... ook hier was het niet echt de bedoeling dat je dit manueel moest doen :-)
Geplaatst:

ik al eerder Cntrl gezocht op Softonic, en toen was niets gevonden.

ComboFix Uninstall is ook niet gevonden.

1-Kan ik die functie "zoek.exe"weer eens draaien, om die chrome profiel error ( 4 a 5 keer als ik chrome opstart) eruit te krijgen ??

2-heeft het zin nu weer RSIT en Speccy te draaien om oorspronkelijk probleem aan te pakken. Wat kan ik nog meer doen ? Het lijkt wel of deze notebook een beetje uitzondering is. ik heb nog even een film (1,9 GB,mp4 )afgespeeld, maar zag al gelijk weer groene blokken en haperingen in het geluid bij een andere film 0,85 GB met VLC.Terwijl ik deze site open heb staan .

Geplaatst:

Nog even ter aanvulling inzake die films. heb internet uitgeschakeld en heb toch ook haperingen met geluid. Of had ik dan pc helemaal opnieuw moeten opstarten en alle programmas uitzetten van AVG t/m internet ? Is nog een lastig probleem . Ik dank je nog voor je tijd die je erin stopt. Heb je nog ideen hoe we dit apparaat goed kunnen laten werken /?

Geplaatst:

Dat Softonic niet zou te vinden zijn in het register is een beetje vreemd. De scan met HitmanPro verwijst alvast naar Softonic in het register als één van de "unwanted" items ?

Je mag inderdaad zoek.exe eens opnieuw laten runnen.


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.