OpnieMalwarebytes
www.malwarebytes.com
-Logboekdetails-
Scandatum: 04-08-18
Scantijd: 23:22
Logbestand: 8e2868b4-982c-11e8-a804-8c89a5282605.json
Beheerder: Ja
-Software-informatie-
Versie: 3.5.1.2522
Versie componenten: 1.0.391
Update pakketversie: 1.0.6197
Licentie: Gratis
-Systeeminformatie-
Besturingssysteem: Windows 10 (Build 17134.165)
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Piet-PC\Piet
-Scansamenvatting-
Scantype: Bedreigingsscan
Scan geactiveerd door: Handmatig
Resultaat: Voltooid
Objecten gescand: 431212
Dreigingen herkend: 1
Dreigingen in quarantaine: 0
(Geen kwaadaardige items gedetecteerd)
Verstreken tijd: 9 min, 36 sec
-Scanopties-
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristiek: Ingeschakeld
POP: Detectie
POA: Detectie
-Scandetails-
Proces: 0
(Geen kwaadaardige items gedetecteerd)
Module: 0
(Geen kwaadaardige items gedetecteerd)
Registersleutel: 0
(Geen kwaadaardige items gedetecteerd)
Registerwaarde: 0
(Geen kwaadaardige items gedetecteerd)
Registerdata: 0
(Geen kwaadaardige items gedetecteerd)
Gegevensstroom: 0
(Geen kwaadaardige items gedetecteerd)
Map: 0
(Geen kwaadaardige items gedetecteerd)
Bestand: 1
PUP.Optional.SweetPage, C:\USERS\PIET\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Verwijdering mislukt, [358], [455284],1.0.6197
Fysieke sector: 0
(Geen kwaadaardige items gedetecteerd)
WMI: 0
(Geen kwaadaardige items gedetecteerd)
opnieuw geinstalleerd en gescand, ditmaal met een beter resultaat
17
SweetPage is een meelifter met software geweest.
Heb jij soms software gedownload van Softonic?
Gebruik aanvullend onderstaand tool:
Download AdwCleaner by Malwarebytes naar het bureaublad.
Klik met de rechtermuisknop op AdwCleaner en kies voor de optie Als administrator uitvoeren.
Heb jij soms software gedownload van Softonic?
Gebruik aanvullend onderstaand tool:
Download AdwCleaner by Malwarebytes naar het bureaublad.
Klik met de rechtermuisknop op AdwCleaner en kies voor de optie Als administrator uitvoeren.
- Klik vervolgens op de knop Nu scannen.
- Wanneer de scan gereed is klikt u vervolgens op de knop Reiniging en Reparaties.
- Klik vervolgens in het informatiescherm op Schoonmaken en nu opnieuw opstarten.
- Nadat de computer opnieuw is opgestart wordt AdwCleaner automatisch geopend, klik op Logbestand bekijken.
- Plaats dit logbestand als bijlage in het volgende bericht.
- (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\AdwCleaner\Logs\AdwCleaner[C00].txt.)
Fulltime forumbeheerder overdag, astronaut en kwantumfysicus 's nachts.
18
Het laatste wat ik heb gedownload is u-torrent, of dat van softonic was durf ik niet te zeggen.
Hierbij het logbestand,
# -------------------------------
# Start: 08-05-2018
# Duration: 00:00:33
# OS: Windows 10 Home
# Cleaned: 111
# Failed: 3
***** [ Services ] *****
Deleted iOSinstallerUpdater
***** [ Folders ] *****
Deleted C:\Users\Piet\AppData\Roaming\RPEng
Deleted C:\Users\Piet\AppData\Local\genienext
Deleted C:\Program Files (x86)\BearShare Applications
Deleted C:\Program Files (x86)\iOSinstaller
Deleted C:\Users\Piet\AppData\Local\iOSinstaller
Deleted C:\Users\Piet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iOSinstaller
Deleted C:\Users\Piet\AppData\Roaming\download Manager
Deleted C:\ProgramData\PARETOLOGIC
Deleted C:\Program Files (x86)\Common Files\PARETOLOGIC
Deleted C:\Users\Piet\AppData\Roaming\PARETOLOGIC
Deleted C:\Users\Piet\AppData\Local\VirtualStore\ProgramData\SaveAs
Deleted C:\Program Files\Enigma Software Group
***** [ Files ] *****
Deleted C:\Users\Piet\daemonprocess.txt
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\Tasks\paretologic update version3.job
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\Classes\Applications\iMesh_V11_nl_Setup.exe
Deleted HKLM\SOFTWARE\Classes\Applications\iMeshV11nl.exe
Deleted HKLM\SOFTWARE\Classes\Applications\iMeshSetup-r293-w-bi.exe
Deleted HKLM\Software\Wow6432Node\Better-Surf
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\defaultsearch.com
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\IB Updater
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3259627529-1914095622-3875271238-1001\Software\IB Updater
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\IB Updater
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\goose
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3259627529-1914095622-3875271238-1001\Software\Web Assistant
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant
Deleted HKLM\Software\Wow6432Node\Uniblue
Deleted HKCU\Software\ParetoLogic
Deleted HKLM\Software\Wow6432Node\ParetoLogic
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player
Deleted HKLM\Software\Wow6432Node\Video Player
Deleted HKLM\Software\Wow6432Node\VideoPlayerV3
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\Clients\StartMenuInternet\Torch
Deleted HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Deleted HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Deleted HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Deleted HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E58EBC9B-BECF-4EAE-90AF-44220A174B22}
Deleted HKLM\Software\Classes\uus3url-pl
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mywebsearch.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchnow.ws
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mysearchnow.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\livesearchnow.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\hotbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\isearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\get-search.cc
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchresults.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearcher.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearch247.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\whatsyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\resultsyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\crawlermachine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\niceofficecomtristate.info
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\niceblowjob.info
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\fucknicepics.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\codecnice.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\ifinditall.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\icanfindit.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\findit-now.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\clearask.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchengine2000.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\best-searchengine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\adultdatingsearchengine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\http602.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bestcrawler.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\tangounion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\search-web.us
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchoutlaw.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\digistreamsa.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchable-sex.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AAB47D93-AEDC-4624-A75C-4EE8488BCD40}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\securesurface.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\easy-search.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\startravelsnp.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchproject.net
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted HKLM\Software\EnigmaSoftwareGroup
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Deleted HKU\S-1-5-21-3259627529-1914095622-3875271238-1000\Software\AppDataLow\Toolbar
Deleted HKLM\Software\Wow6432Node\Webexp Enhanced
***** [ Chromium (and derivatives) ] *****
Not Deleted McAfee Security Scan+
***** [ Chromium URLs ] *****
Deleted Softonic NL
Deleted Softonic NL
Deleted Softonic NL
Not Deleted http://www.sweet-page.com/?type=hp&ts=1 ... XX5YD3JDBY
Not Deleted http://www.sweet-page.com/?type=hp&ts=1 ... XX5YD3JDBY
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [13801 octets] - [05/08/2018 11:58:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Hierbij het logbestand,
# -------------------------------
# Start: 08-05-2018
# Duration: 00:00:33
# OS: Windows 10 Home
# Cleaned: 111
# Failed: 3
***** [ Services ] *****
Deleted iOSinstallerUpdater
***** [ Folders ] *****
Deleted C:\Users\Piet\AppData\Roaming\RPEng
Deleted C:\Users\Piet\AppData\Local\genienext
Deleted C:\Program Files (x86)\BearShare Applications
Deleted C:\Program Files (x86)\iOSinstaller
Deleted C:\Users\Piet\AppData\Local\iOSinstaller
Deleted C:\Users\Piet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iOSinstaller
Deleted C:\Users\Piet\AppData\Roaming\download Manager
Deleted C:\ProgramData\PARETOLOGIC
Deleted C:\Program Files (x86)\Common Files\PARETOLOGIC
Deleted C:\Users\Piet\AppData\Roaming\PARETOLOGIC
Deleted C:\Users\Piet\AppData\Local\VirtualStore\ProgramData\SaveAs
Deleted C:\Program Files\Enigma Software Group
***** [ Files ] *****
Deleted C:\Users\Piet\daemonprocess.txt
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\Tasks\paretologic update version3.job
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\Classes\Applications\iMesh_V11_nl_Setup.exe
Deleted HKLM\SOFTWARE\Classes\Applications\iMeshV11nl.exe
Deleted HKLM\SOFTWARE\Classes\Applications\iMeshSetup-r293-w-bi.exe
Deleted HKLM\Software\Wow6432Node\Better-Surf
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\defaultsearch.com
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\IB Updater
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3259627529-1914095622-3875271238-1001\Software\IB Updater
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\IB Updater
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\goose
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant
Deleted HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3259627529-1914095622-3875271238-1001\Software\Web Assistant
Deleted HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant
Deleted HKLM\Software\Wow6432Node\Uniblue
Deleted HKCU\Software\ParetoLogic
Deleted HKLM\Software\Wow6432Node\ParetoLogic
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Video Player
Deleted HKLM\Software\Wow6432Node\Video Player
Deleted HKLM\Software\Wow6432Node\VideoPlayerV3
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\Clients\StartMenuInternet\Torch
Deleted HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Deleted HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Deleted HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Deleted HKLM\Software\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E58EBC9B-BECF-4EAE-90AF-44220A174B22}
Deleted HKLM\Software\Classes\uus3url-pl
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mywebsearch.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchnow.ws
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\mysearchnow.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\livesearchnow.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\youfindall.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\hotbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\isearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\get-search.cc
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchresults.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearcher.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearchbar.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\yoursearch247.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\whatsyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\resultsyoursearch.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\crawlermachine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\niceofficecomtristate.info
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\nicecodec.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\niceblowjob.info
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\fucknicepics.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\codecnice.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\ifinditall.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\icanfindit.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\findit-now.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\clearask.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchengine2000.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\best-searchengine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\adultdatingsearchengine.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\http602.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\you-search.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\bestcrawler.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\tangounion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\search-web.us
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchoutlaw.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\digistreamsa.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchable-sex.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AAB47D93-AEDC-4624-A75C-4EE8488BCD40}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\securesurface.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\easy-search.net
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\startravelsnp.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\searchproject.net
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted HKLM\Software\EnigmaSoftwareGroup
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Deleted HKU\S-1-5-21-3259627529-1914095622-3875271238-1000\Software\AppDataLow\Toolbar
Deleted HKLM\Software\Wow6432Node\Webexp Enhanced
***** [ Chromium (and derivatives) ] *****
Not Deleted McAfee Security Scan+
***** [ Chromium URLs ] *****
Deleted Softonic NL
Deleted Softonic NL
Deleted Softonic NL
Not Deleted http://www.sweet-page.com/?type=hp&ts=1 ... XX5YD3JDBY
Not Deleted http://www.sweet-page.com/?type=hp&ts=1 ... XX5YD3JDBY
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [13801 octets] - [05/08/2018 11:58:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
20
zucht... het is toch godgeklaagd dat er lieden zijn die met droge ogen zoveel troep op iemands pc durven te zetten....!
22
Gewoon niets downloaden van dubieuze websites.
Gewoon netjes legaal / legitiem software, audio, video e.a. aanschaffen.
Gratis bestaat niet, erger nog gratis heeft nooit bestaan, er worden altijd zooi mee geleverd.
Neen, de gebruikers halen zelf die troep binnen.falstring schreef:zucht... het is toch godgeklaagd dat er lieden zijn die met droge ogen zoveel troep op iemands pc durven te zetten....!
Gewoon niets downloaden van dubieuze websites.
Gewoon netjes legaal / legitiem software, audio, video e.a. aanschaffen.
Gratis bestaat niet, erger nog gratis heeft nooit bestaan, er worden altijd zooi mee geleverd.
met vriendelijke groet, iEscape
born to be free is the way to freedom
born to be free is the way to freedom
24
'Neen, de gebruikers halen zelf die troep binnen.'
tuurlijk is dat zo, maar een argeloze gebruiker wordt maar al te gauw in de luren gelegd door 'hoge' noteringen bij google als ie op zoek is naar iets....
tuurlijk is dat zo, maar een argeloze gebruiker wordt maar al te gauw in de luren gelegd door 'hoge' noteringen bij google als ie op zoek is naar iets....
25
Hallo,
Om je pc nog eens goed na te kijken heb ik je onderwerp even verplaatst en doe het volgende:
Download de Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.
Farbar Recovery Scan Tool uitvoeren
Om je pc nog eens goed na te kijken heb ik je onderwerp even verplaatst en doe het volgende:
Download de Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.
Farbar Recovery Scan Tool uitvoeren
- Klik met de rechtermuisknop op FRST.exe en kies voor de optie "Als administrator uitvoeren".
- Als het programma is geopend klik Yes (Ja) bij de disclaimer.
- Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
- Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
- Voeg beide logbestanden als bijlage toe aan het volgende bericht.
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie
27
Hallo,
Ik ga de logjes even doornemen
Ik ga de logjes even doornemen
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie
28
Hallo,
Ik heb alles even doorlopen, ik zie in je programmalist het volgende programma:
Media Player (HKLM-x32\...\MediaPlayerV1alpha409)
Welke Media Player is dat kan je een link er van geven.
Stap 1.
Oude Java's zitten vol met lekken waardoor je besmet kan raken die gaan we verwijderen.
(als we klaar zijn kan je indien nodig de nieuwste weer downloaden)
Weg gaan naar Programma's en onderdelen:
Stap 2.
Ga naar de map Downloads open die en sleep FRST daaruit naar je bureaublad.
Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.
Ik heb alles even doorlopen, ik zie in je programmalist het volgende programma:
Media Player (HKLM-x32\...\MediaPlayerV1alpha409)
Welke Media Player is dat kan je een link er van geven.
Stap 1.
Oude Java's zitten vol met lekken waardoor je besmet kan raken die gaan we verwijderen.
(als we klaar zijn kan je indien nodig de nieuwste weer downloaden)
Weg gaan naar Programma's en onderdelen:
- Klik Windows knop plus R tegelijk in. . Type appwiz.cpl in en klik OK.
- Zoek de volgende programma's, klik met je rechtermuis knop erop en kies Verwijderen.
- Java 8 Update 31 (64-bit)
- Java 8 Update 31
- Volg de de-installatie instructies van het programma zelf op.
- Start indien nodig opnieuw op.
Stap 2.
Ga naar de map Downloads open die en sleep FRST daaruit naar je bureaublad.
Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.
- Klik met de rechtermuisknop op FRST.exe en kies voor de optie Als administrator uitvoeren.
- Druk op de Fixen knop.
- Er zal u een logbestand aangemaakt worden (Fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
- Voeg dit logbestand als bijlage toe aan het volgende bericht.
Als gast kunt u geen bijlagen bekijken. Registreer via deze link een (gratis) account om bijlagen te kunnen bekijken.
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie
30
Dit was ook een mooie opruiming 13.9GB, hoe stat het na alle acties met je probleem?
Ja die mag wegBlank013 schreef: De MediaPlayerV1 blijkt een lege map te zijn, die kan ik waarschijnlijk weg halen.
Dit was ook een mooie opruiming 13.9GB, hoe stat het na alle acties met je probleem?
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
Bent u blij met de geboden hulp? klik hier voor een vrijblijvende donatie