# AdwCleaner v6.043 - Logbestand aangemaakt 12/02/2017 op 17:08:36 # Bijgewerkt op 27/01/2017 door Malwarebytes # Database : 2017-02-09.1 [Server] # Besturingssysteem : Windows 10 Home (X64) # Gebruikersnaam : Maxime - MSIMAXIME # Gestart vanuit : D:\adwcleaner_6.043.exe # Mode: Scannen # Ondersteuning : https://www.malwarebytes.com/support ***** [ Services ] ***** Geen kwaadaardige services gevonden. ***** [ Mappen ] ***** Map gevonden: C:\ProgramData\SwinpS Map gevonden: C:\Users\Maxime\AppData\Local\Goldlarry Map gevonden: C:\Users\Maxime\AppData\Roaming\eCyber Map gevonden: C:\Users\Maxime\AppData\Roaming\MailProducts Map gevonden: C:\Program Files (x86)\InterHop ***** [ Bestanden ] ***** Bestand gevonden: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk Bestand gevonden: C:\Users\Public\Documents\report.dat ***** [ DLL ] ***** Geen kwaadaardige DLLs gevonden. ***** [ WMI ] ***** Geen kwaadaardige sleutels gevonden. ***** [ Snelkoppelingen ] ***** Geen geïnfecteerde snelkoppeling gevonden. ***** [ Geplande Taken ] ***** Taak gevonden: Browser Updater Task(Core) Taak gevonden: Browser Updater Task(Core) Taak gevonden: fupdate ***** [ Register ] ***** Sleutel gevonden: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc Sleutel gevonden: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc Sleutel gevonden: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\SSFK Sleutel gevonden: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\IhPul Sleutel gevonden: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService Sleutel gevonden: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService Sleutel gevonden: HKLM\SOFTWARE\Classes\metnsd Sleutel gevonden: [x64] HKLM\SOFTWARE\Classes\metnsd Sleutel gevonden: HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Sleutel gevonden: HKU\S-1-5-21-498632516-2471268765-3438563307-1002\Software\Mail.Ru Sleutel gevonden: HKU\S-1-5-21-498632516-2471268765-3438563307-1002\Software\Microsoft\Gosearch Sleutel gevonden: HKU\S-1-5-21-498632516-2471268765-3438563307-1002\Software\Microsoft\Gosearchq Sleutel gevonden: HKU\S-1-5-21-498632516-2471268765-3438563307-1002\Software\AppDataLow\Software\Mail.Ru Sleutel gevonden: HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Sleutel gevonden: HKCU\Software\Mail.Ru Sleutel gevonden: HKCU\Software\Microsoft\Gosearch Sleutel gevonden: HKCU\Software\Microsoft\Gosearchq Sleutel gevonden: HKCU\Software\AppDataLow\Software\Mail.Ru Sleutel gevonden: HKLM\SOFTWARE\hdcode Sleutel gevonden: HKLM\SOFTWARE\Mail.Ru Sleutel gevonden: HKLM\SOFTWARE\qkseeSvc Sleutel gevonden: HKLM\SOFTWARE\qksee Sleutel gevonden: HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678} Sleutel gevonden: HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Sleutel gevonden: HKLM\SOFTWARE\WinSaberSvc Sleutel gevonden: HKLM\SOFTWARE\InterHop Sleutel gevonden: HKLM\SOFTWARE\CLIENTS\Corner Sunshine Sleutel gevonden: [x64] HKCU\Software\Mail.Ru Sleutel gevonden: [x64] HKCU\Software\Microsoft\Gosearch Sleutel gevonden: [x64] HKCU\Software\Microsoft\Gosearchq Sleutel gevonden: [x64] HKCU\Software\AppDataLow\Software\Mail.Ru Sleutel gevonden: [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} Sleutel gevonden: [x64] HKLM\SOFTWARE\CLIENTS\Corner Sunshine Data gevonden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469440918&z=24dcf2b9441a912ea81e348gfz8qft6zdz3e1t3g1m&from=ihpm0722&uid=HGSTXHTS72 Data gevonden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.nuesearch.com/?type=hp&ts=1469440918&z=24dcf2b9441a912ea81e348gfz8qft6zdz3e1t3g1m&from=ihpm0722&uid=HGSTXHTS721010A9E63 Data gevonden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469440918&z=24dcf2b9441a912ea81e348gfz8qft6zdz3e1t3g1m&from=ihpm0722&uid=HGSTXHTS721010A9E Sleutel gevonden: HKU\S-1-5-21-498632516-2471268765-3438563307-1002\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} Sleutel gevonden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} Sleutel gevonden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nuesearch.com Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vshare.com Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.nuesearch.com Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.vshare.com Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nuesearch.com Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\vshare.com Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.nuesearch.com Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.vshare.com Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\nuesearch.com Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\vshare.com Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.nuesearch.c Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.vshare.com Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\nuesearch.com Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\vshare.com Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.nuesearch.com Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.vshare.com ***** [ Internetbrowsers ] ***** Geen kwaadaardige op Firefox gebaseerde browser items gevonden. Chromium pref gevonden: [C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.nuesearch.com/searchfavicon.ico ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [8319 bytes] - [12/02/2017 17:08:36] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8392 bytes] ##########