# AdwCleaner v6.045 - Logbestand aangemaakt 30/03/2017 op 09:58:50 # Bijgewerkt op 28/03/2017 door Malwarebytes # Database : 2017-03-29.1 [Server] # Besturingssysteem : Windows 10 Home (X64) # Gebruikersnaam : Eigenaar - LAPTOP-TIJMEN # Gestart vanuit : C:\Users\Eigenaar\Downloads\adwcleaner_6.045.exe # Mode: Scannen # Ondersteuning : https://www.malwarebytes.com/support ***** [ Services ] ***** Geen kwaadaardige services gevonden. ***** [ Mappen ] ***** Map gevonden: C:\ProgramData\Avg_Update_0215tb Map gevonden: C:\ProgramData\Avg_Update_1015av Map gevonden: C:\ProgramData\Avg_Update_1215av Map gevonden: C:\Users\Eigenaar\AppData\Local\DriverToolkit Map gevonden: C:\Users\Eigenaar\AppData\Local\SweetLabs App Platform Map gevonden: C:\ProgramData\AVG Security Toolbar Map gevonden: C:\ProgramData\Pokki Map gevonden: C:\ProgramData\IObit\ASCDownloader Map gevonden: C:\ProgramData\Application Data\AVG Security Toolbar Map gevonden: C:\ProgramData\Application Data\Pokki Map gevonden: C:\ProgramData\Application Data\IObit\ASCDownloader Map gevonden: C:\Users\Default User\AppData\Local\Pokki Map gevonden: C:\Users\Default\AppData\Local\Pokki ***** [ Bestanden ] ***** Bestand gevonden: C:\Users\Eigenaar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk Bestand gevonden: C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook.lnk Bestand gevonden: C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk Bestand gevonden: C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk ***** [ DLL ] ***** Geen kwaadaardige DLLs gevonden. ***** [ WMI ] ***** Geen kwaadaardige sleutels gevonden. ***** [ Snelkoppelingen ] ***** Geen geïnfecteerde snelkoppeling gevonden. ***** [ Geplande Taken ] ***** Taak gevonden: SweetLabs App Platform Taak gevonden: DRIVERTOOLKIT AUTORUN ***** [ Register ] ***** Sleutel gevonden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf Sleutel gevonden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_6a25f051cf813673e184ba252c2f8db7319d41e1 Sleutel gevonden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_6f939df69d6785524f49659b9500d1f87280d9ff Sleutel gevonden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_76f57b4f4c47bb9be5a61f33564f4ce99c295a7c Sleutel gevonden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_a65116cdc0b4377bed428e280c19949d56248d11 Sleutel gevonden: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu Sleutel gevonden: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1 Sleutel gevonden: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK Sleutel gevonden: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1 Sleutel gevonden: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu Sleutel gevonden: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1 Sleutel gevonden: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK Sleutel gevonden: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1 Sleutel gevonden: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel gevonden: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel gevonden: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270} Sleutel gevonden: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A} Sleutel gevonden: HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel gevonden: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552} Sleutel gevonden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} Sleutel gevonden: HKU\S-1-5-21-2258361874-4224472869-2714032374-1001\Software\Conduit Sleutel gevonden: HKU\S-1-5-21-2258361874-4224472869-2714032374-1001\Software\DriverToolkit Sleutel gevonden: HKU\S-1-5-21-2258361874-4224472869-2714032374-1001\Software\SweetLabs App Platform Sleutel gevonden: HKU\S-1-5-21-2258361874-4224472869-2714032374-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP Sleutel gevonden: HKU\S-1-5-21-2258361874-4224472869-2714032374-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu Sleutel gevonden: HKCU\Software\Conduit Sleutel gevonden: HKCU\Software\DriverToolkit Sleutel gevonden: HKCU\Software\SweetLabs App Platform Sleutel gevonden: HKLM\SOFTWARE\IOBIT\ASC Sleutel gevonden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP Sleutel gevonden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu Sleutel gevonden: [x64] HKCU\Software\Conduit Sleutel gevonden: [x64] HKCU\Software\DriverToolkit Sleutel gevonden: [x64] HKCU\Software\SweetLabs App Platform Sleutel gevonden: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP Sleutel gevonden: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu Data gevonden: HKU\S-1-5-21-2258361874-4224472869-2714032374-1001\Software\Microsoft\Internet Explorer\Main [Start Page Redirect Cache] - hxxp://homepage-web.com/?s=acer&m=start Data gevonden: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Redirect Cache] - hxxp://homepage-web.com/?s=acer&m=start Data gevonden: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Redirect Cache] - hxxp://homepage-web.com/?s=acer&m=start Sleutel gevonden: HKU\S-1-5-21-2258361874-4224472869-2714032374-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} Sleutel gevonden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} Sleutel gevonden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} Sleutel gevonden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} Sleutel gevonden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} Sleutel gevonden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Sleutel gevonden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com Sleutel gevonden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com Sleutel gevonden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com Waarde gevonden: HKU\S-1-5-21-2258361874-4224472869-2714032374-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki] Waarde gevonden: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt] Sleutel gevonden: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki Sleutel gevonden: HKCU\Software\Classes\Directory\shell\pokki Sleutel gevonden: HKCU\Software\Classes\Drive\shell\pokki Sleutel gevonden: HKCU\Software\Classes\lnkfile\shell\pokki Sleutel gevonden: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Sleutel gevonden: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Sleutel gevonden: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare Sleutel gevonden: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect ***** [ Internetbrowsers ] ***** Geen kwaadaardige op Firefox gebaseerde browser items gevonden. Chromium pref gevonden: [C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - booedmolknjekdopkepjjeckmjkdpfgl Chromium pref gevonden: [C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - flpcjncodpafbgdpnkljologafpionhb Chromium pref gevonden: [C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxp://www.trovi.com/?gd=&ctid=CT3331172&octid=EB_ORIGINAL_CTID&ISID=M7CC04B21-D286-48CD-B13F-A5E01E671450&Search ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [8133 bytes] - [30/03/2017 09:58:50] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8206 bytes] ##########