# AdwCleaner v6.043 - Logbestand aangemaakt 22/02/2017 op 12:07:15 # Bijgewerkt op 27/01/2017 door Malwarebytes # Database : 2017-02-20.3 [Server] # Besturingssysteem : Windows 10 Home (X64) # Gebruikersnaam : rtull - DESKTOP-EDIFOVP # Gestart vanuit : C:\Users\rtull\Downloads\adwcleaner_6.043.exe # Mode: Scannen # Ondersteuning : https://www.malwarebytes.com/support ***** [ Services ] ***** Service gevonden: rtop Service gevonden: ByteFenceService ***** [ Mappen ] ***** Map gevonden: C:\Users\rtull\AppData\Local\Host App Service Map gevonden: C:\Program Files\ByteFence Map gevonden: C:\ProgramData\ByteFence Map gevonden: C:\ProgramData\Host App Service Map gevonden: C:\ProgramData\Application Data\ByteFence Map gevonden: C:\ProgramData\Application Data\Host App Service Map gevonden: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware Map gevonden: C:\Users\rtull\AppData\Local\Host App Service Map gevonden: C:\Users\Default\AppData\Local\Host App Service ***** [ Bestanden ] ***** Bestand gevonden: C:\Users\rtull\AppData\Roaming\Mozilla\Firefox\Profiles\u63cqylq.default\searchplugins\Search Provided by Bing.xml Bestand gevonden: C:\Users\rtull\AppData\Roaming\Mozilla\Firefox\Profiles\u63cqylq.default\searchplugins\yahoo! powered search.xml ***** [ DLL ] ***** Geen kwaadaardige DLLs gevonden. ***** [ WMI ] ***** Geen kwaadaardige sleutels gevonden. ***** [ Snelkoppelingen ] ***** Geen geïnfecteerde snelkoppeling gevonden. ***** [ Geplande Taken ] ***** Taak gevonden: ByteFence Taak gevonden: ByteFence Scan Taak gevonden: App Explorer ***** [ Register ] ***** Sleutel gevonden: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService Sleutel gevonden: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService Sleutel gevonden: HKLM\SOFTWARE\Classes\AVSAsyncBuffer.AVSVideoTimeShift Sleutel gevonden: HKLM\SOFTWARE\Classes\AVSAsyncBuffer.AVSVideoTimeShift.1 Sleutel gevonden: HKLM\SOFTWARE\Classes\AVSAsyncBuffer.UVideoTimeShift Sleutel gevonden: HKLM\SOFTWARE\Classes\AVSAsyncBuffer.UVideoTimeShift.1 Sleutel gevonden: [x64] HKLM\SOFTWARE\Classes\AVSAsyncBuffer.AVSVideoTimeShift Sleutel gevonden: [x64] HKLM\SOFTWARE\Classes\AVSAsyncBuffer.AVSVideoTimeShift.1 Sleutel gevonden: [x64] HKLM\SOFTWARE\Classes\AVSAsyncBuffer.UVideoTimeShift Sleutel gevonden: [x64] HKLM\SOFTWARE\Classes\AVSAsyncBuffer.UVideoTimeShift.1 Sleutel gevonden: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\Software\ByteFence Sleutel gevonden: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\Software\Host App Service Sleutel gevonden: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service Sleutel gevonden: HKCU\Software\ByteFence Sleutel gevonden: HKCU\Software\Host App Service Sleutel gevonden: HKLM\SOFTWARE\ByteFence Sleutel gevonden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service Sleutel gevonden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence Sleutel gevonden: [x64] HKCU\Software\ByteFence Sleutel gevonden: [x64] HKCU\Software\Host App Service Sleutel gevonden: [x64] HKLM\SOFTWARE\ByteFence Sleutel gevonden: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mindful.en.softon Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\photocopier.en.so Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mindful.en.softonic. Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\photocopier.en.softo Sleutel gevonden: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mindful.en.soft Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\photocopier.en. Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mindful.en.softoni Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\photocopier.en.sof Sleutel gevonden: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com Sleutel gevonden: HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan Sleutel gevonden: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan ***** [ Internetbrowsers ] ***** Firefox pref gevonden: [C:\Users\rtull\AppData\Roaming\Mozilla\Firefox\Profiles\u63cqylq.default\prefs.js] - "browser.search.selectedEngine" - "Yahoo! Powered Search" Firefox pref gevonden: [C:\Users\rtull\AppData\Roaming\Mozilla\Firefox\Profiles\u63cqylq.default\prefs.js] - "browser.search.defaultenginename" - "Yahoo! Powered Search" Geen kwaadaardige op Chromium gebaseerde browser items gevonden. ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [6662 bytes] - [22/02/2017 12:07:15] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6735 bytes] ##########