Vraag Trage portable - meldingen - bescherming

digiropha

Junior lid
Hey,
Mijn portable (ASUS) is zeer traag geworden, zowel bij het opstarten als dikwijls bij het gebruik.
Ook krijg ik steeds meldingen (pop-ups van bv. 4tube.com)
Ik stel mij tevens de vraag in welke mate mijn portable (nog) is beschermd. Het lijkt mij dat mijn antvirus geen update meer krijgt, maarof deze dan nog actief is ? -> welke (free) software kan ik best installeren (antivirus, firewall,...) ?
Hierbij de bestanden.
Alvast bedankt!
Mvg,
D.
 

Bijlagen

Abraham54

Administrator
Team lid
Hallo Digiropha - waarvoor heb jij Java in jouw Windows?

Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.


We gaan


Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer nu de tekst die in het code-venster staat en plak die tekst in het lege kladblokvenster.

Code:
start
CreateRestorePoint:

2019-03-24 19:40 - 2019-03-24 19:40 - 000000000 ____D C:\Users\Admin\AppData\Local\Tempzxpsigndd2282721045c344
2019-03-24 19:40 - 2019-03-24 19:40 - 000000000 ____D C:\Users\Admin\AppData\Local\Tempzxpsign013099b78259e300
2019-03-09 13:17 - 2019-03-09 13:17 - 000000000 ____D C:\Users\Admin\AppData\Local\Tempzxpsign6aef8061eb112193
2019-03-09 13:13 - 2019-03-09 13:13 - 000000000 ____D C:\Users\Admin\AppData\Local\Tempzxpsign988647ca159fe03f
WarThunder (HKLM-x32\...\WarThunder) (Version:  - ) <==== AANDACHT
ContextMenuHandlers1: [iSkysoftVideoConverterFileOpreation] -> {BB35DE05-89D6-4D8F-95DE-A27DF8156D91} => C:\WINDOWS\SysWOW64\ISCM64.dll -> Geen bestand
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll -> Geen bestand
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll -> Geen bestand
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Geen bestand
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" is ontgrendeld. <==== AANDACHT
Task: {CDAE2A32-B8C9-4696-BA30-1F5FAD37FA7C} - \Microsoft\Windows\UNP\RunCampaignManager -> Geen bestand <==== AANDACHT
FirewallRules: [{6A60F631-23A8-4425-A1DB-E6F06AF25313}] => (Allow) LPort=2869
FirewallRules: [{060247DA-2C95-40CF-87B1-7D47E0BAAE3D}] => (Allow) LPort=1900
FirewallRules: [{B00E3B4D-4C1B-4647-84E2-62C76D8EB523}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5BAC82D-A772-40EE-86AB-4EA9CE2866E3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe Geen bestand
FirewallRules: [{37DE0BA0-C951-42F3-918B-B45FD50FC45E}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe Geen bestand
FirewallRules: [{7A9936F8-8DE8-44A1-BE07-A2504B14D799}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe Geen bestand
FirewallRules: [{96ADA9E6-5FDA-4C81-B6B7-0C8BC352E61D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe Geen bestand

EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
end
Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken

  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
  • Als het programma wordt gestart, klik dan op Ja in de popup.
  • Druk op de Fix knop.
  • Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 

Abraham54

Administrator
Team lid
Hoi digiropha, ik heb het idee dat jij geen schoonmaker gebruikt?

EmptyTemp: => 27.6 GB tijdelijke gegevens verwijderd.
Ik vermoed dat jouw Asus inmiddels sneller is geworden.


Ga nu eerst naar het Configuratiescherm
  • Software - Windows 2000/Windows XP
  • Programma's en onderdelen - Windows Vista, Windows 7, Windows 8 en Windows 10
en verwijder daar alles wat Java heet.

Belangrijk: start nu eerst uw PC of notebook opnieuw op, zodat de oude Java instellingen in Windows verwijderd worden.


Download
MalwareBytes Anti-Malware.

  • Windows 2000 en Windows XP: dubbelklik op mbam-setup.exe.
  • Windows Vista, Windows 7, Windows 8: en Windows 10: via rechtsklik op mbam-setup.exe en kies voor "Als Administrator uitvoeren".
  • Klik in het menu van Malwarebytes ANTI-MALWARE op Instellingen" en daar op "Detectie en Bescherming" en zet vervolgens een vinkje bij "Scan naar rootkits".
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.
  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
  • Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
  • Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
  • Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
  • Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
  • Klik op de nieuwste Scan Log.
  • Klik op "Exporteer" en kies de optie "Tekstbestand (*.txt)".
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
MBAM-Log posten:
  • Kopieer nu de inhoud van het zojuist opgeslagen log en plak dit in uw nieuwe antwoord erbij.

Indien jij MBAM meteen als gratis versie wil gebruiken in plaatst van de veertien dagen durende demo met al zijn toeters en bellen te gebruiken, kijk dan hier
 

digiropha

Junior lid
Dag,

De portable is nog steeds traag vind ik, helaas.

Ik heb geen schoonmaker ... functie hiervan ? Goede freeware beschikbaar ?

Bij de aankoop van de portable had ik geruime tijd een anti-virus (Mc Afee) maar ik denk dat de licentie is verlopen en ik er bijgevolg geen meer heb. Goede freeware beschikbaar ?

Hierbij de inhoud van het logbestand. Alvast bedankt !

Mvg,

D.

Malwarebytes
www.malwarebytes.com

-Logboekdetails-
Scandatum: 04-04-19
Scantijd: 22:52
Logbestand: 95c8eb12-571b-11e9-afea-2c56dcbfedfb.json

-Software-informatie-
Versie: 3.7.1.2839
Versie componenten: 1.0.563
Update pakketversie: 1.0.10006
Licentie: Proef

-Systeeminformatie-
Besturingssysteem: Windows 10 (Build 17134.648)
Processor: x64
Bestandssysteem: NTFS
Gebruiker: DESKTOP-O1HG92R\Admin

-Scansamenvatting-
Scantype: Bedreigingsscan
Scan geactiveerd door: Handmatig
Resultaat: Voltooid
Objecten gescand: 322788
Dreigingen herkend: 208
Dreigingen in quarantaine: 208
Verstreken tijd: 25 min, 38 sec

-Scanopties-
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Detectie
POA: Detectie

-Scandetails-
Proces: 0
(Geen kwaadaardige items gedetecteerd)

Module: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutel: 6
PUP.Optional.InstallCore, HKU\S-1-5-21-3627028958-3695787393-30170765-1001\SOFTWARE\CSASTATS\ic, In quarantaine, [427], [586068],1.0.10006
PUP.Optional.Booking, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{958A475F-037D-401A-AC05-209725973E11}_is1, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder0, In quarantaine, [238], [186209],1.0.10006
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder1, In quarantaine, [238], [186209],1.0.10006
PUP.Optional.Booking, HKU\S-1-5-21-3627028958-3695787393-30170765-1001\SOFTWARE\Booking.com, In quarantaine, [877], [310613],1.0.10006
PUP.Optional.InstallCore, HKU\S-1-5-21-3627028958-3695787393-30170765-1001\SOFTWARE\PRODUCTSETUP, In quarantaine, [427], [481004],1.0.10006

Registerwaarde: 3
PUP.Optional.InstallCore, HKU\S-1-5-21-3627028958-3695787393-30170765-1001\SOFTWARE\PRODUCTSETUP|TB, In quarantaine, [427], [481004],1.0.10006
PUP.Optional.ASK, HKU\S-1-5-21-3627028958-3695787393-30170765-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|lgfehfbnofiffladdncogfobimealokp, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.MindSpark.Generic, HKU\S-1-5-21-3627028958-3695787393-30170765-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|dgcaoiegieajomlildfloccgfnbkkdjm, In quarantaine, [1738], [456842],1.0.10006

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Gegevensstroom: 0
(Geen kwaadaardige items gedetecteerd)

Map: 23
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\img, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\PROGRAM FILES (X86)\BOOKING.COM, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\BOOKING.COM, In quarantaine, [877], [310598],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\_locales\en, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\_metadata, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\_locales, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\config, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\icons, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\libs, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\lgfehfbnofiffladdncogfobimealokp, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\EXTENSIONS\lgfehfbnofiffladdncogfobimealokp, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\dgcaoiegieajomlildfloccgfnbkkdjm, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\_locales\en, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\_metadata, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\_locales, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\config, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\icons, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\DGCAOIEGIEAJOMLILDFLOCCGFNBKKDJM\13.855.14.50873_0, In quarantaine, [1738], [456842],1.0.10006

Bestand: 176
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\img\homeIcon.png, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\hi.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\am.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\ar.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\bg.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\bn.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\ca.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\cs.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\da.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\de.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\el.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\en-GB.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\en-US.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\es-419.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\es.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\et.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\fa.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\fi.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\fil.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\fr.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\gu.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\he.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\hr.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\hu.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\id.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\it.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\ja.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\kn.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\ko.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\lt.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\lv.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\ml.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\mr.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\ms.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\nb.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\nl.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\pl.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\pt-BR.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\pt-PT.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\ro.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\ru.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\sk.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\sl.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\sr.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\sv.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\sw.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\ta.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\te.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\th.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\tr.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\uk.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\vi.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\zh-CN.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\locales\zh-TW.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\jquery-ui.min.css, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\Booking.com.exe, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\BookingErrorPic.png, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\BookingIcon.ico, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\BookingSplashScreen.jpg, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\cef.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\cef_100_percent.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\cef_200_percent.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\console.log, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\d3dcompiler_43.dll, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\d3dcompiler_47.dll, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\debug.log, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\devtools_resources.pak, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\ErrorPage.htm, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\ffmpegsumo.dll, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\frame.html, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\homeIcon.png, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\icudtl.dat, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\index.html, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\jquery-1.11.3.min.js, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\jquery-ui.css, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\jquery-ui.js, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\jquery-ui.min.js, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\jquery-ui.structure.css, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\jquery-ui.structure.min.css, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\jquery-ui.theme.css, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\jquery-ui.theme.min.css, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\libcef.dll, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\libEGL.dll, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\libGLESv2.dll, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\pdf.dll, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\script.js, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\style.css, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\unins000.dat, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\unins000.exe, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\Program Files (x86)\Booking.com\wow_helper.exe, In quarantaine, [877], [310593],1.0.10006
PUP.Optional.Booking, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com\Booking.com.lnk, In quarantaine, [877], [310598],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\config\config.json, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\icons\icon128.png, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\icons\icon16.png, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\icons\icon19disabled.png, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\icons\icon19on.png, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\icons\icon48.png, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\ajax.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\background.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\chrome.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\content_script.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\dlp.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\dlpHelper.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\extension_detect.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\index.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\internationalSearchUtils.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\logger.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\settingsOverridesUtils.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\splashPageLocalStorageSetter.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\storageUtils.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\templateParser.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\ul.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\urlUtils.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\js\util.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\libs\PartnerId.js, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\_locales\en\messages.json, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\_metadata\verified_contents.json, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp\50.158.14.57311_0\manifest.json, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgfehfbnofiffladdncogfobimealokp\000003.log, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgfehfbnofiffladdncogfobimealokp\CURRENT, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgfehfbnofiffladdncogfobimealokp\LOCK, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgfehfbnofiffladdncogfobimealokp\LOG, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgfehfbnofiffladdncogfobimealokp\MANIFEST-000001, In quarantaine, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Vervangen, [2], [537803],1.0.10006
PUP.Optional.ASK, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Vervangen, [2], [537803],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgcaoiegieajomlildfloccgfnbkkdjm\000003.log, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgcaoiegieajomlildfloccgfnbkkdjm\CURRENT, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgcaoiegieajomlildfloccgfnbkkdjm\LOCK, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgcaoiegieajomlildfloccgfnbkkdjm\LOG, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dgcaoiegieajomlildfloccgfnbkkdjm\MANIFEST-000001, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Vervangen, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Vervangen, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\USERS\ADMIN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\DGCAOIEGIEAJOMLILDFLOCCGFNBKKDJM\13.855.14.50873_0\CONFIG\CONFIG.JSON, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\icons\icon128.png, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\icons\icon16.png, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\icons\icon19disabled.png, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\icons\icon19on.png, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\icons\icon48.png, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\meta.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\ajax.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\babAPI.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\babClickHandler.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\babContentScript.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\babContentScriptAPI.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\background.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\browserUtils.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\chrome.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\contentScriptConnectionManager.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\dateTimeUtils.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\dlp.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\dlpHelper.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\extensionDetect.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\index.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\localStorageContentScript.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\logger.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\offerService.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\pageUtils.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\PartnerId.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\polyfill.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\product.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\remoteConfigLoader.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\splashPageLocalStorageSetter.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\splashPageRedirectHandler.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\storageUtils.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\TemplateParser.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\ul.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\urlFragmentActions.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\urlUtils.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\util.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\webtooltabAPI.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\js\webTooltabAPIProxy.js, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\_locales\en\messages.json, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\_metadata\verified_contents.json, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\manifest.json, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.MindSpark.Generic, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgcaoiegieajomlildfloccgfnbkkdjm\13.855.14.50873_0\newtabproduct.html, In quarantaine, [1738], [456842],1.0.10006
PUP.Optional.Reimage, C:\USERS\ADMIN\DOWNLOADS\NIET BEVESTIGD 186611.CRDOWNLOAD, In quarantaine, [340], [331559],1.0.10006

Fysieke sector: 0
(Geen kwaadaardige items gedetecteerd)

WMI: 0
(Geen kwaadaardige items gedetecteerd)


(end)
 

Abraham54

Administrator
Team lid
Hoi - dat was een adwarewaslijst, dat verwijderd is.
Daartoe gaan we nog een vervolgscan doen.

Wat gratis en een goede schoonmaker is, daarover heb ik gisteren een handleiding gemaakt.


Download
AdwCleaner by Malwarebytes naar het bureaublad.

Klik met de rechtermuisknop op AdwCleaner en kies voor de optie
Als administrator uitvoeren.
  • Klik vervolgens op de knop Nu scannen.
  • Wanneer de scan gereed is klikt u vervolgens op de knop Reiniging en Reparaties.
  • Klik vervolgens in het informatiescherm op Schoonmaken en nu opnieuw opstarten.
  • Nadat de computer opnieuw is opgestart wordt AdwCleaner automatisch geopend, klik op Logbestand bekijken.
  • Plaats dit logbestand als bijlage in het volgende bericht.
  • (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\AdwCleaner\Logs\AdwCleaner[C00].txt.)
 

digiropha

Junior lid
Hoi,

Hierbij het gevraagde.

Mvg,

D.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-05.4 (Cloud)
# Support: Customer Support & Help Center
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-06-2019
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 17
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Tencent
Deleted C:\Users\Admin\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\APN PIP
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\media-player-codec-pack.nl.softonic.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\softonic.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\adobe-photoshop.nl.softonic.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Wechat
Deleted HKCU\Software\csastats
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{5F50749B-4347-44B5-BDF7-5051543F1EF2}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2961 octets] - [06/04/2019 14:08:21]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Abraham54

Administrator
Team lid
Volgende scan:

Download het
Junkware Removal Tool


Ga daarvoor naar


en klik daar op de linker groene downloadknop.


Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!

Opmerkingen:

  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
  • Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.
Junkware Removal Tool by Thisisu opstarten:

  • Windows 2000 en Windows XP: dubbelklik op JRT.exe.
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
  • JRT.exe zal daarna Windows gaan scannen.
  • Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
  • Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
  • Voeg dit log toe in jouw volgende bericht.
 

Abraham54

Administrator
Team lid
Dan nu de scan met AdWCleaner herhalen!
 

digiropha

Junior lid
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-05.4 (Cloud)
# Support: Customer Support & Help Center
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-06-2019
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2961 octets] - [06/04/2019 14:08:21]
AdwCleaner[C00].txt - [2837 octets] - [06/04/2019 14:08:55]
AdwCleaner[S01].txt - [1372 octets] - [06/04/2019 15:11:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
 

Abraham54

Administrator
Team lid
Hoera, het ziet er naar uit dat de laptop schoon is.

Laat mij precies een weten wat er zoal traag is met jouw notebook.
Overigens: heb jij wel eens aan SSD gedacht?
 

digiropha

Junior lid
Hoera, het ziet er naar uit dat de laptop schoon is.

Laat mij precies een weten wat er zoal traag is met jouw notebook.
Overigens: heb jij wel eens aan SSD gedacht?
De portable is inderdaad een stuk sneller geworden.
Ik krijg rechtsonder wel nog steeds meldingen van 4tube.com ...

Welke programma's dien i nog te installeren om mijn portable beter (goed) te beschermen ? Mijn McAfee is verlopen, heb dus ook al geen antivirus meer ...

Mvg,

D.
 

Abraham54

Administrator
Team lid
Klik in het zoekvak en zoek naar Windows Defender.

Start deze daarna op?


Start FRST.exe opnieuw en doe de twee stappen na elkaar:

Stap 1.
Kopieer en plak de volgende tekst in het vak "Search": 4tube.com
Nota bene: plak het precies zoals het nu staat!

Klik daarna op Search Files.
Een Search.txt log wordt opgeslagen op dezelfde plaats waar FRST is opgeslagen plaats dat als bijlage.


Stap 2.
Kopieer en plak de volgende tekst in het vak "Search": 4tube.com
Nota bene: plak het precies zoals het nu staat!

Klik daarna op Search Registry.
Een Registry.txt log wordt opgeslagen op dezelfde plaats waar FRST is opgeslagen plaats dat als bijlage.
 

digiropha

Junior lid
Dag,

Windows Defender startte idd op.
Ik heb ondertussen Mc Afee en Norton verwijderd.
D.m.v. Windows Defende en Malwarebytes is de portable dus beveiligd alsik het goed begrijp ?

Hierbij de gevraagde bestanden.

Thx !

Mvg,

Dirk
 

Bijlagen

Abraham54

Administrator
Team lid
We gaan FRST opnieuw gebruiken!

FRST opstarten:
  • Windows 2000 en Windows XP: dubbelklik op FRST.exe.
  • Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: via rechtsklik op FRST.exe of FRST64.exe en kies voor "Als Administrator uitvoeren".
FRST start op:
  • Wanneer het programma is geopend klik dan op de knop Yes bij de disclaimer.
  • Druk vervolgens op de Scan knop.
  • Aansluitend zal een logbestand - FRST.txt en Addition-txt aangemaakt worden en op het bureaublad opgeslagen worden.
.

Voeg beide logs toe aan jouw volgende antwoord.
Weet je niet hoe dit te doen, kijk dan hier: Hoe een bijlage toevoegen?
 
Bovenaan Onderaan