Bedreiginsniveau: 
9
9
Type: Kwaadaardige Anti-Spyware
Vaak infectie symptomen:
- Installeert zichzelf zonder toestemming
- Verbind naar het Internet zonder toestemming
- Trage internetverbinding
- Systeemcrashes
- Irritante pop-ups
- Trage Computer
Home Malware CleanerAls uw computer traag werkt en u ontvangt verschillende veiligheidsmeldingen achter elkaar, dan kan het zijn dat u bent besmet door Home Malware Cleaner. Het is de meest recente computerbedreiging die afkomstig is van een prominente familie van bedriegers wat betekent dat de makers van Home Malware Cleaner exact weten wat ze aan het doen zijn. Deze bedrieger laat zich door niets tegenhouden totdat hij of uw systeem vernietigt of u oplicht, of hoogstwaarschijnlijk allebei. Op dit moment is het dus uw taak om meer uit te vinden over deze bedrieger en hem zo spoedig mogelijk uit te schakelen. Home Malware Cleaner wordt op uw computer geïnstalleerd zonder uw medeweten of toestemming, wat heel gewoon is voor deze kwaadaardige toepassingen. Wanneer het is geïnstalleerd wordt Home Malware Cleaner geconfigureerd om automatisch te starten wanneer u Windows start. Wanneer het in actie komt doet de bedrieger zich voor als een legitiem anti-virusprogramma. Het probeert u bang te maken zodat u geloofd dat u ernstig bent besmet en dat u het programma dient te activeren om alle virussen te verwijderen, maar door dat te doen raakt u alleen maar uw geld kwijt en uw computer wordt zelfs blootgesteld aan nog ernstiger bedreigingen. Bewijs uzelf een dienst en verwijder Home Malware Cleaner zo snel u kunt. Als u dat niet handmatig kunt uitvoeren, schaf dan een krachtig anti-malwareprogramma aan dat Home Malware Cleaner binnen de kortste keren zonder spoor van uw systeem verwijdert. | ||||||||
|
Download
Home Malware Cleaner
besemettings-scanner
| ||||||||
|
Hoe te verwijderen Home Malware Cleaner
Met infectie geassocieerde bestanden (Home Malware Cleaner):
%UserProfile%\Recent\tjd.drv
%UserProfile%\Recent\tempdoc.sys
%UserProfile%\Recent\tempdoc.drv
%UserProfile%\Recent\SICKBOY.tmp
%UserProfile%\Recent\PE.tmp
%UserProfile%\Recent\PE.exe
%UserProfile%\Recent\PE.drv
%UserProfile%\Recent\grid.exe
%UserProfile%\Recent\fix.drv
%UserProfile%\Recent\exec.drv
%UserProfile%\Recent\energy.tmp
%UserProfile%\Recent\eb.tmp
%UserProfile%\Recent\DBOLE.tmp
%UserProfile%\Recent\CLSV.exe
%UserProfile%\Recent\ANTIGEN.drv
%UserProfile%\Desktop\Home Malware Cleaner.lnk
%StartMenu%\Programs\Home Malware Cleaner.lnk
%CommonAppData%\79b35\Quarantine Items\
%CommonAppData%\79b35\HMCSys\
%CommonAppData%\79b35\BackUp\
%CommonAppData%\79b35\sqlite3.dll
%CommonAppData%\79b35\mozcrt19.dll
%CommonAppData%\79b35\6543.mof
%CommonAppData%\79b35\HMC.ico
%CommonAppData%\79b35\HMa76.exe
%CommonAppData%\79b35\
%AppData%\Home Malware Cleaner\cookies.sqlite
%AppData%\Home Malware Cleaner\
%AppData%\Home Malware Cleaner\ScanDisk_.exe
%AppData%\Home Malware Cleaner\Instructions.ini
%CommonAppData%\[random]\[random].cfg
%CommonAppData%\[random]\ASE.ico
%CommonAppData%\[random]\[random].exe
%AppData%\Microsoft\Internet Explorer\Quick Launch\Home Malware Cleaner.lnk
%Desktop%\Home Malware Cleaner.lnk
%StartMenu%\Home Malware Cleaner.lnk
%Programs%\Home Malware Cleaner.lnk
%UserProfile%\Recent\tempdoc.sys
%UserProfile%\Recent\tempdoc.drv
%UserProfile%\Recent\SICKBOY.tmp
%UserProfile%\Recent\PE.tmp
%UserProfile%\Recent\PE.exe
%UserProfile%\Recent\PE.drv
%UserProfile%\Recent\grid.exe
%UserProfile%\Recent\fix.drv
%UserProfile%\Recent\exec.drv
%UserProfile%\Recent\energy.tmp
%UserProfile%\Recent\eb.tmp
%UserProfile%\Recent\DBOLE.tmp
%UserProfile%\Recent\CLSV.exe
%UserProfile%\Recent\ANTIGEN.drv
%UserProfile%\Desktop\Home Malware Cleaner.lnk
%StartMenu%\Programs\Home Malware Cleaner.lnk
%CommonAppData%\79b35\Quarantine Items\
%CommonAppData%\79b35\HMCSys\
%CommonAppData%\79b35\BackUp\
%CommonAppData%\79b35\sqlite3.dll
%CommonAppData%\79b35\mozcrt19.dll
%CommonAppData%\79b35\6543.mof
%CommonAppData%\79b35\HMC.ico
%CommonAppData%\79b35\HMa76.exe
%CommonAppData%\79b35\
%AppData%\Home Malware Cleaner\cookies.sqlite
%AppData%\Home Malware Cleaner\
%AppData%\Home Malware Cleaner\ScanDisk_.exe
%AppData%\Home Malware Cleaner\Instructions.ini
%CommonAppData%\[random]\[random].cfg
%CommonAppData%\[random]\ASE.ico
%CommonAppData%\[random]\[random].exe
%AppData%\Microsoft\Internet Explorer\Quick Launch\Home Malware Cleaner.lnk
%Desktop%\Home Malware Cleaner.lnk
%StartMenu%\Home Malware Cleaner.lnk
%Programs%\Home Malware Cleaner.lnk
Af te sluiten processen (Home Malware Cleaner):
%UserProfile%\Recent\grid.exe
%UserProfile%\Recent\PE.exe
%UserProfile%\Recent\CLSV.exe
%CommonAppData%\79b35\HMa76.exe
%AppData%\Home Malware Cleaner\ScanDisk_.exe
%CommonAppData%\[random]\[random].exe
%UserProfile%\Recent\PE.exe
%UserProfile%\Recent\CLSV.exe
%CommonAppData%\79b35\HMa76.exe
%AppData%\Home Malware Cleaner\ScanDisk_.exe
%CommonAppData%\[random]\[random].exe
Verwijder waarden uit het register (Home Malware Cleaner):
HKCU\Software\Microsoft\Windows\CurrentVersion\Run “Home Malware Cleaner” “%CommonAppData%\[random]\[random].exe” /s /d
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\dumped_patched.DocHostUIHandler
HKEY_CURRENT_USER\Software\3
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=8010&q={searchTerms}"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "IIL" = 0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "ltHI" = 0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "ltTST"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PRS" = "http://127.0.0.1:27777/?inj=%ORIGINAL%"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "UID" = 8010
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "runtime 13.08010"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "DisallowRun" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "0" = "msseces.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "1" = "MSASCui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "10" = "avgscanx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "11" = "avgcfgex.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "12" = "avgemc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "13" = "avgchsvx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "14" = "avgcmgr.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "15" = "avgwdsvc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "2" = "ekrn.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "3" = "egui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "4" = "avgnt.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "5" = "avcenter.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "6" = "avscan.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "7" = "avgfrw.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "8" = "avgui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "9" = "avgtray.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Home Malware Cleaner"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashCnsnt.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfd.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ndd32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pgmonitr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\signcheck.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthLic.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zatutor.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=8010&q={searchTerms}"
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\dumped_patched.DocHostUIHandler
HKEY_CURRENT_USER\Software\3
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=8010&q={searchTerms}"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "IIL" = 0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "ltHI" = 0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "ltTST"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PRS" = "http://127.0.0.1:27777/?inj=%ORIGINAL%"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "UID" = 8010
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "runtime 13.08010"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "DisallowRun" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "0" = "msseces.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "1" = "MSASCui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "10" = "avgscanx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "11" = "avgcfgex.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "12" = "avgemc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "13" = "avgchsvx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "14" = "avgcmgr.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "15" = "avgwdsvc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "2" = "ekrn.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "3" = "egui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "4" = "avgnt.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "5" = "avcenter.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "6" = "avscan.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "7" = "avgfrw.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "8" = "avgui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "9" = "avgtray.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Home Malware Cleaner"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashCnsnt.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfd.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ndd32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pgmonitr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\signcheck.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthLic.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zatutor.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=8010&q={searchTerms}"
Post een commentaar — WIJ WILLEN GRAAG UW MENING!