Hapus/Remove Virus Sweet-Page.com
Dengan Adware Cleaner
Dengan Adware Cleaner
HOMEPAGE browser Anda berubah menjadi Sweet-Page.com? Itu "virus" berupa "browser hijacker". Hapus dengan Adware Cleaner (AdwCleaner).
Menurut Malware Tips, laman yang berbagi soal cara menghapus Sweet-Page dan malware lainnya:
"Sweet-Page.com is a browser hijacker, which is promoted via other free downloads, and once installed it will change your browser homepage to sweet-page.com."
Intinya, "virus" malware Sweet-Page.com itu harus dihapus, dibasmi, dibunuh! Caranya:
- Download AdwCleaner di link ini: ADWCLEANER DOWNLOAD LINK. (cara download klik disini)
- Sebelum install program AdwCleaner, tutup semua program dan browser internet yang sedang dibuka.
- Doble klik ikon AdwCleaner hasil download tadi (proses intall).
- Setelah install selesai, program AdwCleaner akan terbuka.
- Klik tombol Scan
- Selesai scanning, klik tomblol Clean. Bunuh semuanya!
# AdwCleaner v3.023 - Report created 04/04/2014 at 23:35:16
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : 1 - 1-PC
# Running from : D:\DOWNLOADS\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\SNT
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\Program Files\Mega Browse
Folder Deleted : C:\Program Files\SNT
Folder Deleted : C:\Users\1\AppData\Local\Mobogenie
Folder Deleted : C:\Users\1\AppData\Local\torch
Folder Deleted : C:\Users\1\AppData\Local\Temp\Mega Browse
Folder Deleted : C:\Users\1\Documents\Mobogenie
Folder Deleted : C:\Users\FAMILY\AppData\Local\Conduit
Folder Deleted : C:\Users\FAMILY\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\FAMILY\AppData\Local\torch
Folder Deleted : C:\Users\FAMILY\AppData\Local\Temp\NativeMessaging
Folder Deleted : C:\Users\FAMILY\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\FAMILY\AppData\Roaming\baidu
File Deleted : C:\END
File Deleted : C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\g9ak8vl0.default\searchplugins\WebSearch.xml
File Deleted : C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\g9ak8vl0.default\user.js
File Deleted : C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\muewrru8.default\user.js
File Deleted : C:\Users\FAMILY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\FAMILY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\FAMILY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Users\FAMILY\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\1\Desktop\Firefox NEW.lnk
Shortcut Disinfected : C:\Users\1\Desktop\Firefox OLD.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LiveSupport_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\livesupport_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_utorrent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_utorrent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\supWPM
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.16385
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v28.0 (en-US)
[ File : C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\g9ak8vl0.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.amaizingsearches.info/?pid=1091&r=2014/04/04&hid=10235128211098029313&lg=EN&cc=ID&unqvl=51&l=1&q=");
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("extensions.0sd.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorob[...]
Line Deleted : user_pref("extensions.2Mua0n5fa.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"s[...]
Line Deleted : user_pref("extensions.IwfG.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumoro[...]
Line Deleted : user_pref("extensions.L1CjSWwAf.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"s[...]
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.amaizingsearches.info/?pid=1091&r=2014/04/04&hid=10235128211098029313&lg=EN&cc=ID&unqvl=51&l=1&q=");
[ File : C:\Users\1\AppData\Roaming\Mozilla\Firefox\Profiles\muewrru8.default\prefs.js ]
Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.amaizingsearches.info/?pid=1091&r=2014/04/04&hid=10235128211098029313&lg=EN&cc=ID&unqvl=51");
[ File : C:\Users\FAMILY\AppData\Roaming\Mozilla\Firefox\Profiles\cttpyw9p.default\prefs.js ]
-\\ Google Chrome v33.0.1750.154
[ File : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\FAMILY\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [39744 octets] - [28/02/2014 21:45:46]
AdwCleaner[R1].txt - [9773 octets] - [04/04/2014 23:33:36]
AdwCleaner[S0].txt - [36508 octets] - [28/02/2014 21:48:20]
AdwCleaner[S1].txt - [7978 octets] - [04/04/2014 23:35:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [8038 octets] ##########
AdwCleaner pula yang berjasa besar menghapus virus ValueDealShop dari komputer saya.
Thank you AdwCleaner, special thanks to Malware Tips. Makanya, kata dia nih, jangan sembarangan download dan install software, terutama dari link atau situs gratisan! Hati-hati......!
@
Tagged @ ANTIVIRUS