In bijlage het logbestand.
Mvg Koen
Code: Selecteer alles
Script ZHPFix
G2 - GCE: Preference [Sarah][User Data\Default\Extensions] [chfdnecihphmhljaaejmgoiahnihplgn] AVG Web TuneUp =>.AVG Software
G2 - GCE: Preference [Sarah][User Data\Default\Extensions] [fcfenmboojpjinhpgggodefccipikbpd] MSN Homepage & Bing Search Engine =>PUP.Optional.LavasoftWebCompanion
G2 - GCE: Preference [Sarah][User Data\Default\Sync Extension Settings] [chfdnecihphmhljaaejmgoiahnihplgn]
P2 - EXT FILE: (.AVG Software.) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml [Unsigned] =>.AVG Software
P2 - EXT: (.lightningnewtab.com - Fast Start.) -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\w9o9fqer.default\extensions\faststartff@gmail.com =>PUP.Optional.LightningNewTab
O4 - GS\CommonDesktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, LLC. - McAfee.) C:\Program Files\McAfee Security Scan\3.11.2336\McUICnt.exe SecurityScanner.dll =>.McAfee, LLC®
O4 - GS\ProgramsCommon [Public]: Spybot-S&D Start Center.lnk . (...) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe [Unsigned]
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:CCleaner Monitoring =>.Piriform Ltd
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:CCleaner Smart Cleaning =>.Piriform Ltd
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApprovedHKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\AVG SafePrice =>.AVG Software
HKCU\SOFTWARE\Avg Secure Update =>.AVG Software
HKCU\SOFTWARE\AVG Web TuneUp =>.AVG Web TuneUp
\Run]:SpybotSD TeaTimer =>.Legitimate
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AVGBrowserAutoLaunch_D6735CB41767E3BC19C847B417AF8910
[HKEY_USERS\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:CCleaner Smart Cleaning =>.Piriform Ltd
[HKEY_USERS\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SpybotSD TeaTimer =>.Legitimate
[HKEY_USERS\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AVGBrowserAutoLaunch_D6735CB41767E3BC19C847B417AF8910
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:AVGUI.exe =>.AVG Software
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:SDTray =>.Microsoft Corporation
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:vProt
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]:AVGUI.exe =>.AVG Software
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:McAfee Security Scan Plus.lnk =>.McAfee Inc.
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, LLC.) [HKLM][64Bits] -- McAfee Security Scan =>.McAfee, LLC®
HKLM\SOFTWARE\AVG =>.AVG Software
HKLM\SOFTWARE\AVG Persistent =>.AVG Software
HKLM\SOFTWARE\AVG Web TuneUp =>.AVG Web TuneUp
HKLM\SOFTWARE\WOW6432Node\AVG =>.AVG Software
HKLM\SOFTWARE\WOW6432Node\AVG Web TuneUp =>.AVG Web TuneUp
HKLM\SOFTWARE\WOW6432Node\Safer Networking Limited =>.Safer Networking Limited
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\AVG SafePrice =>.AVG Software
HKCU\SOFTWARE\Avg Secure Update =>.AVG Software
HKCU\SOFTWARE\AVG Web TuneUp =>.AVG Web TuneUp
HKCU\SOFTWARE\Conduit =>SUP.Optional.Conduit
HKCU\SOFTWARE\Safer Networking Limited =>.Safer Networking Limited
HKU\.DEFAULT\SOFTWARE\AVG =>.AVG Software
HKU\.DEFAULT\SOFTWARE\Avg Secure Update =>.AVG Software
HKU\.DEFAULT\SOFTWARE\AVG Web TuneUp =>.AVG Web TuneUp
HKU\.DEFAULT\SOFTWARE\Safer Networking Limited =>.Safer Networking Limited
HKU\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\AVAST Software =>.AVAST Software
HKU\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\AVG SafePrice =>.AVG Software
HKU\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\Avg Secure Update =>.AVG Software
HKU\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\AVG Web TuneUp =>.AVG Web TuneUp
HKU\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o
HKU\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\Conduit =>SUP.Optional.Conduit
HKU\S-1-5-21-3303756064-427283015-848379767-1000\SOFTWARE\Safer Networking Limited =>.Safer Networking Limited
O43 - CFD: 25/11/2021 - [] D -- C:\Program Files\McAfee Security Scan =>.McAfee
O43 - CFD: 07/12/2019 - [] D -- C:\Program Files\Windows Security =>.Microsoft Corporation
O43 - CFD: 17/11/2022 - [] D -- C:\Program Files (x86)\AVG =>.AVG Software
O43 - CFD: 29/07/2014 - [] D -- C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy) =>.SaferNetworking
O43 - CFD: 29/07/2014 - [] D -- C:\Program Files (x86)\Misc. Support Library (Spybot - Search & Destroy) =>.SaferNetworking
O43 - CFD: 29/07/2014 - [] D -- C:\Program Files (x86)\SDHelper (Spybot - Search & Destroy) =>.SaferNetworking
O43 - CFD: 29/07/2014 - [] D -- C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy) =>.SaferNetworking
O43 - CFD: 25/11/2021 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus =>.McAfee Inc.
O43 - CFD: 20/11/2022 - [] AD -- C:\ProgramData\Avg =>.AVG Software
O43 - CFD: 19/11/2022 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 17/11/2022 - [] D -- C:\ProgramData\Spybot - Search & Destroy =>.SaferNetworking
O43 - CFD: 13/10/2016 - [] D -- C:\Users\Sarah\AppData\Roaming\TuneUp Software =>.TuneUp Software
O43 - CFD: 20/11/2022 - [] D -- C:\Users\Sarah\AppData\Local\Avg =>.AVG Software
O43 - CFD: 17/07/2014 - [0] D -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
O69 - SBI: prefs.js [Sarah - w9o9fqer.default] user_pref("extensions.xpiState", "{\"app-profile\":{\"faststartff@gmail.com\":{\"d\":\"C:\\\\Users\\\\Sarah\\\\AppData\\\\Roaming\[...] =>PUP.Optional.FastStart
O69 - SBI: SearchScopes [HKCU] [64Bits]{95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://mysearch.avg.com/ =>.AVG Software
[MD5.36F39A9449C0FB231A6CD1DE50C9C10D] [WIS][2014/07/18 09:33:23] (...) -- C:\WINDOWS\Installer\MSI4BE2.tmp-\Smartbar.Common.dll =>PUP.Optional.SmartBar
[MD5.DFC77FABC037078A5F7407B50BA298B7] [WIS][2014/07/18 09:33:23] (...) -- C:\WINDOWS\Installer\MSI4BE2.tmp-\Smartbar.Communication.dll =>PUP.Optional.SmartBar
[MD5.F63B8C2EF4F3E781C75EC7578CD75E95] [WIS][2014/07/18 09:33:23] (...) -- C:\WINDOWS\Installer\MSI4BE2.tmp-\Smartbar.Communication.NamedPipe.dll =>PUP.Optional.SmartBar
[MD5.EEB42B3891E08DC7295CBEB13C9A8ABC] [WIS][2014/07/18 09:33:23] (...) -- C:\WINDOWS\Installer\MSI4BE2.tmp-\Smartbar.Infrastructure.Utilities.dll =>PUP.Optional.SmartBar
[MD5.73A4E38007AE8C89DDDE9F97304321A0] [WIS][2014/07/18 09:33:22] (...) -- C:\WINDOWS\Installer\MSI4BE2.tmp-\Smartbar.Installer.CustomActions.dll =>PUP.Optional.SmartBar
[MD5.367398C48AE4C7F3E04FB71F79BBC2D5] [WIS][2014/07/18 09:33:23] (...) -- C:\WINDOWS\Installer\MSI4BE2.tmp-\Smartbar.Personalization.Common.dll =>PUP.Optional.SmartBar
[MD5.AF50D8BC6818655746A30D9A0A433BBB] [WIS][2014/07/18 09:33:23] (...) -- C:\WINDOWS\Installer\MSI4BE2.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll =>PUP.Optional.SmartBar
[MD5.36F39A9449C0FB231A6CD1DE50C9C10D] [WIS][2014/07/18 09:34:37] (...) -- C:\WINDOWS\Installer\MSI6E24.tmp-\Smartbar.Common.dll =>PUP.Optional.SmartBar
[MD5.DFC77FABC037078A5F7407B50BA298B7] [WIS][2014/07/18 09:34:37] (...) -- C:\WINDOWS\Installer\MSI6E24.tmp-\Smartbar.Communication.dll =>PUP.Optional.SmartBar
[MD5.F63B8C2EF4F3E781C75EC7578CD75E95] [WIS][2014/07/18 09:34:37] (...) -- C:\WINDOWS\Installer\MSI6E24.tmp-\Smartbar.Communication.NamedPipe.dll =>PUP.Optional.SmartBar
[MD5.73A4E38007AE8C89DDDE9F97304321A0] [WIS][2014/07/18 09:34:36] (...) -- C:\WINDOWS\Installer\MSI6E24.tmp-\Smartbar.Installer.CustomActions.dll =>PUP.Optional.SmartBar
[MD5.36F39A9449C0FB231A6CD1DE50C9C10D] [WIS][2014/07/18 09:33:53] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.Common.dll =>PUP.Optional.SmartBar
[MD5.DFC77FABC037078A5F7407B50BA298B7] [WIS][2014/07/18 09:33:52] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.Communication.dll =>PUP.Optional.SmartBar
[MD5.F63B8C2EF4F3E781C75EC7578CD75E95] [WIS][2014/07/18 09:33:52] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.Communication.NamedPipe.dll =>PUP.Optional.SmartBar
[MD5.5970A8CBC7D08A0C7190FD533F9DE31B] [WIS][2014/07/18 09:33:51] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.GUI.Controls.dll =>PUP.Optional.SmartBar
[MD5.95E7B133C1038F8350CAE989E240B66D] [WIS][2014/07/18 09:33:52] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.Infrastructure.BusinessEntities.dll =>PUP.Optional.SmartBar
[MD5.EEB42B3891E08DC7295CBEB13C9A8ABC] [WIS][2014/07/18 09:33:51] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.Infrastructure.Utilities.dll =>PUP.Optional.SmartBar
[MD5.73A4E38007AE8C89DDDE9F97304321A0] [WIS][2014/07/18 09:33:51] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.Installer.CustomActions.dll =>PUP.Optional.SmartBar
[MD5.367398C48AE4C7F3E04FB71F79BBC2D5] [WIS][2014/07/18 09:33:51] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.Personalization.Common.dll =>PUP.Optional.SmartBar
[MD5.AF50D8BC6818655746A30D9A0A433BBB] [WIS][2014/07/18 09:33:52] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll =>PUP.Optional.SmartBar
[MD5.447BA723EBC9FF4AFB1CFBECED1BD8C8] [WIS][2014/07/18 09:33:52] (...) -- C:\WINDOWS\Installer\MSIBE16.tmp-\Smartbar.Resources.Translations.dll =>PUP.Optional.SmartBar
C:\WINDOWS\AutoKMS\AutoKMS.log =>HackTool.AutoKMS
C:\WINDOWS\AutoKMS =>HackTool.AutoKMS