# AdwCleaner v6.030 - Logbestand aangemaakt 17/11/2016 op 23:04:08 # *Updated on 19/10/2016 by Malwarebytes # Gebruik lokale database : 2016-11-16.1 [*Server] # Besturingssysteem : Windows 7 Professional Service Pack 1 (X64) # Gebruikersnaam : User - USER-PC # Gestart vanuit : C:\Users\User\Downloads\adwcleaner_6.030.exe # *Mode: Scan # Ondersteuning : https://www.malwarebytes.com/support ***** [ *Services ] ***** *No malicious services found. ***** [ Mappen ] ***** gevonden C:\Users\User\AppData\Roaming\Softlink gevonden C:\Program Files\Common Files\AVG Secure Search gevonden C:\Program Files (x86)\avg web tuneup gevonden C:\Program Files (x86)\Common Files\AVG Secure Search gevonden C:\Users\User\AppData\Local\app ***** [ Bestanden ] ***** *No malicious files found. ***** [ DLL ] ***** *No malicious DLLs found. ***** [ WMI ] ***** *No malicious keys found. ***** [ Snelkoppelingen ] ***** Zoeken naar bestanden ... ***** [ Geplande taken ] ***** gevonden SecureUpdater ***** [ Register ] ***** gevonden HKLM\SOFTWARE\Classes\UCHTML gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.CRX gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTM gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.HTML gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.MHT gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTM gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.SHTML gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.WEBP gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHT gevonden HKLM\SOFTWARE\Classes\UCHTML.AssocFile.XHTML gevonden HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService gevonden [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService gevonden HKLM\SOFTWARE\Classes\KuaiZip.kz gevonden HKLM\SOFTWARE\Classes\KuaiZip.zip gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.ape gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.bin gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.ccd gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.cue gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.flac gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.iso gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.isz gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.mdf gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.mds gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.nrg gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.vcd gevonden HKLM\SOFTWARE\Classes\KuaiZipMount.wv gevonden HKLM\SOFTWARE\Classes\KuaiZipMount_FileAsso.Origin gevonden HKLM\SOFTWARE\Classes\KuaiZip_FileAsso.Origin gevonden HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd gevonden HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 gevonden HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi gevonden HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 gevonden HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi gevonden HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZip.kz gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZip.zip gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.ape gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.bin gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.ccd gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.cue gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.flac gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.iso gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.isz gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.mdf gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.mds gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.nrg gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.vcd gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.wv gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZipMount_FileAsso.Origin gevonden [x64] HKLM\SOFTWARE\Classes\KuaiZip_FileAsso.Origin gevonden [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd gevonden [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1 gevonden [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi gevonden [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1 gevonden [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi gevonden [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 gevonden HKLM\SOFTWARE\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1} gevonden HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} gevonden HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} gevonden HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615} gevonden HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} gevonden HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} gevonden HKLM\SOFTWARE\Classes\TypeLib\{86C4C3BA-4EA4-4CF8-98B9-6B07B477B835} gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} gevonden HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} gevonden HKU\.DEFAULT\Software\UCBrowser gevonden HKU\S-1-5-21-3041928109-549638978-2443649083-1000\Software\Installer gevonden HKU\S-1-5-21-3041928109-549638978-2443649083-1000\Software\MICROSOFT\OTUT gevonden HKU\S-1-5-21-3041928109-549638978-2443649083-1000\Software\AutoTime gevonden HKU\S-1-5-21-3041928109-549638978-2443649083-1000\Software\KuaiZip gevonden HKU\S-1-5-21-3041928109-549638978-2443649083-1000\Software\SNDA gevonden HKU\S-1-5-21-3041928109-549638978-2443649083-1000\Software\KuaiZipSFX gevonden HKU\S-1-5-21-3041928109-549638978-2443649083-1000\Software\Maoha gevonden HKU\S-1-5-18\Software\UCBrowser gevonden HKCU\Software\Installer gevonden HKCU\Software\MICROSOFT\OTUT gevonden HKCU\Software\AutoTime gevonden HKCU\Software\KuaiZip gevonden HKCU\Software\SNDA gevonden HKCU\Software\KuaiZipSFX gevonden HKCU\Software\Maoha gevonden HKLM\SOFTWARE\AVG Tuneup gevonden HKLM\SOFTWARE\Maoha gevonden HKLM\SOFTWARE\Microleaves gevonden [x64] HKCU\Software\Installer gevonden [x64] HKCU\Software\MICROSOFT\OTUT gevonden [x64] HKCU\Software\AutoTime gevonden [x64] HKCU\Software\KuaiZip gevonden [x64] HKCU\Software\SNDA gevonden [x64] HKCU\Software\KuaiZipSFX gevonden [x64] HKCU\Software\Maoha gevonden HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zCIA9MEIDRrIV5mbX_YRoM gevonden HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://hao.360.cn/?installer gevonden HKU\S-1-5-21-3041928109-549638978-2443649083-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} gevonden HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} gevonden [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} gevonden HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh gevonden HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin gevonden HKLM\SOFTWARE\Clients\StartMenuInternet\UCBrowser gevonden HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe Waarde HKLM\SOFTWARE\RegisteredApplications [UCBrowser] gevonden HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\UCBrowser.exe Waarde HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [kuaizipupdatesvc] gevonden HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\KuaiZipShlExt gevonden HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\KuaiZipShlExt gevonden HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL ***** [ Internetbrowsers ] ***** Zoeken naar register-items ... Zoeken naar register-items ... ************************* C:\AdwCleaner\AdwCleaner[S0].txt - [9435 bytes] - [17/11/2016 07:09:29] C:\AdwCleaner\AdwCleaner[S1].txt - [9328 bytes] - [17/11/2016 10:11:51] C:\AdwCleaner\AdwCleaner[S2].txt - [7950 bytes] - [17/11/2016 23:04:08] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [8023 bytes] ##########