~ ZHPCleaner v2018.2.25.40 by Nicolas Coolman (2018/02/25) ~ Run by Niek (Administrator) (27/02/2018 19:06:16) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Versie OK ~ Certificate ZHPCleaner: Legal ~ Type : Scan ~ Report : C:\Users\Niek\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Niek\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 15063) ---\\ Alternate Data Stream (ADS). (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Services (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Browser internet (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Hosts bestand (1) ~ The hosts file is rechtmatig (21) ---\\ Scheduled automatic tasks. (0) ~ Geen schadelijk of onnodig element gevonden. ---\\ Explorer ( Bestand, Map) (60) GEVONDEN bestand: C:\Users\Niek\AppData\Roaming\Mozilla\Firefox\Profiles\TLlS6Kme.default\searchplugins\bing-lavasoft.xml =>PUP.Optional.LavasoftWebCompanion GEVONDEN bestand: C:\Users\Public\Desktop\Malware Crusher.lnk [Bad : C:\Program Files (x86)\Malware Crusher\mcr.exe](.MalwareCrusher.com.) =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\netsession_win.exe [Akamai Technologies, Inc. - Akamai NetSession Client] =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Public\Desktop\Malware Crusher.lnk =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Users\Niek\Downloads\my_downloader_installer.exe [Akamai Technologies, Inc. - Akamai NetSession Client Installer] =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\Downloads\AVG_Driver_Updater_Setup_15_3.exe [Slimware Utilities Holdings, Inc. - AVG Driver Updater Setup Wizard] =>.SUP.SlimWareUtilities GEVONDEN bestand: C:\Program Files (x86)\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion GEVONDEN bestand: C:\Users\Niek\AppData\Roaming\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion GEVONDEN bestand: C:\ProgramData\Lavasoft\web companion =>PUP.Optional.LavasoftWebCompanion GEVONDEN bestand: C:\Program Files\Malware Crusher\Application_icon.png =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\danish_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\Dutch_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\english_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\finish_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\French_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\german_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\Interop.IWshRuntimeLibrary.dll [malwarecrusher.com - Interop.IWshRuntimeLibrary.dll] =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\italian_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\japanese_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\langs.db =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\mclog.xsl =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\MCPro.ttf =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\mcr.exe [MalwareCrusher.com - Malware Crusher] =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\mcr.exe.config =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\norwegian_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\portuguese_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\russian_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\spanish_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\swedish_iss.ini =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\TAFactory.IconPack.dll [NCEEE - IconPack] =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\unins000.dat =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\unins000.exe [ - Setup/Uninstall] =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\unins000.msg =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Program Files\Malware Crusher\WpfAnimatedGif.dll [malwarecrusher.com - WpfAnimatedGif] =>.SUP.MalwareCrusher GEVONDEN map: C:\Program Files\Malware Crusher\x64 =>.SUP.MalwareCrusher GEVONDEN map: C:\Program Files\Malware Crusher\x86 =>.SUP.MalwareCrusher GEVONDEN map: C:\Program Files\Malware Crusher =>.SUP.MalwareCrusher GEVONDEN map: C:\ProgramData\MalwareCrusher.com\Malware Crusher =>.SUP.MalwareCrusher GEVONDEN map: C:\ProgramData\MalwareCrusher.com =>.SUP.MalwareCrusher GEVONDEN map: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Crusher =>.SUP.MalwareCrusher GEVONDEN map: C:\Users\Niek\AppData\Roaming\MalwareCrusher.com\Malware Crusher =>.SUP.MalwareCrusher GEVONDEN map: C:\Users\Niek\AppData\Roaming\MalwareCrusher.com =>.SUP.MalwareCrusher GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\admintool.exe [Akamai Technologies, Inc. - Akamai NetSession Client Administration Too] =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\client.ini =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\ControlPanel.exe [Akamai Technologies, Inc. - Akamai NetSession Client Control Panel] =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\CplTasks.xml =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\euc_state.json =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\extraroot.pem =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\guid.ini =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\installer.txt =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\installer_no_upload_silent.exe [Akamai Technologies, Inc. - Akamai NetSession Client Installer] =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\readme.txt =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\root.pem =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\rswinui.exe [Akamai Technologies, Inc. - Akamai NetSession Client User Interface] =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\uninstall.exe [Akamai Technologies, Inc. - Akamai NetSession Client Uninstaller] =>.SUP.AkamaiHD GEVONDEN bestand: C:\Users\Niek\AppData\Local\Akamai\user.dat =>.SUP.AkamaiHD GEVONDEN map: C:\Users\Niek\AppData\Local\Akamai\Cache =>.SUP.AkamaiHD GEVONDEN map: C:\Users\Niek\AppData\Local\Akamai\Languages =>.SUP.AkamaiHD GEVONDEN map: C:\Users\Niek\AppData\Local\Akamai\Logs =>.SUP.AkamaiHD GEVONDEN map: C:\Users\Niek\AppData\Local\Akamai =>.SUP.AkamaiHD ---\\ Register ( Sleutel, Waarde, Data) (23) GEVONDEN sleutel: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} [https://mysearch.avg.com/search?cid={B8EBCD61-AA00-4EA5-9B7B-4484B970AB18}&mid=ef72c22c85b147cf9d54f[...]] [AVG Secure Search] =>PUP.Optional.MySearch GEVONDEN waarde: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface ["C:\Users\Niek\AppData\Local\Akamai\netsession_win.exe"] =>.SUP.AkamaiHD GEVONDEN waarde: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Web Companion [C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize ] =>PUP.Optional.LavasoftWebCompanion GEVONDEN sleutel: HKEY_USERS\S-1-5-21-4169251764-2817220720-793182994-1001\SOFTWARE\Akamai [] =>.SUP.AkamaiHD GEVONDEN sleutel: HKEY_USERS\S-1-5-21-4169251764-2817220720-793182994-1001\SOFTWARE\malwarecrusher.com [] =>.SUP.MalwareCrusher GEVONDEN sleutel: HKCU\Software\Akamai [] =>.SUP.AkamaiHD GEVONDEN sleutel: HKCU\Software\malwarecrusher.com [] =>.SUP.MalwareCrusher GEVONDEN sleutel: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Akamai [Akamai Technologies, Inc] =>.SUP.AkamaiHD GEVONDEN sleutel: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\atwola.com [] =>.SUP.Atwola GEVONDEN sleutel: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.at.atwola.com [15] =>.SUP.Atwola GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Classes\S [] =>Toolbar.Agent GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi [ScriptHelperApi Class] =>Toolbar.Agent GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 [ScriptHelperApi Class] =>Toolbar.Agent GEVONDEN sleutel: HKLM\SYSTEM\CurrentControlSet\Services\WCAssistantService [] =>PUP.Optional.LavasoftWebCompanion GEVONDEN sleutel: [X64] HKLM\SOFTWARE\malwarecrusher.com [] =>.SUP.MalwareCrusher GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FA2268FD-F787-4DD3-B6F1-CA4F706F481E_is1 [malwarecrusher.com] =>.SUP.MalwareCrusher GEVONDEN sleutel: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask GEVONDEN waarde: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Akamai NetSession Interface [0x020000000000000000000000] =>.SUP.AkamaiHD GEVONDEN waarde: HKEY_USERS\S-1-5-21-4169251764-2817220720-793182994-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Akamai NetSession Interface [0x020000000000000000000000] =>.SUP.AkamaiHD GEVONDEN waarde: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{1F69EC01-96FB-46F4-B4F6-3874BC009BA0}C:\users\niek\appdata\local\akamai\netsession_win.exe [C:\users\niek\appdata\local\akamai\netsession_win.exe] =>.SUP.AkamaiHD GEVONDEN waarde: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{20CED116-122E-47E7-9482-1D86451BEF46}C:\users\niek\appdata\local\akamai\netsession_win.exe [C:\users\niek\appdata\local\akamai\netsession_win.exe] =>.SUP.AkamaiHD GEVONDEN waarde: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\TCP Query User{8E2DF526-61CD-44B1-AFF9-D22BDEA1FFF6}C:\users\niek\appdata\local\akamai\netsession_win.exe [C:\users\niek\appdata\local\akamai\netsession_win.exe] =>.SUP.AkamaiHD GEVONDEN waarde: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\UDP Query User{29C69EEA-BACC-4160-A25E-D55CD4C92EC7}C:\users\niek\appdata\local\akamai\netsession_win.exe [C:\users\niek\appdata\local\akamai\netsession_win.exe] =>.SUP.AkamaiHD ---\\ Samenvatting van elementen gevonden op uw werkstation (8) https://nicolascoolman.eu/2017/03/12/superfluous-lavasoftwebcompanion/ =>PUP.Optional.LavasoftWebCompanion https://nicolascoolman.eu/2018/01/03/sup-malwarecrusher/ =>.SUP.MalwareCrusher https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD https://nicolascoolman.eu/2017/03/03/superfluous-slimwareutilities/ =>.SUP.SlimWareUtilities https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.MySearch https://nicolascoolman.eu/2017/02/04/superfluous-atwola/ =>.SUP.Atwola https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>Toolbar.Agent https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask ---\\Resultaat van reparaties ~ Gerepareerd ~ Browser niet gevonden (Opera Software) ---\\Statistics ~ Items gescand : 96461 ~ Items gevonden : 92 ~ Items gecancelled : 0 ~ Items opties : 0/7 ~ Ruimtebesparend (bytes) : 0 ~ End of search in 00h25mn27s ZHPCleaner-[S]-27022018-19_31_43.txt