Emsisoft Anti-Malware - Versie 9.0 Laatste Update: 23-10-2014 21:32:35 Gebruikersaccount: ROBIN\Robin Scaninstellingen: Scanmodus: Diepe scan Objecten: Rootkits, Geheugen, Sporen, C:\, D:\ Detecteer PUPs: Aan Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 23-10-2014 21:32:55 Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Ontdekt: Application.Win32.WebApp (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Ontdekt: Application.AdGenie (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} Ontdekt: Application.AdGenie (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1004\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Ontdekt: Application.AdGenie (A) C:\Users\Robin\AppData\Roaming\systweak Ontdekt: Application.AppInstall (A) C:\ProgramData\systweak Ontdekt: Application.AppInstall (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\SYSTWEAK Ontdekt: Application.InstallAd (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SYSTWEAK Ontdekt: Application.InstallAd (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\INSTALLCORE Ontdekt: Application.AdTool (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SUPTAB Ontdekt: Application.AdShort (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\FREESOFTTODAY Ontdekt: Adware.Win32.Ozore (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\TUTOTAG Ontdekt: Adware.Win32.Ozore (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\ISTARTSURFSOFTWARE Ontdekt: Application.AdSurf (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\SUPHPUISOFT Ontdekt: Application.InstallTab (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Ontdekt: Application.Win32.WSearch (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Ontdekt: Application.Win32.WSearch (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\SMARTBAR Ontdekt: Application.InstallAd (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Ontdekt: Application.AdReg (A) C:\Users\Robin\AppData\Local\Temp\is45637729\279105515_stp\deal_keeper_installer_v3.exe Ontdekt: Adware.Agent.OHE (B) C:\Users\Robin\AppData\Local\Temp\PartnerInstaller_smtyc.exe Ontdekt: Adware.Downloader.AR (B) C:\Users\Robin\AppData\Local\Temp\UNTB918.tmp.exe -> (NSIS o) -> lzma_solid_nsis0012 Ontdekt: Gen:Variant.Zusy.107158 (B) C:\Users\Robin\Downloads\fl_setup.exe Ontdekt: Gen:Variant.Adware.Strictor.61512 (B) C:\Users\Robin\Downloads\SFInstaller_SFFZ_filezilla_8992693_.exe Ontdekt: Application.Win32.InstallAd (A) Gescand: 380268 Gevonden: 25 Scan geëindigd: 23-10-2014 22:43:40 Scantijd: 1:10:45 C:\Users\Robin\Downloads\SFInstaller_SFFZ_filezilla_8992693_.exe In quarantaine geplaatst Application.Win32.InstallAd (A) C:\Users\Robin\Downloads\fl_setup.exe In quarantaine geplaatst Gen:Variant.Adware.Strictor.61512 (B) C:\Users\Robin\AppData\Local\Temp\UNTB918.tmp.exe In quarantaine geplaatst Gen:Variant.Zusy.107158 (B) C:\Users\Robin\AppData\Local\Temp\PartnerInstaller_smtyc.exe In quarantaine geplaatst Adware.Downloader.AR (B) C:\Users\Robin\AppData\Local\Temp\is45637729\279105515_stp\deal_keeper_installer_v3.exe In quarantaine geplaatst Adware.Agent.OHE (B) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} In quarantaine geplaatst Application.AdReg (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\SMARTBAR In quarantaine geplaatst Application.InstallAd (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1004\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5} In quarantaine geplaatst Application.Win32.WSearch (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5} In quarantaine geplaatst Application.Win32.WSearch (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\SUPHPUISOFT In quarantaine geplaatst Application.InstallTab (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\ISTARTSURFSOFTWARE In quarantaine geplaatst Application.AdSurf (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\TUTOTAG In quarantaine geplaatst Adware.Win32.Ozore (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\FREESOFTTODAY In quarantaine geplaatst Adware.Win32.Ozore (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SUPTAB In quarantaine geplaatst Application.AdShort (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\INSTALLCORE In quarantaine geplaatst Application.AdTool (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SYSTWEAK In quarantaine geplaatst Application.InstallAd (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\SYSTWEAK In quarantaine geplaatst Application.InstallAd (A) C:\ProgramData\systweak In quarantaine geplaatst Application.AppInstall (A) C:\Users\Robin\AppData\Roaming\systweak In quarantaine geplaatst Application.AppInstall (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1004\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} In quarantaine geplaatst Application.AdGenie (A) Key: HKEY_USERS\S-1-5-21-4066667900-716801694-3576342501-1001\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} In quarantaine geplaatst Application.AdGenie (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} In quarantaine geplaatst Application.AdGenie (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{5F189DF5-2D05-472B-9091-84D9848AE48B} In quarantaine geplaatst Application.AdGenie (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} In quarantaine geplaatst Application.AdGenie (A) In quarantaine geplaatst 24