Malwarebytes Anti-Malware www.malwarebytes.org Scandatum: 20-11-2014 Scantijd: 22:40:17 Logbestand: MBAM.txt Beheerder: Ja Versie: 2.00.3.1025 Malwaredatabase: v2014.11.20.08 Rootkitdatabase: v2014.11.18.01 Licentie: Proef Malwarebescherming: Ingeschakeld Kwaadaardige Website Bescherming: Ingeschakeld Zelfbescherming: Uitgeschakeld Besturingssysteem: Windows 8.1 Processor: x64 Bestandssysteem: NTFS Gebruiker: M. Robbescheuten Scantype: Aangepaste Scan Resultaat: Voltooid Objecten Gescand: 635345 Verstreken Tijd: 1 u, 27 m, 10 s Geheugen: Uitgeschakeld Opstarten: Uitgeschakeld Bestandssysteem: Ingeschakeld Archieven: Uitgeschakeld Rootkits: Ingeschakeld Diepgewortelde-Rootkit Scan: Ingeschakeld Heuristiek: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (Geen kwaadaardige items gedetecteerd) Modules: 0 (Geen kwaadaardige items gedetecteerd) Registersleutels: 0 (Geen kwaadaardige items gedetecteerd) Registerwaardes: 0 (Geen kwaadaardige items gedetecteerd) Registerdata: 6 PUP.Optional.SnapDo.A, HKU\S-1-5-21-2617873385-1771127311-2925833956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}),Geen Actie Door Gebruiker,[e758122b1369d264824564dfc93ca25e] PUP.Optional.SnapDo.A, HKU\S-1-5-21-2617873385-1771127311-2925833956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}),Vervangen,[7ec12e0f611b0b2b82467ac952b39c64] PUP.Optional.SnapDo.A, HKU\S-1-5-21-2617873385-1771127311-2925833956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHUR0OZJ_N6wfC8p95QlglTdS0o7_84F-78qIZIW3h7HXt01kyxNuZOV2_84qNK, Goed: (www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHUR0OZJ_N6wfC8p95QlglTdS0o7_84F-78qIZIW3h7HXt01kyxNuZOV2_84qNK),Vervangen,[fc43c27b78046cca8e3bee55f31238c8] PUP.Optional.SnapDo.A, HKU\S-1-5-21-2617873385-1771127311-2925833956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}),Vervangen,[d768bb827ffd58de59715ee5fc09ba46] PUP.Optional.SnapDo.A, HKU\S-1-5-21-2617873385-1771127311-2925833956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}),Vervangen,[d96661dc84f81c1ae3e85fe48e77ce32] PUP.Optional.SnapDo.A, HKU\S-1-5-21-2617873385-1771127311-2925833956-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQ6zvuZ2qcrXvuX0FvNkLR3HRCmfF1tnOQuVKRpOq6F0uLu5B-jL9LHl75D14weB0w9w-W20-zOCzgRMtZeVmdCee-e9CN4C93Qi1GBduDlLfdeeJWx_12gnwhJReyHYKLmamYss41Pvk83QMbWP0TThSM9pqXK6A50g5ydAO7iog-g8ZwqR1j7CVaGA&q={searchTerms}),Vervangen,[41fea19c413baa8c5a6c281b8d78d22e] Mappen: 0 (Geen kwaadaardige items gedetecteerd) Bestanden: 46 PUP.Optional.SmartBar, C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe.vir, In Quarantaine, [0c3367d62e4ed6602d25e776758bc739], PUP.Optional.VeriStaff, C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srptm.exe.vir, In Quarantaine, [cd72390491ebeb4bd5812a331de3c13f], PUP.Optional.VeriStaff, C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srptsl.exe.vir, In Quarantaine, [b58a99a4700cd85ea1b2ed7020e0fb05], PUP.Optional.SmartBar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\Resources\crdliL.dll.vir, In Quarantaine, [fb44f647ccb0231396520b33887de21e], PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir, In Quarantaine, [033c0c3193e97fb7f9570799f80959a7], PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir, In Quarantaine, [99a6c37a1a62b28447095e426b962ad6], PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir, In Quarantaine, [60dffe3f92eafc3a6d04b42bd72adf21], PUP.Optional.IEPluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir, In Quarantaine, [a59a76c739430135e4663e452ad7827e], PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir, In Quarantaine, [6ad5aa93a7d5171f63ede6ba639eda26], PUP.Optional.Skytech.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir, In Quarantaine, [53ecff3e6b11ee486fe1a0003dc423dd], PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir, In Quarantaine, [50ef9da0d6a6c27493efbeb2ac5530d0], PUP.Optional.SupTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir, In Quarantaine, [a897c37a1963e551e1a425102cd4ed13], PUP.Optional.Wajam, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe.vir, In Quarantaine, [0639dc611666300649ee6751d72af709], PUP.Optional.Wajam, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe.vir, In Quarantaine, [b58aa5985329fe3846f105b37091cd33], PUP.Optional.IePluginService.A, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, In Quarantaine, [bf805be2601c3afcd8aa3c34f110f808], PUP.Optional.WindowsProtectManger.A, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, In Quarantaine, [bb84310cf58768ce6b1d4478d32e6a96], PUP.Optional.SmartBar, C:\AdwCleaner\Quarantine\C\Users\M. Robbescheuten\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe.vir, In Quarantaine, [023de558ff7ddf57b2a05b02a060a060], PUP.Optional.VeriStaff, C:\AdwCleaner\Quarantine\C\Users\M. Robbescheuten\AppData\Local\LPT\srptm.exe.vir, In Quarantaine, [bf804fee1f5dff3782d449142ad6bb45], PUP.Optional.VeriStaff, C:\AdwCleaner\Quarantine\C\Users\M. Robbescheuten\AppData\Local\LPT\srptsl.exe.vir, In Quarantaine, [6bd4b687b0cc90a671e2441917e9966a], PUP.Optional.SmartBar.A, C:\AdwCleaner\Quarantine\C\Users\M. Robbescheuten\AppData\Local\LPT\Resources\crdlil.dll.vir, In Quarantaine, [a49bd7668af22313c028300e9f66ce32], PUP.Riskware.Patcher, C:\Program Files\VS Revo Group\Revo Uninstaller Pro\revo.uninstaller.pro.3.x.(x64)-patch.exe, In Quarantaine, [60df58e53c40fe38b7b1f72fc43d37c9], PUP.Riskware.Patcher, C:\Users\M. Robbescheuten\AppData\Roaming\ZHP\Quarantine\software.DIR\SOFTWARE\Revo Uninstaller Pro 308 (NL)\Revo Uninstaller Pro 3.0.8\patch\revo.uninstaller.pro.3.x.(x64)-patch.exe, In Quarantaine, [bc838ab3dba166d0f17767bfd32e36ca], PUP.Riskware.Patcher, C:\Users\M. Robbescheuten\AppData\Roaming\ZHP\Quarantine\software.DIR\SOFTWARE\Revo Uninstaller Pro 308 (NL)\Revo Uninstaller Pro 3.0.8\patch\revo.uninstaller.pro.3.x.(x86)-patch.exe, In Quarantaine, [ca75c27b285482b4b4b4170f6c956898], PUP.RiskwareTool.CK, C:\Users\M. Robbescheuten\PhotoshopPortable\App\PhotoshopCS6\amtlib.dll, In Quarantaine, [e45b0e2f97e5a49224ac7ae6ac5635cb], Trojan.AntiSniff, C:\zoek_backup\C_Users_M815E~1.ROB_AppData_Local_FolderImportPrivacy\SrDt.exe, In Quarantaine, [1c232b124834f1454f4c60e03acb10f0], PUP.Optional.SmartBar, C:\zoek_backup\C_Users_M815E~1.ROB_AppData_Local_LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe, In Quarantaine, [5de263dac9b3b68075dded7059a79a66], PUP.Optional.VeriStaff, C:\zoek_backup\C_Users_M815E~1.ROB_AppData_Local_LPT\srptm.exe, In Quarantaine, [f54ac875c7b5d0663f17e07d49b7a25e], PUP.Optional.VeriStaff, C:\zoek_backup\C_Users_M815E~1.ROB_AppData_Local_LPT\srptsl.exe, In Quarantaine, [3a05e15c592314227bd8352846bab44c], PUP.Optional.SmartBar.A, C:\zoek_backup\C_Users_M815E~1.ROB_AppData_Local_LPT\Resources\crdlil.dll, In Quarantaine, [4ff067d61c60a59142a652ec11f4a65a], PUP.Optional.Skytech.A, C:\zoek_backup\C_PROGRA~2_SupTab\DpInterface32.dll, In Quarantaine, [4cf3bd80126a6bcb9eb28719ad54d927], PUP.Optional.Skytech.A, C:\zoek_backup\C_PROGRA~2_SupTab\DpInterface64.dll, In Quarantaine, [dd62da630e6e94a21b35b4ec36cbe917], PUP.Optional.SearchProtect, C:\zoek_backup\C_PROGRA~2_SupTab\Loader64.exe, In Quarantaine, [c17e5ce169132d09beb3dc034ab72cd4], PUP.Optional.IEPluginService.A, C:\zoek_backup\C_PROGRA~2_SupTab\RSHP.exe, In Quarantaine, [a798ec51611bc86e81c9622132cf2ed2], PUP.Optional.Skytech.A, C:\zoek_backup\C_PROGRA~2_SupTab\SearchProtect32.dll, In Quarantaine, [1d22b786b3c9aa8cb19f3967dd246c94], PUP.Optional.Skytech.A, C:\zoek_backup\C_PROGRA~2_SupTab\SearchProtect64.dll, In Quarantaine, [dc633c014636b87e8dc3e2be27daaf51], Trojan.AntiSniff, C:\zoek_backup\C_Users_M. Robbescheuten_AppData_Local_FolderImportPrivacy\SrDt.exe, In Quarantaine, [fd42cb727a02072f138844fcf0152cd4], PUP.Optional.SmartBar, C:\zoek_backup\C_Users_M. Robbescheuten_AppData_Local_LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe, In Quarantaine, [2b14fa435d1fa393bc966df057a940c0], PUP.Optional.VeriStaff, C:\zoek_backup\C_Users_M. Robbescheuten_AppData_Local_LPT\srptm.exe, In Quarantaine, [17281627e894c670f4620657936d936d], PUP.Optional.VeriStaff, C:\zoek_backup\C_Users_M. Robbescheuten_AppData_Local_LPT\srptsl.exe, In Quarantaine, [9aa519249ddff1453d16fe5f936d718f], PUP.Optional.SmartBar.A, C:\zoek_backup\C_Users_M. Robbescheuten_AppData_Local_LPT\Resources\crdlil.dll, In Quarantaine, [1c23a6970b715fd747a1da64a26323dd], PUP.Optional.SiteFinder.A, C:\zoek_backup\C_PROGRA~2_SiteFinder\SiteFinder.dll, In Quarantaine, [023d97a6bebec47294e78cb1f709867a], PUP.Optional.SiteFinder.A, C:\zoek_backup\C_PROGRA~2_SiteFinder\SiteFinder_new.dll, In Quarantaine, [0b3498a5dba138febebdf24b768ab14f], PUP.Optional.SmartBar, C:\zoek_backup\C_PROGRA~2_LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe, In Quarantaine, [68d7bd806814f93d68ea114cfc0444bc], PUP.Optional.VeriStaff, C:\zoek_backup\C_PROGRA~2_LPT\srptm.exe, In Quarantaine, [221dc5780d6fee480d495607897731cf], PUP.Optional.VeriStaff, C:\zoek_backup\C_PROGRA~2_LPT\srptsl.exe, In Quarantaine, [d6699da089f37fb754ffa8b5eb15e31d], PUP.Optional.SmartBar.A, C:\zoek_backup\C_PROGRA~2_LPT\Resources\crdliL.dll, In Quarantaine, [50ef86b7cdafd75fc622231b23e21fe1], Fysieke Sectoren: 0 (Geen kwaadaardige items gedetecteerd) (end)