Emsisoft Anti-Malware - Versie 10.0
Laatste Update: 30-5-2015 18:47:38
Gebruikersaccount: BONNIEEE\robin_000

Scaninstellingen:

Scanmodus: Malware Scan
Objecten: Rootkits, Geheugen, Sporen, Bestanden

Detecteer PUPs: Aan
Scan archieven: Uit
ADS Scan: Aan
Bestandsextensiefilter: Uit
Geavanceerde cache: Aan
Directe schijftoegang: Uit

Scan gestart:	30-5-2015 18:51:03
C:\Program Files (x86)\Searchprotect 	Ontdekt: Application.AppInstall (A)
C:\Users\Bonniee\AppData\Local\Searchprotect 	Ontdekt: Application.AppInstall (A)
C:\Users\robin_000\AppData\Local\Searchprotect 	Ontdekt: Application.AppInstall (A)
C:\Users\Bonniee\AppData\Roaming\OpenCandy 	Ontdekt: Application.AppInstall (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR 	Ontdekt: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS 	Ontdekt: Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN 	Ontdekt: Setting.NoRun (A)
Key: HKEY_USERS\S-1-5-21-3636894022-4057739004-481170259-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} 	Ontdekt: Application.Win32.WSearch (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SEARCHPROTECT 	Ontdekt: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SEARCHPROTECT 	Ontdekt: Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} 	Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} 	Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} 	Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI 	Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI.1 	Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} 	Ontdekt: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{95B7759C-8C7F-4BF1-B163-73684A933233} 	Ontdekt: Application.BHO (A)
Key: HKEY_USERS\S-1-5-21-3636894022-4057739004-481170259-1001\SOFTWARE\SOFTONIC 	Ontdekt: Application.InstallAd (A)
C:\Program Files\KMSpico\Service_KMS.exe 	Ontdekt: Riskware.MSIL.HackTool (A)
C:\Program Files\KMSpico\AutoPico.exe 	Ontdekt: Riskware.Win32.HackTool (A)

Gescand:	72333
Gevonden:	20

Scan geëindigd:	30-5-2015 18:55:39
Scantijd:	0:04:36

C:\Program Files\KMSpico\AutoPico.exe	In quarantaine geplaatst Riskware.Win32.HackTool (A)
C:\Program Files\KMSpico\Service_KMS.exe	In quarantaine geplaatst Riskware.MSIL.HackTool (A)
Key: HKEY_USERS\S-1-5-21-3636894022-4057739004-481170259-1001\SOFTWARE\SOFTONIC	In quarantaine geplaatst Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{95B7759C-8C7F-4BF1-B163-73684A933233}	In quarantaine geplaatst Application.BHO (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\TYPELIB\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}	In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI.1	In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\SCRIPTHELPER.SCRIPTHELPERAPI	In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}	In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}	In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}	In quarantaine geplaatst Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\SEARCHPROTECT	In quarantaine geplaatst Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SEARCHPROTECT	In quarantaine geplaatst Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-3636894022-4057739004-481170259-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}	In quarantaine geplaatst Application.Win32.WSearch (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN	In quarantaine geplaatst Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS	In quarantaine geplaatst Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR	In quarantaine geplaatst Setting.DisableTaskMgr (A)
C:\Users\Bonniee\AppData\Roaming\OpenCandy	In quarantaine geplaatst Application.AppInstall (A)
C:\Users\robin_000\AppData\Local\Searchprotect	In quarantaine geplaatst Application.AppInstall (A)
C:\Users\Bonniee\AppData\Local\Searchprotect	In quarantaine geplaatst Application.AppInstall (A)
C:\Program Files (x86)\Searchprotect	In quarantaine geplaatst Application.AppInstall (A)

In quarantaine geplaatst	20