Emsisoft Emergency Kit - Versie 10.0 Laatste Update: 18/07/2015 13:00:02 Gebruikersaccount: PC_van_Frederic\Zakelijk - Estate Pl Scaninstellingen: Scanmodus: Aangepaste scan Objecten: Rootkits, Geheugen, Sporen, C:\, F:\, G:\ Detecteer PUPs: Aan Scan archieven: Aan ADS Scan: Aan Bestandsextensiefilter: Uit Geavanceerde cache: Aan Directe schijftoegang: Uit Scan gestart: 18/07/2015 13:06:54 C:\Windows\System32\Drivers\967f1f42f0dff577.sys Ontdekt: Trojan.Generic.14783168 (B) C:\Program Files\freecorder extension Ontdekt: Application.AppInstall (A) C:\Program Files (x86)\freecorder extension Ontdekt: Application.AppInstall (A) C:\Users\Zakelijk - Estate Pl\AppData\Roaming\Mozilla\Firefox\Profiles\09qkd4zr.default\Extensions\addon@freecorder.com Ontdekt: Application.FireExt (A) Key: HKEY_USERS\S-1-5-21-2883450986-3951649885-2188304626-1000\SOFTWARE\GRAND VIRTUAL Ontdekt: Application.Win32.CasOnline (A) Key: HKEY_USERS\S-1-5-21-2883450986-3951649885-2188304626-1000\SOFTWARE\RAR PASSWORD CRACKER Ontdekt: Application.Win32.PassRecover (A) Key: HKEY_USERS\S-1-5-21-2883450986-3951649885-2188304626-501\SOFTWARE\RAR PASSWORD CRACKER Ontdekt: Application.Win32.PassRecover (A) Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET018\SERVICES\SYSHOST32 Ontdekt: Trojan.Win32.Agent (A) Key: HKEY_USERS\S-1-5-21-2883450986-3951649885-2188304626-1013\SOFTWARE\CONDUIT Ontdekt: Application.InstallAd (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\CONDUIT Ontdekt: Application.InstallAd (A) Key: HKEY_USERS\S-1-5-21-2883450986-3951649885-2188304626-1000\SOFTWARE\YAHOOPARTNERTOOLBAR Ontdekt: Application.Win32.YTool (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983} Ontdekt: Application.InstallTool (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{19975B78-1907-4DD6-A437-4C48120F46A4} Ontdekt: Application.InstallExt (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{562B9316-C08A-444A-9482-62080DD851AE} Ontdekt: Application.InstallSpeed (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{562B9317-C08A-444A-9482-62080DD851AE} Ontdekt: Application.InstallTool (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{045F91B3-695F-423A-98C7-8DE3C47AA020} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A1440EC3-F0FA-407A-B811-DE6668C06D29} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C815E3DA-0823-49B0-9270-D1771D58B317} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E4A994B0-5550-4680-A4C6-B9470B888069} Ontdekt: Application.InstallNews (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA} Ontdekt: Application.InstallNews (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F9EB11AB-9384-4736-9B33-993940F88895} Ontdekt: Application.InstallNews (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6C65F1F0-8088-414B-828C-813207ADE75A} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C9B4F046-2A8C-46BD-B1A1-CF0EAE5EA521} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B887CA3B-D82B-4A01-AD29-E97444D01CE6} Ontdekt: Application.AdReg (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B15BBE59-42F5-4206-B3F0-BE98F5DC4B93} Ontdekt: Application.BHO (A) Key: HKEY_USERS\S-1-5-21-2883450986-3951649885-2188304626-1000\SOFTWARE\SOFTONIC Ontdekt: Application.InstallAd (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\APPID\{544C2426-48FD-4C40-AE3B-31257FF334D0} Ontdekt: Application.InstallTool (A) C:\zoek_backup\C_Users_Frederic_AppData_Roaming_kill.exe.vir Ontdekt: Trojan.Generic.KDV.543053 (B) Gescand: 811107 Gevonden: 40 Scan geëindigd: 18/07/2015 23:06:37 Scantijd: 9:59:43