Malwarebytes Anti-Malware www.malwarebytes.org Scandatum: 5/08/2015 Scantijd: 8:29 Logboekbestand: MBAM ScanLog1.txt Beheerder: Ja Versie: 2.1.8.1057 Malware-database: v2015.08.05.02 Rootkit-database: v2015.08.04.01 Licentie: Gratis Malware-bescherming: Uitgeschakeld Bescherming tegen kwaadaardige websites: Uitgeschakeld Zelfbescherming: Uitgeschakeld Besturingssysteem: Windows 7 Service Pack 1 Processor: x64 Bestandssysteem: NTFS Gebruiker: Patrick Scantype: Bedreigingsscan Resultaat: Voltooid Objecten gescand: 467091 Verstreken tijd: 24 min, 38 sec Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Uitgeschakeld Heuristiek: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (Geen kwaadaardige items gedetecteerd) Modules: 0 (Geen kwaadaardige items gedetecteerd) Registersleutels: 23 PUP.Optional.SearchResults.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, In quarantaine, [ff375fa60a8137ffce442dea31d2f10f], PUP.Optional.Gameo.C, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\gameo_update, Verwijder-bij-herstart, [e25423e23b5075c152672be76e9556aa], PUP.Optional.OpenCandy.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\OpenCandyHelperRunAsStandardUser66F9043B52144E218A9C3A24FD98482F, Verwijder-bij-herstart, [4bebde27b0db93a36d3fd13fed1635cb], PUP.Optional.OpenCandy.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\OpenCandyHelperRunOnce029F62B8C42A42DF8930F068E4EF36F8, Verwijder-bij-herstart, [cc6a16efbbd030063c70d13f36cda858], PUP.Optional.Yontoo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}, In quarantaine, [ee4846bff19a83b3c08ba308659fad53], PUP.Optional.SuperOptimizer.C, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, In quarantaine, [c2749174a0eb77bf8b07d8cc12f2d42c], PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56EE2FE9-00F0-4158-AD89-0AB9E64D99C4}, In quarantaine, [3df9f2139af1b6805088921658ac9070], PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A35587F-4C1C-48D6-86DA-00077A7CA4A5}, In quarantaine, [e650e71e92f9fd399246b3f556ae3ec2], PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{78A543AA-AE9F-4A8E-BCD0-840FE014805E}, In quarantaine, [7db9c540c7c4a0964d8b812751b327d9], PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D40E5F5A-4C36-4524-B34B-C6A9D6F735E9}, In quarantaine, [c86ee3225b300a2ca830a800e12327d9], PUP.Optional.SearchResults.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, In quarantaine, [4beb33d2cbc0270fa76b1403d231e61a], PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, In quarantaine, [c4720104e2a93600ebcd3fd6c53eaa56], PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In quarantaine, [9a9c3bcaff8ce3536e22abf9f113c040], PUP.Optional.Gameo.C, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\Gameo, In quarantaine, [e74f9a6b3a5137ffbb72cd4a2bd80ef2], PUP.Optional.SuperOptimizer.C, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In quarantaine, [2e08c83ddead1f17048c1a8a58ace917], PUP.Optional.SerachQU.A, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, In quarantaine, [96a07a8b4447cc6a1add110305fefb05], PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In quarantaine, [58deca3b355653e37b3ecbd27f859c64], PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{12AB1950-F3C3-4C3F-8583-EAD47C077BD2}, In quarantaine, [152143c2117a1620dddc2e6fa361f50b], PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, In quarantaine, [201645c0aedd5adcf8c1326b808442be], PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{632F07F3-19A1-4D16-A23F-E6CE9486BAB5}, In quarantaine, [52e461a44f3c7eb89623257848bc56aa], PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77FBDEE1-40C5-44B9-B8F7-51E32A497F69}, In quarantaine, [f3437c89cfbc2c0a9e1b0697cb39ec14], PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, In quarantaine, [033355b0107b44f26356edb0fc0801ff], PUP.Optional.SerachQU.A, HKU\S-1-5-21-3691458910-388010877-1701134427-1003\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, In quarantaine, [71c5030290fbb28429ce21f315ee26da], Registerwaarden: 17 PUP.Optional.SearchResults.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|URL, http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}, In quarantaine, [ff375fa60a8137ffce442dea31d2f10f] PUP.Optional.SearchQu.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|SuggestionsURL_JSON, http://www.searchqu.com/suggest.php?src=ieb&appid=113&systemid=406&qu={searchTerms}&ft=json, In quarantaine, [c76fbf467b109f979577168634d0b34d] PUP.Optional.Yontoo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}|Contact, support@yontoo.com, In quarantaine, [ee4846bff19a83b3c08ba308659fad53] PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{56EE2FE9-00F0-4158-AD89-0AB9E64D99C4}|AppPath, C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar, In quarantaine, [3df9f2139af1b6805088921658ac9070] PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6A35587F-4C1C-48D6-86DA-00077A7CA4A5}|AppPath, C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar, In quarantaine, [e650e71e92f9fd399246b3f556ae3ec2] PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{78A543AA-AE9F-4A8E-BCD0-840FE014805E}|AppPath, C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar, In quarantaine, [7db9c540c7c4a0964d8b812751b327d9] PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D40E5F5A-4C36-4524-B34B-C6A9D6F735E9}|AppPath, C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar, In quarantaine, [c86ee3225b300a2ca830a800e12327d9] PUP.Optional.SearchResults.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|URL, http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms}, In quarantaine, [4beb33d2cbc0270fa76b1403d231e61a] PUP.Optional.SearchQu.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|SuggestionsURL_JSON, http://www.searchqu.com/suggest.php?src=ieb&appid=113&systemid=406&qu={searchTerms}&ft=json, In quarantaine, [cf67b1540a81b68018f477256a9a9868] PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN&ts=1423054742&type=default&q={searchTerms}, In quarantaine, [58deca3b355653e37b3ecbd27f859c64] PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{12AB1950-F3C3-4C3F-8583-EAD47C077BD2}|URL, http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN&ts=1423054742&type=default&q={searchTerms}, In quarantaine, [152143c2117a1620dddc2e6fa361f50b] PUP.Optional.Spigot.A, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{12AB1950-F3C3-4C3F-8583-EAD47C077BD2}|TopResultURL, http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=519169&p={searchTerms}, In quarantaine, [1125b055068593a3e43c56c3be45728e] PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN&ts=1423054742&type=default&q={searchTerms}, In quarantaine, [201645c0aedd5adcf8c1326b808442be] PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://isearch.omiga-plus.com//favicon.ico, In quarantaine, [f5412adb2d5e86b012a74f4e4eb6ae52] PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}|URL, http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN&ts=1423054742&type=default&q={searchTerms}, In quarantaine, [52e461a44f3c7eb89623257848bc56aa] PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77FBDEE1-40C5-44B9-B8F7-51E32A497F69}|URL, http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN&ts=1423054742&type=default&q={searchTerms}, In quarantaine, [f3437c89cfbc2c0a9e1b0697cb39ec14] PUP.Optional.OmigaPlus.ShrtCln, HKU\S-1-5-21-3691458910-388010877-1701134427-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://isearch.omiga-plus.com/web/?utm_source=b&utm_medium=face&utm_campaign=install_ie&utm_content=ds&from=face&uid=ST9500420AS_5VJCKWCNXXXX5VJCKWCN&ts=1423054742&type=default&q={searchTerms}, In quarantaine, [033355b0107b44f26356edb0fc0801ff] Registerdata: 0 (Geen kwaadaardige items gedetecteerd) Mappen: 5 PUP.Optional.WebExtend.A, C:\Users\Patrick\AppData\Roaming\WebExtend, In quarantaine, [92a436cff19a3cfa6c8fc348b44fc23e], PUP.Optional.Delta.ShrtCln, C:\Users\Patrick\AppData\LocalLow\Delta\delta, In quarantaine, [33033dc81279cd6997aabd4f659e9f61], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\Partial Backups, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], Bestanden: 11 PUP.Optional.Gameo.C, C:\Windows\System32\Tasks\gameo_update, In quarantaine, [86b0d134117a72c4eb403bdc2ed5d32d], PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage, In quarantaine, [80b6d4313d4e5bdb8cac5cd0e221b14f], PUP.Optional.OmigaPlus.ShrtCln, C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal, In quarantaine, [3bfb3fc67a11ac8a79bfae7ea063bc44], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\ExcludeList.rcp, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_03-20-2013.log, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_03-21-2013.log, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\results.rcp, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\TempHLList.rcp, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\Partial Backups\00000001.rmx, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], PUP.Optional.WinZipRegOp.C, C:\Users\Viviane\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\Partial Backups\00000001.rxb, In quarantaine, [78be1ce9e3a8ff37b6a1aa6653b00bf5], PUP.Optional.AskAPN.Gen, C:\Users\Viviane\AppData\Roaming\Mozilla\Firefox\Profiles\r1w6rh3w.default\searchplugins\ask-search.xml, In quarantaine, [58dee223e7a44fe7e499542cc73e649c], Fysieke Sectoren: 0 (Geen kwaadaardige items gedetecteerd) (end)