Malwarebytes Anti-Malware www.malwarebytes.org Scandatum: 23/06/2016 Scantijd: 7:19 Logboekbestand: SCANGESCHIEDENIS MALWAREBYTES.txt Beheerder: Ja Versie: 2.2.1.1043 Malware-database: v2016.06.23.01 Rootkit-database: v2016.05.27.01 Licentie: Gratis Malware-bescherming: Uitgeschakeld Bescherming tegen kwaadaardige websites: Uitgeschakeld Zelfbescherming: Uitgeschakeld Besturingssysteem: Windows 10 Processor: x64 Bestandssysteem: NTFS Gebruiker: Serge Scantype: Bedreigingsscan Resultaat: Voltooid Objecten gescand: 363683 Verstreken tijd: 4 min, 44 sec Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Uitgeschakeld Heuristiek: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (Geen kwaadaardige items gedetecteerd) Modules: 0 (Geen kwaadaardige items gedetecteerd) Registersleutels: 24 PUP.Optional.Youndoo, HKLM\SOFTWARE\CLASSES\CLSID\{6710C780-E20E-4C49-A87D-321850ED3D7C}, In quarantaine, [28359e6212888bab7656d19a7b8724dc], PUP.Optional.HohoSearch, HKLM\SOFTWARE\CLASSES\CLSID\{98C066AB-D735-4339-9E52-A34875141B56}, In quarantaine, [5a038779ecaeb4824549e1b260a2e41c], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}, In quarantaine, [4c11cb35cdcd53e3f912662dc63cf808], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8FF10FED-2F0A-4F7F-BE87-B04F1DCD4319}, In quarantaine, [4c11cb35cdcd53e3f912662dc63cf808], PUP.Optional.IDSCProduct, HKLM\SOFTWARE\MICROSOFT\TRACING\idscservice_RASAPI32, In quarantaine, [fc61da2618825adc561e3fb8cd3634cc], PUP.Optional.IDSCProduct, HKLM\SOFTWARE\MICROSOFT\TRACING\idscservice_RASMANCS, In quarantaine, [b6a76a967327bc7a75fff5028f7407f9], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\TRACING\otutnetwork_RASAPI32, In quarantaine, [ea73da26c7d338fe1c1926d137cc6f91], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\TRACING\otutnetwork_RASMANCS, In quarantaine, [d08d7d830c8ec1753ff6896e36cd53ad], PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASAPI32, In quarantaine, [e47954ac9a00a294e4fcbe3b6e953ac6], PUP.Optional.WizzCaster, HKLM\SOFTWARE\MICROSOFT\TRACING\wizzcaster_RASMANCS, In quarantaine, [fc610df3edad90a6e000be3b28db916f], PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32LDR, In quarantaine, [0558a25eabef3cfae2d8b7fd2cd703fd], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In quarantaine, [77e6a55b9901989e6a2d4a8f7c8736ca], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In quarantaine, [f96418e8b6e4af879bfdbf1a689bbf41], PUP.Optional.HohoSearch, HKLM\SOFTWARE\WOW6432NODE\hohosearchSoftware, In quarantaine, [1a4306faf7a3b77fdfc4fbcc11f1847c], PUP.Optional.PhraseFinder, HKLM\SOFTWARE\WOW6432NODE\PhraseFinder_1.10.0.9, In quarantaine, [4b12ea160199999d3f8e9a10ba492ed2], PUP.Optional.SpringFiles, HKLM\SOFTWARE\WOW6432NODE\SrpnFiles, In quarantaine, [b0ad3ac68911f24467aa5075ea186898], PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\trotuxSoftware, In quarantaine, [f568fc04c2d8dc5a569e04c0fc0604fc], PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASAPI32, In quarantaine, [322bf808debc3cfa9c04f8c4f70c0af6], PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASMANCS, In quarantaine, [b2abf709fe9cef474c54b309dc27b947], PUP.Optional.MySearch123, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}, In quarantaine, [322b748c1b7f3df9bcb915c113f0cf31], PUP.Optional.HohoSearch, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In quarantaine, [e479bf41801adf5726293bbeca3909f7], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, In quarantaine, [35285aa66139db5bbe38f4c06d964fb1], PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, In quarantaine, [97c60df37f1bd95d3b643d6d0bf8c43c], PUP.Optional.ProntSpooler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ProntSpooler, In quarantaine, [d18c966ae2b88ea8df2f3cb8b05318e8], Registerwaarden: 8 PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130557540362037865, In quarantaine, [89d4cf31a5f525113a7ffbb921e228d8] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130557540362037865, In quarantaine, [49142cd4732745f135842391946fd42c] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130557540362037865, In quarantaine, [9cc127d9b2e883b3f5c44173ec177b85] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130557540362037865, In quarantaine, [85d8fb05fe9cad8914a5bcf832d17888] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130557540362037865, In quarantaine, [0558a25eabef3cfae2d8b7fd2cd703fd] PUP.Optional.HohoSearch, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBXIlCHApBU..&v=20160620&uid=1D4EC54262E4F7350212344BEF926358&ptid=ftp&mode=ffsengext, In quarantaine, [e479bf41801adf5726293bbeca3909f7] PUP.Optional.HohoSearch, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBXIlCHApBU..&v=20160620&uid=1D4EC54262E4F7350212344BEF926358&ptid=ftp&mode=ffsengext, In quarantaine, [f766e719821849edd37cdb1e00039967] PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, 17B981D3-EEAD-4F7F-A706-EEE34B75F1F7, In quarantaine, [35285aa66139db5bbe38f4c06d964fb1] Registerdata: 0 (Geen kwaadaardige items gedetecteerd) Mappen: 1 PUP.Optional.GsearchFinder, C:\Users\Serge\AppData\Roaming\Profiles\yzzfdyu4.default\YourGSearchFinder_br, In quarantaine, [cd9051af148654e24ec319abf40e946c], Bestanden: 13 PUP.Optional.InstallCore, C:\Users\Serge\AppData\Roaming\0C1I1L1R1J0C1F1G1G1P1R2Z\WinRAR Packages\uninstaller.exe, In quarantaine, [411c40c0702a6dc9c69248b0e41d3cc4], PUP.Optional.SmartBar, C:\Windows\Installer\57c44c.msi, In quarantaine, [5eff857bfd9d86b08844b8819f65ae52], PUP.Optional.SmartBar, C:\Windows\Installer\MSIE5EF.tmp, In quarantaine, [cb9216ea2a700e28a7d256b7cf31e719], PUP.Optional.SmartBar, C:\Windows\Installer\MSIF92A.tmp, In quarantaine, [e37ac739a3f766d0a9d02edf1fe1d030], PUP.Optional.SmartBar, C:\Windows\Installer\MSI85BE.tmp, In quarantaine, [f96448b82d6d5adc64153dd057a9669a], PUP.Optional.SmartBar, C:\Windows\Installer\MSIFFE4.tmp, In quarantaine, [97c6ad53a8f2ed49fd7cb85542be56aa], PUP.Optional.SmartBar, C:\Windows\Installer\MSI85BE.tmp-\Smartbar.Installer.CustomActions.dll, In quarantaine, [3f1e9c647b1f1125136614f9738d5ba5], PUP.Optional.GsearchFinder, C:\Users\Serge\AppData\Roaming\Profiles\yzzfdyu4.default\extensions\@A3592ADB-854A-443A-854E-EB92130D470D.xpi, In quarantaine, [d18c867a0c8e7cbabe6e24d50cf7cf31], PUP.Optional.Trotux, C:\Users\Serge\AppData\Roaming\Profiles\yzzfdyu4.default\prefs.js, Goed: (), Slecht: (user_pref("extensions.toolbar.mindspark._brMembers_.successUrl", "http://www.trotux.com/search/?&z=c216c81aca44dc96108f350g3z0qdq8w6g0tbg0c0g&from=epf1&uid=SamsungXSSDX840XEVOX500GB_S1DHNSAF653998X&type=sp&q=");), Vervangen,[2637c7391387bb7bbcde3c5b20e435cb] PUP.Optional.Trotux, C:\Users\Serge\AppData\Roaming\Profiles\yzzfdyu4.default\prefs.js, Goed: (), Slecht: (+Ir90B74rJw==\":1,\"rKs20eg7wSqIOgV2bNTlcQ==\":1,\"J5Av6M2mY99Ip+mGiYdLAw==\":1,\"DTXEPS6JpyoLlSlCeHdNSg==\":1,\"suOh8PzmxRK4GC4m7SqxuA==\":1,\"iHBpf2oFqcci0Xa0GUlybw==\"), Vervangen,[cd902dd3afeb80b60f8b2671e420a35d] PUP.Optional.Trotux, C:\Users\Serge\AppData\Roaming\Profiles\gnalfah8.default\searchplugins\g1g09waz.xml, In quarantaine, [d984768afb9f34025d36880fdd27ed13], PUP.Optional.HohoSearch, C:\Users\Serge\AppData\Roaming\Profiles\yzzfdyu4.default\searchplugins\bposw5pd.xml, In quarantaine, [ca93cf31ff9b88aeabc6eea9bb49f20e], PUP.Optional.Trotux, C:\Users\Serge\AppData\Roaming\Profiles\yzzfdyu4.default\searchplugins\g1g09waz.xml, In quarantaine, [f36a4db3c5d51d19b3e05a3d5fa56799], Fysieke Sectoren: 0 (Geen kwaadaardige items gedetecteerd) (end)