Malwarebytes www.malwarebytes.com -Logboekdetails- Scandatum: 16-10-19 Scantijd: 13:34 Logbestand: f4565e72-f008-11e9-81ea-f44d304df633.json -Software-informatie- Versie: 3.8.3.2965 Versie componenten: 1.0.627 Update pakketversie: 1.0.12933 Licentie: Gratis -Systeeminformatie- Besturingssysteem: Windows 10 (Build 18362.418) Processor: x64 Bestandssysteem: NTFS Gebruiker: DESKTOP-0NPQJGI\rodne -Scansamenvatting- Scantype: Bedreigingsscan Scan geactiveerd door: Handmatig Resultaat: Voltooid Objecten gescand: 336140 Dreigingen herkend: 48 Dreigingen in quarantaine: 48 Verstreken tijd: 3 min, 7 sec -Scanopties- Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Uitgeschakeld Heuristiek: Ingeschakeld POP: Detectie POA: Detectie -Scandetails- Proces: 0 (Geen kwaadaardige items gedetecteerd) Module: 0 (Geen kwaadaardige items gedetecteerd) Registersleutel: 12 PUP.Optional.InstallCore, HKU\S-1-5-21-4244702751-1834671463-3968572093-1001\SOFTWARE\CSASTATS\ic, In quarantaine, [460], [586068],1.0.12933 PUP.Optional.WinYahoo, HKU\S-1-5-21-4244702751-1834671463-3968572093-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}, In quarantaine, [238], [254682],1.0.12933 PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, In quarantaine, [304], [550469],1.0.12933 PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoUninstaller_RASAPI32, In quarantaine, [1540], [709099],1.0.12933 PUP.Optional.Segurazo, HKLM\SOFTWARE\MICROSOFT\TRACING\SegurazoUninstaller_RASMANCS, In quarantaine, [1540], [709099],1.0.12933 PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr, In quarantaine, [450], [244209],1.0.12933 PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bhoagceacaklimpcejjofabngcjkebfg, In quarantaine, [271], [628563],1.0.12933 PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bhoagceacaklimpcejjofabngcjkebfg, In quarantaine, [271], [628563],1.0.12933 PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-4244702751-1834671463-3968572093-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bhoagceacaklimpcejjofabngcjkebfg, In quarantaine, [271], [628563],1.0.12933 PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nccfgpamboionigdpfjmijhlgmgdbael, In quarantaine, [271], [628563],1.0.12933 PUP.Optional.SearchManager.BITSRST, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nccfgpamboionigdpfjmijhlgmgdbael, In quarantaine, [271], [628563],1.0.12933 PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-4244702751-1834671463-3968572093-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nccfgpamboionigdpfjmijhlgmgdbael, In quarantaine, [271], [628563],1.0.12933 Registerwaarde: 5 PUP.Optional.WinYahoo, HKU\S-1-5-21-4244702751-1834671463-3968572093-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, In quarantaine, [238], [254682],1.0.12933 PUP.Optional.DefaultSearch, HKU\S-1-5-21-4244702751-1834671463-3968572093-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, In quarantaine, [304], [550469],1.0.12933 PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, In quarantaine, [450], [244209],1.0.12933 PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-4244702751-1834671463-3968572093-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|bhoagceacaklimpcejjofabngcjkebfg, In quarantaine, [271], [628563],1.0.12933 PUP.Optional.SearchManager.BITSRST, HKU\S-1-5-21-4244702751-1834671463-3968572093-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|nccfgpamboionigdpfjmijhlgmgdbael, In quarantaine, [271], [628563],1.0.12933 Registerdata: 0 (Geen kwaadaardige items gedetecteerd) Gegevensstroom: 0 (Geen kwaadaardige items gedetecteerd) Map: 2 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\USERS\RODNE\APPDATA\LOCAL\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}, In quarantaine, [829], [542290],1.0.12933 Bestand: 29 PUP.Optional.SearchManager, C:\USERS\RODNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\36ADGYRT.DEFAULT\EXTENSIONS\{24436206-088D-4A1A-8D0E-CF93CA7A2D23}.XPI, In quarantaine, [208], [733885],1.0.12933 PUP.Optional.DefaultSearch, C:\USERS\RODNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Vervangen, [304], [550469],1.0.12933 PUP.Optional.Conduit, C:\USERS\RODNE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\36ADGYRT.DEFAULT\PREFS.JS, Vervangen, [202], [301520],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\USERS\RODNE\APPDATA\LOCAL\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HOWTOREMOVE\HOWTOREMOVE.HTML, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\chromium-min.jpg, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\control panel-min-min.JPG, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\down.png, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\ff menu.JPG, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\ff search engine-min.png, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\hp-min ff.png, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\hp-min ie.png, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\search engine.gif, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\setup pages.gif, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\sp-min.png, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\start-min.jpg, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\HowToRemove\up.png, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\didicis, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\falolo, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\uninst.exe, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.WinYahoo.TskLnk, C:\Users\rodne\AppData\Local\{41FD77A1-6555-1B19-08CD-3EF12CA5C269}\uninstp.dat, In quarantaine, [829], [542290],1.0.12933 PUP.Optional.HDWallPaper, C:\USERS\RODNE\APPDATA\LOCAL\WALLPAPERHD\WALLPAPERHDLIB64.DLL, In quarantaine, [1189], [731259],1.0.12933 PUP.Optional.SearchManager.BITSRST, C:\USERS\RODNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Vervangen, [271], [628563],1.0.12933 PUP.Optional.SearchManager.BITSRST, C:\USERS\RODNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Vervangen, [271], [628563],1.0.12933 PUP.Optional.SearchManager.BITSRST, C:\USERS\RODNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Vervangen, [271], [628563],1.0.12933 PUP.Optional.SearchManager.BITSRST, C:\USERS\RODNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Vervangen, [271], [626729],1.0.12933 PUP.Optional.DefaultSearch, C:\USERS\RODNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Vervangen, [304], [469798],1.0.12933 Generic.Malware/Suspicious, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\FLV Converter.lnk, In quarantaine, [0], [392686],1.0.12933 Generic.Malware/Suspicious, C:\USERS\PUBLIC\Desktop\FLV Converter.lnk, In quarantaine, [0], [392686],1.0.12933 Generic.Malware/Suspicious, C:\PROGRAM FILES (X86)\GREENTREE APPLICATIONS\FLV.COM FLV CONVERTER\FLVCOMCONVERTER.EXE, In quarantaine, [0], [392686],1.0.12933 Fysieke sector: 0 (Geen kwaadaardige items gedetecteerd) WMI: 0 (Geen kwaadaardige items gedetecteerd) (end)