Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversjon: v2013.12.08.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Harald :: HARALD-PC [administrator] 08.12.2013 11:07:38 mbam-log-2013-12-08 (11-07-38).txt Skanntype: Hurtigsøk Aktiverte skanningsinnstillinger: Minne | Oppstart | Register | Filsystem | Heuristikk/Ekstra | Heuristikk/Shuriken | PUP | PUM Deaktiverte skanninnstillinger: P2P Objekter skannet: 264852 Tid tilbakelagt: 9 minutt(er), 30 sekund(er) Minneprosesser oppdaget: 1 C:\ProgramData\WinterSoft\SK.Enhancer\SK.Enhancer.exe (PUP.Optional.MultiPlug.A) -> 2864 -> Ingen tiltak tatt. Minnemoduler oppdaget: 0 (Ingen skadelige objekter funnet) Registernøkler oppdaget: 17 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-747939423 (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKCR\CLSID\{D22F5AEA-416D-7396-DEDC-46D66AEF59EE} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D22F5AEA-416D-7396-DEDC-46D66AEF59EE} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D22F5AEA-416D-7396-DEDC-46D66AEF59EE} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D22F5AEA-416D-7396-DEDC-46D66AEF59EE} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D22F5AEA-416D-7396-DEDC-46D66AEF59EE} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKCR\CLSID\{FCA4ED99-2649-1AEF-D5CB-E3FD0FA7BA8F} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCA4ED99-2649-1AEF-D5CB-E3FD0FA7BA8F} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCA4ED99-2649-1AEF-D5CB-E3FD0FA7BA8F} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCA4ED99-2649-1AEF-D5CB-E3FD0FA7BA8F} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCA4ED99-2649-1AEF-D5CB-E3FD0FA7BA8F} (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78} (PUP.Optional.MultiPlug) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} (PUP.Optional.MultiPlug) -> Ingen tiltak tatt. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Ingen tiltak tatt. HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Ingen tiltak tatt. HKLM\SOFTWARE\dosearchesSoftware (PUP.Optional.DoSearches.A) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Ingen tiltak tatt. Registerverdier oppdaget: 0 (Ingen skadelige objekter funnet) Registerfiler oppdaget: 6 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Dårlig: (c:\progra~2\skc4df~1.enh\psupport.dll) God: () -> Ingen tiltak tatt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.DoSearches) -> Dårlig: (http://www.dosearches.com/?utm_source=b&utm_medium=wpc&utm_campaign=rg&utm_content=hp&from=wpc&uid=HitachiXHTS545032B9A300_100807PBNC00EYJ7TRRSX&ts=1384193960) God: (http://www.google.com) -> Ingen tiltak tatt. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.DoSearches) -> Dårlig: (http://www.dosearches.com/?utm_source=b&utm_medium=wpc&utm_campaign=rg&utm_content=hp&from=wpc&uid=HitachiXHTS545032B9A300_100807PBNC00EYJ7TRRSX&ts=1384193960) God: (http://www.google.com) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.DoSearches) -> Dårlig: (http://www.dosearches.com/?utm_source=b&utm_medium=wpc&utm_campaign=rg&utm_content=hp&from=wpc&uid=HitachiXHTS545032B9A300_100807PBNC00EYJ7TRRSX&ts=1384193960) God: (http://www.google.com) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.DoSearches) -> Dårlig: (http://www.dosearches.com/?utm_source=b&utm_medium=wpc&utm_campaign=rg&utm_content=hp&from=wpc&uid=HitachiXHTS545032B9A300_100807PBNC00EYJ7TRRSX&ts=1384193960) God: (http://www.google.com) -> Ingen tiltak tatt. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Dårlig: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) God: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Ingen tiltak tatt. Mapper oppdaget: 2 C:\Users\Harald\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Ingen tiltak tatt. C:\Users\Harald\AppData\Roaming\OpenCandy\OpenCandy_B20D52D9A59C42BA972FB97DC5B40D47 (PUP.Optional.OpenCandy) -> Ingen tiltak tatt. Filer oppdaget 18 C:\ProgramData\WinterSoft\SK.Enhancer\SK.Enhancer.exe (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. C:\Program Files (x86)\Sk.Enhancer\psupport.dll (PUP.Optional.SProtect.A) -> Ingen tiltak tatt. C:\Program Files (x86)\suuRf aand keieep\Y8X_jX6jHN.dll (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. C:\Program Files (x86)\YoutubeAdblocker\eVg7kci.dll (PUP.Optional.MultiPlug.A) -> Ingen tiltak tatt. C:\ProgramData\InstallMate\{197DF6CD-1653-45D6-A73D-5E71C29ED43B}\Custom.dll (PUP.Optional.InstalleRex) -> Ingen tiltak tatt. C:\ProgramData\suuRf aand keieep\HW7NCmbzYBc.exe (PUP.Optional.MultiPlug) -> Ingen tiltak tatt. C:\ProgramData\YoutubeAdblocker\M6vveo5V.exe (PUP.Optional.MultiPlug) -> Ingen tiltak tatt. C:\Users\Harald\AppData\Local\Temp\fullpackage_temp\Baofeng.exe (PUP.Optional.NationZoom.A) -> Ingen tiltak tatt. C:\Users\Harald\AppData\Local\Temp\fullpackage_temp\package1.zip (PUP.Optional.NationZoom.A) -> Ingen tiltak tatt. C:\Users\Harald\AppData\Local\Temp\MircosoftStudio\Baofeng.exe (PUP.Optional.NationZoom.A) -> Ingen tiltak tatt. C:\Users\Harald\AppData\Local\Temp\MircosoftStudio\package1.zip (PUP.Optional.NationZoom.A) -> Ingen tiltak tatt. C:\Users\Harald\Downloads\FlashPlayer__2570_i80749479_il524731.exe (PUP.Optional.Amonetize.A) -> Ingen tiltak tatt. C:\Users\Harald\Downloads\FlashPlayer__2570_i80751650_il524731.exe (PUP.Optional.Amonetize.A) -> Ingen tiltak tatt. C:\Users\Harald\Downloads\tools v6.0.8.exe (PUP.Optional.InstalleRex) -> Ingen tiltak tatt. C:\Users\Harald\AppData\Roaming\OpenCandy\OpenCandy_B20D52D9A59C42BA972FB97DC5B40D47\2202.ico (PUP.Optional.OpenCandy) -> Ingen tiltak tatt. C:\Users\Harald\AppData\Roaming\OpenCandy\OpenCandy_B20D52D9A59C42BA972FB97DC5B40D47\driverscanner (36).exe (PUP.Optional.OpenCandy) -> Ingen tiltak tatt. C:\Users\Harald\AppData\Local\Temp\124kkk290347.exe (Trojan.Agent) -> Satt i karantene og slettet vellykket. C:\Users\Harald\AppData\Local\Temp\tmpdfff526f.exe (Trojan.Agent) -> Satt i karantene og slettet vellykket. (klar)