Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 11-4-2014
Scan Time: 13:27:43
Logfile: .log
Administrator: Yes
Version: 2.00.1.1004
Malware Database: v2014.04.11.06
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Gebruiker
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 252982
Time Elapsed: 9 min, 28 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 4
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [4bc74fdabcbff046c102f7a0e71cb64a],
PUP.Optional.Qone8.A, HKLM\SOFTWARE\WOW6432NODE\qone8Software, , [ba58d752d2a90a2c0c624056d42fe020],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [44ce6fbaa1da80b63c874354b54e3cc4],
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, , [cf43c168a9d2082ea6c87101c2407a86],
Registry Values: 0
(No malicious items detected)
Registry Data: 10
PUP.Optional.Qone8.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[5db567c2eb90ea4c8fecff1f679d9b65]
PUP.Optional.Qone8, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe
http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe
http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[b0625dccc6b54cea517ca97408fc659b]
Hijack.StartPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL,
http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (
http://www.google.com), Bad: (
http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[1002a28790ebda5c49e9b36144c08f71]
Hijack.StartPage, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page,
http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (
http://www.google.com), Bad: (
http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[a66c6cbd78039b9b17190c08768e44bc]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[a0722dfc4c2fad897d5139e4c3414fb1]
PUP.Optional.Qone8.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[8c86a08985f61422b0cbd04e887c817f]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe
http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe
http://start.qone8.com/?type=sc&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[42d050d9d8a39b9bf0ddea333cc838c8]
Hijack.StartPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL,
http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (
http://www.google.com), Bad: (
http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[49c9fe2b3447c0760c26b16349bbf808]
Hijack.StartPage, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page,
http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A, Good: (
http://www.google.com), Bad: (
http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A),,[5db5cd5c6e0de94d57d9e82ce024cc34]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[060cb178c5b6d462e5e9f4296b9907f9]
Folders: 26
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\img, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\img\weather, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\js, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\en-US, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\es-419, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\es-ES, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-BE, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-CA, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-CH, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-FR, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\fr-LU, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\it-CH, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\it-IT, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\pl, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\pt-BR, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\ru, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\ru-MO, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\tr-TR, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\vi-VI, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\zh-CN, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\PROGRAM FILES (X86)\SupTab\web\_locales\zh-TW, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.IePluginService.A, C:\PROGRAMDATA\IePluginService, , [ca48ae7bec8faa8c70b84517e31ff50b],
PUP.Optional.IePluginService.A, C:\PROGRAMDATA\IePluginService\update, , [ca48ae7bec8faa8c70b84517e31ff50b],
Files: 57
PUP.Optional.OpenCandy, C:\$Recycle.Bin\S-1-5-21-1914704134-3901138233-515259785-1000\$RZFUH38.exe, , [c84aae7b611ac3738894c081b84c827e],
PUP.Optional.OneClickDownloader.A, C:\Users\Gebruiker\Downloads\Garrys_Mod_13_v153_rar.exe, , [d63c41e85526b08608c1c14a2ed308f8],
PUP.Optional.SkyTech.A, C:\Users\Gebruiker\AppData\Local\Temp\nssF5A6.tmp\ild_qone8.exe, , [71a1ca5f730867cffd0a3e1253aed030],
PUP.Optional.SkyTech.A, C:\Users\Gebruiker\AppData\Local\Temp\fullpackage_temp1397215376\alilog.dll, , [5bb7d356dc9fbc7a24ee83af8080d030],
PUP.Optional.SkyTech.A, C:\Users\Gebruiker\AppData\Local\Temp\fullpackage_temp1397215376\package1.zip, , [38da36f33a4165d118fab979ee126f91],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\search.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\sliders.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, , [858dc06962195adc82ef1959b34ffb05],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, , [cf43c168a9d2082ea6c87101c2407a86],
PUP.Optional.Qone8.A, C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "chrome://apps/", "http://www.google.com/", "http://start.qone8.com/?type=hp&ts=1397215390&from=ild&uid=ST31000524AS_9VPGJP5AXXXX9VPGJP5A" ],), ,[f91934f56b102016ff54b6939d67ac54]
Physical Sectors: 0
(No malicious items detected)
(end)