Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5-12-2014
Scan Time: 17:48:38
Logfile: scan-mbam.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.05.08
Rootkit Database: v2014.12.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Rene

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 347583
Time Elapsed: 5 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.InstallCore.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLCORE\WSE_Vosteran, Quarantined, [4eee5f00a1dbc373178d3b14bd46659b], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3158923719-191908326-2329777105-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wse_vosteran, Quarantined, [1329dd82255794a2fdf8f9ccfb091ae6], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3158923719-191908326-2329777105-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [df5d89d6c9b3a98de01aafd7f50ee818], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3158923719-191908326-2329777105-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [ad8fa1be1f5db581c656128be22243bd], 
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WSE_Vosteran, Quarantined, [4eeec39c90ec66d0ca2beb584eb59e62], 

Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3158923719-191908326-2329777105-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, zr2X2X1G1S1F2V1S2Q0V, Quarantined, [ad8fa1be1f5db581c656128be22243bd]

Registry Data: 1
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3158923719-191908326-2329777105-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://Vosteran.com/?f=1&a=vst_frg01_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyBtCtBtB0A0ByEtCyE0EtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyD0CyB0A0CyBzzyDtGtCtB0E0DtG0DyCtCzztG0BtAzyyBtGyDyByDtBtB0AyBtAtD0CtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0E0Bzzzy0E0C0AtGzztBzy0EtGyE0CyCzztG0BtC0F0EtGtAzzyEtC0CtD0AyEtD0BtB0D2Q&cr=235235998&ir=, Good: (www.google.com), Bad: (http://Vosteran.com/?f=1&a=vst_frg01_14_49_ch&cd=2XzuyEtN2Y1L1Qzu0B0CyD0F0FyEyBtCtBtB0A0ByEtCyE0EtN0D0Tzu0StCtDyCyCtN1L2XzutAtFyCtFyCtFtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2SyD0CyB0A0CyBzzyDtGtCtB0E0DtG0DyCtCzztG0BtAzyyBtGyDyByDtBtB0AyBtAtD0CtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0E0Bzzzy0E0C0AtGzztBzy0EtGyE0CyCzztG0BtC0F0EtGtAzzyEtC0CtD0AyEtD0BtB0D2Q&cr=235235998&ir=),Replaced,[82baf966eb91d75f134a75ef31d402fe]

Folders: 6
Rogue.Multiple, C:\ProgramData\600440862, Quarantined, [5be1491681fbfd394f3d3bcabd46c33d], 
PUP.Optional.Vosteran.A, C:\Users\Rene\AppData\Roaming\WSE_Vosteran, Quarantined, [102c5a05a0dc7bbb866d85befb08a957], 
PUP.Optional.Vosteran.A, C:\Users\Rene\AppData\Roaming\WSE_Vosteran\icons_3.6.6.0, Quarantined, [102c5a05a0dc7bbb866d85befb08a957], 
PUP.Optional.Vosteran.A, C:\Users\Rene\AppData\Roaming\WSE_Vosteran\UpdateProc, Quarantined, [102c5a05a0dc7bbb866d85befb08a957], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran, Quarantined, [4eeec39c90ec66d0ca2beb584eb59e62], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\bh, Quarantined, [4eeec39c90ec66d0ca2beb584eb59e62], 

Files: 14
PUP.Optional.Vosteran.A, C:\Windows\Tasks\WSE_Vosteran.job, Quarantined, [08349ac596e6b77f45adc10448bcb24e], 
PUP.Optional.Vosteran.A, C:\Windows\System32\Tasks\WSE_Vosteran, Quarantined, [84b8a7b8b3c99e98ca29e5e0fa0a936d], 
Rogue.Multiple, C:\ProgramData\600440862\BIT4E2B.tmp, Quarantined, [5be1491681fbfd394f3d3bcabd46c33d], 
PUP.Optional.Vosteran.A, C:\Users\Rene\AppData\Roaming\WSE_Vosteran\UpdateProc\bkup.dat, Quarantined, [102c5a05a0dc7bbb866d85befb08a957], 
PUP.Optional.Vosteran.A, C:\Users\Rene\AppData\Roaming\WSE_Vosteran\UpdateProc\config.dat, Quarantined, [102c5a05a0dc7bbb866d85befb08a957], 
PUP.Optional.Vosteran.A, C:\Users\Rene\AppData\Roaming\WSE_Vosteran\UpdateProc\info.dat, Quarantined, [102c5a05a0dc7bbb866d85befb08a957], 
PUP.Optional.Vosteran.A, C:\Users\Rene\AppData\Roaming\WSE_Vosteran\UpdateProc\STTL.DAT, Quarantined, [102c5a05a0dc7bbb866d85befb08a957], 
PUP.Optional.Vosteran.A, C:\Users\Rene\AppData\Roaming\WSE_Vosteran\UpdateProc\TTL.DAT, Quarantined, [102c5a05a0dc7bbb866d85befb08a957], 
PUP.Optional.Vosteran.A, C:\Users\Rene\AppData\Roaming\WSE_Vosteran\UpdateProc\UpdateTask.exe, Quarantined, [102c5a05a0dc7bbb866d85befb08a957], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\astcnfg.dat, Quarantined, [4eeec39c90ec66d0ca2beb584eb59e62], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\FavIcon.ico, Quarantined, [4eeec39c90ec66d0ca2beb584eb59e62], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\Sqlite3.dll, Quarantined, [4eeec39c90ec66d0ca2beb584eb59e62], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\uninst.dat, Quarantined, [4eeec39c90ec66d0ca2beb584eb59e62], 
PUP.Optional.Vosteran.A, C:\Program Files (x86)\WSE_Vosteran\uninstall.exe, Quarantined, [4eeec39c90ec66d0ca2beb584eb59e62], 

Physical Sectors: 0
(No malicious items detected)


(end)