Вы находитесь на странице: 1из 7

Malwarebytes Anti-Malware

www.malwarebytes.org
Scan Date: 5/25/2016
Scan Time: 11:38 PM
Logfile: results malware.txt
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2016.05.25.05
Rootkit Database: v2016.05.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 10
CPU: x64
File System: NTFS
User: Emar Jay
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 307180
Time Elapsed: 6 min, 0 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 9
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedf
mialnfchjomjmpjcoej, , [5ebb7e5c1f7af83e2850637a11f2dd23],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0
633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [e138e8f2366343f3845bb9ed0af9bd43],
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\p
ilplloabdedfmialnfchjomjmpjcoej, , [d148ebef8811280e0276f9e421e23ac6],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSIO
N\UNINSTALL\YAHOOPROVIDEDSEARCH, , [c3564b8f207966d0b97758878a79669a],
PUP.Optional.InstallCore, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SOFT
WARE\csastats, , [dd3cecee67320c2a5b1822bbb15206fa],
PUP.Optional.SearchManager, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SO
FTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, , [4dccad2db6e
396a01ecacfde50b2a25e],
PUP.Optional.WinYahoo, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SOFTWAR
E\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A
}, , [51c8c614cdcc63d3fbe2c8deca3960a0],
PUP.Optional.WinYahoo, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SOFTWAR
E\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT, , [fa1f8e4c059462d4d55af0

ef62a121df],
PUP.Optional.ProductSetup, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SOF
TWARE\PRODUCTSETUP, , [83965189d0c9ec4a59f75f34e32034cc],
Registry Values: 7
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0
633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://ph.search.yahoo.com/yhs/search
?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f[e138e
8f2366343f3845bb9ed0af9bd43]D4%26b[e138e8f2366343f3845bb9ed0af9bd43]DIE%26cc[e13
8e8f2366343f3845bb9ed0af9bd43]Dph%26pa[e138e8f2366343f3845bb9ed0af9bd43]DWincy%2
6cd[e138e8f2366343f3845bb9ed0af9bd43]D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyB
tB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2S
tDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F
1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC
0B0CyBzytB2QtN0A0LzuyE%26cr[e138e8f2366343f3845bb9ed0af9bd43]D39528865%26a[e138e
8f2366343f3845bb9ed0af9bd43]Dwncy_ir_16_18%26os_ver[e138e8f2366343f3845bb9ed0af9
bd43]D10.0%26os[e138e8f2366343f3845bb9ed0af9bd43]DWindowsB10BPro&p={searchTerms}
, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0
633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://ph.search.yah
oo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1
=1&param2=f[9782b624afea51e5d807b9edef1428d8]D4%26b[9782b624afea51e5d807b9edef14
28d8]DIE%26cc[9782b624afea51e5d807b9edef1428d8]Dph%26pa[9782b624afea51e5d807b9ed
ef1428d8]DWincy%26cd[9782b624afea51e5d807b9edef1428d8]D2XzuyEtN2Y1L1Qzu0Dzz0C0Bz
z0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1
G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzz
yzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0Bzyz
ztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr[9782b624afea51e5d807b9edef1428d8]D3
9528865%26a[9782b624afea51e5d807b9edef1428d8]Dwncy_ir_16_18%26os_ver[9782b624afe
a51e5d807b9edef1428d8]D10.0%26os[9782b624afea51e5d807b9edef1428d8]DWindowsB10BPr
o&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSIO
N\UNINSTALL\YAHOOPROVIDEDSEARCH|UninstallString, "C:\Users\Emar Jay\AppData\Loca
l\{C60AF056-E2A2-9CEE-8F3A-B906AB52459E}\uninstall.exe" /Uninstall /s /noun /Del
SelfDir, , [c3564b8f207966d0b97758878a79669a]
PUP.Optional.WinYahoo, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SOFTWAR
E\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A
}|URL, https://ph.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_0
03&type=wncy_ir_16_18&param1=1&param2=f[51c8c614cdcc63d3fbe2c8deca3960a0]D4%26b[
51c8c614cdcc63d3fbe2c8deca3960a0]DIE%26cc[51c8c614cdcc63d3fbe2c8deca3960a0]Dph%2
6pa[51c8c614cdcc63d3fbe2c8deca3960a0]DWincy%26cd[51c8c614cdcc63d3fbe2c8deca3960a
0]D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAt
FtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0At
CtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCt
G0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr[51c8c61
4cdcc63d3fbe2c8deca3960a0]D39528865%26a[51c8c614cdcc63d3fbe2c8deca3960a0]Dwncy_i
r_16_18%26os_ver[51c8c614cdcc63d3fbe2c8deca3960a0]D10.0%26os[51c8c614cdcc63d3fbe
2c8deca3960a0]DWindowsB10BPro&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SOFTWAR
E\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A
}|TopResultURLFallback, https://ph.search.yahoo.com/yhs/search?hspart=iry&hsimp=
yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f[f82133a75544bd79ab32099
d877c6b95]D4%26b[f82133a75544bd79ab32099d877c6b95]DIE%26cc[f82133a75544bd79ab320
99d877c6b95]Dph%26pa[f82133a75544bd79ab32099d877c6b95]DWincy%26cd[f82133a75544bd
79ab32099d877c6b95]D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StC
yDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtG
tA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2S
tAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0L
zuyE%26cr[f82133a75544bd79ab32099d877c6b95]D39528865%26a[f82133a75544bd79ab32099
d877c6b95]Dwncy_ir_16_18%26os_ver[f82133a75544bd79ab32099d877c6b95]D10.0%26os[f8

2133a75544bd79ab32099d877c6b95]DWindowsB10BPro&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SOFTWAR
E\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BFREPORT|filename, C:\Users\Emar Ja
y\AppData\Local\{C60AF056-E2A2-9CEE-8F3A-B906AB52459E}\uninstall.exe, , [fa1f8e4
c059462d4d55af0ef62a121df]
PUP.Optional.ProductSetup, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SOF
TWARE\PRODUCTSETUP|tb, 0X1F1T1V1G1G, , [83965189d0c9ec4a59f75f34e32034cc]
Registry Data: 3
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page
, https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=
wncy_ir_16_18&param1=1&param2=fBad: (https://ph.search.yahoo.com/yhs/web?hspart=
iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%
26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN
0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD
0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N
2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzy
tB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindow
s%2B10%2BPro),,[80997c5efc9d8da9c6777fd413f19967]D1%26bBad: (https://ph.search.y
ahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=
1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz
0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G
1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzy
zyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0Bzyzz
tGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_
ver%3D10.0%26os%3DWindows%2B10%2BPro),,[80997c5efc9d8da9c6777fd413f19967]DIE%26c
cBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&
type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D
2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtB
tCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtG
tC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0B
yBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865
%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[80997c5efc9d8d
a9c6777fd413f19967]Dph%26paBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&
hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc
%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0T
zu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyC
zz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L
1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2Q
tN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B
10%2BPro),,[80997c5efc9d8da9c6777fd413f19967]DWincy%26cdBad: (https://ph.search.
yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1
=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bz
z0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1
G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzz
yzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0Bzyz
ztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os
_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[80997c5efc9d8da9c6777fd413f19967]D2Xzuy
EtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFt
CtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0
B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyy
EtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26crBad: (https://ph
.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_1
8&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0
Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Cz
u1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0
EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0Bt
Gzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16
_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[80997c5efc9d8da9c6777fd413f1996
7]D39528865%26aBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fu

llyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3
DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzy
tN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E
0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC
0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%2
6cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[
80997c5efc9d8da9c6777fd413f19967]Dwncy_ir_16_18%26os_verBad: (https://ph.search.
yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1
=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bz
z0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1
G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzz
yzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0Bzyz
ztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os
_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[80997c5efc9d8da9c6777fd413f19967]D10.0%
26osBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_0
03&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd
%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAt
FtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0At
CtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCt
G0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528
865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[80997c5efc9
d8da9c6777fd413f19967]DWindowsGood: (www.google.com)B10Good: (www.google.com)BPr
o, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAI
N|Start Page, https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhost
ed_003&type=wncy_ir_16_18&param1=1&param2=fBad: (https://ph.search.yahoo.com/yhs
/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3
D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B
0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Q
zu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN
1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyC
tByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%2
6os%3DWindows%2B10%2BPro),,[9485c1190792c96d5be2a3b0a55fff01]D1%26bBad: (https:/
/ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_1
6_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Q
zu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L
1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyD
zy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC
0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir
_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[9485c1190792c96d5be2a3b0a55f
ff01]DIE%26ccBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-full
yhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DW
incy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN
1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0F
tG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A
0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26c
r%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[94
85c1190792c96d5be2a3b0a55fff01]Dph%26paBad: (https://ph.search.yahoo.com/yhs/web
?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%2
6b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyB
tB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2S
tDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F
1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC
0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%
3DWindows%2B10%2BPro),,[9485c1190792c96d5be2a3b0a55fff01]DWincy%26cdBad: (https:
//ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_
16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1
Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1
L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0Cy
Dzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtBy

C0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_i
r_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[9485c1190792c96d5be2a3b0a55
fff01]D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2Xz
utAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0Ey
E0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0Et
CtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26crBad:
(https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=
wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2Xzuy
EtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFt
CtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0
B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyy
EtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%
3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[9485c1190792c96d5be
2a3b0a55fff01]D39528865%26aBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&
hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc
%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0T
zu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyC
zz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L
1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2Q
tN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B
10%2BPro),,[9485c1190792c96d5be2a3b0a55fff01]Dwncy_ir_16_18%26os_verBad: (https:
//ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_
16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1
Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1
L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0Cy
Dzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtBy
C0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_i
r_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[9485c1190792c96d5be2a3b0a55
fff01]D10.0%26osBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-f
ullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%
3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzz
ytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0
E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDy
C0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%
26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,
[9485c1190792c96d5be2a3b0a55fff01]DWindowsGood: (www.google.com)B10Good: (www.go
ogle.com)BPro, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-3177833724-1363643558-560500319-1001\SOFTWAR
E\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://ph.search.yahoo.com/yhs/w
eb?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=fBad:
(https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=
wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2Xzuy
EtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFt
CtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0
B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyy
EtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%
3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[26f3c515efaa6ccaab9
01e35fd070ef2]D1%26bBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=y
hs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%2
6pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCy
DzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGt
A0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2St
AyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0Lz
uyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPr
o),,[26f3c515efaa6ccaab901e35fd070ef2]DIE%26ccBad: (https://ph.search.yahoo.com/
yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=
f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDy
B0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1
L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2
QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0

EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.
0%26os%3DWindows%2B10%2BPro),,[26f3c515efaa6ccaab901e35fd070ef2]Dph%26paBad: (ht
tps://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy
_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2
Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFt
CtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0Ct
G0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGy
EtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwn
cy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[26f3c515efaa6ccaab901e3
5fd070ef2]DWincy%26cdBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=
yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%
26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StC
yDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtG
tA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2S
tAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0L
zuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BP
ro),,[26f3c515efaa6ccaab901e35fd070ef2]D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0F
yBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu
2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M
1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtB
yC0B0CyBzytB2QtN0A0LzuyE%26crBad: (https://ph.search.yahoo.com/yhs/web?hspart=ir
y&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26
cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D
0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0D
yCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y
1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB
2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%
2B10%2BPro),,[26f3c515efaa6ccaab901e35fd070ef2]D39528865%26aBad: (https://ph.sea
rch.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&pa
ram1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0
C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1Tt
N1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDt
CzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0
BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%
26os_ver%3D10.0%26os%3DWindows%2B10%2BPro),,[26f3c515efaa6ccaab901e35fd070ef2]Dw
ncy_ir_16_18%26os_verBad: (https://ph.search.yahoo.com/yhs/web?hspart=iry&hsimp=
yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dph%
26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0EtDyB0B0FyBtB0D0EtN0D0Tzu0StC
yDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDyB0BtD0DyCzz0DtG
tA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2S
tAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0FtD0EyCtByC0B0CyBzytB2QtN0A0L
zuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D10.0%26os%3DWindows%2B10%2BP
ro),,[26f3c515efaa6ccaab901e35fd070ef2]D10.0%26osBad: (https://ph.search.yahoo.c
om/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_18&param1=1&para
m2=f%3D1%26b%3DIE%26cc%3Dph%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0Azy0E
tDyB0B0FyBtB0D0EtN0D0Tzu0StCyDzzzytN1L2XzutAtFtBtCtFtCtFtCtN1L1Czu1TtN1L1G1B1V1N
2Y1L1Qzu2StDyB0BtD0DyCzz0DtGtA0F0E0FtG0EyE0AtCtGtC0B0B0CtG0CyDzy0EtDtCzzzyzyyCtC
zz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAyDyC0A0F0EtCtCtG0ByBzyyEtGyEtByC0BtGzz0BzyzztGzy0F
tD0EyCtByC0B0CyBzytB2QtN0A0LzuyE%26cr%3D39528865%26a%3Dwncy_ir_16_18%26os_ver%3D
10.0%26os%3DWindows%2B10%2BPro),,[26f3c515efaa6ccaab901e35fd070ef2]DWindowsGood:
(www.google.com)B10Good: (www.google.com)BPro, %4, %5
Folders: 0
(No malicious items detected)
Files: 3
RiskWare.IStealer, C:\ProgramData\KMSAutoS\bin\KMSSS.exe, , [1bfea931eeab2a0c658
935f421e10af6],
RiskWare.Tool.HCK, C:\$Recycle.Bin\S-1-5-21-3177833724-1363643558-560500319-1001
\$RJJPEX7.exe, , [38e14595cfca5cda8b1cb545ee12f50b],

PUP.Optional.WinYahoo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowT


oRemove.html.lnk, , [34e50cced5c45fd7cd8d10b345be7b85],
Physical Sectors: 0
(No malicious items detected)
(end)