Malwarebytes Anti-Malware www.malwarebytes.org Scandatum: 1-10-2015 Scantijd: 11:13 Logboekbestand: scanlog.txt Beheerder: Ja Versie: 2.1.8.1057 Malware-database: v2015.10.01.03 Rootkit-database: v2015.09.22.01 Licentie: Gratis Malware-bescherming: Uitgeschakeld Bescherming tegen kwaadaardige websites: Uitgeschakeld Zelfbescherming: Uitgeschakeld Besturingssysteem: Windows 7 Service Pack 1 Processor: x64 Bestandssysteem: NTFS Gebruiker: RON12 Scantype: Aangepaste scan Resultaat: Voltooid Objecten gescand: 749239 Verstreken tijd: 3 u., 3 min, 50 sec Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Ingeschakeld Heuristiek: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (Geen kwaadaardige items gedetecteerd) Modules: 0 (Geen kwaadaardige items gedetecteerd) Registersleutels: 21 PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\3045035B-3C14-4698-8AC4-ADB18CC42C1E, , [f0d75ff2008bad894c085d9a8e740000], PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\3045035B-3C14-4698-8AC4-ADB18CC42C1E, , [f0d75ff2008bad894c085d9a8e740000], PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\3045035B-3C14-4698-8AC4-ADB18CC42C1E, , [f0d75ff2008bad894c085d9a8e740000], PUP.Optional.Yahoo, HKLM\SOFTWARE\WajaInternetEn, , [dfe88bc66526de588dd5a62d09fb6799], PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnceF12EFE749B4346DCB566075FA78ACB9C, , [794eb59c0c7fe0566f6863567c88f40c], PUP.Optional.PlusHD, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Plus-HD-2.2-codedownloader, , [b90e70e10b802511102bb10bf014c739], PUP.Optional.PlusHD, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Plus-HD-2.2-enabler, , [bf08e1704d3ec96d99a2695323e16898], PUP.Optional.PlusHD, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Plus-HD-2.2-firefoxinstaller, , [d5f268e938533bfb9d9e4d6f51b3758b], PUP.Optional.PlusHD, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Plus-HD-2.2-updater, , [be09e071f09b1d19a9925a6227dd6d93], PUP.Optional.Yahoo, HKLM\SOFTWARE\WOW6432NODE\WajaInternetEn, , [8542e170711afb3b68faf0e37292d22e], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5221343B-E860-41ED-9772-FE6E703646DC}, , [edda41105d2efd395c80a3fbbf4537c9], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{686A5FD6-186D-403B-BB76-8A3A4751DF37}, , [1fa8054cdab1a59178636d31778daf51], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AE418C95-BC37-4BDD-85D6-E792024CA540}, , [685fcc85b3d843f34298c0de63a1946c], PUP.Optional.Incredibar, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\Incredibar.com, , [4087aca58cffb2842836a408ae566f91], PUP.Optional.BSPlayer, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\APPDATALOW\SOFTWARE\BS_Player, , [0abdf65b2e5d65d179df5343ba4a0000], PUP.Optional.CrossRider, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [dfe831204b4051e5a0ea8716ff05a759], PUP.Optional.PlusHD, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-2.2, , [794e70e187042610569ff0cbae56a060], PUP.Optional.SerachQU, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\APPDATALOW\SOFTWARE\searchqutoolbar, , [15b2460b93f8241285e6675db1534ab6], PUP.Optional.FunMoods, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3052FEA4-1A9A-4C54-B8A8-368BB6CEC255}, , [18afc0910487db5b2e80bde918ecdb25], PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\TOOLBAR\REGISTEREDSOURCES, , [f9ce73de8902fe38f8e4077e9b69c63a], PUP.Optional.Wajam, HKU\S-1-5-21-1255420860-2708843325-1920694139-1006\SOFTWARE\WajIEnhance, , [e9dee36e6823ac8a57ceca06778d7987], Registerwaarden: 9 PUP.Optional.ConduitTB, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{30F9B915-B755-4826-820B-08FBA6BD249D}, , [10b792bfc2c9d1650f6848a6e022a35d], PUP.Optional.ConduitTB, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{30F9B915-B755-4826-820B-08FBA6BD249D}, 0U&H $, , [10b792bfc2c9d1650f6848a6e022a35d] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5221343b-e860-41ed-9772-fe6e703646dc}|AppName, Plus-HD-2.2-codedownloader.exe, , [edda41105d2efd395c80a3fbbf4537c9] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{686a5fd6-186d-403b-bb76-8a3a4751df37}|AppName, Plus-HD-2.2-buttonutil.exe, , [1fa8054cdab1a59178636d31778daf51] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ae418c95-bc37-4bdd-85d6-e792024ca540}|AppName, Plus-HD-2.2-bg.exe, , [685fcc85b3d843f34298c0de63a1946c] PUP.Optional.FunMoods, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3052FEA4-1A9A-4C54-B8A8-368BB6CEC255}|URL, http://start.funmoods.com/results.php?f=4&a=nv1&q={searchTerms}, , [18afc0910487db5b2e80bde918ecdb25] PUP.Optional.FunMoods, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3052FEA4-1A9A-4C54-B8A8-368BB6CEC255}|OSDFileURL, file:///C:/Users/RON/AppData/Local/Temp/FNMD/FM/1.5.11.16/funmoods.xml, , [784fdb7639528fa7f6b8941229db758b] PUP.Optional.FunMoods, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3052FEA4-1A9A-4C54-B8A8-368BB6CEC255}|FaviconURL, http://start.funmoods.com/favicon.ico, , [f4d3bb96503b3afc0da1089e5ba9bc44] PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1255420860-2708843325-1920694139-1000\TOOLBAR\REGISTEREDSOURCES|CT3031771, 0, , [f9ce73de8902fe38f8e4077e9b69c63a] Registerdata: 0 (Geen kwaadaardige items gedetecteerd) Mappen: 4 PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Uninstall Wajam, , [af189db4c3c856e0d53040907d87cb35], Bestanden: 30 PUP.Optional.OpenCandy, C:\System Volume Information\SystemRestore\FRStaging\Users\RON\AppData\Local\temp\HYD511C.tmp.1441800101\HTA\3rdparty\OCSetupHlp.dll, , [a72097ba3a5175c1072495125ea7728e], PUP.Optional.Conduit, C:\zoek\in\USERTEMP\spstub.exe, , [3b8c252c9eed94a27c15cb6d6d9416ea], PUP.Optional.Conduit, C:\zoek\in\USERTEMP\dlLogic.exe, , [15b2d27f4e3dff37ccce61f54db3857b], PUP.Optional.Wajam, C:\zoek_backup\C_Users_RON12_AppData_Roaming_RPEng\7A9879A1DA5E40AA82D429F7DF32BBD4\WWE_1.51.5.2.exe, , [2f9869e89cef072f1fef14ce35ccfc04], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Wajam Website.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Settings.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\SignIn with Facebook.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\SignIn with Twitter.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Ask.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Google.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\IMDb.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Shopping.com.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\TripAdvisor.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Wikipedia.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Search\Yahoo!.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Amazon.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Argos.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Ebay.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Etsy.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\HomeDepot.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Ikea.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Lowe's.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Mercadolivre.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\MyShopping.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Sears.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Target.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Tesco.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Walmart.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Explore Social Shopping\Zalando.lnk, , [af189db4c3c856e0d53040907d87cb35], PUP.Optional.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEn\Uninstall Wajam\uninstall.lnk, , [af189db4c3c856e0d53040907d87cb35], Fysieke Sectoren: 0 (Geen kwaadaardige items gedetecteerd) (end)