Malwarebytes Anti-Malware www.malwarebytes.org Scandatum: 3-6-2016 Scantijd: 14:31 Logboekbestand: 03062016.txt Beheerder: Ja Versie: 2.2.1.1043 Malware-database: v2016.06.03.02 Rootkit-database: v2016.05.27.01 Licentie: Proef Malware-bescherming: Ingeschakeld Bescherming tegen kwaadaardige websites: Ingeschakeld Zelfbescherming: Uitgeschakeld Besturingssysteem: Windows 8.1 Processor: x64 Bestandssysteem: NTFS Gebruiker: Ed Scantype: Bedreigingsscan Resultaat: Voltooid Objecten gescand: 336338 Verstreken tijd: 23 min, 59 sec Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Uitgeschakeld Heuristiek: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (Geen kwaadaardige items gedetecteerd) Modules: 0 (Geen kwaadaardige items gedetecteerd) Registersleutels: 31 PUP.Optional.SearchApp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}, In quarantaine, [c4ca04f4851446f08fcaadd27e845ea2], PUP.Optional.SearchExtension, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaahlfahldnilidgnlikdckbfehhca, In quarantaine, [e5a955a3bbde5bdb077895091fe4a957], PUP.Optional.CrossRider, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3487, In quarantaine, [6d21a4545148a88e0a1a236756ad45bb], PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, In quarantaine, [bad476829405c3730429ccfd2bd80af6], PUP.Optional.OptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{01D9C129-06B7-4800-B07C-55D56DD0A811}, Verwijder-bij-herstart, [8b0312e694052b0b08df298fc53ddd23], PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, In quarantaine, [ace232c6cfca5cda8fc1c8fc15edc53b], PUP.Optional.Cinema4U, HKLM\SOFTWARE\WOW6432NODE\Cinema 4u, In quarantaine, [107e00f8d3c675c13ed7077f01029d63], PUP.Optional.Cinema4U, HKLM\SOFTWARE\WOW6432NODE\Cinema 4u-nv, In quarantaine, [7b138c6ce2b793a32de8e3a310f3659b], PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\Datamngr, In quarantaine, [345acb2de5b48fa70922af1ab84b9e62], PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F}, In quarantaine, [f599ee0af0a94ceaa6a5fea47e85ac54], PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, In quarantaine, [9df131c7a7f280b6a4a8643e14efd12f], PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, In quarantaine, [d6b853a51d7c03331016fd92f40f6997], PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaafeopjhkcolncjbedbhofpocmdbn, In quarantaine, [1e70b93ffd9cbf773ad7527742c19d63], PUP.Optional.SearchExtension, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaahlfahldnilidgnlikdckbfehhca, In quarantaine, [593539bf5049b5814738732b0102a25e], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\3487, In quarantaine, [dbb304f4fe9bee48f92b3555bd46a45c], PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, In quarantaine, [424c8474a0f91f173df0923748bb8977], PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E3469C20-B31D-458D-80CE-FE56E9501222}, In quarantaine, [a7e714e4a8f177bfff196e5b8d7635cb], PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, In quarantaine, [741aba3eedacf442db7493318c7628d8], PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In quarantaine, [0c82cd2b613843f31d2aa20020e3ce32], PUP.Optional.ASK.Gen, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\APNDTX, In quarantaine, [90fe9860dabf3bfbb6d6eebbac57ce32], PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\AskPartnerNetwork, In quarantaine, [c3cb4cac9bfe8caa64eb2a9a8e74b050], PUP.Optional.MoviesToolBar, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\ilividbandoomoviestoolbar, In quarantaine, [711da0580f8a6bcb5c344354bb486b95], PUP.Optional.InstallCore, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\InstallCore, In quarantaine, [4c4263958811270f013c672b649f5aa6], PUP.Optional.WeDownLoadManager, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\WeDlMngr, In quarantaine, [59352eca9dfc81b5f447179011f220e0], PUP.Optional.Astromenda, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\wse_astromenda, In quarantaine, [d7b7797fa0f971c513a97b07f3100bf5], PUP.Optional.SuperOptimizer, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In quarantaine, [6f1ffefa128759ddeb5ca4fece3534cc], PUP.Optional.Cinema4U, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\APPDATALOW\SOFTWARE\Cinema 4u, In quarantaine, [1c726197a0f9251183917e083fc43cc4], PUP.Optional.CrossRider, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In quarantaine, [e5a9bb3d148544f28318e2a782819c64], PUP.Optional.CrossRider, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\ads, In quarantaine, [d9b57f7998012511d1d56722df243fc1], PUP.Optional.OptimizerPro, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\OPTIMIZER PRO, In quarantaine, [f29cd523b5e467cf3b5d3c5d9172748c], PUP.Optional.CrossRider, HKU\S-1-5-21-2803483633-59787989-2409404269-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\WINDOWS_IE_AC_001\SOFTWARE\Crossrider, In quarantaine, [eea0bc3c4950f73f309c13b321e23dc3], Registerwaarden: 7 PUP.Optional.OptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{01D9C129-06B7-4800-B07C-55D56DD0A811}|Path, \Optimizer Pro Schedule, Verwijder-bij-herstart, [8b0312e694052b0b08df298fc53ddd23] PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, In quarantaine, [97f76b8d62372412506ea8dabd46f907] PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a}|AppPath, C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE, In quarantaine, [385619df762346f0e2366069a75c9868] PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E3469C20-B31D-458D-80CE-FE56E9501222}|AppPath, C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE, In quarantaine, [a7e714e4a8f177bfff196e5b8d7635cb] PUP.Optional.DataMngr.AppFlsh, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x86, C:\Program Files (x86)\Movies App\Datamngr\apcrtldr.dll, In quarantaine, [a3eb50a86d2c66d075bb8841b64dde22] PUP.Optional.DataMngr.AppFlsh, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x64, C:\Program Files (x86)\Movies App\Datamngr\x64\apcrtldr.dll, In quarantaine, [d0be38c0d4c50c2a38f82c9df90a9769] PUP.Optional.OptimizerPro, HKU\S-1-5-21-2803483633-59787989-2409404269-1001\SOFTWARE\OPTIMIZER PRO|AdsBuyNowURL, http://www.safeshopgate.com/r?s=121000600&g=E631C7E1-FD34-3F47-2C49-87E4ECBB22A7, In quarantaine, [f29cd523b5e467cf3b5d3c5d9172748c] Registerdata: 0 (Geen kwaadaardige items gedetecteerd) Mappen: 10 PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\newtab, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\newtab\js, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\settings, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\_metadata, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], Bestanden: 17 PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\apnAPI.js, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\manifest.json, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\build.json, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo\ask_flat_20x.png, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo\logo_128x.png, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo\logo_19x.png, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo\logo_19x_grey.png, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo\logo_24x.png, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo\logo_32x.png, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo\newtablogo.png, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo\toolbar-icon-ask.ico, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\config\skin\images\logo\toolbar-icons.png, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\newtab\newtab.html, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\newtab\js\newtab.js, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\settings\assets.js, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\settings\redirect.js, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], PUP.Optional.SearchExtension, C:\Users\Ed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca\14.10_0\_metadata\verified_contents.json, In quarantaine, [49453bbd2f6a9f97d34eabfebb4713ed], Fysieke Sectoren: 0 (Geen kwaadaardige items gedetecteerd) (end)