Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 28-10-2014 Scan Time: 18:17:58 Logfile: MBAM Scanlog.txt Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.10.28.05 Rootkit Database: v2014.10.22.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Gebruiker Scan Type: Threat Scan Result: Completed Objects Scanned: 368359 Time Elapsed: 8 min, 1 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 4 PUP.Optional.Melondrea.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update melondrea, Quarantined, [e92c4cce85f7e74f0aea550116ed629e], PUP.Optional.TornTV.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, Quarantined, [39dc6dad275537ff4ec14d0a0bf8fd03], PUP.Optional.SuperFish.A, HKU\S-1-5-21-1243184377-1695436347-1374857548-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, Quarantined, [b75e7e9c0e6e10265ba20c2c877c4ab6], PUP.Optional.BestDiscountApp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{37476589-E48E-439E-A706-56189E2ED4C4}_is1, Quarantined, [e82dfb1f78047eb8ca0fe038d42fd828], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 4 PUP.Optional.Gameo.A, C:\Users\Gebruiker\AppData\Roaming\GameoUpdater\UpdateProc, Quarantined, [9a7b83973d3f1c1ae9b7b54b39cad42c], PUP.Optional.Extutil.A, C:\Users\Gebruiker\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Quarantined, [908509113a42e74f557f41cb54af52ae], PUP.Optional.Managera.A, C:\Users\Gebruiker\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Quarantined, [8392b664abd18ea8ebea8f7d2cd79a66], PUP.Optional.BestDiscountApp.A, C:\ProgramData\BestDiscountApp, Quarantined, [e82dfb1f78047eb8ca0fe038d42fd828], Files: 50 Riskware.BitcoinMiner, C:\Program Files (x86)\PCData\minerd.exe, Quarantined, [40d5e139bcc062d44508a1b7db260cf4], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsrE6D3.exe, Quarantined, [30e5ab6f6913ed49737f59e6cf327b85], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nss2B4E.exe, Quarantined, [967f34e66a1280b647abec53d0318878], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nswEAE9.exe, Quarantined, [42d3ff1b2656d363b042ed5228d92dd3], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsx9F8D.exe, Quarantined, [19fc0218ff7dff37c82ab08f1ce5ee12], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsxCBC0.exe, Quarantined, [ee27c258512b7cba985a50efac557d83], PUP.Optional.Conduit.A, C:\Users\Gebruiker\AppData\Local\Temp\dlLogic.exe, Quarantined, [070ec1596517c96d598860e2f01030d0], PUP.Optional.Conduit.A, C:\Users\Gebruiker\AppData\Local\Temp\dltr.exe, Quarantined, [c5505bbf4c30b97dcc16222029d733cd], PUP.Optional.RegCleanerPro, C:\Users\Gebruiker\AppData\Local\Temp\RegClean9.exe, Quarantined, [73a2ca505824d6605c2579a81fe2a15f], PUP.Optional.MultiPlug.A, C:\Users\Gebruiker\AppData\Local\Temp\294823_.exe, Quarantined, [bc590e0caece23130dacf60de91c7789], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nshBD70.exe, Quarantined, [060f13078eee181e856db38c9e6303fd], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsm8832.exe, Quarantined, [8491da4094e8f93d886aac93f30e1be5], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsmC95E.exe, Quarantined, [32e3f624691353e35b9794ab3bc6817f], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsmEC26.exe, Quarantined, [011443d73f3d84b2945e0c337f82eb15], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsmEF33.exe, Quarantined, [b65fd8424e2e0a2cf5fd330c39c8ea16], PUP.Optional.Conduit.A, C:\Users\Gebruiker\AppData\Local\Temp\GCVerifier.dll, Quarantined, [19fc7d9d6f0d8caa1ec28db5ad538977], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsa1DDC.exe, Quarantined, [68ad170395e7b482658d1e2110f1d32d], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsb8C38.exe, Quarantined, [ef263cde483442f48b67241b37ca31cf], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nsbBA43.exe, Quarantined, [57bee733c0bc999d945ed26d3dc426da], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nscA3A3.exe, Quarantined, [46cfa8722359162040b2122df908b848], PUP.Optional.SearchProtect.A, C:\Users\Gebruiker\AppData\Local\Temp\nse7784.exe, Quarantined, [51c4c555106c0036b83afc438978c43c], PUP.Optional.Linkey.A, C:\Users\Gebruiker\AppData\Local\Temp\SettingsManagerSetup.exe, Quarantined, [987dae6c225af442b0b6afee9869758b], PUP.Optional.Conduit.A, C:\Users\Gebruiker\AppData\Local\Temp\verifier.exe, Quarantined, [c84d65b58fed9e98cc161b2713ed9070], Trojan.SProtector, C:\Users\Gebruiker\AppData\Local\Temp\18be6784_.exe, Quarantined, [21f473a7a3d904328341392d18e953ad], PUP.Optional.Conduit.A, C:\Users\Gebruiker\AppData\Local\Temp\ConduitSP\sp-downloader.exe, Quarantined, [59bc75a526563cfaf927999a659c8b75], PUP.Optional.PriceMeter.A, C:\Users\Gebruiker\AppData\Local\Temp\is1914646434\284246_stp\pm.exe, Quarantined, [15007d9d6c10df57583a3a4527da6799], PUP.Optional.BPlug, C:\Users\Gebruiker\AppData\Local\Temp\is1957915176\7FD0E500_stp\deal_keeper_installer_v3.exe, Quarantined, [a471e23882fa48ee833d823e40c132ce], PUP.Optional.Rapiddown, C:\Users\Gebruiker\AppData\Local\Temp\n8809\s8809.exe, Quarantined, [ff16cd4d770575c101421563827fe719], PUP.Optional.RegCleanerPro, C:\Users\Gebruiker\AppData\Local\Temp\RegCelanPro\RegCleanSetup9.exe, Quarantined, [5fb624f65a22ca6ca0e19d84d1308c74], PUP.Optional.Melondrea.A, C:\Users\Gebruiker\AppData\Local\Temp\n1879\melondrea_0702-81cfb2ef.exe, Quarantined, [9a7b2cee3745b4825948e111e81cf20e], PUP.Optional.Rapiddown, C:\Users\Gebruiker\AppData\Local\Temp\n1879\s1879.exe, Quarantined, [51c40a10007c62d4b48f1563728fd828], PUP.Optional.Babylon, C:\Users\Gebruiker\AppData\Local\Temp\n1879\systemspeedup_1203-72c8223c.exe, Quarantined, [e0357aa00577082ea726e8d144bdff01], PUP.Optional.Rapiddown, C:\Users\Gebruiker\AppData\Local\Temp\n2186\s2186.exe, Quarantined, [5eb732e86616dc5ad76cc7b1ae534bb5], PUP.Optional.Conduit.A, C:\Users\Gebruiker\AppData\Local\Temp\n2186\searchprotect_2111-1a12a8ce.exe, Quarantined, [35e0b1691d5f56e0c65af340b64b6c94], PUP.Optional.Rapiddown, C:\Users\Gebruiker\AppData\Local\Temp\n2457\s2457.exe, Quarantined, [de37bf5b7efe42f4c083542429d855ab], PUP.Optional.Rapiddown, C:\Users\Gebruiker\AppData\Local\Temp\n8489\s8489.exe, Quarantined, [cf46d644b3c9112591b232465ca57a86], PUP.Optional.Conduit.A, C:\Users\Gebruiker\AppData\Local\Temp\nsgE915\SpSetup.exe, Quarantined, [a37237e32f4d58de9351f83cef12b848], PUP.Optional.Conduit.A, C:\Users\Gebruiker\AppData\Local\Temp\nsm85CB\SpSetup.exe, Quarantined, [3cd9170390ec55e19b490331c04149b7], PUP.Optional.Conduit.A, C:\Users\Gebruiker\AppData\Local\Temp\nsr72A2\SpSetup.exe, Quarantined, [b164fe1c2f4d6fc7b232b48070910ef2], PUP.Optional.ReMarkable.A, C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Quarantined, [e62fe931601c280e10c26b2c32d244bc], PUP.Optional.ReMarkable.A, C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Quarantined, [75a01802a1db3ef830a29ff81be952ae], PUP.Optional.Gameo.A, C:\Users\Gebruiker\AppData\Roaming\GameoUpdater\UpdateProc\config.dat, Quarantined, [9a7b83973d3f1c1ae9b7b54b39cad42c], PUP.Optional.Gameo.A, C:\Users\Gebruiker\AppData\Roaming\GameoUpdater\UpdateProc\info.dat, Quarantined, [9a7b83973d3f1c1ae9b7b54b39cad42c], PUP.Optional.Extutil.A, C:\Users\Gebruiker\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, Quarantined, [908509113a42e74f557f41cb54af52ae], PUP.Optional.Extutil.A, C:\Users\Gebruiker\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, Quarantined, [908509113a42e74f557f41cb54af52ae], PUP.Optional.Extutil.A, C:\Users\Gebruiker\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, Quarantined, [908509113a42e74f557f41cb54af52ae], PUP.Optional.Managera.A, C:\Users\Gebruiker\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, Quarantined, [8392b664abd18ea8ebea8f7d2cd79a66], PUP.Optional.Managera.A, C:\Users\Gebruiker\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, Quarantined, [8392b664abd18ea8ebea8f7d2cd79a66], PUP.Optional.BestDiscountApp.A, C:\ProgramData\BestDiscountApp\BestDiscountApp.exe, Quarantined, [e82dfb1f78047eb8ca0fe038d42fd828], PUP.Optional.GboxApp.A, C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://search.gboxapp.com/",), Replaced,[060f9684166657df4f23db89e91c21df] Physical Sectors: 0 (No malicious items detected) (end)