Malwarebytes Anti-Malware www.malwarebytes.org Scandatum: 24-12-2015 Scantijd: 21:44 Logboekbestand: mbam scanlog.txt Beheerder: Ja Versie: 2.2.0.1024 Malware-database: v2015.12.24.07 Rootkit-database: v2015.12.18.01 Licentie: Gratis Malware-bescherming: Uitgeschakeld Bescherming tegen kwaadaardige websites: Uitgeschakeld Zelfbescherming: Uitgeschakeld Besturingssysteem: Windows 7 Service Pack 1 Processor: x64 Bestandssysteem: NTFS Gebruiker: Friso Scantype: Aangepaste scan Resultaat: Voltooid Objecten gescand: 594020 Verstreken tijd: 3 u., 0 min, 4 sec Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Ingeschakeld Heuristiek: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (Geen kwaadaardige items gedetecteerd) Modules: 0 (Geen kwaadaardige items gedetecteerd) Registersleutels: 18 PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , In quarantaine, [ad3a2088a9e2d56160d6a225b74c9868], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In quarantaine, [be29f0b8dbb047efd2b3fa1049bb8977], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In quarantaine, [9e494068a6e5d66093f369a1b94beb15], PUP.Optional.FastSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cfr3011, Verwijder-bij-herstart, [a83f3b6d701bdc5a3b038a16f013d828], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-6, Verwijder-bij-herstart, [d6114e5a117aab8b76cd93080bf843bd], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\e653cf25-f107-4cbe-b8d1-5dadaea354f2-1-7, Verwijder-bij-herstart, [35b29b0d46452214aa99bdde6b98d729], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\e653cf25-f107-4cbe-b8d1-5dadaea354f2-10_user, Verwijder-bij-herstart, [32b5aefa97f44de9ee558a110ff4b44c], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\e653cf25-f107-4cbe-b8d1-5dadaea354f2-11, Verwijder-bij-herstart, [6f7864446b200630e3604b502cd76f91], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\e653cf25-f107-4cbe-b8d1-5dadaea354f2-3, Verwijder-bij-herstart, [e007bcec0c7fd66086bd47542dd6a15f], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5, Verwijder-bij-herstart, [c81f693f6e1d53e3340fdfbcd33019e7], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\e653cf25-f107-4cbe-b8d1-5dadaea354f2-5_user, Verwijder-bij-herstart, [1fc8dcccbdceba7c1f24f2a916ed6997], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6, Verwijder-bij-herstart, [e700d4d47d0ebb7b0b38f2a91ce7fb05], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\e653cf25-f107-4cbe-b8d1-5dadaea354f2-7, Verwijder-bij-herstart, [7077594f09822d09ea59c3d8ec1754ac], PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV16.03, In quarantaine, [00e72f795f2c0d29c1584b49996ab44c], PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV16.03-nv, In quarantaine, [13d4ffa90289092da079e6aefb08e51b], PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV16.03-nv-ie, In quarantaine, [17d0f1b76d1ea1950b0eb5df32d119e7], PUP.Optional.Cinema, HKU\S-1-5-21-2178653797-2492864286-2871112973-1000\SOFTWARE\CinemaP-1.9cV16.03-nv, In quarantaine, [bd2afeaa69220a2cf818a4f0857eb947], PUP.Optional.Cinema, HKU\S-1-5-21-2178653797-2492864286-2871112973-1000\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, In quarantaine, [3fa89a0e08838aacac643a5afa0919e7], Registerwaarden: 7 PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130840338301817901, In quarantaine, [8d5a8622fe8d211589ac408707fc6c94] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130840338301817901, In quarantaine, [55926c3c7b1095a13401bd0a877ca45c] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130840338301817901, In quarantaine, [21c66f3902899e981223f4d3df244ab6] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130840338301817901, In quarantaine, [5e89d7d192f96bcbea4bb80f3dc6c040] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130840338301817901, In quarantaine, [994e1395b9d282b456dfefd8828118e8] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130840338301817901, In quarantaine, [e700ffa9721968ce36ffe8df6c9748b8] PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130840338301817901, In quarantaine, [ad3a2088a9e2d56160d6a225b74c9868] Registerdata: 0 (Geen kwaadaardige items gedetecteerd) Mappen: 3 PUP.Optional.MindSpark, C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fphnecoppfkhnnbhhmdmpldmkpnflegp, In quarantaine, [2dba684052393ef8937a9a13f111d32d], PUP.Optional.CrossAd.Gen, C:\Users\Friso\AppData\Local\Call Browser\Component, In quarantaine, [03e41296d6b558def6d27048ad57b947], PUP.Optional.CrossAd.Gen, C:\Users\Friso\AppData\Local\Call Browser, In quarantaine, [03e41296d6b558def6d27048ad57b947], Bestanden: 9 PUP.Optional.SearchProtect.AppFlsh, C:\zoek_backup\C_Windows_AppPatch_nbin_VC32Loader.dll.vir, In quarantaine, [2dba7d2b5d2e979f7a9ef6b66b9633cd], PUP.Optional.MindSpark, C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fphnecoppfkhnnbhhmdmpldmkpnflegp\000003.log, In quarantaine, [2dba684052393ef8937a9a13f111d32d], PUP.Optional.MindSpark, C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fphnecoppfkhnnbhhmdmpldmkpnflegp\CURRENT, In quarantaine, [2dba684052393ef8937a9a13f111d32d], PUP.Optional.MindSpark, C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fphnecoppfkhnnbhhmdmpldmkpnflegp\LOCK, In quarantaine, [2dba684052393ef8937a9a13f111d32d], PUP.Optional.MindSpark, C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fphnecoppfkhnnbhhmdmpldmkpnflegp\LOG, In quarantaine, [2dba684052393ef8937a9a13f111d32d], PUP.Optional.MindSpark, C:\Users\Friso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fphnecoppfkhnnbhhmdmpldmkpnflegp\MANIFEST-000001, In quarantaine, [2dba684052393ef8937a9a13f111d32d], PUP.Optional.CrossAd.Gen, C:\Users\Friso\AppData\Local\Call Browser\Component\config.json, In quarantaine, [03e41296d6b558def6d27048ad57b947], PUP.Optional.CrossAd.Gen, C:\Users\Friso\AppData\Local\Call Browser\Component\manifest.json, In quarantaine, [03e41296d6b558def6d27048ad57b947], PUP.Optional.CrossAd.Gen, C:\Users\Friso\AppData\Local\Call Browser\Component\uconfig.json, In quarantaine, [03e41296d6b558def6d27048ad57b947], Fysieke Sectoren: 0 (Geen kwaadaardige items gedetecteerd) (end)