Stap 1:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scandatum: 31-7-2015
Scantijd: 18:33
Logboekbestand: Mbam scan.txt
Beheerder: Ja
Versie: 2.1.8.1057
Malware-database: v2015.07.31.05
Rootkit-database: v2015.07.30.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld
Besturingssysteem: Windows 8.1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: stanl_000
Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 350377
Verstreken tijd: 24 min, 27 sec
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
Processen: 0
(Geen kwaadaardige items gedetecteerd)
Modules: 0
(Geen kwaadaardige items gedetecteerd)
Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)
Registerwaarden: 0
(Geen kwaadaardige items gedetecteerd)
Registerdata: 0
(Geen kwaadaardige items gedetecteerd)
Mappen: 0
(Geen kwaadaardige items gedetecteerd)
Bestanden: 2
PUP.Optional.FilterResults.A, C:\Users\stanl_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_filterresults-a.akamaihd.net_0.localstorage, In quarantaine, [e96872762f5bef47a118e0c028dcf709],
PUP.Optional.FilterResults.A, C:\Users\stanl_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_filterresults-a.akamaihd.net_0.localstorage-journal, In quarantaine, [b0a124c46a206ec8eccd1d835ba941bf],
Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)
(end)
--- Update ---
stap 2:
9-lab Removal Tool 1.0.0.36 BETA
9-lab.com
Database version: 111.33004
Windows 8.1 (Version 6.3, Build 0, 64-bit Edition)
Internet Explorer 9.11.9600.17905
stanl_000 :: STANLEY
31-7-2015 19:12:14
9lab-log-2015-07-31 (19-12-14).txt
Scan type: Full
Objects scanned: 82347
Time Elapsed: 55 m 44 s
Registry Values detected: 23
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ActionCenterDownloader.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BlueBirdInit.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EAProxyInstaller.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Homepage.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\igoproxy.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\igoproxy64.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMF.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMFsrv.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMFTips.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IMF_ActionCenterDownloader.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IWsIMF.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LocalLang.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Origin.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OriginClientService.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OriginCrashReporter.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OriginER.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ReProcess.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDInit.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SendBugReport.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SendBugReportNew.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartDefrag.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPSetup.exe Debugger]
Risk.ImageFileExecutionOptions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpdateTool.exe Debugger]
Files detected: 2
[D150F34597E3B72F6F3125953CABD649] Malware.Win32.Gen.sm [C:\ProgramData\IObit\ASCDownloader\IMF3\Driver Booster.exe]
[D508DC4A2795631D873BD50B87F58BBA] Malware.Win32.Gen.sm [C:\ProgramData\IObit\ASCDownloader\IMF3\Start Menu 8.exe]