Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 17.7.2014 Scan Time: 21:24:27 Logfile: dssfsd.txt Administrator: No Version: 2.00.2.1012 Malware Database: v2014.07.17.10 Rootkit Database: v2014.07.14.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Doma Scan Type: Threat Scan Result: Completed Objects Scanned: 271970 Time Elapsed: 17 min, 34 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 21 PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar, Quarantined, [346a406095e646f02a4bdc29c53fca36], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [ddc1831d502b5cdac6221ea100020bf5], PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [0b93a1ff5229c27403f46a786b9704fc], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2642401982-2647147876-2784815290-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [6a34524eed8ee650dc27c54d6a9ada26], PUP.Optional.iWebar.A, HKU\S-1-5-21-2642401982-2647147876-2784815290-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [d1cddac63e3da78feb0c1bc7ce34f010], PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], Registry Values: 1 PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [ddc1831d502b5cdac6221ea100020bf5] Registry Data: 0 (No malicious items detected) Folders: 7 PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{B0C18B3B-B087-4F13-A734-4B872A68FEA1}, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], Files: 32 PUP.Optional.crossRider.A, C:\Users\Doma\AppData\Local\Temp\~nsu.tmp\Au_.exe, Quarantined, [d7c7d4cc572444f29865dc630ff1b749], PUP.Optional.OpenCandy, C:\Users\Doma\AppData\Local\Temp\nsr2A13.tmp\DTLite.exe, Quarantined, [aaf4079976053ff710ad0cbec53f36ca], PUP.Optional.ScramblePacker.A, C:\Users\Doma\AppData\Local\Temp\Install_10857\sense.exe, Quarantined, [f1ad18887407ca6c0f61ee984bb622de], PUP.Optional.ScramblePacker.A, C:\Users\Doma\AppData\Local\Temp\Install_11894\sense.exe, Quarantined, [1e80f6aae19a80b6bfb15333e1202ed2], PUP.Optional.ScramblePacker.A, C:\Users\Doma\AppData\Local\Temp\Install_30017\sense.exe, Quarantined, [8d11cad60a71d95dadc30b7b26dbb14f], PUP.Optional.ScramblePacker.A, C:\Users\Doma\AppData\Local\Temp\Install_30207\sense.exe, Quarantined, [1f7f811fd5a64cea4828d6b0a25ff20e], PUP.Optional.CrossRider.A, C:\Users\Doma\AppData\Local\Temp\Install_4339\iwebar.exe, Quarantined, [d2ccfda3f586ca6c829cfe4f49b7f907], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Quarantined, [bde1534da1da7eb84c46928c42c23cc4], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Quarantined, [5b432b750f6c40f640531e0037cd39c7], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Quarantined, [445a18883546e94ddbb90c12fc085ba5], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Quarantined, [c2dc5b45037867cfa4f1be600400a35d], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [f1ad3f61b6c5d85e913a04b7d9292ad6], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\GoogleCrashHandler.exe, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\GoogleUpdate.exe, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\GoogleUpdateBroker.exe, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\GoogleUpdateHelper.msi, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\GoogleUpdateOnDemand.exe, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\goopdate.dll, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\goopdateres_en.dll, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\npGoogleUpdate4.dll, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\psmachine.dll, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], PUP.Optional.GlobalUpdate.A, C:\Users\Doma\AppData\Local\Temp\comh.417229\psuser.dll, Quarantined, [b5e9b0f0dba042f485626e4dc9394eb2], Physical Sectors: 0 (No malicious items detected) (end)