Malwarebytes Anti-Malware
www.malwarebytes.org
Scandatum: 4-2-2016
Scantijd: 11:04
Logboekbestand: Mbam 04-02-16 16.48 uur.txt
Beheerder: Ja
Versie: 2.2.0.1024
Malware-database: v2016.02.04.02
Rootkit-database: v2016.01.20.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld
Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: MartinSr
Scantype: Aangepaste scan
Resultaat: Voltooid
Objecten gescand: 709834
Verstreken tijd: 5 u., 13 min, 1 sec
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Diepgewortelde-rootkit scan: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
Processen: 0
(Geen kwaadaardige items gedetecteerd)
Modules: 0
(Geen kwaadaardige items gedetecteerd)
Registersleutels: 2
PUP.Optional.GlobalSearch.ShrtCln, HKU\S-1-5-21-3628179315-1915274704-1408630806-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [5b57f963c0d97eb823b104e9788a29d7],
Hijack.Trojan.Siredef.C, HKU\S-1-5-21-3628179315-1915274704-1408630806-1000_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}, , [387ae77536630f27a3b13ac770901be5],
Registerwaarden: 1
PUP.Optional.GlobalSearch.ShrtCln, HKU\S-1-5-21-3628179315-1915274704-1408630806-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://www.globasearch.com/?serie=211&installkey=yQ1yAboNk0oLuP0yrFzh&b=3&q={searchTerms}, , [5b57f963c0d97eb823b104e9788a29d7]
Registerdata: 2
Hijack.GlobaSearch.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page,
http://www.globasearch.com/?serie=211&b=3&installkey=yQ1yAboNk0oLuP0yrFzh, Goed: (
www.google.com), Slecht: (
http://www.globasearch.com/?serie=211&b=3&installkey=yQ1yAboNk0oLuP0yrFzh),,[99193923b1e8072fd76d458e669ec23e]
Hijack.GlobaSearch.C, HKU\S-1-5-21-3628179315-1915274704-1408630806-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page,
http://www.globasearch.com/?serie=211&b=3&installkey=yQ1yAboNk0oLuP0yrFzh, Goed: (
www.google.com), Slecht: (
http://www.globasearch.com/?serie=211&b=3&installkey=yQ1yAboNk0oLuP0yrFzh),,[ae041f3dc8d1cd69f3505c77fe066799]
Mappen: 6
Trojan.Siredef.C, C:\$RECYCLE.BIN\S-1-5-18\$f83a451a099f921b94822c39ad2569aa\U, , [e2d0e874009970c68eb95ba66b9536ca],
Trojan.Siredef.C, C:\$RECYCLE.BIN\S-1-5-21-3628179315-1915274704-1408630806-1000\$f83a451a099f921b94822c39ad2569aa\U, , [575bed6f8d0cbb7b291eb051966a926e],
Trojan.Siredef.C, C:\$RECYCLE.BIN\S-1-5-18\$f83a451a099f921b94822c39ad2569aa\L, , [9f13e7751e7bac8a0b3e679aa060a35d],
Trojan.Siredef.C, C:\$RECYCLE.BIN\S-1-5-21-3628179315-1915274704-1408630806-1000\$f83a451a099f921b94822c39ad2569aa\L, , [545ec399fe9bac8a51f80ef39a66df21],
Trojan.Siredef.C, C:\$RECYCLE.BIN\S-1-5-18\$f83a451a099f921b94822c39ad2569aa, , [a70b72ea6e2bc0768fbb966b53ad857b],
Trojan.Siredef.C, C:\$RECYCLE.BIN\S-1-5-21-3628179315-1915274704-1408630806-1000\$f83a451a099f921b94822c39ad2569aa, , [7a38c795a9f06dc991b913ee10f040c0],
Bestanden: 7
Trojan.Siredef.C, C:\$RECYCLE.BIN\S-1-5-18\$f83a451a099f921b94822c39ad2569aa\@, , [773b500c1386de58ca7ac14044bc639d],
Trojan.Siredef.C, C:\$RECYCLE.BIN\S-1-5-21-3628179315-1915274704-1408630806-1000\$f83a451a099f921b94822c39ad2569aa\@, , [f5bd6fedd6c31620be86738e0ef2669a],
PUP.Optional.NextLive, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir, , [555d8cd0c7d292a4984988b016eb57a9],
PUP.Optional.PCKeeper, C:\AdwCleaner\Quarantine\C\ProgramData\Kromtech\installer.exe.vir, , [eec40f4df1a864d22f94a0ade12005fb],
PUP.Optional.NextLive, C:\AdwCleaner\Quarantine\C\Users\MartinSr\AppData\Local\genienext\nengine.dll.vir, , [4a68e07cc4d58caae5fca98f58a97c84],
PUP.Optional.GlobalSearch.ShrtCln, C:\Users\MartinSr\AppData\Roaming\Mozilla\Firefox\Profiles\ls0x7e1p.default\prefs.js, Goed: (), Slecht: (user_pref("browser.newtab.url", "http://www.globasearch.com/?serie=211&b=2&installkey=yQ1yAboNk0oLuP0yrFzh&newtab")
, ,[4d65a2ba7e1b3afc2483b2470ef6b44c]
PUP.Optional.GlobalSearch.ShrtCln, C:\Users\MartinSr\AppData\Roaming\Mozilla\Firefox\Profiles\ls0x7e1p.default\prefs.js, Goed: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Slecht: (user_pref("browser.startup.homepage", "http://www.globasearch.com), ,[b6fc4517d0c932044a30f80ac540ed13]
Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)
(end)