Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malware and Pop-Ups

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Malware and Pop-Ups

Unread postby Gary R » May 30th, 2015, 1:02 am

I don't see the e-set log that I asked for, if you haven't yet run an e-set scan please do so and post me the log.

If you've just forgotten to post it, then please post it.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Re: Malware and Pop-Ups

Unread postby maximusdowns » May 30th, 2015, 2:12 am

And here is my eset.txt:

C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Anneliese.exe.vir Win32/Toolbar.Perion.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Brito.exe.vir a variant of Win32/Toolbar.Perion.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\csrcc.exe.vir a variant of Win32/Toolbar.Perion.R potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Earlene32.dll.vir a variant of Win32/Toolbar.BitCocktail.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Earlene64.dll.vir a variant of Win64/Toolbar.Perion.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Isaacson.dll.vir a variant of Win32/Toolbar.Perion.Q potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Ivonne64.dll.vir a variant of Win64/Toolbar.Perion.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Sturgeon.dll.vir a variant of Win32/Toolbar.Perion.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Sturgeon64.dll.vir a variant of Win32/Toolbar.Perion.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Winfrey.dll.vir a variant of Win32/Toolbar.Perion.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\Firefox\chrome\content\main.js.vir Win32/Toolbar.Perion.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\EduAppbho.dll.vir a variant of Win32/BrowseFox.AE potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\EduAppUninstall.exe.vir a variant of Win32/BrowseFox.AY potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\updateEduApp.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\3f1219df4a4d40a39537.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\3f1219df4a4d40a3953764.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\3f1219df4a4d40a39537f2a95f4016b3.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\3f1219df4a4d40a39537f2a95f4016b364.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\6dd55e9a3d064d70b5e7.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\6dd55e9a3d064d70b5e705fc3e0a3d66.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\6dd55e9a3d064d70b5e705fc3e0a3d6664.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\6dd55e9a3d064d70b5e764.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\EduApp.BrowserAdapter.exe.vir Win32/BrowseFox.AX potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\EduApp.BrowserAdapter64.exe.vir Win64/BrowseFox.CP potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\EduApp.expext.exe.vir a variant of Win32/BrowseFox.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\EduApp.expextdll.dll.vir a variant of Win64/BrowseFox.CJ potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\EduApp.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\utilEduApp.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\plugins\EduApp.BrowserAdapter.dll.vir a variant of MSIL/BrowseFox.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\plugins\EduApp.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\plugins\EduApp.ExpExt.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\plugins\EduApp.FFUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\plugins\EduApp.GCUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Edu App\bin\plugins\EduApp.PurBrowse.dll.vir a variant of MSIL/BrowseFox.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\cherimoya.sys.vir a variant of Win64/NetFilter.A potentially unsafe application
C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{3f1219df-4a4d-40a3-9537-f2a95f4016b3}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application
C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application
C:\AdwCleaner\Quarantine\C\WINDOWS\System32\drivers\{6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}w64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application
C:\FRST\Quarantine\C\FRST\Quarantine\C\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe.xBAD a variant of Win32/Verti.K potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\manifest.json JS/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro.dll a variant of Win32/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro.exe a variant of Win32/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro64.dll a variant of Win64/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\SPRemove.exe Win32/SpeedBit.B.gen potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\Updater.exe a variant of Win32/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\FireFox\content\overlay.js JS/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\jsdrv.exe a variant of Win32/ShopperPro.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1841\jsdrv.exe a variant of Win32/ShopperPro.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\Super Optimizer\SuperOptimizer.exe a variant of Win32/Adware.SpeedingUpMyPC.AG application
C:\FRST\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptGuard.exe a variant of Win32/Adware.SpeedingUpMyPC.AD application
C:\FRST\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptHelper.dll a variant of Win32/OptimizerPro.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptLauncher.exe a variant of Win32/Adware.SpeedingUpMyPC.AC application
C:\FRST\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptReminder.exe a variant of Win32/Adware.SpeedingUpMyPC.AE application
C:\FRST\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptSchedule.exe a variant of Win32/Adware.SpeedingUpMyPC.AL application
C:\FRST\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptSmartScan.exe a variant of Win32/Adware.SpeedingUpMyPC.AG application
C:\FRST\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptStart.exe a variant of Win32/Adware.SpeedingUpMyPC.AG application
C:\FRST\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptStats.dll a variant of Win32/Adware.MultiPlug.IX application
C:\FRST\Quarantine\C\Program Files (x86)\Supporter\Supporter.dll a variant of Win32/SProtector.Q potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\SysFiles\HealthcareGovTool.exe a variant of Win32/Toolbar.Besttoolbars.I potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\SysFiles\WebWatcherCert.dll a variant of Win32/Packed.Komodia.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\SysFiles\WebWatcherLSP.dll a variant of Win32/Packed.Komodia.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\SysFiles\WebWatcherLSP.exe a variant of Win32/Packed.Komodia.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\SysFiles\WebWatcherProxy.exe a variant of Win32/Packed.Komodia.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\YTDownloader\BrowserHelper.exe a variant of Win32/SBWatchman.D potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe a variant of Win32/SBWatchman.D potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\YTDownloader\converter.exe a variant of Win32/SBWatchman.D potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\YTDownloader\DownloadAPI.dll a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\YTDownloader\DownloadHelper.exe a variant of Win32/SBWatchman.D potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\YTDownloader\sbmntr.sys a variant of Win32/SBWatchman.D potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\YTDownloader\Updater.exe a variant of Win32/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\YTDownloader\YTDownloader.exe a variant of Win32/SBWatchman.G potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\YTDownloader\YTDUninstall.exe a variant of Win32/SBWatchman.D potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\Browser\prompt.exe a variant of MSIL/Adware.PullUpdate.L.gen application
C:\FRST\Quarantine\C\ProgramData\c1c05f7061d940b085ed209085e4a787\c1c05f7061d940b085ed209085e4a787.exe a variant of Win32/Adware.PicColor.AB application
C:\FRST\Quarantine\C\ProgramData\DQZCqeZhJD\SwdrFREjyLh.exe.xBAD a variant of MSIL/Adware.PullUpdate.G.gen application
C:\FRST\Quarantine\C\ProgramData\DQZCqeZhJD\DQZCqeZhJD\dat\PKgqIwLNr.dll a variant of MSIL/Adware.PullUpdate.K.gen application
C:\FRST\Quarantine\C\ProgramData\DQZCqeZhJD\DQZCqeZhJD\dat\TgTQTt.exe a variant of MSIL/Adware.PullUpdate.G.gen application
C:\FRST\Quarantine\C\ProgramData\DQZCqeZhJD\DQZCqeZhJD\dat\TzpiDJ.dll a variant of MSIL/Adware.PullUpdate.K.gen application
C:\FRST\Quarantine\C\ProgramData\DQZCqeZhJD\DQZCqeZhJD\dat\XXOTpJO.exe a variant of MSIL/Adware.PullUpdate.G.gen application
C:\FRST\Quarantine\C\ProgramData\e29c40da53af42a3895e10c22c3d76c2\e29c40da53af42a3895e10c22c3d76c2.exe a variant of Win32/Adware.PicColor.AE application
C:\FRST\Quarantine\C\ProgramData\NetEngine\bin\D10\netengine.exe.xBAD a variant of MSIL/Adware.PullUpdate.P application
C:\FRST\Quarantine\C\ProgramData\Radio\prompt.exe.xBAD a variant of MSIL/Adware.PullUpdate.L.gen application
C:\FRST\Quarantine\C\ProgramData\ShopperPro\ShopperPro.dll a variant of Win32/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\ShopperPro\ShopperPro64.dll a variant of Win64/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\{18c1d0f7-b873-4d6b-18c1-1d0f7b8743de}\hqghumeaylnlf.exe a variant of Win32/Adware.SpeedingUpMyPC.AA application
C:\FRST\Quarantine\C\ProgramData\{20563ee8-ab9c-4ef3-2056-63ee8ab9fba2}\hqghumeaylnlf.exe a variant of Win32/Adware.SpeedingUpMyPC.AA application
C:\FRST\Quarantine\C\ProgramData\{327cb5fd-4a9d-c1e5-327c-cb5fd4a9d7f5}\hqghumeaylnlf.exe a variant of Win32/Adware.SpeedingUpMyPC.AA application
C:\FRST\Quarantine\C\ProgramData\{3807D0C4-6885-0142-D903-71C00981A24E}\1.9.3.1\fiber.js Win32/DealPly.AP potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\{3807D0C4-6885-0142-D903-71C00981A24E}\1.9.3.1\mite.dll a variant of Win32/DealPly.AP potentially unwanted application
C:\FRST\Quarantine\C\ProgramData\{9af26980-7f72-f498-9af2-269807f7a601}\pricelessinstaller.exe a variant of Win32/Adware.MultiPlug.KP application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\00000000-1430166663-0000-0000-6C626DB6DAC3\bnslFE2A.exe a variant of Win32/Adware.ConvertAd.KG application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\00000000-1431767532-0000-0000-6C626DB6DAC3\bnsyDEE9.exe a variant of Win32/Adware.ConvertAd.OU application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\30034\Updater.exe a variant of Win32/Amonetize.EP potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\avabvyxvdy\avabvyxvdy.exe a variant of Win32/Conduit.SearchProtect.Y potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\avabvyxvdy\pbqrmvbub a variant of Win32/ClientConnect.A potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\gmsd_us_585\upgmsd_us_585.exe a variant of Win32/Adware.EoRezo.AJ application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\gmsd_us_608\upgmsd_us_608.exe a variant of Win32/Adware.EoRezo.AJ application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\gmsd_us_608\Download\myoffergroup_us6.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Installgeforce_5348\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Installgeforce_8865\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Installshopperpro_5348\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Installshopperpro_8865\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_12280\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_13204\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_18077\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_18256\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_19783\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_21149\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_24936\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_27195\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_29589\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_29735\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_30843\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Installer\Install_8310\DCytdkietut_tutdk_setup.exe a variant of Win32/SpeedBit.F potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\CJEXS4BH\dl[1].htm a variant of Win32/Adware.ConvertAd.QH application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\CJEXS4BH\OfferInstaller[1].exe a variant of MSIL/Adware.Imali.A application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\CJEXS4BH\VOsrv[1].exe a variant of Win32/Adware.ConvertAd.OT application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\CJEXS4BH\VuuPC_VO2_8907[1].exe a variant of Win32/InstallMonetizer.BC potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\F9AFFZ6K\dl[1].htm a variant of Win32/Adware.ConvertAd.QH application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\F9AFFZ6K\imali_bundle[1].exe a variant of Win32/Adware.Imali.A application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\F9AFFZ6K\infonaut-setup-1.10.0.14[1].exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\F9AFFZ6K\mediaplayer[1].exe a variant of Win32/DownloadAssistant.A potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\F9AFFZ6K\rvwr[1].exe a variant of Win32/Adware.ConvertAd.QH application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\F9AFFZ6K\Setup[1].exe a variant of Win32/InstallCore.PK potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\F9AFFZ6K\SmartWebInstaller[1].exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\F9AFFZ6K\F9AFFZ6K\sprz[1].exe Win32/Toolbar.Perion.L potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\K4O0T7E9\policyname[1].exe a variant of Win32/Adware.ConvertAd.QH application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\K4O0T7E9\Setup[2].exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\K4O0T7E9\K4O0T7E9\9521f896-c8cf-4b5f-aeb4-0e60616ff5fb[1].exe a variant of Win32/Toolbar.Iminent.E potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\K4O0T7E9\K4O0T7E9\Iminent[1].exe a variant of Win32/Toolbar.Iminent.K potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\K4O0T7E9\K4O0T7E9\rvwr[1].exe a variant of Win32/Adware.ConvertAd.QH application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\K4O0T7E9\K4O0T7E9\SearchUpdater[1].exe a variant of Win32/Adware.ConvertAd.QH application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\K4O0T7E9\K4O0T7E9\Setup[1].exe a variant of Win32/InstallCore.PK potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\K4O0T7E9\K4O0T7E9\setup_gmsd_us[1].exe a variant of Win32/Adware.EoRezo.AZ application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\OMP2X8E9\rvwr[1].exe a variant of Win32/Adware.ConvertAd.QH application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\OMP2X8E9\SearchUpdater[1].exe a variant of Win32/Adware.ConvertAd.QH application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\OMP2X8E9\setup[1].exe a variant of Win32/Toolbar.CrossRider.CN potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\OMP2X8E9\setup[2].exe a variant of Win32/Packed.ScrambleWrapper.O potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\OMP2X8E9\setup_gmsd_us[1].exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\OMP2X8E9\OMP2X8E9\mediaplayer[1].exe a variant of Win32/DownloadAssistant.A potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Microsoft\Windows\INetCache\IE\OMP2X8E9\OMP2X8E9\SmartWebInstaller[1].exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Mozilla\Firefox\Profiles\174u8fal.default\cache2\entries\3389952AAE22DA2ED67443DF8D4C99E6AFA71E4B.xBAD JS/Kryptik.I trojan
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Mozilla\Firefox\Profiles\174u8fal.default\cache2\entries\9BE5209DB4BBBD550FD08C6300BE104EF0A4ACDD.xBAD JS/Kryptik.I trojan
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Mozilla\Firefox\Profiles\174u8fal.default\cache2\entries\C25179E407B636BD1E8670AA50916F244E050F71.xBAD JS/Kryptik.I trojan
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Mozilla\Firefox\Profiles\174u8fal.default\cache2\entries\F2A4316C607672AA82926923CEC3971907E0F2A5.xBAD JS/Toolbar.Crossrider.B potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Mozilla\Firefox\Profiles\174u8fal.default\cache2\entries\F2A4F3F4EBABF7E1BC2E01189A26269B9B520122.xBAD JS/Kryptik.I trojan
C:\FRST\Quarantine\C\Users\Max\AppData\Local\ospd_us_1014\upospd_us_1014.exe.xBAD a variant of Win32/Adware.EoRezo.AJ application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\ospd_us_1014\Download\majmp_gentleeeuu.exe.xBAD multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\SmartWebApp.exe a variant of Win32/PriceGong.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\SmartWebHelper.exe Win32/Adware.ConvertAd.RC application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\swhk.dll a variant of Win32/PriceGong.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\__u.exe a variant of Win32/PriceGong.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\SmartWeb\SmartWebApp.exe a variant of Win32/PriceGong.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\SmartWeb\SmartWebHelper.exe Win32/Adware.ConvertAd.RC application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\SmartWeb\swhk.dll a variant of Win32/PriceGong.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\SmartWeb\SmartWeb\__u.exe a variant of Win32/PriceGong.C potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\7460.exe.xBAD a variant of Win32/Toolbar.CrossRider.CN potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\9067.exe.xBAD a variant of Win32/Packed.ScrambleWrapper.O potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\bes7A25.exe.xBAD a variant of MSIL/Adware.Imali.A application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\ICReinstall_nss6A1F.tmp.xBAD a variant of Win32/InstallCore.PK potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\ICReinstall_nsx95B2.tmp.xBAD a variant of Win32/InstallCore.PK potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\nsd8879.tmp.xBAD Win32/BrowseFox.AV potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\nsgDF40.tmp.xBAD a variant of Win32/Toolbar.Iminent.K potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\nsi3E52.tmp.xBAD Win32/BrowseFox.AV potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\nsp160B.exe.xBAD a variant of Win32/ClientConnect.A potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\nss6A1F.tmp.xBAD a variant of Win32/InstallCore.PK potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\nss7D93.tmp.xBAD a variant of Win32/InstallMonetizer.BC potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\nsx95B2.tmp.xBAD a variant of Win32/InstallCore.PK potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_70.exe Win32/BrowseFox.AV potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\11.exe a variant of Win32/Adware.EoRezo.AZ application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\150.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\380.exe a variant of Win32/Adware.EoRezo.AZ application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\385.exe a variant of Win32/Adware.EoRezo.AZ application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\392.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\399.exe a variant of Win32/Adware.EoRezo.AZ application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\420.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\436.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_airwebbar_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_AmNuvision_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_boost_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_bubbledock_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_BubbleSound_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_CubepileShopperz_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_infonaut_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_linkey_pariente_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_navright_imali_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_optimizerpro_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_pcrossbrowser_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_pmediaconverter_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_priceless_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_priceless_p_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_pwebbar_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_SByoutube_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_sb_driverupdater_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_secureprotect_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_StormWatch_Boost_Verti_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_superpct_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-C7SHE.tmp\package_superpc_installer_multilang.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-RJEP8.tmp\gentlemjmp_ieeuu.exe.xBAD multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is-V2FKJ.tmp\gentlemjmp_ieeuu.exe multiple threats
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\is45637729\1308283_stp\icc.dll.xBAD a variant of Win32/InstallCore.YX potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\nskAA97.tmp\HTMLTester2.exe Win32/InstallMonetizer.BB potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Local\Temp\nskAA97.tmp\nsPage_LoadOffer.dll a variant of Win32/InstallMonetizer.BC potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\LKVYT.exe.xBAD a variant of Win32/Toolbar.CrossRider.CH potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\P5FrFNBceXRT1W20d5av.exe.xBAD a variant of Win32/Toolbar.CrossRider.CB potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\PcMb9sgy4Hax8V4w.exe.xBAD a variant of Win32/Toolbar.CrossRider.CB potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\XBNK.exe.xBAD a variant of Win32/Toolbar.CrossRider.CH potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1429243423-0000-0000-6C626DB6DAC3\jnsiF0DB.tmp.xBAD Win32/Adware.ConvertAd.GJ application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1429243423-0000-0000-6C626DB6DAC3\nsaB737.tmpfs.xBAD Win32/Adware.ConvertAd.GU application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1429243423-0000-0000-6C626DB6DAC3\00000000-1429243423-0000-0000-6C626DB6DAC3\rnseE713.exe Win32/Adware.ConvertAd.HW application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1429243423-0000-0000-6C626DB6DAC3\00000000-1429243423-0000-0000-6C626DB6DAC3\vnss962E.tmp a variant of Win32/Adware.ConvertAd.KZ.gen application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1430191811-0000-0000-6C626DB6DAC3\jnsp89F0.tmp.xBAD a variant of Win32/Adware.ConvertAd.KF application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1430191811-0000-0000-6C626DB6DAC3\nsr4204.tmpfs.xBAD a variant of Win32/Adware.ConvertAd.KD application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1430191811-0000-0000-6C626DB6DAC3\00000000-1430191811-0000-0000-6C626DB6DAC3\rnsj6D0E.exe a variant of Win32/Adware.ConvertAd.KJ application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1430191811-0000-0000-6C626DB6DAC3\00000000-1430191811-0000-0000-6C626DB6DAC3\vnsh1D9F.tmp a variant of Win32/Adware.ConvertAd.KZ.gen application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1430191812-0000-0000-6C626DB6DAC3\vnsd1F57.tmp a variant of Win32/Adware.ConvertAd.KZ.gen application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1431792690-0000-0000-6C626DB6DAC3\hnse94BF.tmp.xBAD a variant of Win32/Adware.ConvertAd.PA application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1431792690-0000-0000-6C626DB6DAC3\jnse7CDF.tmp.xBAD a variant of Win32/Adware.ConvertAd.OO application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1431792690-0000-0000-6C626DB6DAC3\nss4EDB.tmp.xBAD a variant of Win32/Adware.ConvertAd.OT application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\00000000-1431792690-0000-0000-6C626DB6DAC3\00000000-1431792690-0000-0000-6C626DB6DAC3\vnss3941.tmp a variant of Win32/Adware.ConvertAd.QJ application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\TTSD90021300@PYDKGV101145942.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\veggy@veggyAddon.com\chrome\content\main.js JS/Kryptik.I trojan
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js JS/ShopperPro.A potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF10.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF11.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF12.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF13.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF14.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF15.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF16.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF17.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF18.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF19.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF2.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF20.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF21.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF22.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF23.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF24.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF25.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF26.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF27.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF28.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF4.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF5.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF6.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF7.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF8.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\174u8fal.default\Extensions\{DF617E43-5240-3D21-C902-79D00DCEE789}\components\DatamngrHlpFF9.dll a variant of Win32/Toolbar.SearchSuite.Q potentially unwanted application
C:\FRST\Quarantine\C\Users\Max\Downloads\iain.banks.the.wasp.factory_10924_i53165781_il345.exe.xBAD a variant of Win32/Amonetize.DW potentially unwanted application
C:\FRST\Quarantine\C\Windows\lah.exe.xBAD a variant of Win32/TrojanDownloader.Adcurl.A trojan
C:\FRST\Quarantine\C\Windows\apppatch\apppatch64\VCLdr64.dll_1432269666548.xBAD a variant of Win32/ClientConnect.A potentially unwanted application
C:\FRST\Quarantine\C\Windows\SysFilesController\SysFiles_backup.exe.xBAD a variant of Win32/Packed.Komodia.A potentially unwanted application
C:\FRST\Quarantine\C\Windows\SysHealthController\SysFiles_backup.exe.xBAD a variant of Win32/Packed.Komodia.A potentially unwanted application
C:\FRST\Quarantine\C\Windows\TEMP\1863f8ql.exe.xBAD multiple threats
maximusdowns
Regular Member
 
Posts: 66
Joined: August 4th, 2012, 4:11 pm

Re: Malware and Pop-Ups

Unread postby maximusdowns » May 30th, 2015, 2:13 am

Sorry about that, the eset scan was running when you responded.
maximusdowns
Regular Member
 
Posts: 66
Joined: August 4th, 2012, 4:11 pm

Re: Malware and Pop-Ups

Unread postby Gary R » May 30th, 2015, 11:54 am

OK nothing in your e-set scan that wasn't quarantined by either ADWCleaner or FRST, so it looks like we've got everything. Since you say you're not experiencing any problems, then I assume we've got your computer clean.

So, what we need to do now is clear out the programs we've been using to clean your computer, and that will remove all the quarantined malware items.

Please run Delfix ...

  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Check the following boxes ...
    • Activate UAC
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore

    ... then click on Run.
  • Once it has finished, a notepad file named DelFix.txt will open. Post the contents of this notepad in your next reply.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.


As far as I can see, your computer looks clear of infection now.

Are you still noticing any problems ?
  • If you are let me know about them.
  • If not it's time to make your computer more secure.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection. Please pay particular attention to the section on browsing habits, because from what I've seen in your logs, it's most probably your browsing habits that are responsible for your machine being infected, and changing them is going to be the most effective thing you can do to keep clean in future.

User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Malware and Pop-Ups

Unread postby maximusdowns » June 2nd, 2015, 1:26 pm

Gary,

Sorry for the delay, work has been crazy. Here is my DelFix.txt:

# DelFix v1.010 - Logfile created 02/06/2015 at 10:19:57
# Updated 26/04/2015 by Xplode
# Username : Max - LEVIATHAN
# Operating System : Windows 8.1 Pro (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\Max\Desktop\Addition.txt
Deleted : C:\Users\Max\Desktop\adwcleaner_4.205.exe
Deleted : C:\Users\Max\Desktop\Fixlog.txt
Deleted : C:\Users\Max\Desktop\FRST.txt
Deleted : C:\Users\Max\Desktop\FRST64(1).exe
Deleted : C:\Users\Max\Desktop\JRT(1).exe
Deleted : C:\Users\Max\Desktop\JRT.txt
Deleted : C:\Users\Max\Desktop\Search.txt
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #28 [Windows Update | 05/15/2015 02:21:49]
Deleted : RP #29 [Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 | 05/16/2015 17:15:36]
Deleted : RP #31 [Windows Modules Installer | 05/23/2015 01:39:47]
Deleted : RP #32 [Removed Consumer Input Update Helper | 05/30/2015 04:34:44]

New restore point created !

########## - EOF - ##########


From what I can see, my computer is completely free of problems. I cannot thank you enough for your time and energy in cleaning my system. I know it was difficult, and I appreciate you being willing to stick it out with me. I promise to clean up my web browsing habits. Also, I have recently been accepted into a grad program for computer science. That will keep my busy for the foreseeable future, but once I am done, I will be applying to Malware University. You folks have helped me several times over the years and I feel I should give back. Thank you again for your help, I really appreciate it.

Respectfully,
Max
maximusdowns
Regular Member
 
Posts: 66
Joined: August 4th, 2012, 4:11 pm

Re: Malware and Pop-Ups

Unread postby Gary R » June 2nd, 2015, 5:03 pm

You're welcome Max, glad we got there in the end. Good luck with your computer science course.

Keep safe.

Gary

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 282 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware