Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Proxy hacked


  • This topic is locked This topic is locked
15 replies to this topic

#1 mangus580

mangus580

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:27 AM

Posted 09 April 2015 - 03:07 PM

I managed to click on the WRONG thing yestarday, and have almost everything cleaned up.

 

The one remaining thing that is still kicking my ass, is a registry hack, to change the proxy settings.

 

AdwCleaner can see it, but cant fix it.  I even manually deleted the entry keys, with no luck.  I have also run 

Tweaking.com - Windows Repair

 

with no luck.

 

Attached it the log from AdwCleaner.

 

I should also note, system restore is off.  I have run malwarebytes, hitman, trend housecall, and even used ccleaner at one point on this problem.

 

Adw removes the offending entries, but they come back on a reboot.

 

Any help is greatly appreciated - this mess has me itching to install linux.... if only...

Attached Files



BC AdBot (Login to Remove)

 


m

#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:27 AM

Posted 09 April 2015 - 03:09 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 mangus580

mangus580
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:27 AM

Posted 09 April 2015 - 03:26 PM

Logs attached

Attached Files



#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:27 AM

Posted 09 April 2015 - 04:21 PM

Hi there,
 
Step 1

frst.pngfrstfix.png

Press the w8.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:
    CloseProcesses:
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction 
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction 
    HKU\S-1-5-21-4072213876-1003289956-587678962-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction 
    URLSearchHook: [S-1-5-21-4072213876-1003289956-587678962-1010] ATTENTION ==> Default URLSearchHook is missing.
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-4072213876-1003289956-587678962-1010 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    Toolbar: HKLM-x32 - No Name - {95188727-288F-4581-A48D-EAB3BD027314} -  No File
    Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C -  No File
    RemoveProxy:
    Task: {2F9E3E33-572F-4F6A-8A81-405FD3F33ED3} - \SPBIW_UpdateTask_Time_323238383838303138352d3437415a556c2a3223346c41 No Task File 
    Task: {39107DFE-53B8-496B-89EF-7F0939EBFCBB} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe 
    Task: {65111EAE-D267-4856-BF90-B6FAFBC5D682} - \PastaQuotes No Task File 
    Task: {D7772529-8694-4D65-9453-86D0C6CE4F79} - System32\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__323238383838303138352d3437415a556c2a3223346c41 => Wscript.exe //B "C:\ProgramData\PastaLeadsAgent\startprocess.js" pastaleadss.exe /invoke /f:check_services /l:0
    Task: {FBF0BE2A-E4E9-449B-A320-A4EE5AB28693} - \SMW_UpdateTask_Time_323238383838303138352d3437415a556c2a3223346c41 No Task File 
    AlternateDataStreams: C:\ProgramData\Temp:C2C1A3A4
    C:\ProgramData\PastaLeadsAgent
    C:\Program Files (x86)\ExpressFiles
    EmptyTemp:
    
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

Step 2

v21logo.PNG

Please download and install Malwarebytes Anti-Malware.(NEW VERSION)

  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].

mbamv21.gif

Step 3

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png

  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed, click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

Edited by deeprybka, 09 April 2015 - 04:24 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 mangus580

mangus580
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:27 AM

Posted 10 April 2015 - 10:09 AM

Was I supposed to let Eset fix problems (I didnt)

 

logs attached.

Attached Files



#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:27 AM

Posted 10 April 2015 - 01:51 PM

Please post the ESET Log as instructed.

goGMWSt.gifCRACKED SOFTWARE WARNING

Participating in the use of cracked/pirated/keygen software is not only illegal but also a security riskI do not approve of nor support illegal software.

Malware authors promote and release cracked software to spread their infections. I strongly recommend you refrain from participating in this activity; your computer will be repeatedly infected otherwise. Simply visiting a cracked software site can result in infection via drive-by exploits of vulnerable software.

Cracked software will make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. In some instances an infection may cause so much damage to your system that recovery is not possible and the only option is to reformat your Hard Drive and reinstall your Operating System. Please read the following articles for more information.


Edited by deeprybka, 10 April 2015 - 01:51 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 mangus580

mangus580
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:27 AM

Posted 10 April 2015 - 01:53 PM

eset log was posted above.  I ran it as instructed (without letting it fix)



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:27 AM

Posted 10 April 2015 - 02:56 PM

Please post the log as instructed.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 mangus580

mangus580
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:27 AM

Posted 10 April 2015 - 02:58 PM

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinema_Plus_i2V08.04\17468744-18de-42c2-882d-53a61872487d-4.exe.vir a variant of Win32/Toolbar.CrossRider.CH potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinema_Plus_i2V08.04\17468744-18de-42c2-882d-53a61872487d-5.exe.vir a variant of Win32/Toolbar.CrossRider.CC potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinema_Plus_i2V08.04\17468744-18de-42c2-882d-53a61872487d.xpi.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinema_Plus_i2V08.04\utils.exe.vir a variant of Win32/Packed.VMDetector.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\3463339a-2812-4ff9-8491-760471813ede.xpi.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\utils.exe.vir Win32/Packed.VMDetector.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Lights Cinema 1.3betaV08.04\110f0de9-98c0-4fba-8fc8-b6cf343e9a75-4.exe.vir a variant of Win32/Toolbar.CrossRider.CB potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Lights Cinema 1.3betaV08.04\110f0de9-98c0-4fba-8fc8-b6cf343e9a75-5.exe.vir a variant of Win32/Toolbar.CrossRider.CC potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Lights Cinema 1.3betaV08.04\110f0de9-98c0-4fba-8fc8-b6cf343e9a75.xpi.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Lights Cinema 1.3betaV08.04\utils.exe.vir a variant of Win32/Packed.VMDetector.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\BackupStackUI.dll.vir a variant of MSIL/MyPCBackup.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\Configuration Updater.exe.vir a variant of MSIL/RunElevated.A potentially unsafe application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\MyPC Backup.exe.vir MSIL/MyPCBackup.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\91d63a1a-0bcf-4dcd-be74-45a9fb1f0559.xpi.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ParriceLeSs\4rDZ6eW96yEer5.dll.vir a variant of Win32/Adware.MultiPlug.FL application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ParriceLeSs\4rDZ6eW96yEer5.exe.vir a variant of Win32/BHOUninstaller.AB potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ParriceLeSs\4rDZ6eW96yEer5.x64.dll.vir a variant of Win64/Adware.MultiPlug.G application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Priceless\ImaliBundle.exe.vir a variant of Win32/Adware.Imali.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Extensions\Client.exe.vir a variant of Win32/Adware.iBryte.CD application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Extensions\uninstall.exe.vir a variant of MSIL/Adware.iBryte.G application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\manifest.json.vir JS/ShopperPro.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\SPRemove.exe.vir Win32/SpeedBit.B.gen potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\FireFox\content\overlay.js.vir JS/ShopperPro.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\SourceAppUninstall.exe.vir a variant of Win32/BrowseFox.AO potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\191.dll.vir a variant of Win32/Adware.AddLyrics.DY application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\191_x64.dll.vir a variant of Win64/Adware.AddLyrics.I application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\R3CheckMeUpB03.exe.vir a variant of Win32/Adware.AddLyrics.DW application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\Uninstall.exe.vir a variant of Win32/Adware.AddLyrics.DY application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\x64\TandemRunner.exe.vir a variant of Win64/Adware.AddLyrics.H application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe.vir a variant of Win32/SBWatchman.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\Updater.exe.vir a variant of Win32/ShopperPro.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\YTDownloader.exe.vir a variant of Win32/SBWatchman.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28.js.vir JS/Toolbar.Crossrider.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\973ba634716b4639a1c150b40c@5afc24a09e55466bb60878000.com\extensionData\plugins\91.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js.vir JS/Toolbar.Crossrider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js.vir JS/ShopperPro.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\VOPackage\Uninstall.exe.vir Win32/Adware.ConvertAd.EB application
C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\VOPackage\VOPackage.exe.vir multiple threats
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\21.js JS/Toolbar.Crossrider.F potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\28.js JS/Toolbar.Crossrider.F potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21.js JS/Toolbar.Crossrider.F potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28.js JS/Toolbar.Crossrider.F potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\973ba634716b4639a1c150b40c@5afc24a09e55466bb60878000.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js JS/ShopperPro.A potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\21.js JS/Toolbar.Crossrider.F potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\28.js JS/Toolbar.Crossrider.F potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21.js JS/Toolbar.Crossrider.F potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28.js JS/Toolbar.Crossrider.F potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\973ba634716b4639a1c150b40c@5afc24a09e55466bb60878000.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js JS/ShopperPro.A potentially unwanted application
C:\Users\Mike\AppData\Roaming\B3272F80-1425851292-17DC-9162-352CD5FD0AAD\Uninstall.exe Win32/Adware.ConvertAd.EB application
C:\Users\Mike\AppData\Roaming\B3272F80-1425851292-17DC-9162-352CD5FD0AAD\vnsj3753.tmp multiple threats
C:\Users\Mike\Documents\anywherets_installer\AnywhereTS.msi a variant of Win32/TFTPD32.B potentially unsafe application
C:\Users\Mike\Downloads\activmon.exe Win32/KeyLogger.ActivityMonitor.D application
C:\Users\Mike\Downloads\ccsetup503 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mike\Downloads\ccsetup503 (2).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mike\Downloads\ccsetup503 (3).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mike\Downloads\ccsetup503 (4).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mike\Downloads\ccsetup503.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Mike\Downloads\OffercastInstaller_AVR_U-0090-01-P_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Users\Mike\Downloads\Unconfirmed 101965.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 103107.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 104163.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 10766.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 142394.crdownload a variant of MSIL/Rebrand.LittleRegClean.B potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 143556.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 146674.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 147895.crdownload a variant of Win32/InstallCore.YL potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 152734.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 156901.crdownload a variant of Win32/InstallCore.YN potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 173226.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 180191.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 182944.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 192571.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 193142.crdownload a variant of Win32/Adware.iBryte.CC application
C:\Users\Mike\Downloads\Unconfirmed 195503.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 198361.crdownload multiple threats
C:\Users\Mike\Downloads\Unconfirmed 209592.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 220960.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 226818.crdownload Win32/TrojanDropper.Addrop.C trojan
C:\Users\Mike\Downloads\Unconfirmed 229039.crdownload a variant of Win32/InstallCore.YL potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 233769.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 235738.crdownload a variant of Win32/Adware.iBryte.CC application
C:\Users\Mike\Downloads\Unconfirmed 245655.crdownload a variant of Win32/Adware.iBryte.CC application
C:\Users\Mike\Downloads\Unconfirmed 24902.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 258131.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 264309.crdownload a variant of Win32/Adware.iBryte.CC application
C:\Users\Mike\Downloads\Unconfirmed 266059.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 267519.crdownload a variant of Win32/InstallCore.XB potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 271856.crdownload multiple threats
C:\Users\Mike\Downloads\Unconfirmed 277563.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 281774.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 290104.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 297555.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 300122.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 327409.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 340674.crdownload multiple threats
C:\Users\Mike\Downloads\Unconfirmed 361294.crdownload a variant of Win32/InstallCore.YV potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 362616.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 363507.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 367447.crdownload a variant of Win32/InstallCore.YN potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 369333.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 383055.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 386422.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 390341.crdownload a variant of Win32/InstallCore.YV potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 400757.crdownload a variant of Win32/Adware.iBryte.CC application
C:\Users\Mike\Downloads\Unconfirmed 405590.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 405673.crdownload a variant of Win32/Adware.iBryte.CC application
C:\Users\Mike\Downloads\Unconfirmed 427410.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 432900.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 434056.crdownload a variant of Win32/InstallCore.YN potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 435640.crdownload a variant of Win32/InstallCore.XB potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 439908.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 440393.crdownload multiple threats
C:\Users\Mike\Downloads\Unconfirmed 444582.crdownload a variant of Win32/Adware.iBryte.CC application
C:\Users\Mike\Downloads\Unconfirmed 450081.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 455084.crdownload a variant of Win32/InstallCore.YV potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 455180.crdownload a variant of Win32/InstallCore.YM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 463310.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 463946.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 47213.crdownload a variant of Win32/InstallCore.YV potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 482190.crdownload a variant of Win32/InstallCore.WX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 489109.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 501697.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 502894.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 523552.crdownload a variant of Win32/InstallCore.YN potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 553594.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 559193.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 56091.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 562784.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 570199.crdownload Win32/TrojanDropper.Addrop.C trojan
C:\Users\Mike\Downloads\Unconfirmed 571478.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 586059.crdownload a variant of Win32/InstallCore.YN potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 589101.crdownload multiple threats
C:\Users\Mike\Downloads\Unconfirmed 591086.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 598494.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 600400.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 600979.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 615227.crdownload a variant of Win32/InstallCore.YV potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 615904.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 630926.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 645643.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 654452.crdownload a variant of Win32/InstallCore.XB potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 657803.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 679802.crdownload a variant of Win32/SoftPulse.AA potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 692871.crdownload a variant of Win32/InstallCore.XB potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 697680.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 712768.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 724562.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 743730.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 755111.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 759669.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 764046.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 767824.crdownload a variant of Win32/InstallCore.YL potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 769436.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 776607.crdownload a variant of Win32/Adware.iBryte.CC application
C:\Users\Mike\Downloads\Unconfirmed 779255.crdownload a variant of Win32/InstallCore.YL potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 780806.crdownload a variant of Win32/InstallCore.YV potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 784773.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 794368.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 81365.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 820851.crdownload multiple threats
C:\Users\Mike\Downloads\Unconfirmed 846511.crdownload a variant of Win32/InstallCore.YN potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 849670.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 8643.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 868562.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 872787.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 878890.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 891912.crdownload a variant of Win32/InstallCore.YN potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 904287.crdownload a variant of Win32/SoftPulse.AB potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 905254.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 914013.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 914073.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 914120.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 914408.crdownload a variant of Win32/InstallCore.YV potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 922156.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 924164.crdownload a variant of Win32/Adware.iBryte.CC application
C:\Users\Mike\Downloads\Unconfirmed 927231.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 927707.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 9476.crdownload a variant of Win32/InstallCore.XX potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 962933.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 963264.crdownload a variant of Win32/InstallCore.YV potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 9683.crdownload a variant of Win32/InstallCore.YK potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 992669.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 99464.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 995170.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 995752.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 996267.crdownload a variant of Win32/InstallCore.XM potentially unwanted application
C:\Users\Mike\Downloads\Unconfirmed 999352.crdownload a variant of Win32/InstallCore.YH potentially unwanted application
C:\Users\Mike\Dropbox\amagent.exe Win32/KeyLogger.ActivityMonitor.D application
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll a variant of Win32/Toolbar.Linkury.G potentially unwanted application
D:\Config.Msi\1c9266.rbf a variant of Win32/SweetIM.L potentially unwanted application
D:\Program Files (x86)\VROOT\AppCool.apk Android/Spy.Agent.BN trojan
D:\Program Files (x86)\VROOT\Root.exe a variant of Android/Spy.Agent.BK trojan
D:\Program Files (x86)\WebcamSoft\NetCamCenter\ipcamdog.exe a variant of Win32/Packed.Themida potentially unwanted application
D:\Program Files (x86)\WebcamSoft\NetCamCenter\NetCamCtr.exe a variant of Win32/Packed.Themida potentially unwanted application
D:\Program Files (x86)\WebcamSoft\NetCamCenter\umgr.exe a variant of Win32/Packed.Themida potentially unwanted application
D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\21.js JS/Toolbar.Crossrider.F potentially unwanted application
D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\28.js JS/Toolbar.Crossrider.F potentially unwanted application
D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21.js JS/Toolbar.Crossrider.F potentially unwanted application
D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28.js JS/Toolbar.Crossrider.F potentially unwanted application
D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\973ba634716b4639a1c150b40c@5afc24a09e55466bb60878000.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application
D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js JS/ShopperPro.A potentially unwanted application
D:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx a variant of Win32/SweetIM.L potentially unwanted application
D:\Users\Mike\AppData\Local\Microsoft\Windows\INetCache\IE\ZQHV3S62\grvStubSetup[1].exe a variant of Win32/DealPly.V potentially unwanted application
D:\Users\Mike\Desktop\Desktop Crap\ncc3_x64 - Copy.exe a variant of Win32/Packed.Themida potentially unwanted application
D:\Users\Mike\Desktop\Desktop Crap\ncc3_x64.exe a variant of Win32/Packed.Themida potentially unwanted application
D:\Users\Mike\Desktop\Desktop Crap\xf-adsk64.exe a variant of Win32/Keygen.HA potentially unsafe application
D:\Users\Mike\Desktop\Desktop Crap\VanDyke.SecureCRT.v7.0.0.326-ZWT(x86)\keygen.exe Win32/Keygen.JI potentially unsafe application
D:\Users\Mike\Documents\anywherets_installer\AnywhereTS.msi a variant of Win32/TFTPD32.B potentially unsafe application
D:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll a variant of Win32/Toolbar.Linkury.G potentially unwanted application


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:27 AM

Posted 10 April 2015 - 03:02 PM

That is not the log which is located here:

A log filelog.pngis created at logpath.png


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 mangus580

mangus580
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:27 AM

Posted 10 April 2015 - 03:05 PM

Sorry - i was missing the fact that the file I posted was not the log. 

 

thank you for the clarification.

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0581fdd607eb9745825ce1f01f29115a
# engine=23310
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-04-10 12:39:58
# local_time=2015-04-10 08:39:58 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 5665590 0 0
# scanned=812947
# found=222
# cleaned=0
# scan_time=51262
sh=43B6146FD6BDFF10D03F912F50BBA9AD77783802 ft=1 fh=b3384a5863e8cd0a vn="a variant of Win32/Toolbar.CrossRider.CH potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinema_Plus_i2V08.04\17468744-18de-42c2-882d-53a61872487d-4.exe.vir"
sh=0C27AC01A7D7BB2FA7FBB7C1D2F8CB55104967EA ft=1 fh=119d02a01db238d6 vn="a variant of Win32/Toolbar.CrossRider.CC potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinema_Plus_i2V08.04\17468744-18de-42c2-882d-53a61872487d-5.exe.vir"
sh=077B4F8063B16768563F11E1472B9762E09086D2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinema_Plus_i2V08.04\17468744-18de-42c2-882d-53a61872487d.xpi.vir"
sh=A1EB8792AB0F4D8AC1B08C83FE93036F05DBF923 ft=1 fh=12a6510e32868759 vn="a variant of Win32/Packed.VMDetector.L potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Cinema_Plus_i2V08.04\utils.exe.vir"
sh=BD431CFBE1B3A472907F5BF341B0C7619B0A3F00 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\3463339a-2812-4ff9-8491-760471813ede.xpi.vir"
sh=84529B319B18335206BE1F50C64BB7677ADD8926 ft=1 fh=5d3143677fa1c06a vn="Win32/Packed.VMDetector.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\iWebar\utils.exe.vir"
sh=1345407DDA80FCAC1C820F495BDB46C1D59C81C0 ft=1 fh=b3384a58e8bfda4b vn="a variant of Win32/Toolbar.CrossRider.CB potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Lights Cinema 1.3betaV08.04\110f0de9-98c0-4fba-8fc8-b6cf343e9a75-4.exe.vir"
sh=33A82C9B0AB52F3499814DD44C9DB8EAC2B4F299 ft=1 fh=5997e1348f0f5db4 vn="a variant of Win32/Toolbar.CrossRider.CC potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Lights Cinema 1.3betaV08.04\110f0de9-98c0-4fba-8fc8-b6cf343e9a75-5.exe.vir"
sh=9B1218CDB50D6866D6AFC24ECE08AF72791986A2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Lights Cinema 1.3betaV08.04\110f0de9-98c0-4fba-8fc8-b6cf343e9a75.xpi.vir"
sh=829FDD0ADD0B575551594C8CBAACD12EC4121C0E ft=1 fh=f0b1093504653389 vn="a variant of Win32/Packed.VMDetector.L potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Lights Cinema 1.3betaV08.04\utils.exe.vir"
sh=AAA623029121715DD514658EB72C344C182CE5D4 ft=1 fh=2063f527e15bc225 vn="a variant of MSIL/MyPCBackup.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\BackupStackUI.dll.vir"
sh=192CBAABA0DCF493142342428C7C4CF4E9BB2373 ft=1 fh=f77dc598a5ff0260 vn="a variant of MSIL/RunElevated.A potentially unsafe application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\Configuration Updater.exe.vir"
sh=BAFC87AA0D99C347EA00A77BB09CE78915DF75E5 ft=1 fh=edcb43f436e617cd vn="MSIL/MyPCBackup.E potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\MyPC Backup.exe.vir"
sh=C2480AAB65A1681F8DAB40A89312A0C39F6B97B1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Object Browser\91d63a1a-0bcf-4dcd-be74-45a9fb1f0559.xpi.vir"
sh=9E13D8C35F0FC803DE8D5EA640DC59B87423D6C4 ft=1 fh=c71c0011763b2fee vn="a variant of Win32/Adware.MultiPlug.FL application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ParriceLeSs\4rDZ6eW96yEer5.dll.vir"
sh=5243C981DB18723EBE1529DC20A91625263DA41E ft=1 fh=c71c001179db1e1c vn="a variant of Win32/BHOUninstaller.AB potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ParriceLeSs\4rDZ6eW96yEer5.exe.vir"
sh=1957007E86671625B247BE45384B71508A4D90C9 ft=1 fh=bdb9f8becaffc746 vn="a variant of Win64/Adware.MultiPlug.G application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ParriceLeSs\4rDZ6eW96yEer5.x64.dll.vir"
sh=FC3655396F4DAF1D51FCF3457BB9770380134F1B ft=1 fh=540742e0fc1e55d8 vn="a variant of Win32/Adware.Imali.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Priceless\ImaliBundle.exe.vir"
sh=0F305EBB800B8E3302E250224CDE8690D57BF604 ft=1 fh=c71c0011d8fb35d8 vn="a variant of Win32/Adware.iBryte.CD application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Extensions\Client.exe.vir"
sh=CB0D3CFE7A7FCC126FA9B0E5AF3B0FC7A93E734C ft=1 fh=6a7e46ef8eec4403 vn="a variant of MSIL/Adware.iBryte.G application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Search Extensions\uninstall.exe.vir"
sh=0CACF65C99062D1F6839DA2755D4437B85B98627 ft=0 fh=0000000000000000 vn="JS/ShopperPro.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\manifest.json.vir"
sh=C350D37F067C49962D58D891A8E0CC7FDBFA33F7 ft=1 fh=9fbf6584bd83419c vn="Win32/SpeedBit.B.gen potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\SPRemove.exe.vir"
sh=5C2AF274C2BB1CC81F0D36C71F94C7004D46FEB2 ft=0 fh=0000000000000000 vn="JS/ShopperPro.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\FireFox\content\overlay.js.vir"
sh=290C9DC8289B4A3812933221C38A519203CD990F ft=1 fh=654cf97b239cebc2 vn="a variant of Win32/BrowseFox.AO potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\SourceAppUninstall.exe.vir"
sh=90871424FBC03C4F9110E50B1F29227AE84B233D ft=1 fh=c71c0011bca8dd60 vn="a variant of Win32/Adware.AddLyrics.DY application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\191.dll.vir"
sh=FE3ED9A7B183FF971F6A39E4BCFA0B3A152B6042 ft=1 fh=d7df3f6aabe8da3d vn="a variant of Win64/Adware.AddLyrics.I application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\191_x64.dll.vir"
sh=2DB3CBB7810D2784D67705F365EF5F2A9CACEE19 ft=1 fh=c71c001155ae811b vn="a variant of Win32/Adware.AddLyrics.DW application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\R3CheckMeUpB03.exe.vir"
sh=F57B3F30789DA7BBADC8AC1DDA2C68A4CC32B445 ft=1 fh=007dc35b186b56d7 vn="a variant of Win32/Adware.AddLyrics.DY application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\Uninstall.exe.vir"
sh=9178A29525681983B150CB9E603A4C4446DE1D76 ft=1 fh=df686e1c180d99ed vn="a variant of Win64/Adware.AddLyrics.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\version60CheckMeUp\x64\TandemRunner.exe.vir"
sh=2374F1604AA18E890B515286F7BD027E83064A29 ft=1 fh=812da1e42aacc2d5 vn="a variant of Win32/SBWatchman.F potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe.vir"
sh=06E1605CD4DC0ADD62E87FB18D16A07E1665CCC9 ft=1 fh=e2610d19b50da9a9 vn="a variant of Win32/ShopperPro.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\Updater.exe.vir"
sh=505EE688F14BD0E6A72B2BA365DD5400ED1E63A1 ft=1 fh=5fe470919675293c vn="a variant of Win32/SBWatchman.G potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\YTDownloader.exe.vir"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21.js.vir"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28.js.vir"
sh=99CB6837DFAC23F26B947429A5FC6AEAF7026238 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91.js.vir"
sh=C9D706420374877A0ABE4367811BBF67F10C075D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\973ba634716b4639a1c150b40c@5afc24a09e55466bb60878000.com\extensionData\plugins\91.js.vir"
sh=C9D706420374877A0ABE4367811BBF67F10C075D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js.vir"
sh=5C2AF274C2BB1CC81F0D36C71F94C7004D46FEB2 ft=0 fh=0000000000000000 vn="JS/ShopperPro.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\oryff71c.default-1409533185084\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js.vir"
sh=4DAABE4BB6D6372186B7719E53406FB2ACDB51F2 ft=1 fh=de9ba8cd5fc59751 vn="Win32/Adware.ConvertAd.EB application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\VOPackage\Uninstall.exe.vir"
sh=C651656E1F3D9DCD07556D6CA342831514A7CB69 ft=1 fh=cf331afc602c4b35 vn="multiple threats" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Mike\AppData\Roaming\VOPackage\VOPackage.exe.vir"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\21.js"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\28.js"
sh=99CB6837DFAC23F26B947429A5FC6AEAF7026238 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\91.js"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21.js"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28.js"
sh=99CB6837DFAC23F26B947429A5FC6AEAF7026238 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91.js"
sh=C9D706420374877A0ABE4367811BBF67F10C075D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\973ba634716b4639a1c150b40c@5afc24a09e55466bb60878000.com\extensionData\plugins\91.js"
sh=C9D706420374877A0ABE4367811BBF67F10C075D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js"
sh=5C2AF274C2BB1CC81F0D36C71F94C7004D46FEB2 ft=0 fh=0000000000000000 vn="JS/ShopperPro.A potentially unwanted application" ac=I fn="C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\21.js"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\28.js"
sh=99CB6837DFAC23F26B947429A5FC6AEAF7026238 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\91.js"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21.js"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28.js"
sh=99CB6837DFAC23F26B947429A5FC6AEAF7026238 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91.js"
sh=C9D706420374877A0ABE4367811BBF67F10C075D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\973ba634716b4639a1c150b40c@5afc24a09e55466bb60878000.com\extensionData\plugins\91.js"
sh=C9D706420374877A0ABE4367811BBF67F10C075D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js"
sh=5C2AF274C2BB1CC81F0D36C71F94C7004D46FEB2 ft=0 fh=0000000000000000 vn="JS/ShopperPro.A potentially unwanted application" ac=I fn="C:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js"
sh=4DAABE4BB6D6372186B7719E53406FB2ACDB51F2 ft=1 fh=de9ba8cd5fc59751 vn="Win32/Adware.ConvertAd.EB application" ac=I fn="C:\Users\Mike\AppData\Roaming\B3272F80-1425851292-17DC-9162-352CD5FD0AAD\Uninstall.exe"
sh=C651656E1F3D9DCD07556D6CA342831514A7CB69 ft=1 fh=cf331afc602c4b35 vn="multiple threats" ac=I fn="C:\Users\Mike\AppData\Roaming\B3272F80-1425851292-17DC-9162-352CD5FD0AAD\vnsj3753.tmp"
sh=4C60A5B4F7AF628C6EB0CB510EBAA94C8670039A ft=0 fh=0000000000000000 vn="a variant of Win32/TFTPD32.B potentially unsafe application" ac=I fn="C:\Users\Mike\Documents\anywherets_installer\AnywhereTS.msi"
sh=AABD53B9911BCE2EA6A72F3B8AB0AA6D014A69A7 ft=1 fh=97f8d0e4cf1d37b2 vn="Win32/KeyLogger.ActivityMonitor.D application" ac=I fn="C:\Users\Mike\Downloads\activmon.exe"
sh=976D24D060C8F9B655B5EC01472194B9DA6C190C ft=1 fh=1966d8d77ea974eb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Mike\Downloads\ccsetup503 (1).exe"
sh=976D24D060C8F9B655B5EC01472194B9DA6C190C ft=1 fh=1966d8d77ea974eb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Mike\Downloads\ccsetup503 (2).exe"
sh=976D24D060C8F9B655B5EC01472194B9DA6C190C ft=1 fh=1966d8d77ea974eb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Mike\Downloads\ccsetup503 (3).exe"
sh=976D24D060C8F9B655B5EC01472194B9DA6C190C ft=1 fh=1966d8d77ea974eb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Mike\Downloads\ccsetup503 (4).exe"
sh=976D24D060C8F9B655B5EC01472194B9DA6C190C ft=1 fh=1966d8d77ea974eb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Mike\Downloads\ccsetup503.exe"
sh=F42337E70886DB01977319E632FFB4356003050E ft=1 fh=234eac9709fa404f vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\Users\Mike\Downloads\OffercastInstaller_AVR_U-0090-01-P_.exe"
sh=4E0A6CF897F82100575BA72CE7279CA07376A43C ft=1 fh=0591bcd93e538df4 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 101965.crdownload"
sh=59FBDF871A16CBCF65F73EB28BE87E6C05AE4237 ft=1 fh=0591bcd94db4f75c vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 103107.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 104163.crdownload"
sh=76654EA664E986164A47EAAF306B60B0F5470882 ft=1 fh=09111a51fccad4cc vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 10766.crdownload"
sh=012DEA9F8A03F9F51C4B9CE717CBBA159D7B4F6B ft=1 fh=570a35345102e660 vn="a variant of MSIL/Rebrand.LittleRegClean.B potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 142394.crdownload"
sh=A7E85807B10528753D4D9A550F37309C240161B0 ft=1 fh=6b0bcaad189c601b vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 143556.crdownload"
sh=3301188211A9F68CC3F32D8229CD8BA6BE008F73 ft=1 fh=09111a51478e87e9 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 146674.crdownload"
sh=BE5EB75D4B5AE5AD2E4CFC17B0D95915793F8CFB ft=1 fh=5498de55c831ded2 vn="a variant of Win32/InstallCore.YL potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 147895.crdownload"
sh=9BCD3D18D86719426D00279F990FAB2E272016E3 ft=1 fh=0591bcd9ec422d6e vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 152734.crdownload"
sh=AEA389913A99053BDC99AB9B913614FE8B0DC84F ft=1 fh=d0a7005154c74b72 vn="a variant of Win32/InstallCore.YN potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 156901.crdownload"
sh=D94AFFFB61CED570DB0B6E17045A5C3FA5E4B993 ft=1 fh=16a76100d0c8dbac vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 173226.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 180191.crdownload"
sh=52739C0EB2F61F848C562E3A2220EC48A5F59861 ft=1 fh=6b0bcaad5e545820 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 182944.crdownload"
sh=4E0A6CF897F82100575BA72CE7279CA07376A43C ft=1 fh=0591bcd93e538df4 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 192571.crdownload"
sh=22F2DE1C6BA015B9E47C1BBDC0DA6A614BE21286 ft=1 fh=3bd0d5739b133e68 vn="a variant of Win32/Adware.iBryte.CC application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 193142.crdownload"
sh=91545A519553EFD7D004A1EF0A4B5F307A5AF286 ft=1 fh=d6cc3f3c8ae18501 vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 195503.crdownload"
sh=85C0C5431C2709788E5E543867FCE3BF7785A61C ft=1 fh=1658bb9ebf6737b7 vn="multiple threats" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 198361.crdownload"
sh=9BCD3D18D86719426D00279F990FAB2E272016E3 ft=1 fh=0591bcd9ec422d6e vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 209592.crdownload"
sh=4E0A6CF897F82100575BA72CE7279CA07376A43C ft=1 fh=0591bcd93e538df4 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 220960.crdownload"
sh=834D20B9F8023B3414EE33AB5F40629F1078E07F ft=1 fh=1d83a506096dbeba vn="Win32/TrojanDropper.Addrop.C trojan" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 226818.crdownload"
sh=12453B6034D0C6B8874198019C7D8F68160F1BF5 ft=1 fh=42190a72c904352a vn="a variant of Win32/InstallCore.YL potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 229039.crdownload"
sh=52739C0EB2F61F848C562E3A2220EC48A5F59861 ft=1 fh=6b0bcaad5e545820 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 233769.crdownload"
sh=548AC1FB6B2DF504B9C3B96ECB0F567AAFA8BD71 ft=1 fh=1e1fd598b98b76de vn="a variant of Win32/Adware.iBryte.CC application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 235738.crdownload"
sh=418F18D84C7231BB9DA1C9DEDE204EC0D9C60F04 ft=1 fh=a68dc6f6f552309d vn="a variant of Win32/Adware.iBryte.CC application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 245655.crdownload"
sh=2854C61F407ECA72BFC91F8720218DF51CDC6B84 ft=1 fh=d6cc3f3cb5bc71df vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 24902.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 258131.crdownload"
sh=7CB0F95B7817C4D7A636127D658F845CAF992B5B ft=1 fh=97086cdfb999d465 vn="a variant of Win32/Adware.iBryte.CC application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 264309.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 266059.crdownload"
sh=D0127B7BB8403423803424D5F787687982E1D6F7 ft=1 fh=e15f4f9465279987 vn="a variant of Win32/InstallCore.XB potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 267519.crdownload"
sh=85C0C5431C2709788E5E543867FCE3BF7785A61C ft=1 fh=1658bb9ebf6737b7 vn="multiple threats" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 271856.crdownload"
sh=59FBDF871A16CBCF65F73EB28BE87E6C05AE4237 ft=1 fh=0591bcd94db4f75c vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 277563.crdownload"
sh=D94AFFFB61CED570DB0B6E17045A5C3FA5E4B993 ft=1 fh=16a76100d0c8dbac vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 281774.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 290104.crdownload"
sh=327A6A0E6365D12CFCDA5FA5AF7691DBE2D2BA41 ft=1 fh=16a761009dd80511 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 297555.crdownload"
sh=A7E85807B10528753D4D9A550F37309C240161B0 ft=1 fh=6b0bcaad189c601b vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 300122.crdownload"
sh=5937531C133EF77DAD88CE95B144290462558ABA ft=1 fh=16a76100ca525b46 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 327409.crdownload"
sh=85C0C5431C2709788E5E543867FCE3BF7785A61C ft=1 fh=1658bb9ebf6737b7 vn="multiple threats" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 340674.crdownload"
sh=B3EDBA6FD318510FBB725E533F915FEB642DBF7B ft=1 fh=36350cfd780956d9 vn="a variant of Win32/InstallCore.YV potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 361294.crdownload"
sh=BDAB6E6E22ED2AD544D1BCFE412279FC5C545791 ft=1 fh=09111a515698b100 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 362616.crdownload"
sh=BE476A241FC59196E2EAC77F06D5F4EF9EB39C91 ft=1 fh=d6cc3f3c741e88db vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 363507.crdownload"
sh=F10071D66732278725694E67F652DD146F079228 ft=1 fh=d0a700518865e174 vn="a variant of Win32/InstallCore.YN potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 367447.crdownload"
sh=69D47078FB85113913169215B4DB2B660C3DB5D5 ft=1 fh=16a761000afbc026 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 369333.crdownload"
sh=3301188211A9F68CC3F32D8229CD8BA6BE008F73 ft=1 fh=09111a51478e87e9 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 383055.crdownload"
sh=327A6A0E6365D12CFCDA5FA5AF7691DBE2D2BA41 ft=1 fh=16a761009dd80511 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 386422.crdownload"
sh=30A6D7F0A495FF20899D9704F2469A8CC308370E ft=1 fh=94df96d16ce558da vn="a variant of Win32/InstallCore.YV potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 390341.crdownload"
sh=AA092181E62206430CC6AF3D93E0BB7C806918F2 ft=1 fh=92bae5f8a543c6dd vn="a variant of Win32/Adware.iBryte.CC application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 400757.crdownload"
sh=5F80618756023B56271FEFF693B2D462FA1180BA ft=1 fh=a6f4c53343ebc11d vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 405590.crdownload"
sh=560500491D686181C0E2E0E7A873DA85930E1CBA ft=1 fh=2a6fd3de57ce5757 vn="a variant of Win32/Adware.iBryte.CC application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 405673.crdownload"
sh=4E0A6CF897F82100575BA72CE7279CA07376A43C ft=1 fh=0591bcd93e538df4 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 427410.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 432900.crdownload"
sh=57FFCBF2CBF54F940F629030A74DEA2B9E9C62E4 ft=1 fh=d0a70051c34ce6c0 vn="a variant of Win32/InstallCore.YN potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 434056.crdownload"
sh=AF00F2512B0F3AD1F919F443EA1E1A9138C96659 ft=1 fh=f39ddc4e3e1b359d vn="a variant of Win32/InstallCore.XB potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 435640.crdownload"
sh=59FBDF871A16CBCF65F73EB28BE87E6C05AE4237 ft=1 fh=0591bcd94db4f75c vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 439908.crdownload"
sh=85C0C5431C2709788E5E543867FCE3BF7785A61C ft=1 fh=1658bb9ebf6737b7 vn="multiple threats" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 440393.crdownload"
sh=1493CC7EE3C69950F9B47D141EE54A1DBE91495E ft=1 fh=0e615a3bb2ae2649 vn="a variant of Win32/Adware.iBryte.CC application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 444582.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 450081.crdownload"
sh=0674CE9FDEA66C48B16BEB72A1DBD4755D0EAF01 ft=1 fh=94df96d111056b1f vn="a variant of Win32/InstallCore.YV potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 455084.crdownload"
sh=AAFB9EA933A3FCDD13E715D4CE1138864F83BF29 ft=1 fh=d83d57665180b878 vn="a variant of Win32/InstallCore.YM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 455180.crdownload"
sh=4E0A6CF897F82100575BA72CE7279CA07376A43C ft=1 fh=0591bcd93e538df4 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 463310.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 463946.crdownload"
sh=E85601AB5E132A9695B0FC42F6B48028C3BBC9D7 ft=1 fh=36350cfdd4f2b83e vn="a variant of Win32/InstallCore.YV potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 47213.crdownload"
sh=4D883D1846243427215F46F12B1B737B99696322 ft=1 fh=365e6f8bd6612bb0 vn="a variant of Win32/InstallCore.WX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 482190.crdownload"
sh=91545A519553EFD7D004A1EF0A4B5F307A5AF286 ft=1 fh=d6cc3f3c8ae18501 vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 489109.crdownload"
sh=2854C61F407ECA72BFC91F8720218DF51CDC6B84 ft=1 fh=d6cc3f3cb5bc71df vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 501697.crdownload"
sh=3301188211A9F68CC3F32D8229CD8BA6BE008F73 ft=1 fh=09111a51478e87e9 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 502894.crdownload"
sh=1E4A1706F2D0CA66D42CF3DBD3EFCA7C890D9354 ft=1 fh=d0a70051f919a230 vn="a variant of Win32/InstallCore.YN potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 523552.crdownload"
sh=76654EA664E986164A47EAAF306B60B0F5470882 ft=1 fh=09111a51fccad4cc vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 553594.crdownload"
sh=BDAB6E6E22ED2AD544D1BCFE412279FC5C545791 ft=1 fh=09111a515698b100 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 559193.crdownload"
sh=D94AFFFB61CED570DB0B6E17045A5C3FA5E4B993 ft=1 fh=16a76100d0c8dbac vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 56091.crdownload"
sh=FC02648786608D06EE60C8D7B978C08A45D9CCB2 ft=1 fh=09111a5176e02ffa vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 562784.crdownload"
sh=38CF8875BE884713DF5967FDC181FB24286B087D ft=1 fh=a312d250fa216ece vn="Win32/TrojanDropper.Addrop.C trojan" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 570199.crdownload"
sh=76654EA664E986164A47EAAF306B60B0F5470882 ft=1 fh=09111a51fccad4cc vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 571478.crdownload"
sh=8128920A103EC745E30E4D5E9C43D0011E78AFEE ft=1 fh=d0a70051b0465e1b vn="a variant of Win32/InstallCore.YN potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 586059.crdownload"
sh=85C0C5431C2709788E5E543867FCE3BF7785A61C ft=1 fh=1658bb9ebf6737b7 vn="multiple threats" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 589101.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 591086.crdownload"
sh=52739C0EB2F61F848C562E3A2220EC48A5F59861 ft=1 fh=6b0bcaad5e545820 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 598494.crdownload"
sh=2D057728762126CE38F8B5F5E984FEDFEA8BD874 ft=1 fh=16a76100b8e8d876 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 600400.crdownload"
sh=52739C0EB2F61F848C562E3A2220EC48A5F59861 ft=1 fh=6b0bcaad5e545820 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 600979.crdownload"
sh=E85601AB5E132A9695B0FC42F6B48028C3BBC9D7 ft=1 fh=36350cfdd4f2b83e vn="a variant of Win32/InstallCore.YV potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 615227.crdownload"
sh=2854C61F407ECA72BFC91F8720218DF51CDC6B84 ft=1 fh=d6cc3f3cb5bc71df vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 615904.crdownload"
sh=A7E85807B10528753D4D9A550F37309C240161B0 ft=1 fh=6b0bcaad189c601b vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 630926.crdownload"
sh=4E0A6CF897F82100575BA72CE7279CA07376A43C ft=1 fh=0591bcd93e538df4 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 645643.crdownload"
sh=37E1CDB8EFAADC91B0805D4D0C28216B98A5B2DF ft=1 fh=f39ddc4ee624b85c vn="a variant of Win32/InstallCore.XB potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 654452.crdownload"
sh=327A6A0E6365D12CFCDA5FA5AF7691DBE2D2BA41 ft=1 fh=16a761009dd80511 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 657803.crdownload"
sh=2BC29049B561A504463C3F6F81A0137B5365799B ft=1 fh=9197e3d41350f40b vn="a variant of Win32/SoftPulse.AA potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 679802.crdownload"
sh=AFA467C4B3DDF9531B1F20EF0A6ADCCAD9155758 ft=1 fh=f39ddc4ed77560f7 vn="a variant of Win32/InstallCore.XB potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 692871.crdownload"
sh=28D987777D37EF0B0005C9654425AE2E9CC2BCED ft=1 fh=16a761001ea0774e vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 697680.crdownload"
sh=D94AFFFB61CED570DB0B6E17045A5C3FA5E4B993 ft=1 fh=16a76100d0c8dbac vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 712768.crdownload"
sh=A3FE12406ED1E3F1EA9E2AFF5A986D19DB5DC6C7 ft=1 fh=16a761004e102544 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 724562.crdownload"
sh=FC02648786608D06EE60C8D7B978C08A45D9CCB2 ft=1 fh=09111a5176e02ffa vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 743730.crdownload"
sh=327A6A0E6365D12CFCDA5FA5AF7691DBE2D2BA41 ft=1 fh=16a761009dd80511 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 755111.crdownload"
sh=BDAB6E6E22ED2AD544D1BCFE412279FC5C545791 ft=1 fh=09111a515698b100 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 759669.crdownload"
sh=91545A519553EFD7D004A1EF0A4B5F307A5AF286 ft=1 fh=d6cc3f3c8ae18501 vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 764046.crdownload"
sh=8D571200AC5D24A2B7B200D49506E41FF304990D ft=1 fh=f78b373c32ca03c8 vn="a variant of Win32/InstallCore.YL potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 767824.crdownload"
sh=FC02648786608D06EE60C8D7B978C08A45D9CCB2 ft=1 fh=09111a5176e02ffa vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 769436.crdownload"
sh=2CCB34DB18BBDA41B452DD358DE247E805BB0029 ft=1 fh=61f3054a7bc5d94b vn="a variant of Win32/Adware.iBryte.CC application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 776607.crdownload"
sh=8D571200AC5D24A2B7B200D49506E41FF304990D ft=1 fh=f78b373c32ca03c8 vn="a variant of Win32/InstallCore.YL potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 779255.crdownload"
sh=E85601AB5E132A9695B0FC42F6B48028C3BBC9D7 ft=1 fh=36350cfdd4f2b83e vn="a variant of Win32/InstallCore.YV potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 780806.crdownload"
sh=5F80618756023B56271FEFF693B2D462FA1180BA ft=1 fh=a6f4c53343ebc11d vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 784773.crdownload"
sh=27414591B786FFB0D342E1E6CC2A1CAC9D0F8613 ft=1 fh=b12ef4309fbf5309 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 794368.crdownload"
sh=9BCD3D18D86719426D00279F990FAB2E272016E3 ft=1 fh=0591bcd9ec422d6e vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 81365.crdownload"
sh=85C0C5431C2709788E5E543867FCE3BF7785A61C ft=1 fh=1658bb9ebf6737b7 vn="multiple threats" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 820851.crdownload"
sh=1D820FE0F53734978A4287CE94918BB4667DAEE8 ft=1 fh=d0a700514ce4422d vn="a variant of Win32/InstallCore.YN potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 846511.crdownload"
sh=D94AFFFB61CED570DB0B6E17045A5C3FA5E4B993 ft=1 fh=16a76100d0c8dbac vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 849670.crdownload"
sh=36926BA2C8E5C778707B0E196B5335A29AFE93D0 ft=1 fh=c9d8d8beb915c1ff vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 8643.crdownload"
sh=C5279626FB7E772788810CFFC6F0BB1DCF96CFBE ft=1 fh=c9d8d8be611f6b9a vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 868562.crdownload"
sh=4E0A6CF897F82100575BA72CE7279CA07376A43C ft=1 fh=0591bcd93e538df4 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 872787.crdownload"
sh=2854C61F407ECA72BFC91F8720218DF51CDC6B84 ft=1 fh=d6cc3f3cb5bc71df vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 878890.crdownload"
sh=1D820FE0F53734978A4287CE94918BB4667DAEE8 ft=1 fh=d0a700514ce4422d vn="a variant of Win32/InstallCore.YN potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 891912.crdownload"
sh=7A5A23776BE03C48D73CDAD5DADFEE61391F22F8 ft=1 fh=da698ff445b59989 vn="a variant of Win32/SoftPulse.AB potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 904287.crdownload"
sh=4E0A6CF897F82100575BA72CE7279CA07376A43C ft=1 fh=0591bcd93e538df4 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 905254.crdownload"
sh=967DF43E9DE76C8E4719C78200292A6097813006 ft=1 fh=d6cc3f3c11abbda1 vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 914013.crdownload"
sh=2854C61F407ECA72BFC91F8720218DF51CDC6B84 ft=1 fh=d6cc3f3cb5bc71df vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 914073.crdownload"
sh=327A6A0E6365D12CFCDA5FA5AF7691DBE2D2BA41 ft=1 fh=16a761009dd80511 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 914120.crdownload"
sh=E85601AB5E132A9695B0FC42F6B48028C3BBC9D7 ft=1 fh=36350cfdd4f2b83e vn="a variant of Win32/InstallCore.YV potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 914408.crdownload"
sh=7C55B05BF93510EC9874B2F82F1C1F823709371E ft=1 fh=09111a51019dade3 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 922156.crdownload"
sh=C2443F4011A5B57445758FD105D3DDBFD5A6D0D3 ft=1 fh=25ac7dc7d6674d38 vn="a variant of Win32/Adware.iBryte.CC application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 924164.crdownload"
sh=91545A519553EFD7D004A1EF0A4B5F307A5AF286 ft=1 fh=d6cc3f3c8ae18501 vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 927231.crdownload"
sh=A7E85807B10528753D4D9A550F37309C240161B0 ft=1 fh=6b0bcaad189c601b vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 927707.crdownload"
sh=115F20B1EBD285950AEED608C8DE72A75F8378FB ft=1 fh=6b0bcaadb5bc5c22 vn="a variant of Win32/InstallCore.XX potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 9476.crdownload"
sh=28D987777D37EF0B0005C9654425AE2E9CC2BCED ft=1 fh=16a761001ea0774e vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 962933.crdownload"
sh=E85601AB5E132A9695B0FC42F6B48028C3BBC9D7 ft=1 fh=36350cfdd4f2b83e vn="a variant of Win32/InstallCore.YV potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 963264.crdownload"
sh=A3FE12406ED1E3F1EA9E2AFF5A986D19DB5DC6C7 ft=1 fh=16a761004e102544 vn="a variant of Win32/InstallCore.YK potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 9683.crdownload"
sh=3301188211A9F68CC3F32D8229CD8BA6BE008F73 ft=1 fh=09111a51478e87e9 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 992669.crdownload"
sh=BDAB6E6E22ED2AD544D1BCFE412279FC5C545791 ft=1 fh=09111a515698b100 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 99464.crdownload"
sh=3301188211A9F68CC3F32D8229CD8BA6BE008F73 ft=1 fh=09111a51478e87e9 vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 995170.crdownload"
sh=2854C61F407ECA72BFC91F8720218DF51CDC6B84 ft=1 fh=d6cc3f3cb5bc71df vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 995752.crdownload"
sh=76654EA664E986164A47EAAF306B60B0F5470882 ft=1 fh=09111a51fccad4cc vn="a variant of Win32/InstallCore.XM potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 996267.crdownload"
sh=2854C61F407ECA72BFC91F8720218DF51CDC6B84 ft=1 fh=d6cc3f3cb5bc71df vn="a variant of Win32/InstallCore.YH potentially unwanted application" ac=I fn="C:\Users\Mike\Downloads\Unconfirmed 999352.crdownload"
sh=0D918CE46BF890358FAB134B84729434E878741D ft=1 fh=693892f87097a11e vn="Win32/KeyLogger.ActivityMonitor.D application" ac=I fn="C:\Users\Mike\Dropbox\amagent.exe"
sh=B1A68C4BD7D8782CEE180580311081F423E8638B ft=1 fh=b0d19998d0be5414 vn="a variant of Win32/Toolbar.Linkury.G potentially unwanted application" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=A50D4E8729EC3B275F6AFD9EE573E2A28546F01D ft=1 fh=b0987145db4c1583 vn="a variant of Win32/SweetIM.L potentially unwanted application" ac=I fn="D:\Config.Msi\1c9266.rbf"
sh=95481803F6507E6C6C4ACBA86424A334613A0AC0 ft=0 fh=0000000000000000 vn="Android/Spy.Agent.BN trojan" ac=I fn="D:\Program Files (x86)\VROOT\AppCool.apk"
sh=125FFA0773B531648491232706689A00BA27FD0B ft=1 fh=9961fe3e268fbf6f vn="a variant of Android/Spy.Agent.BK trojan" ac=I fn="D:\Program Files (x86)\VROOT\Root.exe"
sh=7E55C013C54DCDB07F895DB51A687A113DC2D08E ft=1 fh=51c6dbfd4afce3c9 vn="a variant of Win32/Packed.Themida potentially unwanted application" ac=I fn="D:\Program Files (x86)\WebcamSoft\NetCamCenter\ipcamdog.exe"
sh=29766421443573A8F8FC20EC9DFA669D87E6D68D ft=1 fh=101649fd302cd62b vn="a variant of Win32/Packed.Themida potentially unwanted application" ac=I fn="D:\Program Files (x86)\WebcamSoft\NetCamCenter\NetCamCtr.exe"
sh=C16E6FF2DAC12F0E0CDB712CE327D129975A8741 ft=1 fh=af47aaaa68a28adc vn="a variant of Win32/Packed.Themida potentially unwanted application" ac=I fn="D:\Program Files (x86)\WebcamSoft\NetCamCenter\umgr.exe"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\21.js"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\28.js"
sh=99CB6837DFAC23F26B947429A5FC6AEAF7026238 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\14fef81ee28d4335a493c2d@6383fd42ff9b4872bccb5b.com\extensionData\plugins\91.js"
sh=3D8FEB274B1F910633E0EE3966A82AE9DCBD406A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\21.js"
sh=A61F2AB2BDA3DF4EA26FB96BFA4BAA4BEFA99E6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F potentially unwanted application" ac=I fn="D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\28.js"
sh=99CB6837DFAC23F26B947429A5FC6AEAF7026238 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com\extensionData\plugins\91.js"
sh=C9D706420374877A0ABE4367811BBF67F10C075D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\973ba634716b4639a1c150b40c@5afc24a09e55466bb60878000.com\extensionData\plugins\91.js"
sh=C9D706420374877A0ABE4367811BBF67F10C075D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B potentially unwanted application" ac=I fn="D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js"
sh=5C2AF274C2BB1CC81F0D36C71F94C7004D46FEB2 ft=0 fh=0000000000000000 vn="JS/ShopperPro.A potentially unwanted application" ac=I fn="D:\Users\All Users\Kaspersky Lab\SafeBrowser\S-1-5-21-4072213876-1003289956-587678962-1002\FireFox\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}\content\overlay.js"
sh=95ADC7925C2BB20FACE637E7031972F8E208FA33 ft=0 fh=0000000000000000 vn="a variant of Win32/SweetIM.L potentially unwanted application" ac=I fn="D:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx"
sh=7BC7D9514061F0D479A2CB92B302F4E28602A944 ft=1 fh=e9b5419f75ebe7ab vn="a variant of Win32/DealPly.V potentially unwanted application" ac=I fn="D:\Users\Mike\AppData\Local\Microsoft\Windows\INetCache\IE\ZQHV3S62\grvStubSetup[1].exe"
sh=C9E5FDA800A5384CBC56D035AEF8943556AE6744 ft=1 fh=9dd891cb07cc49db vn="a variant of Win32/Packed.Themida potentially unwanted application" ac=I fn="D:\Users\Mike\Desktop\Desktop Crap\ncc3_x64 - Copy.exe"
sh=C9E5FDA800A5384CBC56D035AEF8943556AE6744 ft=1 fh=9dd891cb07cc49db vn="a variant of Win32/Packed.Themida potentially unwanted application" ac=I fn="D:\Users\Mike\Desktop\Desktop Crap\ncc3_x64.exe"
sh=BC7F6756E76FAF672ED4C176B2DFC2CEDE7DC8CA ft=1 fh=894a45bc0255cd5b vn="a variant of Win32/Keygen.HA potentially unsafe application" ac=I fn="D:\Users\Mike\Desktop\Desktop Crap\xf-adsk64.exe"
sh=C81F84FFE41E463DB2680D53A83DE1F166A1B435 ft=1 fh=9a8713fa27521a62 vn="Win32/Keygen.JI potentially unsafe application" ac=I fn="D:\Users\Mike\Desktop\Desktop Crap\VanDyke.SecureCRT.v7.0.0.326-ZWT(x86)\keygen.exe"
sh=4C60A5B4F7AF628C6EB0CB510EBAA94C8670039A ft=0 fh=0000000000000000 vn="a variant of Win32/TFTPD32.B potentially unsafe application" ac=I fn="D:\Users\Mike\Documents\anywherets_installer\AnywhereTS.msi"
sh=B1A68C4BD7D8782CEE180580311081F423E8638B ft=1 fh=b0d19998d0be5414 vn="a variant of Win32/Toolbar.Linkury.G potentially unwanted application" ac=I fn="D:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"



#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:27 AM

Posted 10 April 2015 - 03:11 PM

Which files you want to keep?


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 mangus580

mangus580
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:27 AM

Posted 10 April 2015 - 09:33 PM

Looks like I can delete everything in the list.



#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:27 AM

Posted 11 April 2015 - 09:51 AM

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.
Attached File  fixlist.txt   8.46KB   1 downloads

After the Reboot:

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.
How is the computer running? Are there any problems left?
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:27 AM

Posted 14 April 2015 - 03:32 PM

Hi,

3 Day Inactivity

this is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users