Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chrome won't open and physical memory too high


  • Please log in to reply
15 replies to this topic

#1 snapjaw

snapjaw

  • Members
  • 72 posts
  • OFFLINE
  •  

Posted 22 December 2015 - 11:12 PM

My computer was at 90% physical memory usage and was acting very slow. I did a system restore to 12-9-15 when I did not have this problem. Now google Chrome won't open and my physical memory usage is still pretty high, 59%. Internet explorer works but I get a script error popup when I hit the delete key or go to any webpage.

 

And in task manager I keep seeing many instances of weird processes like rundll or conhost.exe or "flashutil64_16_0_0_235_activex.exe". I tried closing them but they keep reopening. Any help would be greatly appreciated because I'm pretty sure I have some kind of malware.

 

 

My PC specs

Windows 7 Home Premium 64 bit
Intel Core i5-2500K CPU @ 3.30 GHz
4 GB RAM
Evga Geforce GTX 580



BC AdBot (Login to Remove)

 


#2 snapjaw

snapjaw
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  

Posted 22 December 2015 - 11:36 PM

Also malwarebytes wont open. I ran malwarebytes chameleon next but that said it was unable to start the scan.

Edited by snapjaw, 22 December 2015 - 11:37 PM.


#3 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:41 AM

Posted 23 December 2015 - 07:28 AM

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

 http://nicolascoolman.com/download/zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.



#4 snapjaw

snapjaw
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  

Posted 02 January 2016 - 11:50 PM

Hey sorry about the delay, holidays got me busy. I ran all the tools and will post the log files but I couldn't get the Adware Removal log. It ran and removed like 21 files but the log never popped up. Anyways here are the logs.

 

 

 

Adwcleaner

# AdwCleaner v4.203 - Logfile created 02/01/2016 at 20:43:51
# Updated 30/04/2015 by Xplode
# Database : 2015-12-30.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : KW - KEVIN-PC
# Running from : C:\Users\KW\Downloads\Applications\Antivirus\Adware Cleaner\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\KW\AppData\Local\DriverToolkit
File Deleted : C:\Users\KW\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\KW\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TornTvDownloader.File
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Key Deleted : HKCU\Software\DriverToolkit
Key Deleted : HKCU\Software\Yahoo\Companion
Key Deleted : HKCU\Software\Yahoo\YFriendsBar
Key Deleted : HKCU\Software\WEBAPP
Key Deleted : HKCU\Software\AppDataLow\Software\Yahoo\Companion
Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
Key Deleted : HKU\.DEFAULT\Software\Yahoo\Companion
Key Deleted : HKU\.DEFAULT\Software\Yahoo\YFriendsBar

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.18124

-\\ Mozilla Firefox v34.0.5 (x86 en-US)

-\\ Google Chrome v47.0.2526.106

[C:\Users\KW\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\KW\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

-\\ Chromium v

*************************

AdwCleaner[R2].txt - [4046 bytes] - [02/01/2016 20:41:42]
AdwCleaner[R3].txt - [4105 bytes] - [02/01/2016 20:43:09]
AdwCleaner[S2].txt - [3919 bytes] - [02/01/2016 20:43:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3978  bytes] ##########

 

 

Junkware removal tool

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by KW on Sat 01/02/2016 at 20:48:18.22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\DriverToolkit Autorun.job
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-34B1B1C5.pf

 

~~~ Folders

 

~~~ FireFox

Emptied folder: C:\Users\KW\AppData\Roaming\mozilla\firefox\profiles\kfpcf5c9.default\minidumps [4 files]

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/02/2016 at 20:51:19.89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Zhp Cleaner

~ ZHPCleaner v2016.1.1.1 by Nicolas Coolman (2016/01/01)
~ Run by KW (Administrator)  (02/01/2016 21:15:34)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\KW\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\KW\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

---\\  Services (0)
~ No malicious or unnecessary items found.

---\\  Browser internet (0)
~ No malicious or unnecessary items found.

---\\  Hosts file (1)
~ The hosts file is legitimate (22)

---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\  Explorer ( File, Folder) (1)
MOVED folder: C:\Users\KW\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>PUP.Optional.DomaIQ

---\\  Registry ( Key, Value, Data) (6)
DELETED key*: HKEY_USERS\S-1-5-21-1995585355-2568222046-1999612799-1002\SOFTWARE\Classes\TornTvDownloader.File [TornTvDownloader.torrent File]  =>PUP.Optional.TornTV
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\soundcloud.com []  =>PUP.Optional.Multiplug
DELETED key*: [X64] HKLM\SOFTWARE\Classes\setup.player.2k2 [InstallShield Setup Player V11]  =>PUP.Optional.MarketScore
DELETED key*: [X64] HKLM\SOFTWARE\Classes\setup.player [InstallShield Setup Player V11]  =>PUP.Optional.MarketScore
DELETED key*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Driver Manager []  =>PUP.Optional.DriverManager
DELETED key*: HKCU\SOFTWARE\A77F776E2B33A8D []  =>Hijacker.Browser

---\\  Summary of the elements found (6)
http://www.nicolascoolman.fr/?p=679  =>PUP.Optional.DomaIQ
http://www.nicolascoolman.fr/?p=290  =>PUP.Optional.TornTV
http://www.nicolascoolman.fr/?p=1402  =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.MarketScore
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.DriverManager
http://www.nicolascoolman.fr/?p=4664  =>Hijacker.Browser

---\\  Other deletions. (3)
~ Registry Keys Tracing deleted (3)
~ Remove the old reports ZHPCleaner. (0)

---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Opera Software)

---\\ Statistics
~ Items scanned : 561
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 7

~ End of clean in 00h00mn11s
===================
ZHPCleaner-[R]-02012016-21_15_45.txt
ZHPCleaner-[S]-02012016-21_13_40.txt

 

 

 

Zemana

Zemana AntiMalware 2.19.2.797 (Installed)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016/1/2
Operating System       : Windows 7 64-bit
Processor              : 4X Intel® Core™ i5-2500K CPU @ 3.30GHz
BIOS Mode              : Legacy
CUID                   : 0033528534AADE465E5562
Scan Type              : Deep Scan
Duration               : 83m 42s
Scanned Objects        : 695293
Detected Objects       : 112
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Yes
Include All Extensions : No
Scan Documents         : No
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Internet Explorer URL
Status             : Scanned
Object             : www.magicmicro.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Traces             :
                Browser Setting - Internet Explorer URL

WOT: Web of Trust, Website Reputation Ratings
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\bhmmomiinigofkjcapegjjndpbikblnp\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\bhmmomiinigofkjcapegjjndpbikblnp\howto_recover_file_mbeso.html
                Browser Extension - WOT: Web of Trust, Website Reputation Ratings

WOT: Web of Trust, Website Reputation Ratings
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\bhmmomiinigofkjcapegjjndpbikblnp\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\bhmmomiinigofkjcapegjjndpbikblnp\howto_recover_file_wkbap.html
                Browser Extension - WOT: Web of Trust, Website Reputation Ratings

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_tw\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_tw\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_tw\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_tw\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_cn\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_cn\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_cn\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\zh_cn\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\uk\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\vi\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\tr\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sr\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sv\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\th\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sk\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\sl\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ru\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_br\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_br\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_br\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_br\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_pt\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_pt\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_pt\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pt_pt\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ro\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\pl\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nl\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\nb\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ko\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lt\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\lv\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\it\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ja\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\id\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hu\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fi\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fil\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\fr\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hi\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\hr\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_gb\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_gb\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_gb\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en_gb\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\es_419\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\et\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\en\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\el\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\de\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\bg\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\ca\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\cs\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales\da\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css\howto_recover_file_wkbap.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css\howto_recover_file_wkbap.html
                Browser Extension - Chrome Web Store Payments

Chrome Web Store Payments
Status             : Scanned
Object             : %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css\howto_recover_file_mbeso.html
MD5                : 39798A0D98BA7EDE7EB4466B83114372
Publisher          : -
Size               : 5701
Version            : -
Detection          : RansomWare:Win32/CryptoLocker.Gen
Cleaning Action    : Repair
Traces             :
                File - %7zsfxfolder28%\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css\howto_recover_file_mbeso.html
                Browser Extension - Chrome Web Store Payments

steamclient64.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad.max.crack.v3.only\steamclient64.dll
MD5                : 146DEC55C7E5C4CCF6C68C2271420313
Publisher          : -
Size               : 94208
Version            : -
Detection          : TrojanCryptor:Win32/Generic
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad.max.crack.v3.only\steamclient64.dll

3dmgame.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad.max.crack.v3.only\3dmgame.dll
MD5                : D7E7F13F92D79C365EB341707AAF3613
Publisher          : -
Size               : 270848
Version            : -
Detection          : TrojanCryptor:Win32/Generic
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad.max.crack.v3.only\3dmgame.dll

steamclient64.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad.max.crack.v3&crashfix\crack\steamclient64.dll
MD5                : 146DEC55C7E5C4CCF6C68C2271420313
Publisher          : -
Size               : 94208
Version            : -
Detection          : TrojanCryptor:Win32/Generic
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad.max.crack.v3&crashfix\crack\steamclient64.dll

3dmgame.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad.max.crack.v3&crashfix\crack\3dmgame.dll
MD5                : D7E7F13F92D79C365EB341707AAF3613
Publisher          : -
Size               : 270848
Version            : -
Detection          : TrojanCryptor:Win32/Generic
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad.max.crack.v3&crashfix\crack\3dmgame.dll

steamclient64.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad max crack v2 3dm games\steamclient64.dll
MD5                : 5493429646CDC10FF7BB69F7888FF269
Publisher          : -
Size               : 92672
Version            : -
Detection          : TrojanCryptor:Win32/Generic
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad max crack v2 3dm games\steamclient64.dll

3dmgame.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad max crack v2 3dm games\3dmgame.dll
MD5                : 19A20D4C2B9E079710BBE6A6764BB470
Publisher          : -
Size               : 260608
Version            : -
Detection          : PUA:Win32/SoftCrack.Gen
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad max crack v2 3dm games\3dmgame.dll

steamclient64.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad max crack\steamclient64.dll
MD5                : C938F3B95F119E522B570ED82BFEE9A9
Publisher          : -
Size               : 116736
Version            : -
Detection          : TrojanCryptor:Win32/Generic
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad max crack\steamclient64.dll

3dmgame.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad max crack\3dmgame.dll
MD5                : DFADBA62D934746DF0D38B520A16D7A4
Publisher          : -
Size               : 209920
Version            : -
Detection          : PUA:Win32/SoftCrack.Gen
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad max crack\3dmgame.dll

steamclient64.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad max\steamclient64.dll
MD5                : 146DEC55C7E5C4CCF6C68C2271420313
Publisher          : -
Size               : 94208
Version            : -
Detection          : TrojanCryptor:Win32/Generic
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad max\steamclient64.dll

3dmgame.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\mad max\3dmgame.dll
MD5                : D7E7F13F92D79C365EB341707AAF3613
Publisher          : -
Size               : 270848
Version            : -
Detection          : TrojanCryptor:Win32/Generic
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\mad max\3dmgame.dll

play-l4d2-windowed.exe
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\install directory\left 4 dead 2\play-l4d2-windowed.exe
MD5                : C93EFFF214EBEC7F2E91590327B4B788
Publisher          : -
Size               : 584374
Version            : -
Detection          : Heur.Malicious!Pb
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\install directory\left 4 dead 2\play-l4d2-windowed.exe

play-l4d2-windowed.exe
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\install directory\left 4 dead 2\left4dead 2 2013\play-l4d2-windowed.exe
MD5                : C93EFFF214EBEC7F2E91590327B4B788
Publisher          : -
Size               : 584374
Version            : -
Detection          : Heur.Malicious!Pb
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\install directory\left 4 dead 2\left4dead 2 2013\play-l4d2-windowed.exe

steamclient64.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\3dmgame-mad.max.update.0.incl.dlc.and.crack-3dm\crack\steamclient64.dll
MD5                : C938F3B95F119E522B570ED82BFEE9A9
Publisher          : -
Size               : 116736
Version            : -
Detection          : TrojanCryptor:Win32/Generic
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\3dmgame-mad.max.update.0.incl.dlc.and.crack-3dm\crack\steamclient64.dll

3dmgame.dll
Status             : Scanned
Object             : %7zsfxfolder40%\downloads\games\3dmgame-mad.max.update.0.incl.dlc.and.crack-3dm\crack\3dmgame.dll
MD5                : DFADBA62D934746DF0D38B520A16D7A4
Publisher          : -
Size               : 209920
Version            : -
Detection          : PUA:Win32/SoftCrack.Gen
Cleaning Action    : Quarantine
Traces             :
                File - %7zsfxfolder40%\downloads\games\3dmgame-mad.max.update.0.incl.dlc.and.crack-3dm\crack\3dmgame.dll

clfsw32.dll
Status             : Scanned
Object             : %homedrive%\zoek_backup\c_progra~3_{d612dea7-41a3-483a-9f90-a49a62502b1b}\clfsw32.dll
MD5                : 614C7834FCC9898EB58CE9A5D4FFC6CB
Publisher          : -
Size               : 245288
Version            : -
Detection          : Trojan:Win64/Generic!Tete
Cleaning Action    : Quarantine
Traces             :
                File - %homedrive%\zoek_backup\c_progra~3_{d612dea7-41a3-483a-9f90-a49a62502b1b}\clfsw32.dll

Cleaning Result
-------------------------------------------------------
Cleaned               : 112
Reported as safe      : 0
Failed                : 0



#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,318 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:41 PM

Posted 03 January 2016 - 03:36 AM

Hello, since some time has passed, could you please let me know what problems you still have left?


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 snapjaw

snapjaw
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  

Posted 04 January 2016 - 01:21 AM

Well chrome works now but that happened after I reinstalled it, that was before I used the antivirus tools given. My computer starts up at a bout 30% physical memory but goes up to 50% when I use chrome. That still seems kinda high for 4gb of ram. What do you think?



#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,318 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:41 PM

Posted 04 January 2016 - 02:48 AM

Is this only when you start it? I have noticed the same on my own computer, there's quite a spike when starting it for the first seconds.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 snapjaw

snapjaw
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  

Posted 05 January 2016 - 12:32 AM

No it stays at about 50%. And I noticed internet explorer was really slow

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,318 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:41 PM

Posted 05 January 2016 - 02:44 AM

I see some evidence of a ransomware infection. Can you confirm this was present in the past? I only see the ransom notes that are typically left behind with an infection with instructions on how to recover your files, no active components.

 

There are also a number of malicious game cracks showing up. Aside from the fact that pirating is illegal, it also is a sure way to get your computer infected with the latest nasties. 


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 snapjaw

snapjaw
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  

Posted 06 January 2016 - 09:36 PM

Yeah i had ransomeware and i removed it with help from these forums. And ive stopped the cracks since they do seem to give viruses.

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,318 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:41 PM

Posted 07 January 2016 - 02:43 AM

Just to be sure let's do an additional malware scan.

 

Please download Emsisoft Emergency Kit from here.

Double click the downloaded file to extract the application to a folder of your choice (c:\eek by default).

When done, double click the created Emsisoft Emergency Kit shortcut on your desktop.

When EEK has loaded, click the Update Now button to ensure you have the latest signature updates.

Now click the Scan tab and select a Malware Scan. Quarantine any found items and post the report in your next reply.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 snapjaw

snapjaw
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  

Posted 14 January 2016 - 09:01 PM

Ok here are the results of the Emersoft scan. It found 17 items. And for some reason when i posted the log there were emoticons of smiley faces. I had to delete them to post this.

 

 

 

Emsisoft Emergency Kit - Version 10.0
Last update: 1/14/2016 7:09:38 PM
User account: Kevin-PC\KW
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 1/14/2016 7:15:18 PM
Key: HKEY_USERS\S-1-5-21-1995585355-2568222046-1999612799-1002\SOFTWARE\CLASSES\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5} detected: Application.Toolbar (A)
Key: HKEY_USERS\S-1-5-21-1995585355-2568222046-1999612799-1002\SOFTWARE\CLASSES\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326} detected: Application.Toolbar (A)
Value: HKEY_USERS\S-1-5-21-1995585355-2568222046-1999612799-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1995585355-2568222046-1999612799-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AH1PXWRZ\tag[1].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\AH1PXWRZ\tag[2].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C46S0LXE\tag[2].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C46S0LXE\tag[1].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q4SJF5KB\tag[1].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q4SJF5KB\tag[3].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q4SJF5KB\tag[2].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q4SJF5KB\tag[4].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q4SJF5KB\tag[5].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q4SJF5KB\tag[6].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XY3EGRRB\tag[1].htm detected: Trojan.Iframe.CID (
C:\Users\KW\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XY3EGRRB\tag[2].htm detected: Trojan.Iframe.CID (
C:\Users\KW\Downloads\Applications\Daemon Tools\DAEMON Tools Lite 4.49.1.0356.exe detected: Application.Win32.InstallAd (A)
 
Scanned 333706
Found 17
 
Scan end: 1/14/2016 7:44:20 PM
Scan time: 0:29:02
 


#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,318 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:41 PM

Posted 15 January 2016 - 03:50 AM

How are things running at this point?


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 snapjaw

snapjaw
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  

Posted 17 January 2016 - 02:37 AM

Well internet explorer is super slow. After my computer was on for 5 mins I hit the internet explorer icon and it took 1 whole minute to open to the msn website. Chrome works fast though. My cpu usage starts at about 30% but once I open any internet browser it jumps to about 50% and stays there even after i close it.



#15 snapjaw

snapjaw
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  

Posted 17 January 2016 - 02:40 AM

Oh and malwarebytes still wont run. And chrome is a little slow. About 10 seconds for a webpage.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users