Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
possible dllhost.exe virus
Message
<blockquote data-quote="Tcchap" data-source="post: 282251" data-attributes="member: 29396"><p>I didn't copy the Ad Cleaner text file contents so I just attached the file. I hope this works. If you need me to run adCleaner again - just let me know. Also, if I need something else, let me know. Thanks.</p><p></p><p>Malwarebytes Anti-Malware</p><p><a href="http://www.malwarebytes.org" target="_blank">www.malwarebytes.org</a></p><p></p><p>Scan Date: 10/22/2014</p><p>Scan Time: 1:26:42 PM</p><p>Logfile: </p><p>Administrator: Yes</p><p></p><p>Version: 2.00.3.1025</p><p>Malware Database: v2014.09.19.05</p><p>Rootkit Database: v2014.09.18.01</p><p>License: Trial</p><p>Malware Protection: Enabled</p><p>Malicious Website Protection: Enabled</p><p>Self-protection: Disabled</p><p></p><p>OS: Windows 7 Service Pack 1</p><p>CPU: x64</p><p>File System: NTFS</p><p>User: TC</p><p></p><p>Scan Type: Threat Scan</p><p>Result: Completed</p><p>Objects Scanned: 331442</p><p>Time Elapsed: 25 min, 31 sec</p><p></p><p>Memory: Enabled</p><p>Startup: Enabled</p><p>Filesystem: Enabled</p><p>Archives: Enabled</p><p>Rootkits: Enabled</p><p>Deep Rootkit Scan: Enabled</p><p>Heuristics: Enabled</p><p>PUP: Enabled</p><p>PUM: Enabled</p><p></p><p>Processes: 0</p><p>(No malicious items detected)</p><p></p><p>Modules: 0</p><p>(No malicious items detected)</p><p></p><p>Registry Keys: 24</p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\CLSID\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\TYPELIB\{1EA1A4B4-B3EF-481F-89D7-467FEAD5CF20}, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\INTERFACE\{C8DA3FA9-8DD9-4BF6-BBBA-625B0E3D07F7}, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C8DA3FA9-8DD9-4BF6-BBBA-625B0E3D07F7}, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1EA1A4B4-B3EF-481F-89D7-467FEAD5CF20}, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\PrivacySafeGuard.BHO.1, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\PrivacySafeGuard.BHO, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PrivacySafeGuard.BHO, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PrivacySafeGuard.BHO.1, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\CLSID\{1036AD63-AEAC-460B-9060-C96005D4DC86}\INPROCSERVER32, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [b76503ecef8c01356e31485578886f91], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\TYPELIB\{145310E3-18FA-41A9-BEE4-F830B08C6014}, Quarantined, [b76503ecef8c01356e31485578886f91], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\INTERFACE\{76348131-7ADF-4FE7-9047-529719D86186}, Quarantined, [b76503ecef8c01356e31485578886f91], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{76348131-7ADF-4FE7-9047-529719D86186}, Quarantined, [b76503ecef8c01356e31485578886f91], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{145310E3-18FA-41A9-BEE4-F830B08C6014}, Quarantined, [b76503ecef8c01356e31485578886f91], </p><p>PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [b76503ecef8c01356e31485578886f91], </p><p>PUP.PrivacySafeGuard, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [b76503ecef8c01356e31485578886f91], </p><p>PUP.PrivacySafeGuard, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [b76503ecef8c01356e31485578886f91], </p><p>Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [5cc0fbf467148fa7c05e290e679d8a76], </p><p>Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [5cc0fbf467148fa7c05e290e679d8a76], </p><p></p><p>Registry Values: 1</p><p>Trojan.Agent, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleUpdate, C:\Users\TC\AppData\Roaming\GoogleUpdate.exe, Quarantined, [5cc0fbf467148fa7c05e290e679d8a76]</p><p></p><p>Registry Data: 0</p><p>(No malicious items detected)</p><p></p><p>Folders: 1</p><p>PUP.Optional.Lightning.A, C:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml, Quarantined, [db4107e8f48784b2fa8d19bf7f83817f], </p><p></p><p>Files: 48</p><p>PUP.PrivacySafeGuard, C:\Program Files\PrivacySafeGuard\PrivacySafeGuard-x64.dll, Quarantined, [d7453fb05526181ecad547567789ae52], </p><p>PUP.PrivacySafeGuard, C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll, Quarantined, [b76503ecef8c01356e31485578886f91], </p><p>PUP.Optional.Zugo, C:\Program Files (x86)\YTDSETUP\trafficspace.exe, Quarantined, [f329b03f9fdc7bbb0bd6faa2f11304fc], </p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\SPStub.exe, Quarantined, [ff1ded02007be15551d06ac3cf32e020], </p><p>PUP.Optional.Amonetize.A, C:\Users\TC\AppData\Local\Temp\UpdUninstall.exe, Quarantined, [b4689a5546352c0a8f2e25043ec3c739], </p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\nse195D.exe, Quarantined, [1804fff0e19a9a9c22c3d757ab561fe1], </p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\nsnE517.exe, Quarantined, [cf4dc7287dfe2c0ab0352d01907117e9], </p><p>PUP.Optional.FullSpectrumAdmin, C:\Users\TC\AppData\Local\Temp\fxjm8XZK.exe.part, Quarantined, [160611de6a1171c54a89843b966e53ad], </p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\dlLogic.exe, Quarantined, [9a82c6292a517bbb7237a572659c728e], </p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\nsxB888.exe, Quarantined, [ec30628df8836bcb14d151dd32cf9769], </p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\ToolbarHelper.exe, Quarantined, [e33921ce94e7f046d98ddb43679949b7], </p><p>Adware.InstallBrain, C:\Users\TC\AppData\Local\Temp\30NWDz5G.exe.part, Quarantined, [d3497e71de9de74f1d471dfb679a926e], </p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\DM\adobe-acrobat-professional_026\WStest.exe, Quarantined, [a07ca6496c0f2115ae0d19059a66eb15], </p><p>PUP.Optional.DomaIQ, C:\Users\TC\AppData\Local\Temp\camtasia-studio.exe\51571970a9fc4d18892400afb8e78788\camtasia-studio.exe, Quarantined, [27f5faf57efd45f1a6adff3710f14cb4], </p><p>PUP.Optional.DomaIQ, C:\Users\TC\AppData\Local\Temp\camtasia-studio.exe\51571970a9fc4d18892400afb8e78788\parent.txt, Quarantined, [45d728c743380a2c1c37340226db3fc1], </p><p>PUP.Optional.Desk365.A, C:\Users\TC\AppData\Local\Temp\camtasia-studio.exe\51571970a9fc4d18892400afb8e78788\software\deskdl.exe, Quarantined, [fe1e41ae43382016c270a880f90755ab], </p><p>PUP.Optional.FlashPro, C:\Users\TC\Downloads\flashplayerpro-setup(1).exe, Quarantined, [36e61bd49dde280e6003af3329dbf50b], </p><p>PUP.Optional.FlashPro, C:\Users\TC\Downloads\flashplayerpro-setup(2).exe, Quarantined, [1ffdf6f995e6c67096cd568c2cd8867a], </p><p>PUP.Optional.FlashPro, C:\Users\TC\Downloads\flashplayerpro-setup.exe, Quarantined, [8e8e6f802556b87e7de6b72ba55f7d83], </p><p>PUP.Optional.Softonic.A, C:\Users\TC\Downloads\SoftonicDownloader_for_hamachi.exe, Quarantined, [43d95c93027937ff82259997e31e9d63], </p><p>PUP.Optional.Softonic, C:\Users\TC\Downloads\SoftonicDownloader_for_mp4-to-wmv-converter (1).exe, Quarantined, [7ba12dc2077460d6c584888d68994bb5], </p><p>PUP.Optional.Softonic, C:\Users\TC\Downloads\SoftonicDownloader_for_mp4-to-wmv-converter.exe, Quarantined, [75a7f1feaecd68cecc7d12035ea325db], </p><p>PUP.Optional.Softonic, C:\Users\TC\Downloads\SoftonicDownloader_for_myvideoconverter.exe, Quarantined, [8894af401665ca6c6bde39dccd3429d7], </p><p>PUP.Optional.DomaIQ, C:\Users\TC\Downloads\camtasia-studio.exe, Quarantined, [9d7fc02f5922181ec291e05646bbe917], </p><p>PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\games.exe, Quarantined, [a973d01f5a2144f2548149dda160768a], </p><p>Adware.DomaIQ, C:\Users\TC\Downloads\google-chrome_V.73378987c.exe, Quarantined, [fd1fb43b314a989e730adc1013ed9868], </p><p>PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\openfreely_1296 (1).exe, Quarantined, [a5779b54d0ab68ceffd6d452679a5ea2], </p><p>PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\openfreely_1296.exe, Quarantined, [021af8f78af196a002d34dd9768b59a7], </p><p>PUP.BundleInstaller.VG, C:\Users\TC\Downloads\setup.exe, Quarantined, [c45857987dfebb7b17cf2d681ee2cb35], </p><p>Adware.InstallBrain, C:\Users\TC\Downloads\CodecPerformerSetup(1).exe, Quarantined, [110b7c73b4c7d165bda772a66e9352ae], </p><p>Adware.InstallBrain, C:\Users\TC\Downloads\CodecPerformerSetup.exe, Quarantined, [7ca0c9263b401224fb6963b5d62b26da], </p><p>PUP.Optional.OptimumInstaller.A, C:\Users\TC\Downloads\Firefox_Setup.exe, Quarantined, [62ba955a7b005dd98db2194556abab55], </p><p>Adware.DomaIQ, C:\Users\TC\Downloads\google-chrome_V.77246547c.exe, Quarantined, [021a915e3a4121155f8b9e89e1246b95], </p><p>PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\games (1).exe, Quarantined, [a17b08e78fec1e18a5300620d829956b], </p><p>PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\games (2).exe, Quarantined, [e537519e94e7f93d736273b34fb29c64], </p><p>PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\games (3).exe, Quarantined, [03195a959eddb4828f46d35302ff42be], </p><p>PUP.Optional.Ibryte, C:\Users\TC\Downloads\Chrome_Setup (1).exe, Quarantined, [c95313dc106b2c0a8fc237e2db26b64a], </p><p>PUP.Optional.Ibryte, C:\Users\TC\Downloads\Chrome_Setup.exe, Quarantined, [a27afff0c6b568ce63eeab6e37ca1ee2], </p><p>Adware.DomaIQ, C:\Users\TC\Downloads\google-chrome_V.77247036c.exe, Quarantined, [be5ed21d9ae135011dcdf82fdb2a14ec], </p><p>Adware.DomaIQ, C:\Users\TC\Downloads\google-chrome_V.77247057c.exe, Quarantined, [1507b7383c3fe254d6145ccb976e8878], </p><p>Exploit.Drop.9, C:\Users\TC\AppData\Local\Temp\0.8027783351521134, Quarantined, [c15bbc33a4d762d40b09afe053b0f30d], </p><p>Trojan.Agent, C:\Users\TC\AppData\Local\Temp\.exe, Quarantined, [1c0044abc9b2c76f0686628f4db6936d], </p><p>Trojan.Agent, C:\Users\TC\AppData\Roaming\GoogleUpdate.exe, Quarantined, [5cc0fbf467148fa7c05e290e679d8a76], </p><p>Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 1612823468.job, Quarantined, [2af2a649fe7d76c0f70959e2ae56b947], </p><p>Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 2016325872.job, Quarantined, [b3697976d6a576c0e21ec774bc48f60a], </p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Roaming\Mozilla\Firefox\Profiles\m5md02d3.default\prefs.js, Good: (), Bad: (user_pref("browser.search.defaulturl", "<a href="http://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN33603465822770532&UM=2&SearchSource=3&q={searchTerms}&sspv=TB_CER" target="_blank">http://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN33603465822770532&UM=2&SearchSource=3&q={searchTerms}&sspv=TB_CER</a>")<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" />, Replaced,[ed2f8f602c4fdf571b3d1b1e23e2b848]</p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Roaming\Mozilla\Firefox\Profiles\m5md02d3.default\prefs.js, Good: (), Bad: (user_pref("CT3289847.SearchFromAddressBarUrl", "<a href="http://search.conduit.com/ResultsExt.aspx?octid=CT3289847&ctid=CT3289847&SearchSource=2&CUI=UN33603465822770532&UM=2&sspv=TB_CER&q=" target="_blank">http://search.conduit.com/ResultsExt.aspx?octid=CT3289847&ctid=CT3289847&SearchSource=2&CUI=UN33603465822770532&UM=2&sspv=TB_CER&q=</a>")<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" />, Replaced,[50cc79765229e84e7adfc4754db8c53b]</p><p>PUP.Optional.Conduit.A, C:\Users\TC\AppData\Roaming\Mozilla\Firefox\Profiles\m5md02d3.default\prefs.js, Good: (), Bad: (user_pref("CT3289847.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"<a href="http://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=15&CUI=UN33603465822770532&SSPV=&Lay=1&UM=2\" target="_blank">http://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=15&CUI=UN33603465822770532&SSPV=&Lay=1&UM=2\</a>"}")<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite110" alt=";)" title="Wink ;)" loading="lazy" data-shortname=";)" />, Replaced,[f329c827502be155dc8cd168bb4a946c]</p><p></p><p>Physical Sectors: 0</p><p>(No malicious items detected)</p><p></p><p></p><p>(end)</p></blockquote><p></p>
[QUOTE="Tcchap, post: 282251, member: 29396"] I didn't copy the Ad Cleaner text file contents so I just attached the file. I hope this works. If you need me to run adCleaner again - just let me know. Also, if I need something else, let me know. Thanks. Malwarebytes Anti-Malware [url="http://www.malwarebytes.org"]www.malwarebytes.org[/url] Scan Date: 10/22/2014 Scan Time: 1:26:42 PM Logfile: Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.09.19.05 Rootkit Database: v2014.09.18.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: TC Scan Type: Threat Scan Result: Completed Objects Scanned: 331442 Time Elapsed: 25 min, 31 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Deep Rootkit Scan: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 24 PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\CLSID\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\TYPELIB\{1EA1A4B4-B3EF-481F-89D7-467FEAD5CF20}, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\INTERFACE\{C8DA3FA9-8DD9-4BF6-BBBA-625B0E3D07F7}, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C8DA3FA9-8DD9-4BF6-BBBA-625B0E3D07F7}, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1EA1A4B4-B3EF-481F-89D7-467FEAD5CF20}, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\PrivacySafeGuard.BHO.1, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\PrivacySafeGuard.BHO, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PrivacySafeGuard.BHO, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PrivacySafeGuard.BHO.1, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\CLSID\{1036AD63-AEAC-460B-9060-C96005D4DC86}\INPROCSERVER32, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [b76503ecef8c01356e31485578886f91], PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\TYPELIB\{145310E3-18FA-41A9-BEE4-F830B08C6014}, Quarantined, [b76503ecef8c01356e31485578886f91], PUP.PrivacySafeGuard, HKLM\SOFTWARE\CLASSES\INTERFACE\{76348131-7ADF-4FE7-9047-529719D86186}, Quarantined, [b76503ecef8c01356e31485578886f91], PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{76348131-7ADF-4FE7-9047-529719D86186}, Quarantined, [b76503ecef8c01356e31485578886f91], PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{145310E3-18FA-41A9-BEE4-F830B08C6014}, Quarantined, [b76503ecef8c01356e31485578886f91], PUP.PrivacySafeGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [b76503ecef8c01356e31485578886f91], PUP.PrivacySafeGuard, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [b76503ecef8c01356e31485578886f91], PUP.PrivacySafeGuard, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [b76503ecef8c01356e31485578886f91], Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [5cc0fbf467148fa7c05e290e679d8a76], Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [5cc0fbf467148fa7c05e290e679d8a76], Registry Values: 1 Trojan.Agent, HKU\S-1-5-21-3022253801-3389007567-3995079277-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GoogleUpdate, C:\Users\TC\AppData\Roaming\GoogleUpdate.exe, Quarantined, [5cc0fbf467148fa7c05e290e679d8a76] Registry Data: 0 (No malicious items detected) Folders: 1 PUP.Optional.Lightning.A, C:\Users\TC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml, Quarantined, [db4107e8f48784b2fa8d19bf7f83817f], Files: 48 PUP.PrivacySafeGuard, C:\Program Files\PrivacySafeGuard\PrivacySafeGuard-x64.dll, Quarantined, [d7453fb05526181ecad547567789ae52], PUP.PrivacySafeGuard, C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll, Quarantined, [b76503ecef8c01356e31485578886f91], PUP.Optional.Zugo, C:\Program Files (x86)\YTDSETUP\trafficspace.exe, Quarantined, [f329b03f9fdc7bbb0bd6faa2f11304fc], PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\SPStub.exe, Quarantined, [ff1ded02007be15551d06ac3cf32e020], PUP.Optional.Amonetize.A, C:\Users\TC\AppData\Local\Temp\UpdUninstall.exe, Quarantined, [b4689a5546352c0a8f2e25043ec3c739], PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\nse195D.exe, Quarantined, [1804fff0e19a9a9c22c3d757ab561fe1], PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\nsnE517.exe, Quarantined, [cf4dc7287dfe2c0ab0352d01907117e9], PUP.Optional.FullSpectrumAdmin, C:\Users\TC\AppData\Local\Temp\fxjm8XZK.exe.part, Quarantined, [160611de6a1171c54a89843b966e53ad], PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\dlLogic.exe, Quarantined, [9a82c6292a517bbb7237a572659c728e], PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\nsxB888.exe, Quarantined, [ec30628df8836bcb14d151dd32cf9769], PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\ToolbarHelper.exe, Quarantined, [e33921ce94e7f046d98ddb43679949b7], Adware.InstallBrain, C:\Users\TC\AppData\Local\Temp\30NWDz5G.exe.part, Quarantined, [d3497e71de9de74f1d471dfb679a926e], PUP.Optional.Conduit.A, C:\Users\TC\AppData\Local\Temp\DM\adobe-acrobat-professional_026\WStest.exe, Quarantined, [a07ca6496c0f2115ae0d19059a66eb15], PUP.Optional.DomaIQ, C:\Users\TC\AppData\Local\Temp\camtasia-studio.exe\51571970a9fc4d18892400afb8e78788\camtasia-studio.exe, Quarantined, [27f5faf57efd45f1a6adff3710f14cb4], PUP.Optional.DomaIQ, C:\Users\TC\AppData\Local\Temp\camtasia-studio.exe\51571970a9fc4d18892400afb8e78788\parent.txt, Quarantined, [45d728c743380a2c1c37340226db3fc1], PUP.Optional.Desk365.A, C:\Users\TC\AppData\Local\Temp\camtasia-studio.exe\51571970a9fc4d18892400afb8e78788\software\deskdl.exe, Quarantined, [fe1e41ae43382016c270a880f90755ab], PUP.Optional.FlashPro, C:\Users\TC\Downloads\flashplayerpro-setup(1).exe, Quarantined, [36e61bd49dde280e6003af3329dbf50b], PUP.Optional.FlashPro, C:\Users\TC\Downloads\flashplayerpro-setup(2).exe, Quarantined, [1ffdf6f995e6c67096cd568c2cd8867a], PUP.Optional.FlashPro, C:\Users\TC\Downloads\flashplayerpro-setup.exe, Quarantined, [8e8e6f802556b87e7de6b72ba55f7d83], PUP.Optional.Softonic.A, C:\Users\TC\Downloads\SoftonicDownloader_for_hamachi.exe, Quarantined, [43d95c93027937ff82259997e31e9d63], PUP.Optional.Softonic, C:\Users\TC\Downloads\SoftonicDownloader_for_mp4-to-wmv-converter (1).exe, Quarantined, [7ba12dc2077460d6c584888d68994bb5], PUP.Optional.Softonic, C:\Users\TC\Downloads\SoftonicDownloader_for_mp4-to-wmv-converter.exe, Quarantined, [75a7f1feaecd68cecc7d12035ea325db], PUP.Optional.Softonic, C:\Users\TC\Downloads\SoftonicDownloader_for_myvideoconverter.exe, Quarantined, [8894af401665ca6c6bde39dccd3429d7], PUP.Optional.DomaIQ, C:\Users\TC\Downloads\camtasia-studio.exe, Quarantined, [9d7fc02f5922181ec291e05646bbe917], PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\games.exe, Quarantined, [a973d01f5a2144f2548149dda160768a], Adware.DomaIQ, C:\Users\TC\Downloads\google-chrome_V.73378987c.exe, Quarantined, [fd1fb43b314a989e730adc1013ed9868], PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\openfreely_1296 (1).exe, Quarantined, [a5779b54d0ab68ceffd6d452679a5ea2], PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\openfreely_1296.exe, Quarantined, [021af8f78af196a002d34dd9768b59a7], PUP.BundleInstaller.VG, C:\Users\TC\Downloads\setup.exe, Quarantined, [c45857987dfebb7b17cf2d681ee2cb35], Adware.InstallBrain, C:\Users\TC\Downloads\CodecPerformerSetup(1).exe, Quarantined, [110b7c73b4c7d165bda772a66e9352ae], Adware.InstallBrain, C:\Users\TC\Downloads\CodecPerformerSetup.exe, Quarantined, [7ca0c9263b401224fb6963b5d62b26da], PUP.Optional.OptimumInstaller.A, C:\Users\TC\Downloads\Firefox_Setup.exe, Quarantined, [62ba955a7b005dd98db2194556abab55], Adware.DomaIQ, C:\Users\TC\Downloads\google-chrome_V.77246547c.exe, Quarantined, [021a915e3a4121155f8b9e89e1246b95], PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\games (1).exe, Quarantined, [a17b08e78fec1e18a5300620d829956b], PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\games (2).exe, Quarantined, [e537519e94e7f93d736273b34fb29c64], PUP.Optional.InstallIQ.A, C:\Users\TC\Downloads\games (3).exe, Quarantined, [03195a959eddb4828f46d35302ff42be], PUP.Optional.Ibryte, C:\Users\TC\Downloads\Chrome_Setup (1).exe, Quarantined, [c95313dc106b2c0a8fc237e2db26b64a], PUP.Optional.Ibryte, C:\Users\TC\Downloads\Chrome_Setup.exe, Quarantined, [a27afff0c6b568ce63eeab6e37ca1ee2], Adware.DomaIQ, C:\Users\TC\Downloads\google-chrome_V.77247036c.exe, Quarantined, [be5ed21d9ae135011dcdf82fdb2a14ec], Adware.DomaIQ, C:\Users\TC\Downloads\google-chrome_V.77247057c.exe, Quarantined, [1507b7383c3fe254d6145ccb976e8878], Exploit.Drop.9, C:\Users\TC\AppData\Local\Temp\0.8027783351521134, Quarantined, [c15bbc33a4d762d40b09afe053b0f30d], Trojan.Agent, C:\Users\TC\AppData\Local\Temp\.exe, Quarantined, [1c0044abc9b2c76f0686628f4db6936d], Trojan.Agent, C:\Users\TC\AppData\Roaming\GoogleUpdate.exe, Quarantined, [5cc0fbf467148fa7c05e290e679d8a76], Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 1612823468.job, Quarantined, [2af2a649fe7d76c0f70959e2ae56b947], Trojan.Agent.RvGen, C:\Windows\Tasks\Security Center Update - 2016325872.job, Quarantined, [b3697976d6a576c0e21ec774bc48f60a], PUP.Optional.Conduit.A, C:\Users\TC\AppData\Roaming\Mozilla\Firefox\Profiles\m5md02d3.default\prefs.js, Good: (), Bad: (user_pref("browser.search.defaulturl", "[url]http://search.conduit.com/ResultsExt.aspx?ctid=CT3289847&CUI=UN33603465822770532&UM=2&SearchSource=3&q={searchTerms}&sspv=TB_CER[/url]");), Replaced,[ed2f8f602c4fdf571b3d1b1e23e2b848] PUP.Optional.Conduit.A, C:\Users\TC\AppData\Roaming\Mozilla\Firefox\Profiles\m5md02d3.default\prefs.js, Good: (), Bad: (user_pref("CT3289847.SearchFromAddressBarUrl", "[url]http://search.conduit.com/ResultsExt.aspx?octid=CT3289847&ctid=CT3289847&SearchSource=2&CUI=UN33603465822770532&UM=2&sspv=TB_CER&q=[/url]");), Replaced,[50cc79765229e84e7adfc4754db8c53b] PUP.Optional.Conduit.A, C:\Users\TC\AppData\Roaming\Mozilla\Firefox\Profiles\m5md02d3.default\prefs.js, Good: (), Bad: (user_pref("CT3289847.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"[url]http://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=15&CUI=UN33603465822770532&SSPV=&Lay=1&UM=2\[/url]"}");), Replaced,[f329c827502be155dc8cd168bb4a946c] Physical Sectors: 0 (No malicious items detected) (end) [/QUOTE]
Insert quotes…
Verification
Post reply
Top