Page 3 of 3 FirstFirst 123
Results 21 to 25 of 25

Thread: Unwanted Ads (Continued)

  1. #21
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Great

    Run this free online virus scanner just to be on the safeside, do it when you have time , on some systems it could take a half hour and on some a few hours, we deleted all your temp files with OTL so it should cut down on the time. Besure to uncheck Remove Found Threats, just want to see the log, if it finds anything we can deal with it later

    ESET Online Scanner
    I'd like us to scan your machine with ESET OnlineScan

    *Note
    It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
    Please don't go surfing while your resident protection is disabled!
    Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



    1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the icon on your desktop.
    4. Check
    5. Click the button.
    6. Accept any security warnings from your browser.
    7. Check
    8. Make sure that the option "Remove found threats" is Unchecked
    9. Push the Start button.
    10. ESET will then download updates for itself, install itself, and begin
      scanning your computer. Please be patient as this can take some time.
    11. When the scan completes, push
    12. Push , and save the file to your desktop using a unique name, such as
      ESETScan. Include the contents of this report in your next reply.
    13. Push the button.
    14. Push
    Please make sure you include the following items in your next post:
    The log that was produced after running ESET Online Scanner.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  2. #22
    Member
    Join Date
    Apr 2008
    Posts
    77

    Default

    1. Unfortunately, I got distracted, when setting up, and neglected to check "Scan Archives".




    2. ESETScan.txt:


    C:\Users\All Users\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT.zip Win32/Bagle.gen.zip worm
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam33.zip Win32/Bagle.gen.zip worm
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam60.zip Win32/Bagle.gen.zip worm
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam61.zip Win32/Bagle.gen.zip worm
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\WiIQfraud19.zip Win32/Bagle.gen.zip worm
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\WinDownloadergen16.zip Win32/Bagle.gen.zip worm
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage13.zip Win32/Bagle.gen.zip worm
    C:\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage45.zip Win32/Bagle.gen.zip worm
    C:\Users\Wheelsup Club\Downloads\avc-free.exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\Avi2Dvd_Setup_064exe.exe a variant of Win32/OpenInstall application
    C:\Users\Wheelsup Club\Downloads\Brothersoft_downloader_For_Canaware_NetNotes.exe a variant of Win32/BSDownloader application
    C:\Users\Wheelsup Club\Downloads\Brothersoft_downloader_For_Save_as_PDF.exe a variant of Win32/BSDownloader application
    C:\Users\Wheelsup Club\Downloads\Brothersoft_downloader_For_WebShot.exe a variant of Win32/BSDownloader application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Actual_Drawing-ORG-10056778.exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Desktop_iCalendar_Lite-ORG-10802583.exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Free_All_to_Image_JpgJpeg_Bmp_Tiff_Png_Converter-ORG-10855027.exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-JustZIPit-ORG-10222609.exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Windows_Draw-ORG-10043116(1).exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Windows_Draw-ORG-10043116.exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi4_1_3-Gantt_Chart_Template_for_Excel-75326607.exe a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi5_3_0_96-Free_Screen_Video_Capture-ORG-10859265.exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi5_3_0_96-Pazera_Free_MP4_to_AVI_Converter-BP-10784027.exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi5_3_0_96-Pazera_Free_MP4_to_AVI_Converter-ORG-10784027.exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi5_3_0_96-Xilisoft_AVI_to_DVD_Converter-ORG-10777684.exe probably a variant of Win32/CNETInstaller.A application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_10a-Free_HTML_to_PDF_Converter-ORG-10691753.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_10a-Free_WordDoc_Txt_to_Image_JpgJpeg_Bmp_Tiff_Png-ORG-10869109.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_10a-PDF4Free-BP-10412627.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_10a-Word_to_JPEG_Converter_3000-ORG-10916023.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_11-Aura_Free_Video_Converter-ORG-10966790.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_11-AVI_To_DVD_Free_Converter-ORG-75181429.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_11-Video_Capture_Factory-BP-10864463.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_12-FM_PDF_To_JPG_Converter_Free-SEO-75217093.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_12-PDF2Image-SEO-10968683.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_13-Free_Password_Generator-SEO-10559877.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_13-Free_SWF_to_AVI_Converter-SEO-75687385.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_14-Efficient_Calendar_Free-ORG-10920848.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_14-Efficient_Reminder_Free-ORG-10921373.exe Win32/DownloadAdmin.G application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_8-Deep_Log_Analyzer_Free_Edition-ORG2-10615007.exe Win32/DownloadAdmin.E application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_8-File_Splitter_and_Joiner-ORG2-10783572.exe Win32/DownloadAdmin.E application
    C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_9-Netscape_Navigator-SEO2-10145004.exe multiple threats
    C:\Users\Wheelsup Club\Downloads\ChrisPCFreeAnonymousProxyv410.exe a variant of Win32/OpenInstall application
    C:\Users\Wheelsup Club\Downloads\cnet2_file_shredder_setup_exe.exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\cnet2_instant-web-highlighter_4_0_zip (1).exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\cnet2_instant-web-highlighter_4_0_zip (2).exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\cnet2_instant-web-highlighter_4_0_zip (3).exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\cnet2_instant-web-highlighter_4_0_zip.exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\cnet2_WebFerret6Setup_exe (1).exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\cnet2_WebFerret6Setup_exe.exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\cnet2_WnvHtmlToPdf_App-v7_0_zip.exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\cnet_abcquatt_zip.exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\cnet_FreeImageConverter_msi.exe a variant of Win32/InstallCore.D application
    C:\Users\Wheelsup Club\Downloads\DesktopActivityRecorderSetup.exe multiple threats
    C:\Users\Wheelsup Club\Downloads\EZVID_Setup.exe a variant of Win32/Adware.iBryte.G application
    C:\Users\Wheelsup Club\Downloads\FLVPlayerSetup.exe a variant of Win32/InstallCore.BQ application
    C:\Users\Wheelsup Club\Downloads\FormatFactorySetup.exe multiple threats
    C:\Users\Wheelsup Club\Downloads\FreeAVIVideoConverter.exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\FreemakeVideoConverterSetup(1).exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\FreemakeVideoConverterv4000.exe a variant of Win32/OpenInstall application
    C:\Users\Wheelsup Club\Downloads\FreeScreenVideoRecorder(1).exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\FreeScreenVideoRecorder.exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\FreeStudio.exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\FreeWebMVideoConverter(1).exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\FreeWebMVideoConverter(2).exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\FreeWebMVideoConverter(3).exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\FreeWebMVideoConverter.exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\fvdsuite_installer.exe.exe a variant of Win32/InstallCore.AY application
    C:\Users\Wheelsup Club\Downloads\installer_file_splitter_and_joiner_3_3_English.exe999DA391C895FB3E016246499739BD94 Win32/Vittalia.B application
    C:\Users\Wheelsup Club\Downloads\intel-drivers-update-utility.exe Win32/DriverBoss.B application
    C:\Users\Wheelsup Club\Downloads\PDFCreatorSetup.exe Win32/OpenCandy application
    C:\Users\Wheelsup Club\Downloads\setup(3).exe Win32/Toolbar.Zugo.C application
    C:\Users\Wheelsup Club\Downloads\UpdateMyDrivers.exe a variant of Win32/Bundled.Toolbar.Ask application
    C:\Users\Wheelsup Club\Downloads\2xxx_XP_upd\DriverUpdaterSetup-1.2.3.2277.exe a variant of Win32/Bundled.Toolbar.Ask application
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Freecorder extension\AddonsFramework.dll.vir Win32/Toolbar.Besttoolbars.A application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\freevideomaster\tbfree.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\MixiDJ_V44\tbMixi.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaltarSmart\SaltarSmartBHO.dll.vir a variant of Win32/BrowseFox.F application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaltarSmart\SaltarSmartUninstall.exe.vir Win32/BrowseFox.C application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaltarSmart\updateSaltarSmart.exe.vir a variant of Win32/BrowseFox.G application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaltarSmart\bin\utilSaltarSmart.exe.vir a variant of Win32/BrowseFox.G application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\ffprotect\nsprotector.js.vir Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe.vir MSIL/Vittalia.C application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\KeyGen.dll.vir Win32/Vittalia.K application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\uninstall.exe.vir a variant of Win32/ToolkitOffers.A application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\UpdaterService.exe.vir a variant of MSIL/Vittalia.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-chromeinstaller.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-codedownloader.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-enabler.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-firefoxinstaller.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-updater.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zauxstb.dll.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll.vir a variant of Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbprtct.dll.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zdatact.dll.vir a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhtmlmu.dll.vir probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zieovr.dll.vir probably a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zimpipe.exe.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zreghk.dll.vir a variant of Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskin.dll.vir a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskplay.exe.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe.vir a variant of Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CREXT.DLL.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CrExtP4z.exe.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8HTML.DLL.vir probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8TICKER.DLL.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Program Files (x86)\ytbyclick_B1\tbytby.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\ProgramData\VisualBee\VisualBeeSoftware.exe.vir a variant of Win32/Toolbar.Babylon.A application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\LocalLow\MixiDJ_V44\tbMixi.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\LocalLow\ytbyclick_B1\tbytb0.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\LocalLow\ytbyclick_B1\tbytby.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir a variant of Win32/DealPly.B application cleaned by deleting - quarantined
    C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\Roaming\OpenCandy\OpenCandy_ACEB2D58356B43CDAEE7C15E9E5FA89D\LatestDLMgr.exe.vir a variant of Win32/OpenCandy.A application cleaned by deleting - quarantined
    C:\Program Files\Uninstaller\Uninstall.exe a variant of MSIL/DomaIQ.A application cleaned by deleting - quarantined
    C:\Program Files (x86)\FoxTabPDFConverter\Uninstall\Uninstall.exe a variant of Win32/InstallCore.F application cleaned by deleting - quarantined
    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnIC.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnStub.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnToolbarInstaller.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-egypt.exe a variant of Win32/Hao123.A application cleaned by deleting - quarantined
    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-japan.exe a variant of Win32/Hao123.A application cleaned by deleting - quarantined
    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-saudi-forf.exe a variant of Win32/Hao123.A application cleaned by deleting - quarantined
    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A application cleaned by deleting - quarantined
    C:\ProgramData\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam33.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam60.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
    C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam61.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
    C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud19.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
    C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen16.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
    C:\ProgramData\Spybot - Search & Destroy\Recovery\YontooPagerage13.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
    C:\ProgramData\Spybot - Search & Destroy\Recovery\YontooPagerage45.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (admin)\Deleted Items\4F0740A4-000003B2.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (admin)\Deleted Items\6C2349B9-000003B1.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (admin)\Deleted Items\72CF6E53-00000397.eml HTML/Phishing.Agent.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (admin)\Deleted Items\79C51EDB-000003B0.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (help)\Deleted Items\21957197-000010F4.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (help)\Deleted Items\4A64184E-000010EC.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (help)\Deleted Items\539729D9-000010F8.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\0C7455C7-0000112F.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\1B741515-00001136.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\3DA977FB-00001133.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\44FE3AF5-00001134.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\649327B4-00001137.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\TempImg\AskInstallChecker-1.5.0.0.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\TempImg\askToolbarInstaller-1.9.1.0.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\TempImg\chk.exe probably a variant of Win32/Agent.SZW trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\TempImg\FVM.exe a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\TempImg\Installer.exe multiple threats cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\AppData\Local\TempImg\VerControl.exe probably a variant of Win32/Agent.SZW trojan cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\Desktop\Rarely-used Icons\FFSetup3-1-1-0.exe multiple threats cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\Desktop\Rarely-used Icons\Old Firefox Data\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\Downloads\AnyVideoConverterSetup.exe Win32/OpenCandy application cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\Downloads\avc-free(1).exe Win32/OpenCandy application cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\Downloads\avc-free(2).exe Win32/OpenCandy application cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\Downloads\avc-free(3).exe Win32/OpenCandy application cleaned by deleting - quarantined
    C:\Users\Wheelsup Club\Downloads\avc-free(4).exe Win32/OpenCandy application cleaned by deleting - quarantined


    - r

  3. #23
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Well, what ESET found was nothing to really worry about, most where in the backup and quarantine folders from the programs we ran, also some junk in your downloads folder.

    Any other issues ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  4. #24
    Member
    Join Date
    Apr 2008
    Posts
    77

    Default

    Not that I can think of.

    Thanks for all your help, though!

    - r

  5. #25
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Your very welcome

    • Click START then RUN
    • Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.







    Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.


    Malwarebytes is the free version and yours to keep and will not be removed





    Safe Surfn
    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •