Unwanted Ads (Continued)

Status
Not open for further replies.
Great

Run this free online virus scanner just to be on the safeside, do it when you have time , on some systems it could take a half hour and on some a few hours, we deleted all your temp files with OTL so it should cut down on the time. Besure to uncheck Remove Found Threats, just want to see the log, if it finds anything we can deal with it later

ESET Online Scanner
I'd like us to scan your machine with ESET OnlineScan

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the
    esetOnline.png
    button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on
      esetSmartInstall.png
      to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the
      esetSmartInstallDesktopIcon.png
      icon on your desktop.
  4. Check
    esetAcceptTerms.png
  5. Click the
    esetStart.png
    button.
  6. Accept any security warnings from your browser.
  7. Check
    esetScanArchives.png
  8. Make sure that the option "Remove found threats" is Unchecked
  9. Push the Start button.
  10. ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  11. When the scan completes, push
    esetListThreats.png
  12. Push
    esetExport.png
    , and save the file to your desktop using a unique name, such as
    ESETScan. Include the contents of this report in your next reply.
  13. Push the
    esetBack.png
    button.
  14. Push
    esetFinish.png
Please make sure you include the following items in your next post:
The log that was produced after running ESET Online Scanner.
 
1. Unfortunately, I got distracted, when setting up, and neglected to check "Scan Archives". :sad:




2. ESETScan.txt:


C:\Users\All Users\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam33.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam60.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\Wajam61.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WiIQfraud19.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\WinDownloadergen16.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage13.zip Win32/Bagle.gen.zip worm
C:\Users\All Users\Spybot - Search & Destroy\Recovery\YontooPagerage45.zip Win32/Bagle.gen.zip worm
C:\Users\Wheelsup Club\Downloads\avc-free.exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\Avi2Dvd_Setup_064exe.exe a variant of Win32/OpenInstall application
C:\Users\Wheelsup Club\Downloads\Brothersoft_downloader_For_Canaware_NetNotes.exe a variant of Win32/BSDownloader application
C:\Users\Wheelsup Club\Downloads\Brothersoft_downloader_For_Save_as_PDF.exe a variant of Win32/BSDownloader application
C:\Users\Wheelsup Club\Downloads\Brothersoft_downloader_For_WebShot.exe a variant of Win32/BSDownloader application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Actual_Drawing-ORG-10056778.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Desktop_iCalendar_Lite-ORG-10802583.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Free_All_to_Image_JpgJpeg_Bmp_Tiff_Png_Converter-ORG-10855027.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-JustZIPit-ORG-10222609.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Windows_Draw-ORG-10043116(1).exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi134-Windows_Draw-ORG-10043116.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi4_1_3-Gantt_Chart_Template_for_Excel-75326607.exe a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi5_3_0_96-Free_Screen_Video_Capture-ORG-10859265.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi5_3_0_96-Pazera_Free_MP4_to_AVI_Converter-BP-10784027.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi5_3_0_96-Pazera_Free_MP4_to_AVI_Converter-ORG-10784027.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-cbsi5_3_0_96-Xilisoft_AVI_to_DVD_Converter-ORG-10777684.exe probably a variant of Win32/CNETInstaller.A application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_10a-Free_HTML_to_PDF_Converter-ORG-10691753.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_10a-Free_WordDoc_Txt_to_Image_JpgJpeg_Bmp_Tiff_Png-ORG-10869109.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_10a-PDF4Free-BP-10412627.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_10a-Word_to_JPEG_Converter_3000-ORG-10916023.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_11-Aura_Free_Video_Converter-ORG-10966790.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_11-AVI_To_DVD_Free_Converter-ORG-75181429.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_11-Video_Capture_Factory-BP-10864463.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_12-FM_PDF_To_JPG_Converter_Free-SEO-75217093.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_12-PDF2Image-SEO-10968683.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_13-Free_Password_Generator-SEO-10559877.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_13-Free_SWF_to_AVI_Converter-SEO-75687385.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_14-Efficient_Calendar_Free-ORG-10920848.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_14-Efficient_Reminder_Free-ORG-10921373.exe Win32/DownloadAdmin.G application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_8-Deep_Log_Analyzer_Free_Edition-ORG2-10615007.exe Win32/DownloadAdmin.E application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_8-File_Splitter_and_Joiner-ORG2-10783572.exe Win32/DownloadAdmin.E application
C:\Users\Wheelsup Club\Downloads\cbsidlm-tr1_9-Netscape_Navigator-SEO2-10145004.exe multiple threats
C:\Users\Wheelsup Club\Downloads\ChrisPCFreeAnonymousProxyv410.exe a variant of Win32/OpenInstall application
C:\Users\Wheelsup Club\Downloads\cnet2_file_shredder_setup_exe.exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\cnet2_instant-web-highlighter_4_0_zip (1).exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\cnet2_instant-web-highlighter_4_0_zip (2).exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\cnet2_instant-web-highlighter_4_0_zip (3).exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\cnet2_instant-web-highlighter_4_0_zip.exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\cnet2_WebFerret6Setup_exe (1).exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\cnet2_WebFerret6Setup_exe.exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\cnet2_WnvHtmlToPdf_App-v7_0_zip.exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\cnet_abcquatt_zip.exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\cnet_FreeImageConverter_msi.exe a variant of Win32/InstallCore.D application
C:\Users\Wheelsup Club\Downloads\DesktopActivityRecorderSetup.exe multiple threats
C:\Users\Wheelsup Club\Downloads\EZVID_Setup.exe a variant of Win32/Adware.iBryte.G application
C:\Users\Wheelsup Club\Downloads\FLVPlayerSetup.exe a variant of Win32/InstallCore.BQ application
C:\Users\Wheelsup Club\Downloads\FormatFactorySetup.exe multiple threats
C:\Users\Wheelsup Club\Downloads\FreeAVIVideoConverter.exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\FreemakeVideoConverterSetup(1).exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\FreemakeVideoConverterv4000.exe a variant of Win32/OpenInstall application
C:\Users\Wheelsup Club\Downloads\FreeScreenVideoRecorder(1).exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\FreeScreenVideoRecorder.exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\FreeStudio.exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\FreeWebMVideoConverter(1).exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\FreeWebMVideoConverter(2).exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\FreeWebMVideoConverter(3).exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\FreeWebMVideoConverter.exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\fvdsuite_installer.exe.exe a variant of Win32/InstallCore.AY application
C:\Users\Wheelsup Club\Downloads\installer_file_splitter_and_joiner_3_3_English.exe999DA391C895FB3E016246499739BD94 Win32/Vittalia.B application
C:\Users\Wheelsup Club\Downloads\intel-drivers-update-utility.exe Win32/DriverBoss.B application
C:\Users\Wheelsup Club\Downloads\PDFCreatorSetup.exe Win32/OpenCandy application
C:\Users\Wheelsup Club\Downloads\setup(3).exe Win32/Toolbar.Zugo.C application
C:\Users\Wheelsup Club\Downloads\UpdateMyDrivers.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Users\Wheelsup Club\Downloads\2xxx_XP_upd\DriverUpdaterSetup-1.2.3.2277.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Freecorder extension\AddonsFramework.dll.vir Win32/Toolbar.Besttoolbars.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\freevideomaster\tbfree.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MixiDJ_V44\tbMixi.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaltarSmart\SaltarSmartBHO.dll.vir a variant of Win32/BrowseFox.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaltarSmart\SaltarSmartUninstall.exe.vir Win32/BrowseFox.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaltarSmart\updateSaltarSmart.exe.vir a variant of Win32/BrowseFox.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaltarSmart\bin\utilSaltarSmart.exe.vir a variant of Win32/BrowseFox.G application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\ffprotect\application.js.vir Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\ffprotect\nsprotector.js.vir Win32/Conduit.SearchProtect.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe.vir MSIL/Vittalia.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\KeyGen.dll.vir Win32/Vittalia.K application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\uninstall.exe.vir a variant of Win32/ToolkitOffers.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\UpdaterService.exe.vir a variant of MSIL/Vittalia.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-chromeinstaller.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-codedownloader.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-enabler.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-firefoxinstaller.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-updater.exe.vir a variant of Win32/Toolbar.CrossRider.K application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zauxstb.dll.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll.vir a variant of Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbprtct.dll.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zdatact.dll.vir a variant of Win32/Toolbar.MyWebSearch.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zhtmlmu.dll.vir probably a variant of Win32/Toolbar.MyWebSearch.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zieovr.dll.vir probably a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zimpipe.exe.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zreghk.dll.vir a variant of Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskin.dll.vir a variant of Win32/Toolbar.MyWebSearch.P application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zskplay.exe.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrchMn.exe.vir a variant of Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CREXT.DLL.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\CrExtP4z.exe.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8HTML.DLL.vir probably a variant of Win32/Toolbar.MyWebSearch.F application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8TICKER.DLL.vir Win32/Toolbar.MyWebSearch.W application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ytbyclick_B1\tbytby.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\VisualBee\VisualBeeSoftware.exe.vir a variant of Win32/Toolbar.Babylon.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\LocalLow\MixiDJ_V44\tbMixi.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\LocalLow\ytbyclick_B1\tbytb0.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\LocalLow\ytbyclick_B1\tbytby.dll.vir a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe.vir a variant of Win32/DealPly.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Wheelsup Club\AppData\Roaming\OpenCandy\OpenCandy_ACEB2D58356B43CDAEE7C15E9E5FA89D\LatestDLMgr.exe.vir a variant of Win32/OpenCandy.A application cleaned by deleting - quarantined
C:\Program Files\Uninstaller\Uninstall.exe a variant of MSIL/DomaIQ.A application cleaned by deleting - quarantined
C:\Program Files (x86)\FoxTabPDFConverter\Uninstall\Uninstall.exe a variant of Win32/InstallCore.F application cleaned by deleting - quarantined
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnIC.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnStub.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnToolbarInstaller.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D application cleaned by deleting - quarantined
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-egypt.exe a variant of Win32/Hao123.A application cleaned by deleting - quarantined
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-japan.exe a variant of Win32/Hao123.A application cleaned by deleting - quarantined
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst-saudi-forf.exe a variant of Win32/Hao123.A application cleaned by deleting - quarantined
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A application cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam33.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam60.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\Wajam61.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud19.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen16.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\YontooPagerage13.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\YontooPagerage45.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (admin)\Deleted Items\4F0740A4-000003B2.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (admin)\Deleted Items\6C2349B9-000003B1.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (admin)\Deleted Items\72CF6E53-00000397.eml HTML/Phishing.Agent.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (admin)\Deleted Items\79C51EDB-000003B0.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (help)\Deleted Items\21957197-000010F4.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (help)\Deleted Items\4A64184E-000010EC.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (help)\Deleted Items\539729D9-000010F8.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\0C7455C7-0000112F.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\1B741515-00001136.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\3DA977FB-00001133.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\44FE3AF5-00001134.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\Microsoft\Windows Live Mail\Dddpl (sales)\Deleted Items\649327B4-00001137.eml HTML/Phishing.LinkedIn.A trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\TempImg\AskInstallChecker-1.5.0.0.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\TempImg\askToolbarInstaller-1.9.1.0.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\TempImg\chk.exe probably a variant of Win32/Agent.SZW trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\TempImg\FVM.exe a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\TempImg\Installer.exe multiple threats cleaned by deleting - quarantined
C:\Users\Wheelsup Club\AppData\Local\TempImg\VerControl.exe probably a variant of Win32/Agent.SZW trojan cleaned by deleting - quarantined
C:\Users\Wheelsup Club\Desktop\Rarely-used Icons\FFSetup3-1-1-0.exe multiple threats cleaned by deleting - quarantined
C:\Users\Wheelsup Club\Desktop\Rarely-used Icons\Old Firefox Data\extensions\plugin@yontoo.com\content\overlay.js Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Users\Wheelsup Club\Downloads\AnyVideoConverterSetup.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\Wheelsup Club\Downloads\avc-free(1).exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\Wheelsup Club\Downloads\avc-free(2).exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\Wheelsup Club\Downloads\avc-free(3).exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\Wheelsup Club\Downloads\avc-free(4).exe Win32/OpenCandy application cleaned by deleting - quarantined


- r
 
Well, what ESET found was nothing to really worry about, most where in the backup and quarantine folders from the programs we ran, also some junk in your downloads folder.

Any other issues ?
 
Your very welcome :)

  • Click START then RUN
  • Now type Combofix /uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.


    CF-Uninstall.png




Open OTL and click on Clean Up and it will remove programs we used to clean your system along with there backups, any programs that where not removed you can just drag to the trash.


Malwarebytes is the free version and yours to keep and will not be removed




Safe Surfn
Ken
 
Status
Not open for further replies.
Back
Top