Solved Can't get rid of DOS/Rovnix.W
- Thread starter Mahtab
- Start date
Sorry I forgot, the computer is still slow and it does freeze from time to time specially when I'm browsing. But the blue screen didn't happen again.
And for some reason the ESET is having problems during execution. My computer restarts in the middle of the scan so it doesn't let it to complete, I tried couple of times. It does find a Trojan named JS/Chromex.Agent.L during the scan though. And Microsoft Security Essential still shows computer at risk.
And for some reason the ESET is having problems during execution. My computer restarts in the middle of the scan so it doesn't let it to complete, I tried couple of times. It does find a Trojan named JS/Chromex.Agent.L during the scan though. And Microsoft Security Essential still shows computer at risk.
Broni
Posts: 56,041 +516
Which browser is causing freezes?
What about other browser(s)?
Instead of Eset...
What about other browser(s)?
Instead of Eset...
- Download Sophos Free Virus Removal Tool and save it to your desktop
- Double click the icon and select Run
- Click Next
- Select I accept the terms in this license agreement, then click Next twice
- Click Install
- Click Finish to launch the program
- Once the virus database has been updated click Start Scanning
- If any threats are found click Details, then View log file... (bottom left hand corner)
- Copy and paste the results in your reply
- Close the Notepad document, close the Threat Details screen, then click Start cleanup
- Click Exit to close the program
Both FireFox and Internet Explorer but I'm almost always using just FireFox. And this is the log of ESET, it stopped at 84 percent.
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll a variant of Win64/Sathurbot.A trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\All Users\Microsoft\Secure\Icons\IconsCacheHelper.dll a variant of Win64/Sathurbot.A trojan
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Ogics\hpd5400t.DLL a variant of Win32/Packed.Themida potentially unwanted application
C:\Users\Mahtab\AppData\Local\Ogics\lm__serv.dll a variant of Win32/Packed.Themida potentially unwanted application
C:\Users\Mahtab\AppData\Roaming\Mozilla\Firefox\Profiles\uoyj9pye.default-1405177281631\extensions\{FFE33B60-4278-5C0F-7419-03225D9D83BF}\components\ConnectorLOCTEST.js Win32/Boaxxe.BU trojan
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Mahtab\AppData\Local\torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll a variant of Win64/Sathurbot.A trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Torch\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Torch\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js.vir JS/Chromex.Agent.L trojan
C:\Qoobox\Quarantine\C\Users\Mahtab\AppData\Local\Torch\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js.vir JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\All Users\Microsoft\Secure\Icons\IconsCacheHelper.dll a variant of Win64/Sathurbot.A trojan
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\147\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\epapnnjnlpaefihffbekhbhgchnebmbm\2.14\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lhmnkidmaomdnobpfncekjlodccikfkh\2.1\content.js JS/Chromex.Agent.L trojan
C:\Users\Mahtab\AppData\Local\Ogics\hpd5400t.DLL a variant of Win32/Packed.Themida potentially unwanted application
C:\Users\Mahtab\AppData\Local\Ogics\lm__serv.dll a variant of Win32/Packed.Themida potentially unwanted application
C:\Users\Mahtab\AppData\Roaming\Mozilla\Firefox\Profiles\uoyj9pye.default-1405177281631\extensions\{FFE33B60-4278-5C0F-7419-03225D9D83BF}\components\ConnectorLOCTEST.js Win32/Boaxxe.BU trojan
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
Sophos
2014-11-19 10:24:39.977 Sophos Virus Removal Tool version 2.5.3
2014-11-19 10:24:39.977 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.
2014-11-19 10:24:39.979 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
2014-11-19 10:24:39.979 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2014-11-19 10:24:39.982 Checking for updates...
2014-11-19 10:24:43.542 Update progress: proxy server not available
2014-11-19 10:25:13.110 Option all = no
2014-11-19 10:25:13.110 Option recurse = yes
2014-11-19 10:25:13.110 Option archive = no
2014-11-19 10:25:13.110 Option service = yes
2014-11-19 10:25:13.110 Option confirm = yes
2014-11-19 10:25:13.110 Option sxl = yes
2014-11-19 10:25:13.110 Option max-data-age = 35
2014-11-19 10:25:13.110 Option EnableSafeClean = yes
2014-11-19 10:25:14.402 Option vdl-logging = yes
2014-11-19 10:25:14.472 Component SVRTcli.exe version 2.5
2014-11-19 10:25:14.472 Component control.dll version 2.5
2014-11-19 10:25:14.472 Component SVRTservice.exe version 2.5
2014-11-19 10:25:14.482 Component engine\osdp.dll version 1.44.1.2171
2014-11-19 10:25:14.482 Component engine\veex.dll version 3.56.0.2171
2014-11-19 10:25:14.482 Component engine\savi.dll version 8.1.4.2171
2014-11-19 10:25:14.482 Component rkdisk.dll version 1.5.30.0
2014-11-19 10:25:14.482 Version info: Product version 2.5
2014-11-19 10:25:14.492 Version info: Detection engine 3.56.0
2014-11-19 10:25:14.492 Version info: Detection data 5.04
2014-11-19 10:25:14.492 Version info: Build date 29-7-2014
2014-11-19 10:25:14.492 Version info: Data files added 948
2014-11-19 10:25:14.492 Version info: Last successful update (not yet updated)
2014-11-19 10:25:32.575 Downloading updates...
2014-11-19 10:25:32.575 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement SAVIW32 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE505 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE506 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE507 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE508 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE509 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE510 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE511 LATEST
2014-11-19 10:25:32.575 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2014-11-19 10:25:32.575 Update progress: [I19463] Syncing product SAVIW32 46
2014-11-19 10:25:40.473 Update progress: [I19463] Syncing product IDE505 175
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE506 201
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE507 162
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE508 184
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE509 177
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE510 57
2014-11-19 10:25:56.323 Installing updates...
2014-11-19 10:25:57.445 Update progress: [I19463] Syncing product IDE511 1
2014-11-19 10:26:29.845 Update successful
2014-11-19 10:26:54.857 Option all = no
2014-11-19 10:26:54.857 Option recurse = yes
2014-11-19 10:26:54.857 Option archive = no
2014-11-19 10:26:54.857 Option service = yes
2014-11-19 10:26:54.857 Option confirm = yes
2014-11-19 10:26:54.857 Option sxl = yes
2014-11-19 10:26:54.857 Option max-data-age = 35
2014-11-19 10:26:54.867 Option EnableSafeClean = yes
2014-11-19 10:26:55.037 Option vdl-logging = yes
2014-11-19 10:26:55.067 Component SVRTcli.exe version 2.5
2014-11-19 10:26:55.067 Component control.dll version 2.5
2014-11-19 10:26:55.067 Component SVRTservice.exe version 2.5
2014-11-19 10:26:55.067 Component engine\osdp.dll version 1.44.1.2171
2014-11-19 10:26:55.067 Component engine\veex.dll version 3.56.0.2171
2014-11-19 10:26:55.067 Component engine\savi.dll version 8.1.4.2171
2014-11-19 10:26:55.067 Component rkdisk.dll version 1.5.30.0
2014-11-19 10:26:55.067 Version info: Product version 2.5
2014-11-19 10:26:55.077 Version info: Detection engine 3.56.0
2014-11-19 10:26:55.077 Version info: Detection data 5.04G
2014-11-19 10:26:55.077 Version info: Build date 29-7-2014
2014-11-19 10:26:55.077 Version info: Data files added 954
2014-11-19 10:26:55.077 Version info: Last successful update 19-11-2014 11:26:29
2014-11-19 11:15:38.208 Could not open C:\hiberfil.sys
2014-11-19 11:15:58.920 Could not open C:\pagefile.sys
2014-11-19 11:28:12.183 >>> Virus 'Mal/Generic-S' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe
2014-11-19 11:28:12.183 >>> Virus 'Mal/Generic-S' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe
2014-11-19 11:28:12.183 >>> Virus 'Mal/Generic-S' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe
2014-11-19 11:28:25.849 >>> Virus 'Mal/EncPk-DW' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{441004BD-836D-2380-6293-A3A052C55D2A}-srfvydhknurw.dll
2014-11-19 11:28:39.069 >>> Virus 'Mal/EncPk-DW' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{74BEF520-5FD8-50C8-6151-32D5D18095F7}-DL___werr.DLL
2014-11-19 11:28:51.717 >>> Virus 'Troj/Agent-AJZH' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{CA9D48DE-47A0-2ED7-1B5D-1F54ED68020C}-agemeg.exe
2014-11-19 11:29:03.475 >>> Virus 'Troj/Agent-AJZH' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{DDE4C754-C537-60CB-AEC9-CF7EBA09C606}-agemeg.exe
2014-11-19 11:31:03.501 Could not open C:\System Volume Information\{0ab90df0-6b35-11e4-a928-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.501 Could not open C:\System Volume Information\{0d0a06da-6a7e-11e4-bbac-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.501 Could not open C:\System Volume Information\{1811b003-6f4b-11e4-aaf2-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{460089a3-6b30-11e4-ac04-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{86ca9339-6e60-11e4-80bf-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{a5fa098b-6a8f-11e4-a695-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{b0d04a36-6e57-11e4-9d07-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:55.893 >>> Virus 'Mal/EncPk-DW' found in file C:\Users\Mahtab\AppData\Local\Ogics\hpd5400t.DLL
2014-11-19 11:32:06.139 >>> Virus 'Mal/EncPk-DW' found in file C:\Users\Mahtab\AppData\Local\Ogics\lm__serv.dll
2014-11-19 11:36:03.382 Could not check C:\Users\Mahtab\Dropbox\Courses\Project Management Gr.16\Rijksmuseum\Assignment\Assignment Meeting 1 March 2013 (Copie de Meropi en conflit 2013-03-12).ppt (corrupt)
2014-11-19 11:51:10.362 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2014-11-19 11:51:10.372 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2014-11-19 11:59:21.328 Could not open C:\Windows\Temp\TMP00000002E177BDBDA68AF8B5
2014-11-19 12:25:47.446 The following items will be cleaned up:
2014-11-19 12:25:47.446 Mal/Generic-S
2014-11-19 12:25:47.446 Mal/EncPk-DW
2014-11-19 12:25:47.446 Troj/Agent-AJZH
2014-11-19 13:01:08.470 Threat 'Mal/Generic-S' has been cleaned up.
2014-11-19 13:01:08.480 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe" belongs to malware 'Mal/Generic-S'.
2014-11-19 13:01:08.480 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe" has been cleaned up.
2014-11-19 13:01:08.480 Removal successful
2014-11-19 13:02:17.143 Threat 'Mal/EncPk-DW' has been cleaned up.
2014-11-19 13:02:17.143 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{441004BD-836D-2380-6293-A3A052C55D2A}-srfvydhknurw.dll" belongs to malware 'Mal/EncPk-DW'.
2014-11-19 13:02:17.143 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{441004BD-836D-2380-6293-A3A052C55D2A}-srfvydhknurw.dll" has been cleaned up.
2014-11-19 13:02:17.143 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{74BEF520-5FD8-50C8-6151-32D5D18095F7}-DL___werr.DLL" belongs to malware 'Mal/EncPk-DW'.
2014-11-19 13:02:17.143 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{74BEF520-5FD8-50C8-6151-32D5D18095F7}-DL___werr.DLL" has been cleaned up.
2014-11-19 13:02:17.143 File "C:\Users\Mahtab\AppData\Local\Ogics\hpd5400t.DLL" belongs to malware 'Mal/EncPk-DW'.
2014-11-19 13:02:17.143 File "C:\Users\Mahtab\AppData\Local\Ogics\hpd5400t.DLL" has been cleaned up.
2014-11-19 13:02:17.143 File "C:\Users\Mahtab\AppData\Local\Ogics\lm__serv.dll" belongs to malware 'Mal/EncPk-DW'.
2014-11-19 13:02:17.143 File "C:\Users\Mahtab\AppData\Local\Ogics\lm__serv.dll" has been cleaned up.
2014-11-19 13:02:17.143 Removal successful
2014-11-19 13:02:37.291 Threat 'Troj/Agent-AJZH' has been cleaned up.
2014-11-19 13:02:37.291 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{CA9D48DE-47A0-2ED7-1B5D-1F54ED68020C}-agemeg.exe" belongs to 'Troj/Agent-AJZH'.
2014-11-19 13:02:37.291 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{CA9D48DE-47A0-2ED7-1B5D-1F54ED68020C}-agemeg.exe" has been cleaned up.
2014-11-19 13:02:37.291 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{DDE4C754-C537-60CB-AEC9-CF7EBA09C606}-agemeg.exe" belongs to 'Troj/Agent-AJZH'.
2014-11-19 13:02:37.291 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{DDE4C754-C537-60CB-AEC9-CF7EBA09C606}-agemeg.exe" has been cleaned up.
2014-11-19 13:02:37.291 Removal successful
2014-11-19 13:02:37.371 Contents of SafeClean bin directory:
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000001",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe",
2014-11-19 13:02:37.371 ThreatName : "Mal/Generic-S",
2014-11-19 13:02:37.371 Checksum : "2b71ae0710089973f66fb56371b5a6fdac0db4100a2968395f0d9e71e27558c5",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:00:56 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000002",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{441004BD-836D-2380-6293-A3A052C55D2A}-srfvydhknurw.dll",
2014-11-19 13:02:37.371 ThreatName : "Mal/EncPk-DW",
2014-11-19 13:02:37.371 Checksum : "ad30e9be6e8e2b0726237e96a7f2393775a0a3d77e6394202776e5f202a782eb",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:01:08 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000003",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{74BEF520-5FD8-50C8-6151-32D5D18095F7}-DL___werr.DLL",
2014-11-19 13:02:37.371 ThreatName : "Mal/EncPk-DW",
2014-11-19 13:02:37.371 Checksum : "352444dcfa14824487c77e09463ad55fbc421d43ddd5f5ab2c89b54998fed25d",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:01:08 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000004",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\Users\Mahtab\AppData\Local\Ogics\",
2014-11-19 13:02:37.371 FileName : "hpd5400t.DLL",
2014-11-19 13:02:37.371 ThreatName : "Mal/EncPk-DW",
2014-11-19 13:02:37.371 Checksum : "62c440fa5367eb63c20e853774cb0325ea3a65693030e41156eae7b51e8ae8a4",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:01:08 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000005",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\Users\Mahtab\AppData\Local\Ogics\",
2014-11-19 13:02:37.371 FileName : "lm__serv.dll",
2014-11-19 13:02:37.371 ThreatName : "Mal/EncPk-DW",
2014-11-19 13:02:37.371 Checksum : "741e14a14e34f08fe435d6e01f30f5f1753b54a8c9dac01cf5467f5bc8283f92",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:01:08 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000006",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{CA9D48DE-47A0-2ED7-1B5D-1F54ED68020C}-agemeg.exe",
2014-11-19 13:02:37.371 ThreatName : "Troj/Agent-AJZH",
2014-11-19 13:02:37.371 Checksum : "1f58accda3b4300ad5ec47a6106cffaac6cf9fd587c71f17a8080534790a94f0",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:02:17 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000007",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{DDE4C754-C537-60CB-AEC9-CF7EBA09C606}-agemeg.exe",
2014-11-19 13:02:37.371 ThreatName : "Troj/Agent-AJZH",
2014-11-19 13:02:37.371 Checksum : "1f58accda3b4300ad5ec47a6106cffaac6cf9fd587c71f17a8080534790a94f0",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:02:17 2014"
2014-11-19 13:02:37.371 }
2014-11-19 10:24:39.977 Sophos Virus Removal Tool version 2.5.3
2014-11-19 10:24:39.977 Copyright (c) 2009-2014 Sophos Limited. All rights reserved.
2014-11-19 10:24:39.979 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
2014-11-19 10:24:39.979 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2014-11-19 10:24:39.982 Checking for updates...
2014-11-19 10:24:43.542 Update progress: proxy server not available
2014-11-19 10:25:13.110 Option all = no
2014-11-19 10:25:13.110 Option recurse = yes
2014-11-19 10:25:13.110 Option archive = no
2014-11-19 10:25:13.110 Option service = yes
2014-11-19 10:25:13.110 Option confirm = yes
2014-11-19 10:25:13.110 Option sxl = yes
2014-11-19 10:25:13.110 Option max-data-age = 35
2014-11-19 10:25:13.110 Option EnableSafeClean = yes
2014-11-19 10:25:14.402 Option vdl-logging = yes
2014-11-19 10:25:14.472 Component SVRTcli.exe version 2.5
2014-11-19 10:25:14.472 Component control.dll version 2.5
2014-11-19 10:25:14.472 Component SVRTservice.exe version 2.5
2014-11-19 10:25:14.482 Component engine\osdp.dll version 1.44.1.2171
2014-11-19 10:25:14.482 Component engine\veex.dll version 3.56.0.2171
2014-11-19 10:25:14.482 Component engine\savi.dll version 8.1.4.2171
2014-11-19 10:25:14.482 Component rkdisk.dll version 1.5.30.0
2014-11-19 10:25:14.482 Version info: Product version 2.5
2014-11-19 10:25:14.492 Version info: Detection engine 3.56.0
2014-11-19 10:25:14.492 Version info: Detection data 5.04
2014-11-19 10:25:14.492 Version info: Build date 29-7-2014
2014-11-19 10:25:14.492 Version info: Data files added 948
2014-11-19 10:25:14.492 Version info: Last successful update (not yet updated)
2014-11-19 10:25:32.575 Downloading updates...
2014-11-19 10:25:32.575 Update progress: [I96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement SAVIW32 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE505 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE506 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE507 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE508 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE509 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE510 LATEST
2014-11-19 10:25:32.575 Update progress: [I49502] Found supplement IDE511 LATEST
2014-11-19 10:25:32.575 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2014-11-19 10:25:32.575 Update progress: [I19463] Syncing product SAVIW32 46
2014-11-19 10:25:40.473 Update progress: [I19463] Syncing product IDE505 175
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE506 201
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE507 162
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE508 184
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE509 177
2014-11-19 10:25:54.043 Update progress: [I19463] Syncing product IDE510 57
2014-11-19 10:25:56.323 Installing updates...
2014-11-19 10:25:57.445 Update progress: [I19463] Syncing product IDE511 1
2014-11-19 10:26:29.845 Update successful
2014-11-19 10:26:54.857 Option all = no
2014-11-19 10:26:54.857 Option recurse = yes
2014-11-19 10:26:54.857 Option archive = no
2014-11-19 10:26:54.857 Option service = yes
2014-11-19 10:26:54.857 Option confirm = yes
2014-11-19 10:26:54.857 Option sxl = yes
2014-11-19 10:26:54.857 Option max-data-age = 35
2014-11-19 10:26:54.867 Option EnableSafeClean = yes
2014-11-19 10:26:55.037 Option vdl-logging = yes
2014-11-19 10:26:55.067 Component SVRTcli.exe version 2.5
2014-11-19 10:26:55.067 Component control.dll version 2.5
2014-11-19 10:26:55.067 Component SVRTservice.exe version 2.5
2014-11-19 10:26:55.067 Component engine\osdp.dll version 1.44.1.2171
2014-11-19 10:26:55.067 Component engine\veex.dll version 3.56.0.2171
2014-11-19 10:26:55.067 Component engine\savi.dll version 8.1.4.2171
2014-11-19 10:26:55.067 Component rkdisk.dll version 1.5.30.0
2014-11-19 10:26:55.067 Version info: Product version 2.5
2014-11-19 10:26:55.077 Version info: Detection engine 3.56.0
2014-11-19 10:26:55.077 Version info: Detection data 5.04G
2014-11-19 10:26:55.077 Version info: Build date 29-7-2014
2014-11-19 10:26:55.077 Version info: Data files added 954
2014-11-19 10:26:55.077 Version info: Last successful update 19-11-2014 11:26:29
2014-11-19 11:15:38.208 Could not open C:\hiberfil.sys
2014-11-19 11:15:58.920 Could not open C:\pagefile.sys
2014-11-19 11:28:12.183 >>> Virus 'Mal/Generic-S' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe
2014-11-19 11:28:12.183 >>> Virus 'Mal/Generic-S' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe
2014-11-19 11:28:12.183 >>> Virus 'Mal/Generic-S' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe
2014-11-19 11:28:25.849 >>> Virus 'Mal/EncPk-DW' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{441004BD-836D-2380-6293-A3A052C55D2A}-srfvydhknurw.dll
2014-11-19 11:28:39.069 >>> Virus 'Mal/EncPk-DW' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{74BEF520-5FD8-50C8-6151-32D5D18095F7}-DL___werr.DLL
2014-11-19 11:28:51.717 >>> Virus 'Troj/Agent-AJZH' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{CA9D48DE-47A0-2ED7-1B5D-1F54ED68020C}-agemeg.exe
2014-11-19 11:29:03.475 >>> Virus 'Troj/Agent-AJZH' found in file C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{DDE4C754-C537-60CB-AEC9-CF7EBA09C606}-agemeg.exe
2014-11-19 11:31:03.501 Could not open C:\System Volume Information\{0ab90df0-6b35-11e4-a928-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.501 Could not open C:\System Volume Information\{0d0a06da-6a7e-11e4-bbac-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.501 Could not open C:\System Volume Information\{1811b003-6f4b-11e4-aaf2-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{460089a3-6b30-11e4-ac04-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{86ca9339-6e60-11e4-80bf-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{a5fa098b-6a8f-11e4-a695-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:03.511 Could not open C:\System Volume Information\{b0d04a36-6e57-11e4-9d07-c01885cde488}{3808876b-c176-4e48-b7ae-04046e6cc752}
2014-11-19 11:31:55.893 >>> Virus 'Mal/EncPk-DW' found in file C:\Users\Mahtab\AppData\Local\Ogics\hpd5400t.DLL
2014-11-19 11:32:06.139 >>> Virus 'Mal/EncPk-DW' found in file C:\Users\Mahtab\AppData\Local\Ogics\lm__serv.dll
2014-11-19 11:36:03.382 Could not check C:\Users\Mahtab\Dropbox\Courses\Project Management Gr.16\Rijksmuseum\Assignment\Assignment Meeting 1 March 2013 (Copie de Meropi en conflit 2013-03-12).ppt (corrupt)
2014-11-19 11:51:10.362 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2014-11-19 11:51:10.372 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2014-11-19 11:59:21.328 Could not open C:\Windows\Temp\TMP00000002E177BDBDA68AF8B5
2014-11-19 12:25:47.446 The following items will be cleaned up:
2014-11-19 12:25:47.446 Mal/Generic-S
2014-11-19 12:25:47.446 Mal/EncPk-DW
2014-11-19 12:25:47.446 Troj/Agent-AJZH
2014-11-19 13:01:08.470 Threat 'Mal/Generic-S' has been cleaned up.
2014-11-19 13:01:08.480 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe" belongs to malware 'Mal/Generic-S'.
2014-11-19 13:01:08.480 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe" has been cleaned up.
2014-11-19 13:01:08.480 Removal successful
2014-11-19 13:02:17.143 Threat 'Mal/EncPk-DW' has been cleaned up.
2014-11-19 13:02:17.143 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{441004BD-836D-2380-6293-A3A052C55D2A}-srfvydhknurw.dll" belongs to malware 'Mal/EncPk-DW'.
2014-11-19 13:02:17.143 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{441004BD-836D-2380-6293-A3A052C55D2A}-srfvydhknurw.dll" has been cleaned up.
2014-11-19 13:02:17.143 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{74BEF520-5FD8-50C8-6151-32D5D18095F7}-DL___werr.DLL" belongs to malware 'Mal/EncPk-DW'.
2014-11-19 13:02:17.143 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{74BEF520-5FD8-50C8-6151-32D5D18095F7}-DL___werr.DLL" has been cleaned up.
2014-11-19 13:02:17.143 File "C:\Users\Mahtab\AppData\Local\Ogics\hpd5400t.DLL" belongs to malware 'Mal/EncPk-DW'.
2014-11-19 13:02:17.143 File "C:\Users\Mahtab\AppData\Local\Ogics\hpd5400t.DLL" has been cleaned up.
2014-11-19 13:02:17.143 File "C:\Users\Mahtab\AppData\Local\Ogics\lm__serv.dll" belongs to malware 'Mal/EncPk-DW'.
2014-11-19 13:02:17.143 File "C:\Users\Mahtab\AppData\Local\Ogics\lm__serv.dll" has been cleaned up.
2014-11-19 13:02:17.143 Removal successful
2014-11-19 13:02:37.291 Threat 'Troj/Agent-AJZH' has been cleaned up.
2014-11-19 13:02:37.291 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{CA9D48DE-47A0-2ED7-1B5D-1F54ED68020C}-agemeg.exe" belongs to 'Troj/Agent-AJZH'.
2014-11-19 13:02:37.291 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{CA9D48DE-47A0-2ED7-1B5D-1F54ED68020C}-agemeg.exe" has been cleaned up.
2014-11-19 13:02:37.291 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{DDE4C754-C537-60CB-AEC9-CF7EBA09C606}-agemeg.exe" belongs to 'Troj/Agent-AJZH'.
2014-11-19 13:02:37.291 File "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{DDE4C754-C537-60CB-AEC9-CF7EBA09C606}-agemeg.exe" has been cleaned up.
2014-11-19 13:02:37.291 Removal successful
2014-11-19 13:02:37.371 Contents of SafeClean bin directory:
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000001",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{01DFCF7B-FB2F-9282-61EF-F53E7E6F9D9A}-tmpEC4B.exe",
2014-11-19 13:02:37.371 ThreatName : "Mal/Generic-S",
2014-11-19 13:02:37.371 Checksum : "2b71ae0710089973f66fb56371b5a6fdac0db4100a2968395f0d9e71e27558c5",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:00:56 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000002",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{441004BD-836D-2380-6293-A3A052C55D2A}-srfvydhknurw.dll",
2014-11-19 13:02:37.371 ThreatName : "Mal/EncPk-DW",
2014-11-19 13:02:37.371 Checksum : "ad30e9be6e8e2b0726237e96a7f2393775a0a3d77e6394202776e5f202a782eb",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:01:08 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000003",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{74BEF520-5FD8-50C8-6151-32D5D18095F7}-DL___werr.DLL",
2014-11-19 13:02:37.371 ThreatName : "Mal/EncPk-DW",
2014-11-19 13:02:37.371 Checksum : "352444dcfa14824487c77e09463ad55fbc421d43ddd5f5ab2c89b54998fed25d",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:01:08 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000004",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\Users\Mahtab\AppData\Local\Ogics\",
2014-11-19 13:02:37.371 FileName : "hpd5400t.DLL",
2014-11-19 13:02:37.371 ThreatName : "Mal/EncPk-DW",
2014-11-19 13:02:37.371 Checksum : "62c440fa5367eb63c20e853774cb0325ea3a65693030e41156eae7b51e8ae8a4",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:01:08 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000005",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\Users\Mahtab\AppData\Local\Ogics\",
2014-11-19 13:02:37.371 FileName : "lm__serv.dll",
2014-11-19 13:02:37.371 ThreatName : "Mal/EncPk-DW",
2014-11-19 13:02:37.371 Checksum : "741e14a14e34f08fe435d6e01f30f5f1753b54a8c9dac01cf5467f5bc8283f92",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:01:08 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000006",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{CA9D48DE-47A0-2ED7-1B5D-1F54ED68020C}-agemeg.exe",
2014-11-19 13:02:37.371 ThreatName : "Troj/Agent-AJZH",
2014-11-19 13:02:37.371 Checksum : "1f58accda3b4300ad5ec47a6106cffaac6cf9fd587c71f17a8080534790a94f0",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:02:17 2014"
2014-11-19 13:02:37.371 }
2014-11-19 13:02:37.371 {
2014-11-19 13:02:37.371 RecordID : "0000000000000007",
2014-11-19 13:02:37.371 ItemType : "1",
2014-11-19 13:02:37.371 Location : "C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\",
2014-11-19 13:02:37.371 FileName : "{DDE4C754-C537-60CB-AEC9-CF7EBA09C606}-agemeg.exe",
2014-11-19 13:02:37.371 ThreatName : "Troj/Agent-AJZH",
2014-11-19 13:02:37.371 Checksum : "1f58accda3b4300ad5ec47a6106cffaac6cf9fd587c71f17a8080534790a94f0",
2014-11-19 13:02:37.371 TimeStamp : "Wed Nov 19 14:02:17 2014"
2014-11-19 13:02:37.371 }
Broni
Posts: 56,041 +516
Download MIcrosoft FixIt file from here: http://go.microsoft.com/?linkid=9646978
You can use ANY browser to download "FixIt" file.
Double click on downloaded MicrosoftFixit50195.msi file to run the fix.
Make sure you follow ALL steps listed there.
If the above didn't help...
Uninstall Firefox completely using this manual: http://kb.mozillazine.org/Uninstalling_Firefox
NOTE. Use MozBackup: http://mozbackup.jasnapaka.com/ to backup your bookmarks and passwords. Do NOT backup anything else.
Install fresh copy.
Broni
Posts: 56,041 +516
In this forum, we make sure, your computer is free of malware and your computer is clean 
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.
Here.....
Your computer is clean
1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.
Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
Once finished a logfile will be created. You don't have to attach it to your next reply.
2. Make sure Windows Updates are current.
3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).
8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.
Here.....
Your computer is clean
1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
- Activate UAC (optional; some users prefer to keep it off)
- Remove disinfection tools
- Create registry backup
- Purge System Restore
- Reset system settings
Once finished a logfile will be created. You don't have to attach it to your next reply.
2. Make sure Windows Updates are current.
3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).
8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642
Similar threads
Latest posts
-
The Best Handheld Gaming Consoles- amghwk replied
-
Generative AI could soon decimate the call center industry, says CEO- wiyosaya replied
-
Microsoft Xbox Series X/S sales downturn continued last quarter- midian182 replied
-
Nintendo DMCA lawyers shut down everything Mario on Garry's Mod- stewi0001 replied