Post by jeelliott22 on Jun 29, 2015 11:40:17 GMT -8
Here is the ESET log.
C:\AdwCleaner\Quarantine\C\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl\193\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl\193\qyEfx.js.vir JS/Kryptik.ATL trojan
C:\AdwCleaner\Quarantine\C\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\157\TJrnfNGHb.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Eric\AppData\LocalLow\AskToolbar\setup.exe.vir Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl\193\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl\193\qyEfx.js.vir JS/Kryptik.ATL trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\102\content.js.vir JS/Adware.MultiPlug.B application
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\102\Dyp9hnL.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\157\TJrnfNGHb.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.440_0\main.js.vir Win32/Toolbar.Perion.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\odkpoaaninmppbikomaeoecilinhijnl\1.3\jjOwZW.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Karen\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir Win32/Systweak.G potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\GenericAskToolbar.dll a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\precache.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\SaUpdate.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\UpdateTask.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\Updater\Updater.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\GoogleUpdate.exe Win32/AlteredSoftware.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe Win32/AlteredSoftware.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe Win32/AlteredSoftware.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\goopdate.dll a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\goopdateres_en.dll a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\psmachine.dll a variant of Win32/AlteredSoftware.G potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\psuser.dll a variant of Win32/AlteredSoftware.G potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.xBAD a variant of Win32/AlteredSoftware.E potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\HD-Plus10\HD-Plus10-nova.exe a variant of Win32/Toolbar.CrossRider.AE potentially unwanted application
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Dell\Iwicvnukxja.dll.xBAD Win32/TrojanDownloader.Tracur.AM trojan
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\odkpoaaninmppbikomaeoecilinhijnl\1.3\jjOwZW.js JS/Kryptik.ATB trojan
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Temp\34732uninstall.exe.xBAD a variant of Win32/InstallCore.YX potentially unwanted application
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Temp\nsb524B.exe.xBAD Win32/Conduit.SearchProtect.R potentially unwanted application
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Temp\nsp7F87.exe.xBAD Win32/Conduit.SearchProtect.R potentially unwanted application
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Temp\v-bates.exe.xBAD a variant of Win32/Toolbar.Perion.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Karen\AppData\Local\Temp\APNSetup.exe.xBAD a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Users\Eric\AppData\LocalLow\qntsngs.dll Win32/TrojanDownloader.Tracur.AM trojan
C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\au12qs62.default\extensions\staged\9b@kKMb.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\au12qs62.default\extensions\staged\flyy5oaa@ulvuqkm.com\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\au12qs62.default\extensions\staged\l3hdgvalw@xlh-uiwbjhz.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\au12qs62.default\extensions\staged\s-61g3q@ehobifbd.org\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\uqp16w81.default\extensions\staged\9b@kKMb.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\uqp16w81.default\extensions\staged\flyy5oaa@ulvuqkm.com\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\uqp16w81.default\extensions\staged\l3hdgvalw@xlh-uiwbjhz.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\uqp16w81.default\extensions\staged\s-61g3q@ehobifbd.org\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\xh6q3c67.default\extensions\staged\9b@kKMb.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\xh6q3c67.default\extensions\staged\flyy5oaa@ulvuqkm.com\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\xh6q3c67.default\extensions\staged\l3hdgvalw@xlh-uiwbjhz.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\xh6q3c67.default\extensions\staged\s-61g3q@ehobifbd.org\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Karen\Downloads\flashupdatersetup.exe a variant of Win32/Adware.iBryte.BY application
C:\Windows\Installer\127790b.msi a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Windows\Installer\MSI9402.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\Installer\MSIC2E7.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\AdwCleaner\Quarantine\C\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl\193\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl\193\qyEfx.js.vir JS/Kryptik.ATL trojan
C:\AdwCleaner\Quarantine\C\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\157\TJrnfNGHb.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Eric\AppData\LocalLow\AskToolbar\setup.exe.vir Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl\193\content.js.vir JS/Chromex.Agent.L trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl\193\qyEfx.js.vir JS/Kryptik.ATL trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\102\content.js.vir JS/Adware.MultiPlug.B application
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\102\Dyp9hnL.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmkmihphgjhmeabggdcokmkjhbnmdml\157\TJrnfNGHb.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip\2.0.0.440_0\main.js.vir Win32/Toolbar.Perion.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\odkpoaaninmppbikomaeoecilinhijnl\1.3\jjOwZW.js.vir JS/Kryptik.ATB trojan
C:\AdwCleaner\Quarantine\C\Users\Karen\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir Win32/Systweak.G potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\GenericAskToolbar.dll a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\precache.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\SaUpdate.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\UpdateTask.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\Ask.com\Updater\Updater.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\GoogleUpdate.exe Win32/AlteredSoftware.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe Win32/AlteredSoftware.A potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe Win32/AlteredSoftware.C potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\goopdate.dll a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\goopdateres_en.dll a variant of Win32/AlteredSoftware.B potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\psmachine.dll a variant of Win32/AlteredSoftware.G potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\globalUpdate\Update\1.3.25.0\psuser.dll a variant of Win32/AlteredSoftware.G potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.xBAD a variant of Win32/AlteredSoftware.E potentially unwanted application
C:\FRST\Quarantine\C\Program Files (x86)\HD-Plus10\HD-Plus10-nova.exe a variant of Win32/Toolbar.CrossRider.AE potentially unwanted application
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Dell\Iwicvnukxja.dll.xBAD Win32/TrojanDownloader.Tracur.AM trojan
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\odkpoaaninmppbikomaeoecilinhijnl\1.3\jjOwZW.js JS/Kryptik.ATB trojan
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Temp\34732uninstall.exe.xBAD a variant of Win32/InstallCore.YX potentially unwanted application
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Temp\nsb524B.exe.xBAD Win32/Conduit.SearchProtect.R potentially unwanted application
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Temp\nsp7F87.exe.xBAD Win32/Conduit.SearchProtect.R potentially unwanted application
C:\FRST\Quarantine\C\Users\Eric\AppData\Local\Temp\v-bates.exe.xBAD a variant of Win32/Toolbar.Perion.J potentially unwanted application
C:\FRST\Quarantine\C\Users\Karen\AppData\Local\Temp\APNSetup.exe.xBAD a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Users\Eric\AppData\LocalLow\qntsngs.dll Win32/TrojanDownloader.Tracur.AM trojan
C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\au12qs62.default\extensions\staged\9b@kKMb.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\au12qs62.default\extensions\staged\flyy5oaa@ulvuqkm.com\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\au12qs62.default\extensions\staged\l3hdgvalw@xlh-uiwbjhz.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\au12qs62.default\extensions\staged\s-61g3q@ehobifbd.org\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\uqp16w81.default\extensions\staged\9b@kKMb.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\uqp16w81.default\extensions\staged\flyy5oaa@ulvuqkm.com\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\uqp16w81.default\extensions\staged\l3hdgvalw@xlh-uiwbjhz.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\uqp16w81.default\extensions\staged\s-61g3q@ehobifbd.org\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\xh6q3c67.default\extensions\staged\9b@kKMb.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\xh6q3c67.default\extensions\staged\flyy5oaa@ulvuqkm.com\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\xh6q3c67.default\extensions\staged\l3hdgvalw@xlh-uiwbjhz.org\content\bg.js JS/Kryptik.ATL trojan
C:\Users\Karen\AppData\Roaming\Mozilla\Firefox\Profiles\xh6q3c67.default\extensions\staged\s-61g3q@ehobifbd.org\content\bg.js JS/Kryptik.ATB trojan
C:\Users\Karen\Downloads\flashupdatersetup.exe a variant of Win32/Adware.iBryte.BY application
C:\Windows\Installer\127790b.msi a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
C:\Windows\Installer\MSI9402.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application
C:\Windows\Installer\MSIC2E7.tmp a variant of Win32/Bundled.Toolbar.Ask.M potentially unsafe application