Jump to content

Removal instructions for hwopt


Recommended Posts

  • Staff

What is hwopt?

The Malwarebytes research team has determined that hwopt is adware. These adware applications display advertisements not originating from the sites you are browsing.

This one is a member of the Mintcast family.

How do I know if my computer is affected by hwopt?

You may see this entry in your list of installed programs:

warning4.png

and these warnings during install:

main.png

warning1.png

How did hwopt get on my computer?

Adware applications use different methods for distributing themselves. This particular one is offered as a windows utility.

How do I remove hwopt?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.

  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Is there anything else I need to do to get rid of hwopt?
  • No, Malwarebytes' Anti-Malware removes hwopt completely.
How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this adware application.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the hwopt adware. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.

protection1.png

Technical details for experts

You may see these signs in FRST logs:

 () C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe () C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe () C:\Windows\hwopt_16022016082249\addon\netman.exe FF user.js: detected! => C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js [2016-02-16] R2 hwopt16022016082249; C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe [16384 2016-01-14] () [File not signed] R2 hwopt16022016082249_updater_service; C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe [12288 2016-01-14] () [File not signed] R4 WinDivert1.1; C:\Windows\hwopt_16022016082249\WinDivert64.sys [38064 2015-09-16] (Basil) C:\Windows\hwopt_16022016082249hwopt 3.0.6 (HKLM\...\{29007E8C-251B-4F61-A70E-635906271727478077}_is1) (Version: 3.0.6 - hwopt) <==== ATTENTIONFirewallRules: [{2A3EC989-EADF-4046-8E83-DAE110CDE78B}] => (Allow) C:\Windows\hwopt_16022016082249\addon\netman.exeFirewallRules: [{4810C7E3-740B-45A5-B4EA-6C4D3AAB5F04}] => (Allow) C:\Windows\hwopt_16022016082249\addon\netman.exe
Alterations made by the installer:

File system details [View: All details] (Selection)---------------------------------------------------    In the existing folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default       Adds the file user.js"="2/16/2016 8:24 AM, 171 bytes, A    Adds the folder C:\Windows\hwopt_16022016082249       Adds the file AppSettings.config"="2/16/2016 8:24 AM, 590 bytes, A       Adds the file hwopt16022016082249.exe"="1/14/2016 3:28 PM, 16384 bytes, A       Adds the file hwopt16022016082249.InstallLog"="2/16/2016 8:24 AM, 732 bytes, A       Adds the file hwopt16022016082249.InstallState"="2/16/2016 8:24 AM, 5012 bytes, A       Adds the file hwopt16022016082249_updater_service.exe"="1/14/2016 3:28 PM, 12288 bytes, A       Adds the file hwopt16022016082249_updater_service.InstallLog"="2/16/2016 8:24 AM, 876 bytes, A       Adds the file hwopt16022016082249_updater_service.InstallState"="2/16/2016 8:24 AM, 5012 bytes, A       Adds the file InstallationStatsUploder_16022016082249.exe"="1/14/2016 3:27 PM, 12288 bytes, A       Adds the file InstallUtil.exe"="9/3/2015 9:26 AM, 24576 bytes, A       Adds the file InstallUtil.InstallLog"="2/16/2016 8:24 AM, 1405 bytes, A       Adds the file msvcp110.dll"="9/16/2015 3:42 PM, 661456 bytes, A       Adds the file msvcr110.dll"="9/16/2015 3:42 PM, 849360 bytes, A       Adds the file NetworkUtil.dll"="1/14/2016 3:27 PM, 147456 bytes, A       Adds the file Newtonsoft.Json.dll"="9/3/2015 9:26 AM, 433664 bytes, A       Adds the file unins000.dat"="2/16/2016 8:24 AM, 29105 bytes, A       Adds the file unins000.exe"="2/16/2016 8:22 AM, 782497 bytes, A       Adds the file Utils.dll"="2/16/2016 8:24 AM, 53248 bytes, A       Adds the file WinDivert.dll"="9/16/2015 2:42 PM, 21504 bytes, A       Adds the file WinDivert64.sys"="9/16/2015 3:42 PM, 38064 bytes, A    Adds the folder C:\Windows\hwopt_16022016082249\addon       Adds the file atl110.dll"="9/16/2015 3:42 PM, 192584 bytes, A       Adds the file defcert.pem"="5/24/2015 3:05 PM, 985 bytes, A       Adds the file defcertkey.pem"="5/24/2015 2:57 PM, 1679 bytes, A       Adds the file dhparam2048.pem"="5/24/2015 6:55 AM, 424 bytes, A       Adds the file mitmCA.pem"="2/9/2016 3:06 PM, 1419 bytes, A       Adds the file mitmCAder.crt"="2/9/2016 3:06 PM, 1007 bytes, A       Adds the file mitmCAprivkey.pem"="2/9/2016 3:06 PM, 1675 bytes, A       Adds the file msvcr110.dll"="9/16/2015 3:42 PM, 849360 bytes, A       Adds the file msvcr120.dll"="9/16/2015 3:42 PM, 963232 bytes, A       Adds the file msvcr120d.dll"="9/16/2015 3:42 PM, 2150568 bytes, A       Adds the file netman.exe"="1/13/2016 6:47 PM, 1808384 bytes, A       Adds the file WinDivert.dll"="9/16/2015 3:42 PM, 21504 bytes, A       Adds the file WinDivert64.sys"="9/16/2015 3:42 PM, 38064 bytes, A    Adds the folder C:\Windows\hwopt_16022016082249\addon\nss_tools       Adds the file certutil.exe"="9/3/2015 9:26 AM, 103936 bytes, A       Adds the file freebl3.dll"="9/3/2015 9:26 AM, 222208 bytes, A       Adds the file libnspr4.dll"="9/3/2015 9:26 AM, 199680 bytes, A       Adds the file libplc4.dll"="9/3/2015 9:26 AM, 14336 bytes, A       Adds the file libplds4.dll"="9/3/2015 9:26 AM, 12288 bytes, A       Adds the file msvcr100.dll"="9/3/2015 9:26 AM, 773968 bytes, A       Adds the file msvcr110.dll"="9/3/2015 9:26 AM, 875472 bytes, A       Adds the file nss3.dll"="9/3/2015 9:26 AM, 798720 bytes, A       Adds the file nssckbi.dll"="9/3/2015 9:26 AM, 370176 bytes, A       Adds the file nssdbm3.dll"="9/3/2015 9:26 AM, 108544 bytes, A       Adds the file nssutil3.dll"="9/3/2015 9:26 AM, 93696 bytes, A       Adds the file smime3.dll"="9/3/2015 9:26 AM, 97792 bytes, A       Adds the file softokn3.dll"="9/3/2015 9:26 AM, 172544 bytes, A       Adds the file sqlite3.dll"="9/3/2015 9:26 AM, 423936 bytes, A       Adds the file ssl3.dll"="9/3/2015 9:26 AM, 190976 bytes, ARegistry details [View: All details] (Selection)------------------------------------------------    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{29007E8C-251B-4F61-A70E-635906271727478077}_is1]       "DisplayName"="REG_SZ", "hwopt 3.0.6"       "DisplayVersion"="REG_SZ", "3.0.6"       "EstimatedSize"="REG_DWORD", 13390       "HelpLink"="REG_SZ", "http://genisys.online"       "Inno Setup: App Path"="REG_SZ", "C:\Windows\hwopt_16022016082249"       "Inno Setup: Icon Group"="REG_SZ", "hwopt"       "Inno Setup: Language"="REG_SZ", "english"       "Inno Setup: Setup Version"="REG_SZ", "5.5.5 (a)"       "Inno Setup: User"="REG_SZ", "{username}"       "InstallDate"="REG_SZ", "20160216"       "InstallLocation"="REG_SZ", "C:\Windows\hwopt_16022016082249\"       "MajorVersion"="REG_DWORD", 3       "MinorVersion"="REG_DWORD", 0       "NoModify"="REG_DWORD", 1       "NoRepair"="REG_DWORD", 1       "Publisher"="REG_SZ", "hwopt"       "QuietUninstallString"="REG_SZ", ""C:\Windows\hwopt_16022016082249\unins000.exe" /SILENT"       "UninstallString"="REG_SZ", ""C:\Windows\hwopt_16022016082249\unins000.exe""       "URLInfoAbout"="REG_SZ", "http://genisys.online"       "URLUpdateInfo"="REG_SZ", "http://genisys.online"    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\data]       "uninstaller_path"="REG_SZ", "C:\Windows\hwopt_16022016082249"    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\hwopt16022016082249]       "Description"="REG_SZ", "hwopt"       "DisplayName"="REG_SZ", "hwopt16022016082249"       "ErrorControl"="REG_DWORD", 1       "ImagePath"="REG_EXPAND_SZ, ""C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe""       "ObjectName"="REG_SZ", "LocalSystem"       "Start"="REG_DWORD", 2       "Type"="REG_DWORD", 16    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\hwopt16022016082249_updater_service]       "Description"="REG_SZ", "This service will update hwopt16022016082249"       "DisplayName"="REG_SZ", "hwopt16022016082249_updater_service"       "ErrorControl"="REG_DWORD", 1       "ImagePath"="REG_EXPAND_SZ, ""C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe""       "ObjectName"="REG_SZ", "LocalSystem"       "Start"="REG_DWORD", 2       "Type"="REG_DWORD", 16    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDivert1.1]       "DeleteFlag"="REG_DWORD", 1       "DisplayName"="REG_SZ", "WinDivert1.1"       "ErrorControl"="REG_DWORD", 1       "ImagePath"="REG_EXPAND_SZ, "\??\C:\Windows\hwopt_16022016082249\WinDivert64.sys"       "Start"="REG_DWORD", 4       "Type"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDivert1.1\Enum]       "0"="REG_SZ", "Root\LEGACY_WINDIVERT1.1\0000"       "Count"="REG_DWORD", 1       "NextInstance"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDivert1.1\Parameters\Wdf]       "TimeOfLastSqmLog"="REG_QWORD, ....       "WdfMajorVersion"="REG_DWORD", 1       "WdfMinorVersion"="REG_DWORD", 9
Malwarebytes Anti-Malware log:

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 2/16/2016Scan Time: 8:35 AMLogfile: mbamHwopt.txtAdministrator: YesVersion: 2.2.0.1024Malware Database: v2016.02.16.01Rootkit Database: v2016.02.08.01License: PremiumMalware Protection: DisabledMalicious Website Protection: EnabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x64File System: NTFSUser: {username}Scan Type: Threat ScanResult: CompletedObjects Scanned: 364399Time Elapsed: 4 min, 42 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 3PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe, 1972, Delete-on-Reboot, [aab7baa73564a0967ff4c9279c66629e]PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe, 2580, Delete-on-Reboot, [82df5b06366310261c577f712dd5b749]PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\netman.exe, 940, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898]Modules: 0(No malicious items detected)Registry Keys: 9PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\TRACING\hwopt16022016082249_RASAPI32, Quarantined, [ec75550cafea1422b2be5997c63cdb25], PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\TRACING\hwopt16022016082249_RASMANCS, Quarantined, [81e0c39e5e3b50e6a8c97779a75b23dd], PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\TRACING\hwopt16022016082249_updater_service_RASAPI32, Quarantined, [124fdb860099d660eb855e92fd05dc24], PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\TRACING\hwopt16022016082249_updater_service_RASMANCS, Quarantined, [471a80e1bddc78bec9a823cddd25c23e], PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{29007E8C-251B-4F61-A70E-635906271727478077}_is1, Quarantined, [cd94ee73a2f7013506783d14ca3ad030], PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\hwopt16022016082249, Quarantined, [421f3b264653aa8c0b67ef0129d91ce4], PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HWOPT16022016082249, Quarantined, [aab7baa73564a0967ff4c9279c66629e], PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HWOPT16022016082249_UPDATER_SERVICE, Quarantined, [82df5b06366310261c577f712dd5b749], PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDIVERT1.1, Quarantined, [bba6e27f39609c9acaadfcf4e919c33d], Registry Values: 5PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hwopt16022016082249|ImagePath, "C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe", Quarantined, [aab7baa73564a0967ff4c9279c66629e]PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hwopt16022016082249_updater_service|ImagePath, "C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe", Quarantined, [82df5b06366310261c577f712dd5b749]PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{2A3EC989-EADF-4046-8E83-DAE110CDE78B}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Windows\hwopt_16022016082249\addon\netman.exe|Name=netman in|, Quarantined, [59080b565940989eda9bea06669cf808]PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{4810C7E3-740B-45A5-B4EA-6C4D3AAB5F04}, v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Windows\hwopt_16022016082249\addon\netman.exe|Name=netman out|, Quarantined, [9bc6ee736c2d62d4e68fa44cbf43df21]PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinDivert1.1|ImagePath, \??\C:\Windows\hwopt_16022016082249\WinDivert64.sys, Quarantined, [bba6e27f39609c9acaadfcf4e919c33d]Registry Data: 0(No malicious items detected)Folders: 3PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], Files: 54PUP.Optional.MintCast, C:\Users\{username}\Desktop\hwopt_3.0.6.exe, Quarantined, [1849174ac0d984b2fc494aa78e73f50b], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe, Delete-on-Reboot, [aab7baa73564a0967ff4c9279c66629e], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe, Delete-on-Reboot, [82df5b06366310261c577f712dd5b749], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\WinDivert64.sys, Quarantined, [bba6e27f39609c9acaadfcf4e919c33d], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\InstallUtil.InstallLog, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\AppSettings.config, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249.InstallLog, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249.InstallState, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.InstallLog, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.InstallState, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\InstallationStatsUploder_16022016082249.exe, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\InstallUtil.exe, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\msvcp110.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\msvcr110.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\NetworkUtil.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\Newtonsoft.Json.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\unins000.dat, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\unins000.exe, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\Utils.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\WinDivert.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\atl110.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\defcert.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\defcertkey.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\dhparam2048.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\mitmCA.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\mitmCAder.crt, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\mitmCAprivkey.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\msvcr110.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\msvcr120.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\msvcr120d.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\netman.exe, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\WinDivert.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\WinDivert64.sys, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\certutil.exe, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\freebl3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\libnspr4.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\libplc4.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\libplds4.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\msvcr100.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\msvcr110.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\nss3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\nssckbi.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\nssdbm3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\nssutil3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\smime3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\softokn3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\sqlite3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\ssl3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUM.Optional.FireFoxSecurityOverride, C:\Users\MBAM\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.downloads.enabled", true), Bad: (user_pref("browser.safebrowsing.downloads.enabled", false), Replaced,[0d540958099086b0d104c64e4eb7659b]PUM.Optional.FireFoxSecurityOverride, C:\Users\MBAM\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.malware.enabled", true), Bad: (user_pref("browser.safebrowsing.malware.enabled", false), Replaced,[c899065b8316ff37884e4fc5b550c33d]PUM.Optional.FireFoxSecurityOverride, C:\Users\MBAM\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.enabled", true), Bad: (user_pref("browser.safebrowsing.enabled", false), Replaced,[bca5da878019f83ec215d73dc63f0000]PUM.Optional.FireFoxSecurityOverride, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.downloads.enabled", true), Bad: (user_pref("browser.safebrowsing.downloads.enabled", false), Replaced,[3130dc85029793a3f9dcf71ddf265aa6]PUM.Optional.FireFoxSecurityOverride, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.malware.enabled", true), Bad: (user_pref("browser.safebrowsing.malware.enabled", false), Replaced,[65fca1c0128751e505d1ad67699c56aa]PUM.Optional.FireFoxSecurityOverride, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.enabled", true), Bad: (user_pref("browser.safebrowsing.enabled", false), Replaced,[d889c39e7128e74f16c1b75d0ef736ca]Physical Sectors: 0(No malicious items detected)(end)
As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.

We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.
Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.