Jump to content

Recommended Posts

What is vSnapShot?

The Malwarebytes research team has determined that vSnapShot is adware. These adware applications display advertisements not originating from the sites you are browsing.

How do I know if my computer is affected by vSnapShot?

You may see this warning during install:

warning1.png

these screens when the application is active:

main.png

warning5.png

and this entry in your list of installed Programs and Features:

warning4.png

How did vSnapShot get on my computer?

Adware applications use different methods for distributing themselves. This particular one was downloaded from their site.

How do I remove vSnapShot?

Our program Malwarebytes can detect and remove this potentially unwanted program.

  • Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.

Is there anything else I need to do to get rid of vSnapShot?

  • No, Malwarebytes removes vSnapShot completely.

How would the full version of Malwarebytes help protect me?

We hope our application and this guide have helped you eradicate this adware.

As you can see below the full version of Malwarebytes would have protected you against the vSnapShot adware. It would have stopped the install before it became too late:

 

protection1.png


and we block their domain.
 

protection2.png


Technical details for experts

Possible signs in FRST logs:
 

 () C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe
 () C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshot.exe
 R2 ThevSnapshotService; C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe [152264 2016-12-24] ()
 C:\Users\{username}\AppData\Roaming\vSnapshot
 C:\Program Files (x86)\vSnapshot
 C:\Users\{username}\Downloads\vSnapshotTool_Setup.exe

vSnapshot 1.0.0.0 (HKLM\...\{F772C08D-9F61-45c6-982F-ADDEEE0D92C6}) (Version: 1.0.0.0 - ShenZhen Zhihuimen Techology co,.Ltd)
() C:\Program Files (x86)\vSnapshot\1.0.0.0\Updata.dll

Significant changes made by the installer:

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files (x86)\vSnapshot\1.0.0.0
       Adds the file CrashReport.exe"="12/24/2016 4:27 AM, 727240 bytes, A
       Adds the file CrashReportModuleConf.ini"="8/29/2016 12:20 PM, 764 bytes, A
       Adds the file CrashUL.exe"="12/24/2016 4:27 AM, 313544 bytes, A
       Adds the file InstallHelper.exe"="12/24/2016 4:29 AM, 767688 bytes, A
       Adds the file Report.exe"="12/24/2016 4:29 AM, 328392 bytes, A
       Adds the file Roboto-Regular.ttf"="8/29/2016 12:20 PM, 126072 bytes, A
       Adds the file Updata.dll"="12/24/2016 4:30 AM, 574152 bytes, A
       Adds the file updata.ini"="12/23/2016 4:41 AM, 219 bytes, A
       Adds the file vSnapshot.exe"="12/24/2016 4:30 AM, 1730248 bytes, A
       Adds the file vSnapshotServ.exe"="12/24/2016 4:30 AM, 152264 bytes, A
    Adds the folder C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\EN
       Adds the file MainFrame.xml"="11/4/2016 11:10 AM, 8280 bytes, A
       Adds the file PopupFontSize.xml"="8/29/2016 12:20 PM, 2134 bytes, A
       Adds the file PopupLineType.xml"="8/29/2016 12:20 PM, 1779 bytes, A
       Adds the file PopupTrayMenu.xml"="8/29/2016 12:20 PM, 2317 bytes, A
       Adds the file ToolBar.xml"="8/29/2016 12:20 PM, 10989 bytes, A
    Adds the folder C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture
       Adds the file bg_core.png"="8/29/2016 12:20 PM, 3022 bytes, A
       Adds the file bg_core_big.png"="8/29/2016 12:20 PM, 3416 bytes, A
       Adds the file bg_function_clicked.png"="8/29/2016 12:20 PM, 542 bytes, A
       Adds the file bg_function_hover.png"="8/29/2016 12:20 PM, 541 bytes, A
       Adds the file btn_close_hover.png"="8/29/2016 12:20 PM, 278 bytes, A
       Adds the file btn_close_normal.png"="8/29/2016 12:20 PM, 230 bytes, A
       Adds the file btn_close_pressed.png"="8/29/2016 12:20 PM, 241 bytes, A
       Adds the file btn_min_hover.png"="8/29/2016 12:20 PM, 148 bytes, A
       Adds the file btn_min_normal.png"="8/29/2016 12:20 PM, 105 bytes, A
       Adds the file btn_min_pressed.png"="8/29/2016 12:20 PM, 146 bytes, A
       Adds the file btn_shortcut_clicked.png"="8/29/2016 12:20 PM, 224 bytes, A
       Adds the file btn_shortcut_hover.png"="8/29/2016 12:20 PM, 215 bytes, A
       Adds the file btn_shortcut_normal.png"="8/29/2016 12:20 PM, 232 bytes, A
       Adds the file icn_conflict.png"="8/29/2016 12:20 PM, 528 bytes, A
       Adds the file icn_custom_hover.png"="8/29/2016 12:20 PM, 1368 bytes, A
       Adds the file icn_custom_normal.png"="8/29/2016 12:20 PM, 1326 bytes, A
       Adds the file icn_printscreen_hover.png"="8/29/2016 12:20 PM, 747 bytes, A
       Adds the file icn_printscreen_normal.png"="8/29/2016 12:20 PM, 757 bytes, A
       Adds the file icn_region_hover.png"="8/29/2016 12:20 PM, 784 bytes, A
       Adds the file icn_region_normal.png"="8/29/2016 12:20 PM, 729 bytes, A
       Adds the file logo.png"="8/29/2016 12:20 PM, 641 bytes, A
    Adds the folder C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar
       Adds the file bg_linetype_hover.png"="8/29/2016 12:20 PM, 158 bytes, A
       Adds the file bg_list.png"="8/29/2016 12:20 PM, 1873 bytes, A
       Adds the file bg_list_font_size.png"="8/29/2016 12:20 PM, 2048 bytes, A
       Adds the file bg_option.png"="8/29/2016 12:20 PM, 312 bytes, A
       Adds the file bg_option_triangle.png"="8/29/2016 12:20 PM, 88 bytes, A
       Adds the file btn_bold.png"="8/29/2016 12:20 PM, 782 bytes, A
       Adds the file btn_brush_l.png"="8/29/2016 12:20 PM, 1758 bytes, A
       Adds the file btn_brush_m.png"="8/29/2016 12:20 PM, 1376 bytes, A
       Adds the file btn_brush_s.png"="8/29/2016 12:20 PM, 997 bytes, A
       Adds the file btn_italic.png"="8/29/2016 12:20 PM, 822 bytes, A
       Adds the file btn_list.png"="8/29/2016 12:20 PM, 483 bytes, A
       Adds the file color_swatches.png"="8/29/2016 12:20 PM, 1027 bytes, A
       Adds the file color_swatches_l.png"="8/29/2016 12:20 PM, 1016 bytes, A
       Adds the file icn_check_grey.png"="8/29/2016 12:20 PM, 123 bytes, A
       Adds the file icn_check_white.png"="8/29/2016 12:20 PM, 119 bytes, A
       Adds the file icn_list_drop.png"="8/29/2016 12:20 PM, 113 bytes, A
       Adds the file line_1.png"="8/29/2016 12:20 PM, 164 bytes, A
       Adds the file line_2.png"="8/29/2016 12:20 PM, 185 bytes, A
       Adds the file line_3.png"="8/29/2016 12:20 PM, 172 bytes, A
       Adds the file line_4.png"="8/29/2016 12:20 PM, 195 bytes, A
    Adds the folder C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting
       Adds the file bg_blur.png"="8/29/2016 12:20 PM, 25126 bytes, A
       Adds the file bg_input_error.png"="8/29/2016 12:20 PM, 276 bytes, A
       Adds the file bg_input_focused.png"="8/29/2016 12:20 PM, 270 bytes, A
       Adds the file bg_input_normal.png"="8/29/2016 12:20 PM, 258 bytes, A
       Adds the file bg_popup.png"="8/29/2016 12:20 PM, 2253 bytes, A
       Adds the file bg_setting.png"="8/29/2016 12:20 PM, 890 bytes, A
       Adds the file btn_cancel_clicked.png"="8/29/2016 12:20 PM, 233 bytes, A
       Adds the file btn_cancel_hover.png"="8/29/2016 12:20 PM, 236 bytes, A
       Adds the file btn_cancel_normal.png"="8/29/2016 12:20 PM, 236 bytes, A
       Adds the file btn_save_clicked.png"="8/29/2016 12:20 PM, 230 bytes, A
       Adds the file btn_save_hover.png"="8/29/2016 12:20 PM, 207 bytes, A
       Adds the file btn_save_normal.png"="8/29/2016 12:20 PM, 248 bytes, A
       Adds the file dimmed_bg.png"="8/29/2016 12:20 PM, 852 bytes, A
       Adds the file icn_error.png"="8/29/2016 12:20 PM, 299 bytes, A
    Adds the folder C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar
       Adds the file bg_toolbar_narrow.png"="8/29/2016 12:20 PM, 283 bytes, A
       Adds the file btn_action_cancel.png"="8/29/2016 12:20 PM, 282 bytes, A
       Adds the file btn_action_complete.png"="8/29/2016 12:20 PM, 260 bytes, A
       Adds the file btn_action_save.png"="8/29/2016 12:20 PM, 249 bytes, A
       Adds the file btn_action_undo.png"="8/29/2016 12:20 PM, 799 bytes, A
       Adds the file btn_tool_arrow.png"="8/29/2016 12:20 PM, 360 bytes, A
       Adds the file btn_tool_brush.png"="8/29/2016 12:20 PM, 572 bytes, A
       Adds the file btn_tool_eclipse.png"="8/29/2016 12:20 PM, 887 bytes, A
       Adds the file btn_tool_mosaic.png"="8/29/2016 12:20 PM, 312 bytes, A
       Adds the file btn_tool_rectangle.png"="8/29/2016 12:20 PM, 307 bytes, A
       Adds the file btn_tool_text.png"="8/29/2016 12:20 PM, 268 bytes, A
    Adds the folder C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\TrayMenu
       Adds the file bg_menu_clicked.png"="8/29/2016 12:20 PM, 166 bytes, A
       Adds the file bg_menu_hover.png"="8/29/2016 12:20 PM, 166 bytes, A
       Adds the file bg_tray_menu.png"="8/29/2016 12:20 PM, 2098 bytes, A
       Adds the file exit.png"="8/29/2016 12:20 PM, 309 bytes, A
       Adds the file icn_open.png"="8/29/2016 12:20 PM, 205 bytes, A
       Adds the file icn_shortcut.png"="8/29/2016 12:20 PM, 340 bytes, A
    Adds the folder C:\Program Files (x86)\vSnapshot\1.0.0.0\UPDData
    Adds the folder C:\Users\{username}\AppData\Roaming\vSnapshot\dump
       Adds the file BugReportConfig.ini"="2/28/2018 8:42 AM, 184 bytes, A
    Adds the folder C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\vSnapshot\dump
       Adds the file BugReportConfig.ini"="2/28/2018 8:40 AM, 184 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F772C08D-9F61-45c6-982F-ADDEEE0D92C6}]
       "DisplayFullVersion"="REG_SZ", "1.0.0.0"
       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshot.exe"
       "DisplayName"="REG_SZ", "vSnapshot 1.0.0.0"
       "DisplayVersion"="REG_SZ", "1.0.0.0"
       "Publisher"="REG_SZ", "ShenZhen Zhihuimen Techology co,.Ltd"
       "UninstallString"="REG_SZ", "C:\Program Files (x86)\vSnapshot\1.0.0.0\InstallHelper.exe -Uninstall English"
    [HKEY_LOCAL_MACHINE\SOFTWARE\vSnapshot]
       "FrID"="REG_SZ", "MVgA5hV0HA=="
       "INSTALL_FIRST_TIME"="REG_SZ", "2018-02-28_08:40:38"
       "PartnerID"="REG_SZ", "base"
       "UserID"="REG_SZ", "42300b20078cd07b10ccf1c30ef6c094"
       "Version"="REG_SZ", "1.0.0.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\vSnapshot\1.0.0.0]
       "INSTALL_PATH"="REG_SZ", "C:\Program Files (x86)\vSnapshot\1.0.0.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\vSnapshot\INSTALL_MARK]
       "version"="REG_SZ", "1.0.0.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\vSnapshot\QUIT]
       "QuitSession"="REG_SZ", "{0991DA0A-E589-4EA8-9B44-2FFA41F2922A}-1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\vSnapshotEncodeTools]
       "{F772C08E-9F61-45c6-982F-ADDEEE0D0407}"="REG_SZ", "{F772C08E-9F61-45c6-982F-ADDEEE0D0407}"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ThevSnapshotService]
       "DisplayName"="REG_SZ", "The vSnapshot Service"
       "ErrorControl"="REG_DWORD", 1
       "ImagePath"="REG_EXPAND_SZ, "C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshotServ.exe"
       "ObjectName"="REG_SZ", "LocalSystem"
       "Start"="REG_DWORD", 2
       "Type"="REG_DWORD", 16
       "WOW64"="REG_DWORD", 1

Malwarebytes log:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/28/18
Scan Time: 9:07 AM
Log File: 77c49471-1c5e-11e8-9123-080027235d76.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.4138
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {computername}\{username}

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 242453
Threats Detected: 113
Threats Quarantined: 113
Time Elapsed: 2 min, 42 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 2
PUP.Optional.vSnapShot, C:\PROGRAM FILES (X86)\VSNAPSHOT\1.0.0.0\VSNAPSHOTSERV.EXE, Quarantined, [8709], [495669],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshot.exe, Quarantined, [8709], [495664],1.0.4138

Module: 3
PUP.Optional.vSnapShot, C:\PROGRAM FILES (X86)\VSNAPSHOT\1.0.0.0\VSNAPSHOTSERV.EXE, Quarantined, [8709], [495669],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\Updata.dll, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshot.exe, Quarantined, [8709], [495664],1.0.4138

Registry Key: 2
PUP.Optional.ScreenShotPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F772C08D-9F61-45c6-982F-ADDEEE0D92C6}, Quarantined, [1805], [342233],1.0.4138
PUP.Optional.vSnapShot, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ThevSnapshotService, Quarantined, [8709], [495669],1.0.4138

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 14
PUP.Optional.vSnapShot, C:\Users\{username}\AppData\Roaming\vSnapshot\dump, Quarantined, [8709], [495671],1.0.4138
PUP.Optional.vSnapShot, C:\USERS\{username}\APPDATA\ROAMING\VSNAPSHOT, Quarantined, [8709], [495671],1.0.4138
PUP.Optional.vSnapShot, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\vSnapshot\dump, Quarantined, [8709], [495671],1.0.4138
PUP.Optional.vSnapShot, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\VSNAPSHOT, Quarantined, [8709], [495671],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\TrayMenu, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\EN, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\UPDData, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\PROGRAM FILES (X86)\VSNAPSHOT, Quarantined, [8709], [495664],1.0.4138

File: 92
PUP.Optional.vSnapShot, C:\USERS\{username}\APPDATA\ROAMING\VSNAPSHOT\DUMP\BUGREPORTCONFIG.INI, Quarantined, [8709], [495671],1.0.4138
PUP.Optional.vSnapShot, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\VSNAPSHOT\DUMP\BUGREPORTCONFIG.INI, Quarantined, [8709], [495671],1.0.4138
PUP.Optional.vSnapShot, C:\PROGRAM FILES (X86)\VSNAPSHOT\1.0.0.0\VSNAPSHOTSERV.EXE, Quarantined, [8709], [495669],1.0.4138
PUP.Optional.vSnapShot, C:\PROGRAM FILES (X86)\VSNAPSHOT\1.0.0.0\UPDATA.INI, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\EN\MainFrame.xml, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\EN\PopupFontSize.xml, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\EN\PopupLineType.xml, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\EN\PopupTrayMenu.xml, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\EN\ToolBar.xml, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\bg_linetype_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\bg_list.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\bg_list_font_size.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\bg_option.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\bg_option_triangle.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\btn_bold.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\btn_brush_l.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\btn_brush_m.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\btn_brush_s.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\btn_italic.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\btn_list.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\color_swatches.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\color_swatches_l.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\icn_check_grey.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\icn_check_white.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\icn_list_drop.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\line_1.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\line_2.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\line_3.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\optionbar\line_4.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\bg_blur.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\bg_input_error.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\bg_input_focused.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\bg_input_normal.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\bg_popup.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\bg_setting.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\btn_cancel_clicked.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\btn_cancel_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\btn_cancel_normal.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\btn_save_clicked.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\btn_save_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\btn_save_normal.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\dimmed_bg.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\setting\icn_error.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\bg_toolbar_narrow.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_action_cancel.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_action_complete.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_action_save.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_action_undo.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_tool_arrow.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_tool_brush.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_tool_eclipse.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_tool_mosaic.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_tool_rectangle.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\toolbar\btn_tool_text.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\TrayMenu\bg_menu_clicked.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\TrayMenu\bg_menu_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\TrayMenu\bg_tray_menu.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\TrayMenu\exit.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\TrayMenu\icn_open.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\TrayMenu\icn_shortcut.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\bg_core.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\bg_core_big.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\bg_function_clicked.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\bg_function_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\btn_close_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\btn_close_normal.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\btn_close_pressed.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\btn_min_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\btn_min_normal.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\btn_min_pressed.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\btn_shortcut_clicked.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\btn_shortcut_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\btn_shortcut_normal.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\icn_conflict.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\icn_custom_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\icn_custom_normal.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\icn_printscreen_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\icn_printscreen_normal.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\icn_region_hover.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\icn_region_normal.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\DuiLibResource\picture\logo.png, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\CrashReport.exe, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\CrashReportModuleConf.ini, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\CrashUL.exe, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\InstallHelper.exe, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\Report.exe, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\Roboto-Regular.ttf, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\Updata.dll, Quarantined, [8709], [495664],1.0.4138
PUP.Optional.vSnapShot, C:\Program Files (x86)\vSnapshot\1.0.0.0\vSnapshot.exe, Quarantined, [8709], [495664],1.0.4138
Adware.TopTools, C:\USERS\{username}\APPDATA\LOCAL\TEMP\1519803759.EXE, Quarantined, [1730], [495713],1.0.4138
PUP.Optional.vScreenShot, C:\USERS\{username}\APPDATA\LOCAL\TEMP\INSTALLHELPER.EXE, Quarantined, [9096], [495712],1.0.4138
PUP.Optional.vScreenShot, C:\USERS\{username}\DOWNLOADS\VSNAPSHOTTOOL_SETUP.EXE, Quarantined, [9096], [495712],1.0.4138

Physical Sector: 0
(No malicious items detected)


(end)

As mentioned before the full version of Malwarebytes could have protected your computer against this threat.
We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention

Save yourself the hassle and get protected.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.