What is hwopt?
The Malwarebytes research team has determined that hwopt is adware. These adware applications display advertisements not originating from the sites you are browsing.
This one is a member of the Mintcast family.
How do I know if my computer is affected by hwopt?
You may see this entry in your list of installed programs:
and these warnings during install:
How did hwopt get on my computer?
Adware applications use different methods for distributing themselves. This particular one is offered as a windows utility.
How do I remove hwopt?
Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.
- Please download Malwarebytes Anti-Malware to your desktop.
- Double-click mbam-setup-version.exe and follow the prompts to install the program.
- At the end, be sure a check-mark is placed next to the following:
- Enable free trial of Malwarebytes Anti-Malware Premium
- Launch Malwarebytes Anti-Malware
- Then click Finish.
- If an update is found, you will be prompted to download and install the latest version.
- Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
- When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
- Reboot your computer if prompted.
- No, Malwarebytes' Anti-Malware removes hwopt completely.
We hope our application and this guide have helped you eradicate this adware application.
As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the hwopt adware. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.
Technical details for experts
You may see these signs in FRST logs:
() C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe () C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe () C:\Windows\hwopt_16022016082249\addon\netman.exe FF user.js: detected! => C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js [2016-02-16] R2 hwopt16022016082249; C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe [16384 2016-01-14] () [File not signed] R2 hwopt16022016082249_updater_service; C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe [12288 2016-01-14] () [File not signed] R4 WinDivert1.1; C:\Windows\hwopt_16022016082249\WinDivert64.sys [38064 2015-09-16] (Basil) C:\Windows\hwopt_16022016082249 hwopt 3.0.6 (HKLM\...\{29007E8C-251B-4F61-A70E-635906271727478077}_is1) (Version: 3.0.6 - hwopt) <==== ATTENTION FirewallRules: [{2A3EC989-EADF-4046-8E83-DAE110CDE78B}] => (Allow) C:\Windows\hwopt_16022016082249\addon\netman.exe FirewallRules: [{4810C7E3-740B-45A5-B4EA-6C4D3AAB5F04}] => (Allow) C:\Windows\hwopt_16022016082249\addon\netman.exeAlterations made by the installer:
File system details [View: All details] (Selection) --------------------------------------------------- In the existing folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default Adds the file user.js"="2/16/2016 8:24 AM, 171 bytes, A Adds the folder C:\Windows\hwopt_16022016082249 Adds the file AppSettings.config"="2/16/2016 8:24 AM, 590 bytes, A Adds the file hwopt16022016082249.exe"="1/14/2016 3:28 PM, 16384 bytes, A Adds the file hwopt16022016082249.InstallLog"="2/16/2016 8:24 AM, 732 bytes, A Adds the file hwopt16022016082249.InstallState"="2/16/2016 8:24 AM, 5012 bytes, A Adds the file hwopt16022016082249_updater_service.exe"="1/14/2016 3:28 PM, 12288 bytes, A Adds the file hwopt16022016082249_updater_service.InstallLog"="2/16/2016 8:24 AM, 876 bytes, A Adds the file hwopt16022016082249_updater_service.InstallState"="2/16/2016 8:24 AM, 5012 bytes, A Adds the file InstallationStatsUploder_16022016082249.exe"="1/14/2016 3:27 PM, 12288 bytes, A Adds the file InstallUtil.exe"="9/3/2015 9:26 AM, 24576 bytes, A Adds the file InstallUtil.InstallLog"="2/16/2016 8:24 AM, 1405 bytes, A Adds the file msvcp110.dll"="9/16/2015 3:42 PM, 661456 bytes, A Adds the file msvcr110.dll"="9/16/2015 3:42 PM, 849360 bytes, A Adds the file NetworkUtil.dll"="1/14/2016 3:27 PM, 147456 bytes, A Adds the file Newtonsoft.Json.dll"="9/3/2015 9:26 AM, 433664 bytes, A Adds the file unins000.dat"="2/16/2016 8:24 AM, 29105 bytes, A Adds the file unins000.exe"="2/16/2016 8:22 AM, 782497 bytes, A Adds the file Utils.dll"="2/16/2016 8:24 AM, 53248 bytes, A Adds the file WinDivert.dll"="9/16/2015 2:42 PM, 21504 bytes, A Adds the file WinDivert64.sys"="9/16/2015 3:42 PM, 38064 bytes, A Adds the folder C:\Windows\hwopt_16022016082249\addon Adds the file atl110.dll"="9/16/2015 3:42 PM, 192584 bytes, A Adds the file defcert.pem"="5/24/2015 3:05 PM, 985 bytes, A Adds the file defcertkey.pem"="5/24/2015 2:57 PM, 1679 bytes, A Adds the file dhparam2048.pem"="5/24/2015 6:55 AM, 424 bytes, A Adds the file mitmCA.pem"="2/9/2016 3:06 PM, 1419 bytes, A Adds the file mitmCAder.crt"="2/9/2016 3:06 PM, 1007 bytes, A Adds the file mitmCAprivkey.pem"="2/9/2016 3:06 PM, 1675 bytes, A Adds the file msvcr110.dll"="9/16/2015 3:42 PM, 849360 bytes, A Adds the file msvcr120.dll"="9/16/2015 3:42 PM, 963232 bytes, A Adds the file msvcr120d.dll"="9/16/2015 3:42 PM, 2150568 bytes, A Adds the file netman.exe"="1/13/2016 6:47 PM, 1808384 bytes, A Adds the file WinDivert.dll"="9/16/2015 3:42 PM, 21504 bytes, A Adds the file WinDivert64.sys"="9/16/2015 3:42 PM, 38064 bytes, A Adds the folder C:\Windows\hwopt_16022016082249\addon\nss_tools Adds the file certutil.exe"="9/3/2015 9:26 AM, 103936 bytes, A Adds the file freebl3.dll"="9/3/2015 9:26 AM, 222208 bytes, A Adds the file libnspr4.dll"="9/3/2015 9:26 AM, 199680 bytes, A Adds the file libplc4.dll"="9/3/2015 9:26 AM, 14336 bytes, A Adds the file libplds4.dll"="9/3/2015 9:26 AM, 12288 bytes, A Adds the file msvcr100.dll"="9/3/2015 9:26 AM, 773968 bytes, A Adds the file msvcr110.dll"="9/3/2015 9:26 AM, 875472 bytes, A Adds the file nss3.dll"="9/3/2015 9:26 AM, 798720 bytes, A Adds the file nssckbi.dll"="9/3/2015 9:26 AM, 370176 bytes, A Adds the file nssdbm3.dll"="9/3/2015 9:26 AM, 108544 bytes, A Adds the file nssutil3.dll"="9/3/2015 9:26 AM, 93696 bytes, A Adds the file smime3.dll"="9/3/2015 9:26 AM, 97792 bytes, A Adds the file softokn3.dll"="9/3/2015 9:26 AM, 172544 bytes, A Adds the file sqlite3.dll"="9/3/2015 9:26 AM, 423936 bytes, A Adds the file ssl3.dll"="9/3/2015 9:26 AM, 190976 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{29007E8C-251B-4F61-A70E-635906271727478077}_is1] "DisplayName"="REG_SZ", "hwopt 3.0.6" "DisplayVersion"="REG_SZ", "3.0.6" "EstimatedSize"="REG_DWORD", 13390 "HelpLink"="REG_SZ", "http://genisys.online" "Inno Setup: App Path"="REG_SZ", "C:\Windows\hwopt_16022016082249" "Inno Setup: Icon Group"="REG_SZ", "hwopt" "Inno Setup: Language"="REG_SZ", "english" "Inno Setup: Setup Version"="REG_SZ", "5.5.5 (a)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20160216" "InstallLocation"="REG_SZ", "C:\Windows\hwopt_16022016082249\" "MajorVersion"="REG_DWORD", 3 "MinorVersion"="REG_DWORD", 0 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "hwopt" "QuietUninstallString"="REG_SZ", ""C:\Windows\hwopt_16022016082249\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Windows\hwopt_16022016082249\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://genisys.online" "URLUpdateInfo"="REG_SZ", "http://genisys.online" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\data] "uninstaller_path"="REG_SZ", "C:\Windows\hwopt_16022016082249" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\hwopt16022016082249] "Description"="REG_SZ", "hwopt" "DisplayName"="REG_SZ", "hwopt16022016082249" "ErrorControl"="REG_DWORD", 1 "ImagePath"="REG_EXPAND_SZ, ""C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe"" "ObjectName"="REG_SZ", "LocalSystem" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 16 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\hwopt16022016082249_updater_service] "Description"="REG_SZ", "This service will update hwopt16022016082249" "DisplayName"="REG_SZ", "hwopt16022016082249_updater_service" "ErrorControl"="REG_DWORD", 1 "ImagePath"="REG_EXPAND_SZ, ""C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe"" "ObjectName"="REG_SZ", "LocalSystem" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 16 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDivert1.1] "DeleteFlag"="REG_DWORD", 1 "DisplayName"="REG_SZ", "WinDivert1.1" "ErrorControl"="REG_DWORD", 1 "ImagePath"="REG_EXPAND_SZ, "\??\C:\Windows\hwopt_16022016082249\WinDivert64.sys" "Start"="REG_DWORD", 4 "Type"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDivert1.1\Enum] "0"="REG_SZ", "Root\LEGACY_WINDIVERT1.1\0000" "Count"="REG_DWORD", 1 "NextInstance"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinDivert1.1\Parameters\Wdf] "TimeOfLastSqmLog"="REG_QWORD, .... "WdfMajorVersion"="REG_DWORD", 1 "WdfMinorVersion"="REG_DWORD", 9Malwarebytes Anti-Malware log:
Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 2/16/2016 Scan Time: 8:35 AM Logfile: mbamHwopt.txt Administrator: Yes Version: 2.2.0.1024 Malware Database: v2016.02.16.01 Rootkit Database: v2016.02.08.01 License: Premium Malware Protection: Disabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username} Scan Type: Threat Scan Result: Completed Objects Scanned: 364399 Time Elapsed: 4 min, 42 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 3 PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe, 1972, Delete-on-Reboot, [aab7baa73564a0967ff4c9279c66629e] PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe, 2580, Delete-on-Reboot, [82df5b06366310261c577f712dd5b749] PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\netman.exe, 940, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898] Modules: 0 (No malicious items detected) Registry Keys: 9 PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\TRACING\hwopt16022016082249_RASAPI32, Quarantined, [ec75550cafea1422b2be5997c63cdb25], PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\TRACING\hwopt16022016082249_RASMANCS, Quarantined, [81e0c39e5e3b50e6a8c97779a75b23dd], PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\TRACING\hwopt16022016082249_updater_service_RASAPI32, Quarantined, [124fdb860099d660eb855e92fd05dc24], PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\TRACING\hwopt16022016082249_updater_service_RASMANCS, Quarantined, [471a80e1bddc78bec9a823cddd25c23e], PUP.Optional.MintCast, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{29007E8C-251B-4F61-A70E-635906271727478077}_is1, Quarantined, [cd94ee73a2f7013506783d14ca3ad030], PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\hwopt16022016082249, Quarantined, [421f3b264653aa8c0b67ef0129d91ce4], PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HWOPT16022016082249, Quarantined, [aab7baa73564a0967ff4c9279c66629e], PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HWOPT16022016082249_UPDATER_SERVICE, Quarantined, [82df5b06366310261c577f712dd5b749], PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDIVERT1.1, Quarantined, [bba6e27f39609c9acaadfcf4e919c33d], Registry Values: 5 PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hwopt16022016082249|ImagePath, "C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe", Quarantined, [aab7baa73564a0967ff4c9279c66629e] PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\hwopt16022016082249_updater_service|ImagePath, "C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe", Quarantined, [82df5b06366310261c577f712dd5b749] PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{2A3EC989-EADF-4046-8E83-DAE110CDE78B}, v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Windows\hwopt_16022016082249\addon\netman.exe|Name=netman in|, Quarantined, [59080b565940989eda9bea06669cf808] PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{4810C7E3-740B-45A5-B4EA-6C4D3AAB5F04}, v2.10|Action=Allow|Active=TRUE|Dir=Out|App=C:\Windows\hwopt_16022016082249\addon\netman.exe|Name=netman out|, Quarantined, [9bc6ee736c2d62d4e68fa44cbf43df21] PUP.Optional.MintCast, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinDivert1.1|ImagePath, \??\C:\Windows\hwopt_16022016082249\WinDivert64.sys, Quarantined, [bba6e27f39609c9acaadfcf4e919c33d] Registry Data: 0 (No malicious items detected) Folders: 3 PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], Files: 54 PUP.Optional.MintCast, C:\Users\{username}\Desktop\hwopt_3.0.6.exe, Quarantined, [1849174ac0d984b2fc494aa78e73f50b], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249.exe, Delete-on-Reboot, [aab7baa73564a0967ff4c9279c66629e], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.exe, Delete-on-Reboot, [82df5b06366310261c577f712dd5b749], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\WinDivert64.sys, Quarantined, [bba6e27f39609c9acaadfcf4e919c33d], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\InstallUtil.InstallLog, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\AppSettings.config, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249.InstallLog, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249.InstallState, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.InstallLog, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\hwopt16022016082249_updater_service.InstallState, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\InstallationStatsUploder_16022016082249.exe, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\InstallUtil.exe, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\msvcp110.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\msvcr110.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\NetworkUtil.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\Newtonsoft.Json.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\unins000.dat, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\unins000.exe, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\Utils.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\WinDivert.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\atl110.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\defcert.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\defcertkey.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\dhparam2048.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\mitmCA.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\mitmCAder.crt, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\mitmCAprivkey.pem, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\msvcr110.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\msvcr120.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\msvcr120d.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\netman.exe, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\WinDivert.dll, Delete-on-Reboot, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\WinDivert64.sys, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\certutil.exe, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\freebl3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\libnspr4.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\libplc4.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\libplds4.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\msvcr100.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\msvcr110.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\nss3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\nssckbi.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\nssdbm3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\nssutil3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\smime3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\softokn3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\sqlite3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUP.Optional.MintCast, C:\Windows\hwopt_16022016082249\addon\nss_tools\ssl3.dll, Quarantined, [a6bb7de49cfdc2746a00a34d50b26898], PUM.Optional.FireFoxSecurityOverride, C:\Users\MBAM\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.downloads.enabled", true), Bad: (user_pref("browser.safebrowsing.downloads.enabled", false), Replaced,[0d540958099086b0d104c64e4eb7659b] PUM.Optional.FireFoxSecurityOverride, C:\Users\MBAM\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.malware.enabled", true), Bad: (user_pref("browser.safebrowsing.malware.enabled", false), Replaced,[c899065b8316ff37884e4fc5b550c33d] PUM.Optional.FireFoxSecurityOverride, C:\Users\MBAM\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.enabled", true), Bad: (user_pref("browser.safebrowsing.enabled", false), Replaced,[bca5da878019f83ec215d73dc63f0000] PUM.Optional.FireFoxSecurityOverride, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.downloads.enabled", true), Bad: (user_pref("browser.safebrowsing.downloads.enabled", false), Replaced,[3130dc85029793a3f9dcf71ddf265aa6] PUM.Optional.FireFoxSecurityOverride, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.malware.enabled", true), Bad: (user_pref("browser.safebrowsing.malware.enabled", false), Replaced,[65fca1c0128751e505d1ad67699c56aa] PUM.Optional.FireFoxSecurityOverride, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\{profile}.default\user.js, Good: (user_pref("browser.safebrowsing.enabled", true), Bad: (user_pref("browser.safebrowsing.enabled", false), Replaced,[d889c39e7128e74f16c1b75d0ef736ca] Physical Sectors: 0 (No malicious items detected) (end)As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):
- Dynamically Blocks Malware Sites & Servers
- Malware Execution Prevention