Related blog content
How to remove adware from your PC
How to avoid potentially unwanted programs
Adware.FastDataX
Short bio
Adware.FastDataX is an application that may inject advertisements into web browsers or other software. It may also collect personally identifiable information (PII) about the computer and users’ browsing habits and specific geographic regions. This information may be harvested for targeted advertising and could be sold to third-party data exchange services or other interested parties.
Symptoms
Adware.FastDataX may create an entry within the Microsoft Task Scheduler to ensure persistence. Some variants of Adware.FastDataX may inject advertisements into web browsers or display advertisements using pop-up or pop-under techniques.
Type and source of infection
Adware.FastDataX could be distributed using various methods, including being packaged with free software or other online software or being installed with or without user consent.
Protection
Malwarebytes blocks the installation of FastDataX with its real-time protection module.
Malwarebytes detects and removes FastDataX as malware.
Remediation
Malwarebytes can detect and remove FastDataX infections without further user interaction.
- Please download Malwarebytes to your desktop.
- Double-click MBSetup.exe and follow the prompts to install the program.
- When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen.
- Click on the Get started button.
- Click Scan to start a Threat Scan.
- Click Quarantine to remove the found threats.
- Reboot the system if prompted to complete the removal process.
Malwarebytes removal log
A Malwarebytes log of removal will look similar to this:
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 3/9/18
Scan Time: 9:09 PM
Log File: d8980cdf-2418-11e8-92b3-00ffc8517b86.json
Administrator: Yes
-Software Information-
Version: 3.4.4.2398
Components Version: 1.0.322
Update Package Version: 1.0.4282
License: Premium
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Computer\User
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 296880
Threats Detected: 21
Threats Quarantined: 21
Time Elapsed: 2 min, 44 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 4
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\FASTDATAX TASK, Quarantined, [1186], [407191],1.0.4282
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7E90D634-327C-4E2E-8845-3C6F7245FEC1}, Quarantined, [1186], [407191],1.0.4282
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{7E90D634-327C-4E2E-8845-3C6F7245FEC1}, Quarantined, [1186], [407191],1.0.4282
Adware.FastDataX, HKU\S-1-5-21-2165681608-3755637219-621560601-1000\SOFTWARE\FastDataX, Quarantined, [8031], [484533],1.0.4282
Registry Value: 1
Adware.FastDataX.EncJob, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7E90D634-327C-4E2E-8845-3C6F7245FEC1}|PATH, Quarantined, [1186], [407189],1.0.4282
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 4
Adware.FastDataX.EncJob, C:\PROGRAM FILES (X86)\FASTDATAX, Quarantined, [1186], [407194],1.0.4282
Adware.FastDataX.EncJob, C:\Users\Fwiplayer\AppData\Local\FastDataX\log\installer, Quarantined, [1186], [474798],1.0.4282
Adware.FastDataX.EncJob, C:\Users\Fwiplayer\AppData\Local\FastDataX\log, Quarantined, [1186], [474798],1.0.4282
Adware.FastDataX.EncJob, C:\USERS\FWIPLAYER\APPDATA\LOCAL\FASTDATAX, Quarantined, [1186], [474798],1.0.4282
File: 12
Adware.FastDataX.EncJob, C:\WINDOWS\SYSTEM32\TASKS\FASTDATAX TASK, Quarantined, [1186], [407191],1.0.4282
Adware.FastDataX.EncJob, C:\USERS\FWIPLAYER\APPDATA\ROAMING\Microsoft\Windows\Recent\unins000.dat.lnk, Quarantined, [1186], [407194],1.0.4282
Adware.FastDataX.EncJob, C:\PROGRAM FILES (X86)\FASTDATAX\UNINS000.DAT, Quarantined, [1186], [407194],1.0.4282
Adware.FastDataX.EncJob, C:\Program Files (x86)\FastDataX\bwpah.dll, Quarantined, [1186], [407194],1.0.4282
Adware.FastDataX.EncJob, C:\Program Files (x86)\FastDataX\unins000.exe, Quarantined, [1186], [407194],1.0.4282
Adware.FastDataX.EncJob, C:\Program Files (x86)\FastDataX\unins000.msg, Quarantined, [1186], [407194],1.0.4282
Adware.FastDataX.EncJob, C:\USERS\FWIPLAYER\APPDATA\ROAMING\Microsoft\Windows\Recent\unins000.msg.lnk, Quarantined, [1186], [407194],1.0.4282
Adware.FastDataX.EncJob, C:\Users\Fwiplayer\AppData\Local\FastDataX\log\installer\08-02-2018(22-38).log, Quarantined, [1186], [474798],1.0.4282
Adware.FastDataX.EncJob, C:\Users\Fwiplayer\AppData\Local\FastDataX\log\installer\08-02-2018(22-39).log, Quarantined, [1186], [474798],1.0.4282
Adware.FastDataX, C:\USERS\FWIPLAYER\APPDATA\ROAMING\Microsoft\Windows\Recent\fast.datax_1e58aa82ec29e98482be583321034815679cef7a5939ce0d8029220b72eda5d6.lnk, Quarantined, [8031], [463466],1.0.4282
Adware.FastDataX, C:\USERS\FWIPLAYER\DESKTOP\FAST.DATAX_1E58AA82EC29E98482BE583321034815679CEF7A5939CE0D8029220B72EDA5D6.EXE, Quarantined, [8031], [463466],1.0.4282
Adware.FastDataX, C:\USERS\FWIPLAYER\DESKTOP\FASTDATAXCF8DBB4D07F78D5C5388764232BE6AFD55357A652C9887AF68B756AFC0E0DAC5.EXE, Quarantined, [8031], [463466],1.0.4282
Physical Sector: 0
(No malicious items detected)
(end)
Traces/IOCs
You may see these entries in FRST logs:
Task: {7E90D634-327C-4E2E-8845-3C6F7245FEC1} – System32\Tasks\FastDataX Task => C:\Program Files (x86)\FastDataX\FastDataX.exe [2018-03-09] () <==== ATTENTION
Associated files:
FastDataX.exe, bwpah.dll
