Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus keeps coming back after removal


  • This topic is locked This topic is locked
11 replies to this topic

#1 beepbleepboopbapbip

beepbleepboopbapbip

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 11 May 2017 - 11:54 AM

Hello, i am new to bleepingcomputer.com

a month ago i tried downloading a file in an indonesian website, once the download finished the app wasn't there.

instead there were viruses installed. such as fake chrome (and keeps closing chrome), BIT.dll, Nosupyzed, Kitty.dll (gone now), WinSAPSvc and other.

 

I tried removing them, but they keep coming back in the afternoon even if i shut down my pc. please someone help me.

i used Malwarebytes and CCleaner but Malwarebytes only detected lot of Adware.Elex and CCleaner only detected some of useless problems.

 

The OS i'm using is Windows 10 Pro.

 

 


BC AdBot (Login to Remove)

 


#2 RayS

RayS

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:30 PM

Posted 11 May 2017 - 12:27 PM

Hello,

My name is Ray and I'll be assisting you with your issue. Please give me a day or two to consult with my instructor. Since I'm still a trainee, all my posts have to be reviewed by my instructor prior to being posted to make sure that you receive the best assistance possible.

Thank you for your understanding, I'll be with you shortly!

Ray

Do you have a shorter nickname?


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#3 beepbleepboopbapbip

beepbleepboopbapbip
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 11 May 2017 - 11:00 PM

Yes i do have a shorter nickname, "bleepy"

and now this virus have downloaded some kind of cartoonish apps called big farm, etc. i forgot

and makes me worried if the bottom of my desktop (which has app logos in it) reloads because i think they anonymously installed a virus to my pc.

 

Also, when i try to delete the virus it loads me back to the folder where the virus is not in.

for example " AppName > App.exe" redirects to " AppName" folder.

 

dunno if the bottom of my desktop reloads means something changed or someone hacked my pc to install a virus anonymously.


Edited by beepbleepboopbapbip, 11 May 2017 - 11:02 PM.


#4 RayS

RayS

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:30 PM

Posted 12 May 2017 - 04:14 PM

Hello bleepy, and welcome to Bleeping Computer.

Please call me "Ray".

I will be helping you with your computer problem.

  • Please do not attach any log files to your replies unless specifically requested. Instead, please copy and paste the entire text of the logs into the body of your reply. Use separate consecutive posts if that's easier for you.
  • Please do not try to fix anything or run (or re-run) any tools without being advised to do so.
  • Always read my entire message before you begin to follow my instructions.
  • It may be helpful for you to print my instructions for easy reference.
  • Perform my instructions in the order as given.
  • Click More Reply Options and then Preview Post before you post a reply. Be sure your message addresses all the issues I raise.
  • Any fixes I provide are for this specific problem on this machine only.
  • Removing malware is hazardous. I will not knowingly advise actions that will damage your computer, but it is impossible to guarantee the safety of your system. It may even become necessary to re-format and re-install your operating system. Before we proceed, you should back up all your data -- preferably to a different computer or to off-line storage.

 

 

Give me Malwarebytes Antimalware (MBAM) log

  • Please launch your copy of MBAM.
  • Click History.
  • In left pane, click Application Logs.
  • If any logs are available, click the most recent one (listed at the top).
  • In the Daily Protection Log window, click Export (bottom left of window).
  • Select Text file (*.txt).
  • In the Save File window, give the file a name and note the saving location.
  • Click Save.
  • Close MBAM and include the log in your reply to me.

 

 

 

Follow Preparation Guide
Please follow the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help by Lawrence Abrams. Since you have already posted a request for help, you can skip some of the steps in the guide, but you should follow closely steps :step1:  and :step6:.
Note one exception: Please do not attach the Addition.txt file. Instead, copy and paste it into the body of your reply.


Fully describe symptoms

  • Why do you think the installed Chrome is "fake"?
  • Into what location were the unwanted files stored (BIT.dll, Nosupyzed, Kitty.dll (gone now), WinSAPSvc and other.)?
  • Do you see any error messages? If so, give them to me verbatim.
  • Any other unexpected symptoms? Give full description.

 

 

 

Summary

  1. Confirm you have backed up all your important files.
  2. Copy and paste the entire contents of the MBAM log into the body of your message.
  3. Copy and paste the entire contents of FRST.txt and Addition.txt into the body of your message.
  4. Fully describe symptoms as listed above.

Please address all four items listed in the Summary above.

Thank you,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#5 beepbleepboopbapbip

beepbleepboopbapbip
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 13 May 2017 - 04:23 AM

Hello, thanks for the reply

 

i am using malwarebytes 3.0, so here is the log

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 2/2/17
Scan Time: 11:35 PM
Logfile: mbam log1.txt
Administrator: Yes
 
-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1064
License: Trial
 
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-ATJ3K0V\Dani
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356056
Time Elapsed: 13 min, 3 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 10
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Quarantined, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Quarantined, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Quarantined, [385], [351682],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Quarantined, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Quarantined, [13], [118034],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Quarantined, [315], [353151],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Quarantined, [837], [357355],1.0.1064
 
Module: 14
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Quarantined, [4495], [24306],1.0.1064
Adware.Elex, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL, Quarantined, [1033], [360556],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Quarantined, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Quarantined, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Quarantined, [385], [351682],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Quarantined, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Quarantined, [13], [118034],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Quarantined, [1238], [362727],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Quarantined, [315], [353151],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Quarantined, [837], [357355],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Quarantined, [4495], [183111],1.0.1064
 
Registry Key: 55
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\backlh, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Nettrans, Quarantined, [398], [331415],1.0.1064
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dcffce27b5ac8a40b8b8a9720e08e441, Quarantined, [2072], [336669],1.0.1064
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [2072], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{7FBEA058-DE40-11E6-83E9-64006A5CFC23}, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{7FBEA058-DE40-11E6-83E9-64006A5CFC23}\InprocServer32, Quarantined, [1238], [362727],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO.1, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B8C25002-E842-8182-59C2-F10289422282}, Quarantined, [117], [302717],1.0.1064
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [260991],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, Quarantined, [96], [259989],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [117], [254683],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASAPI32, Quarantined, [96], [259740],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASMANCS, Quarantined, [96], [259740],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP, Quarantined, [96], [259956],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9745D94D-821A-438C-8D61-3F876A6DE498}, Quarantined, [398], [259072],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\PRODUCTSETUP, Quarantined, [17237], [242047],1.0.1064
PUP.Optional.Wajam.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, Quarantined, [96], [259928],1.0.1064
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\jhdbca, Quarantined, [1033], [358186],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtRonzap, Quarantined, [96], [259866],1.0.1064
PUP.Optional.Social2Search, HKLM\SOFTWARE\WOW6432NODE\Socia2Sear Browser Enhancer, Quarantined, [443], [345866],1.0.1064
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\trotuxSoftware, Quarantined, [419], [182848],1.0.1064
PUP.Optional.InstallCore, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\csastats, Quarantined, [8], [260986],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\mtRonzap, Quarantined, [96], [259575],1.0.1064
Adware.Norassie, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\Norassie, Quarantined, [3260], [361347],1.0.1064
PUP.Optional.Wajam, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\WajIEnhance, Quarantined, [131], [244670],1.0.1064
PUP.Optional.Tuto4PC, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\wewewe, Quarantined, [113], [339689],1.0.1064
Adware.Elex, HKU\S-1-5-18\SOFTWARE\jhdbca, Quarantined, [1033], [358190],1.0.1064
PUP.Optional.SearchManager, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [183362],1.0.1064
PUP.Optional.Linkury, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, Quarantined, [398], [259313],1.0.1064
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18111], [261569],1.0.1064
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [260991],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Ronzap.exe, Quarantined, [96], [259795],1.0.1064
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h9kafbc6, Quarantined, [2086], [339986],1.0.1064
Adware.Elex, HKLM\SOFTWARE\jhdbca, Quarantined, [1033], [358186],1.0.1064
PUP.Optional.Social2Search, HKLM\SOFTWARE\Socia2Sear Browser Enhancer, Quarantined, [443], [345866],1.0.1064
 
Registry Value: 30
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|wd, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|EUWF0Z82WR, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|produpd, Quarantined, [817], [342951],1.0.1064
Adware.Wajam.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Wajam.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{7FBEA058-DE40-11E6-83E9-64006A5CFC23}, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, Quarantined, [1238], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, Quarantined, [1238], [-1],0.0.0
Trojan.Zbot.Generic, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|hdtask, Quarantined, [837], [357355],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNF, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, Quarantined, [96], [259989],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP|IMAGEPATH, Quarantined, [96], [259956],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9745D94D-821A-438C-8D61-3F876A6DE498}|DISPLAYNAME, Quarantined, [398], [259072],1.0.1064
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETTRANS|IMAGEPATH, Quarantined, [398], [331424],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNP, Quarantined, [96], [259518],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNF, Quarantined, [96], [259517],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\PRODUCTSETUP|TB, Quarantined, [17237], [242047],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|OMEWPRODUCT_F5AW2, Quarantined, [113], [314799],1.0.1064
PUP.Optional.Linkury, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, Quarantined, [398], [259313],1.0.1064
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\e2fb43cbfdafb5148d3874d650396f3e|DISPLAYNAME, Quarantined, [18111], [261569],1.0.1064
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h9kafbc6|NAME, Quarantined, [2086], [339986],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Quarantined, [96], [259988],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Quarantined, [398], [259314],1.0.1064
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH|IMAGEPATH, Quarantined, [4495], [183112],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, Quarantined, [96], [259987],1.0.1064
 
Registry Data: 7
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replaced, [398], [293477],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [117], [293283],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Replaced, [96], [293486],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [117], [293283],1.0.1064
 
Data Stream: 0
(No malicious items detected)
 
Folder: 30
PUP.Optional.Linkury, C:\PROGRAMDATA\NetworkPacketManitor, Removal Failed, [398], [331423],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\USERS\DANI\APPDATA\ROAMING\Mozilla\Firefox\naweriweentcofise, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.NoteUp, C:\USERS\DANI\APPDATA\ROAMING\NOTE-UP, Quarantined, [3167], [246759],1.0.1064
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\BS7OBWXLNS, Removal Failed, [2403], [357599],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER, Removal Failed, [4495], [183111],1.0.1064
Adware.Elex.Generic, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE, Removal Failed, [2144], [358276],1.0.1064
Adware.Wajam, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SOCIA2SEAR BROWSER ENHANCER, Quarantined, [1772], [348378],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\EXTENSIONS\fnhfdmnphmbbjbgppnpcddkefmeokfho, Quarantined, [3110], [360481],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR, Quarantined, [398], [259312],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\LOCAL\{0C573A0B-28FF-56B3-4567-735B610F8FC3}, Quarantined, [117], [302717],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\PROGRAM FILES (X86)\COMMON FILES\HOTANLAX, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Clicker, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER, Removal Failed, [983], [365168],1.0.1064
 
File: 178
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Removal Failed, [4495], [24306],1.0.1064
Adware.Elex, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL, Removal Failed, [1033], [360556],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Removal Failed, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Removal Failed, [1033], [361532],1.0.1064
PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Config.xml, Quarantined, [398], [331423],1.0.1064
PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Nettrans.exe.config, Quarantined, [398], [331423],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Removal Failed, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Removal Failed, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Removal Failed, [385], [351682],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\prefs.js, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\profiles.ini, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search-metadata.json, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search.json, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search.json.mozlz4, Quarantined, [2759], [363173],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Removal Failed, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Removal Failed, [13], [118034],1.0.1064
Adware.Wajam.Generic, C:\WINDOWS\SYSTEM32\DRIVERS\DCFFCE27B5AC8A40B8B8A9720E08E441.SYS, Removal Failed, [2072], [336669],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Removal Failed, [1238], [362727],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Removal Failed, [315], [353151],1.0.1064
PUP.Optional.RussAd, C:\USERS\DANI\APPDATA\LOCAL\MAIL.RU\SPUTNIK\IESEARCHPLUGIN.DLL, Quarantined, [25], [351113],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Removal Failed, [837], [357355],1.0.1064
PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, Quarantined, [117], [254335],1.0.1064
PUP.Optional.Linkury.Generic, C:\USERS\DANI\APPDATA\ROAMING\AGENT.DAT, Quarantined, [2382], [360491],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\WARMDANFAN.BIN, Quarantined, [398], [326154],1.0.1064
PUP.Optional.Linkury.Gen, C:\USERS\DANI\APPDATA\ROAMING\BLUEFRESH.TST, Quarantined, [19819], [261636],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\MD.XML, Quarantined, [398], [258091],1.0.1064
Trojan.Agent.E, C:\USERS\DANI\APPDATA\ROAMING\ADOBE\MANAGER.EXE, Quarantined, [204], [363232],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\USERS\DANI\APPDATA\ROAMING\CONFIG.XML, Quarantined, [96], [302553],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\NOAH.DAT, Quarantined, [398], [258092],1.0.1064
PUP.Optional.NoteUp, C:\USERS\DANI\APPDATA\ROAMING\NOTE-UP\NOTE-UP.DB, Quarantined, [3167], [246759],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\ROAMING\MYDESKTOP\LINKME.EXE, Quarantined, [315], [363415],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\SEARCHPLUGINS\H9KAFBC6.XML, Quarantined, [419], [324483],1.0.1064
Trojan.Agent, C:\USERS\DANI\APPDATA\ROAMING\BLUEFRESH.EXE, Quarantined, [22], [363443],1.0.1064
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\BS7OBWXLNS\CAST.CONFIG, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\IVVABZT5H.exe.config, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\uninstaller.exe, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\uninstaller.exe.config, Quarantined, [2403], [357599],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\FLEXKAYSTRING.BIN, Quarantined, [398], [331415],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\UNINSTALL_TEMP.ICO, Quarantined, [398], [258093],1.0.1064
Adware.Tuto4PC, C:\$RECYCLE.BIN\S-1-5-21-3925801674-1894051899-1639661203-1001\$REQA8GG.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Elex.Generic, C:\PROGRAMDATA\2657Q72J91Z1361\2657Q72J91Z1361.DLL, Quarantined, [2144], [363783],1.0.1064
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE.CONFIG, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64\SQLite.Interop.dll, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\Config.json, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.dll, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.Linq.dll, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.xml, Quarantined, [4495], [183111],1.0.1064
Adware.Elex.Generic, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL.INI, Quarantined, [2144], [358276],1.0.1064
PUP.Optional.Citadel, C:\USERS\DANI\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\MONHOST.LNK, Quarantined, [2005], [338481],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\Settings.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\SignIn with Twitter.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\Social2Search Website.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\uninstall.lnk, Quarantined, [1772], [348378],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.eot, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.ttf, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.woff, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\fonts.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\jquery-ui.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\site.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\weather.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\128x128.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\16x16.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\19x19.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\38x38.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\favicon.ico, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\pop.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\ic_refresh_black_24dp_2x.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\ic_search_black_24dp_2x.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\logo.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\m1-min.jpg, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\bootstrap.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery-ui.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery.simpleWeather.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\list.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\weather.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\background.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\site.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata\computed_hashes.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata\verified_contents.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\main.html, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\manifest.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, Quarantined, [96], [259512],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\USERS\DANI\APPDATA\ROAMING\INSTALLATIONCONFIGURATION.XML, Quarantined, [96], [302554],1.0.1064
PUP.Optional.LogicHandler, C:\USERS\DANI\APPDATA\ROAMING\VILLALA.BIN, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G7E1F.TMP, Quarantined, [1033], [365112],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\HNEDEZRUF0.EXE, Quarantined, [113], [314786],1.0.1064
Trojan.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\LINKER.EXE, Quarantined, [22], [363443],1.0.1064
PUP.Optional.Sputnik, C:\USERS\DANI\APPDATA\LOCAL\TEMP\BE2E332ADEE14FEE80B1E99391CD5861, Quarantined, [3291], [352247],1.0.1064
Adware.OxyPumper, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DRIVERBOOSTERSETUP.EXE, Quarantined, [464], [366316],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EWSZ9KWMLC.EXE, Quarantined, [113], [314786],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G908F.TMP.EXE, Quarantined, [1033], [361888],1.0.1064
PUP.Optional.Sputnik, C:\USERS\DANI\APPDATA\LOCAL\TEMP\290.TMP.EXE, Quarantined, [3291], [352247],1.0.1064
PUP.Optional.InstallCore, C:\USERS\DANI\APPDATA\LOCAL\TEMP\AUTOTIME51495.EXE, Quarantined, [8], [356458],1.0.1064
Adware.Downloader, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PL_INST.EXE, Quarantined, [673], [347498],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\ASU19RR4BU.EXE, Quarantined, [113], [314786],1.0.1064
PUP.Optional.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\TROTUX.EXE, Quarantined, [15], [315776],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\LINKME.EXE, Quarantined, [315], [363415],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\JII4RCSSJ8T0.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Social2Search, C:\USERS\DANI\APPDATA\LOCAL\TEMP\WAJAM_INSTALL.EXE, Quarantined, [2422], [366028],1.0.1064
PUP.Optional.Zaxar, C:\USERS\DANI\APPDATA\LOCAL\TEMP\ZAXARSETUP.4.001.1827.EXE, Quarantined, [4194], [8813],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\MXWW4NEOBQ\UNINMODULE.EXE, Quarantined, [2318], [350732],1.0.1064
PUP.Optional.LogicHandler, C:\USERS\DANI\APPDATA\LOCAL\TEMP\RARSFX0\LOGICHANDLER.EXE, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Zaxar, C:\USERS\DANI\APPDATA\LOCAL\TEMP\_IU14D2N.TMP, Quarantined, [4194], [8813],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\APPSOFT.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\IS-O6TBA.TMP\AUTOTIME.EXE, Quarantined, [315], [323847],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G.EXE, Quarantined, [817], [342951],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GLOBAL_INSTALLER.EXE, Quarantined, [2318], [350730],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\00017477\NEWAUTOTIME_51495.JPG, Quarantined, [315], [323624],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\EZJP2EQS7U\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR\S--TOP.ICO, Quarantined, [398], [259312],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\LOCAL\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HOWTOREMOVE\HOWTOREMOVE.HTML, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\chromium-min.jpg, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\control panel-min-min.JPG, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\down.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\ff menu.JPG, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\ff search engine-min.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\hp-min ff.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\hp-min ie.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\search engine.gif, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\setup pages.gif, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\sp-min.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\start-min.jpg, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\up.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_chmm.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_ff.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_ie.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\como, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\install.log, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\maci, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\nati, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\sifo, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\Sqlite3.dll, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninst.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninst.exe, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninstp.dat, Quarantined, [117], [302717],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\appsoft.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\asasa.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\asasa.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\appsoft.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\asasa.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\asasa.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.MyRadioXP, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\LOCAL STORAGE\chrome-extension_fnhfdmnphmbbjbgppnpcddkefmeokfho_0.localstorage, Quarantined, [3112], [360496],1.0.1064
PUP.Optional.MyRadioXP, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\LOCAL STORAGE\chrome-extension_fnhfdmnphmbbjbgppnpcddkefmeokfho_0.localstorage-journal, Quarantined, [3112], [360496],1.0.1064
PUP.Optional.YesSearches, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\wgudv439.default\SEARCHPLUGINS\findit.xml, Quarantined, [129], [184250],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\PROGRAM FILES (X86)\COMMON FILES\HOTANLAX\INSTALLATIONCONFIGURATION.XML, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.dat, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.exe, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.ico, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\3024dd91c9e4ec72e8f828ca22b6216e.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\6eefebd7f3019e059917e8e6d34fbf1c.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\df04f60fd0a26c7028e4e23fea33ce94.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\2f75411bf6d0e0de2855d2d68e443b23, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\33eb93120bb8a46f0ff9c6f25a291358.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\6eefebd7f3019e059917e8e6d34fbf1c.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\726200b333459e6ea0910b12573e5ccd.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\879df99fc6b12eb3726fea38189ecc51.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\SEARCHPLUGINS\YAHOO! POWERED.XML, Quarantined, [117], [302287],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\SEARCHPLUGINS\H9KAFBC6.XML, Quarantined, [419], [302745],1.0.1064
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 2/2/17
Scan Time: 11:35 PM
Logfile: mbam log1.txt
Administrator: Yes
 
-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1064
License: Trial
 
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-ATJ3K0V\Dani
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356056
Time Elapsed: 13 min, 3 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 10
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Quarantined, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Quarantined, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Quarantined, [385], [351682],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Quarantined, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Quarantined, [13], [118034],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Quarantined, [315], [353151],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Quarantined, [837], [357355],1.0.1064
 
Module: 14
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Quarantined, [4495], [24306],1.0.1064
Adware.Elex, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL, Quarantined, [1033], [360556],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Quarantined, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Quarantined, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Quarantined, [385], [351682],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Quarantined, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Quarantined, [13], [118034],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Quarantined, [1238], [362727],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Quarantined, [315], [353151],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Quarantined, [837], [357355],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Quarantined, [4495], [183111],1.0.1064
 
Registry Key: 55
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\backlh, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Nettrans, Quarantined, [398], [331415],1.0.1064
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dcffce27b5ac8a40b8b8a9720e08e441, Quarantined, [2072], [336669],1.0.1064
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [2072], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{7FBEA058-DE40-11E6-83E9-64006A5CFC23}, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{7FBEA058-DE40-11E6-83E9-64006A5CFC23}\InprocServer32, Quarantined, [1238], [362727],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO.1, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B8C25002-E842-8182-59C2-F10289422282}, Quarantined, [117], [302717],1.0.1064
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [260991],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, Quarantined, [96], [259989],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [117], [254683],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASAPI32, Quarantined, [96], [259740],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASMANCS, Quarantined, [96], [259740],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP, Quarantined, [96], [259956],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9745D94D-821A-438C-8D61-3F876A6DE498}, Quarantined, [398], [259072],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\PRODUCTSETUP, Quarantined, [17237], [242047],1.0.1064
PUP.Optional.Wajam.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, Quarantined, [96], [259928],1.0.1064
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\jhdbca, Quarantined, [1033], [358186],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtRonzap, Quarantined, [96], [259866],1.0.1064
PUP.Optional.Social2Search, HKLM\SOFTWARE\WOW6432NODE\Socia2Sear Browser Enhancer, Quarantined, [443], [345866],1.0.1064
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\trotuxSoftware, Quarantined, [419], [182848],1.0.1064
PUP.Optional.InstallCore, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\csastats, Quarantined, [8], [260986],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\mtRonzap, Quarantined, [96], [259575],1.0.1064
Adware.Norassie, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\Norassie, Quarantined, [3260], [361347],1.0.1064
PUP.Optional.Wajam, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\WajIEnhance, Quarantined, [131], [244670],1.0.1064
PUP.Optional.Tuto4PC, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\wewewe, Quarantined, [113], [339689],1.0.1064
Adware.Elex, HKU\S-1-5-18\SOFTWARE\jhdbca, Quarantined, [1033], [358190],1.0.1064
PUP.Optional.SearchManager, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [183362],1.0.1064
PUP.Optional.Linkury, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, Quarantined, [398], [259313],1.0.1064
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18111], [261569],1.0.1064
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [260991],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Ronzap.exe, Quarantined, [96], [259795],1.0.1064
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h9kafbc6, Quarantined, [2086], [339986],1.0.1064
Adware.Elex, HKLM\SOFTWARE\jhdbca, Quarantined, [1033], [358186],1.0.1064
PUP.Optional.Social2Search, HKLM\SOFTWARE\Socia2Sear Browser Enhancer, Quarantined, [443], [345866],1.0.1064
 
Registry Value: 30
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|wd, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|EUWF0Z82WR, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|produpd, Quarantined, [817], [342951],1.0.1064
Adware.Wajam.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Wajam.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{7FBEA058-DE40-11E6-83E9-64006A5CFC23}, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, Quarantined, [1238], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, Quarantined, [1238], [-1],0.0.0
Trojan.Zbot.Generic, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|hdtask, Quarantined, [837], [357355],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNF, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, Quarantined, [96], [259989],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP|IMAGEPATH, Quarantined, [96], [259956],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9745D94D-821A-438C-8D61-3F876A6DE498}|DISPLAYNAME, Quarantined, [398], [259072],1.0.1064
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETTRANS|IMAGEPATH, Quarantined, [398], [331424],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNP, Quarantined, [96], [259518],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNF, Quarantined, [96], [259517],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\PRODUCTSETUP|TB, Quarantined, [17237], [242047],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|OMEWPRODUCT_F5AW2, Quarantined, [113], [314799],1.0.1064
PUP.Optional.Linkury, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, Quarantined, [398], [259313],1.0.1064
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\e2fb43cbfdafb5148d3874d650396f3e|DISPLAYNAME, Quarantined, [18111], [261569],1.0.1064
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h9kafbc6|NAME, Quarantined, [2086], [339986],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Quarantined, [96], [259988],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Quarantined, [398], [259314],1.0.1064
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH|IMAGEPATH, Quarantined, [4495], [183112],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, Quarantined, [96], [259987],1.0.1064
 
Registry Data: 7
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replaced, [398], [293477],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [117], [293283],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Replaced, [96], [293486],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [117], [293283],1.0.1064
 
Data Stream: 0
(No malicious items detected)
 
Folder: 30
PUP.Optional.Linkury, C:\PROGRAMDATA\NetworkPacketManitor, Removal Failed, [398], [331423],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\USERS\DANI\APPDATA\ROAMING\Mozilla\Firefox\naweriweentcofise, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.NoteUp, C:\USERS\DANI\APPDATA\ROAMING\NOTE-UP, Quarantined, [3167], [246759],1.0.1064
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\BS7OBWXLNS, Removal Failed, [2403], [357599],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER, Removal Failed, [4495], [183111],1.0.1064
Adware.Elex.Generic, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE, Removal Failed, [2144], [358276],1.0.1064
Adware.Wajam, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SOCIA2SEAR BROWSER ENHANCER, Quarantined, [1772], [348378],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\EXTENSIONS\fnhfdmnphmbbjbgppnpcddkefmeokfho, Quarantined, [3110], [360481],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR, Quarantined, [398], [259312],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\LOCAL\{0C573A0B-28FF-56B3-4567-735B610F8FC3}, Quarantined, [117], [302717],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\PROGRAM FILES (X86)\COMMON FILES\HOTANLAX, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Clicker, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER, Removal Failed, [983], [365168],1.0.1064
 
File: 178
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Removal Failed, [4495], [24306],1.0.1064
Adware.Elex, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL, Removal Failed, [1033], [360556],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Removal Failed, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Removal Failed, [1033], [361532],1.0.1064
PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Config.xml, Quarantined, [398], [331423],1.0.1064
PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Nettrans.exe.config, Quarantined, [398], [331423],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Removal Failed, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Removal Failed, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Removal Failed, [385], [351682],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\prefs.js, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\profiles.ini, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search-metadata.json, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search.json, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search.json.mozlz4, Quarantined, [2759], [363173],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Removal Failed, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Removal Failed, [13], [118034],1.0.1064
Adware.Wajam.Generic, C:\WINDOWS\SYSTEM32\DRIVERS\DCFFCE27B5AC8A40B8B8A9720E08E441.SYS, Removal Failed, [2072], [336669],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Removal Failed, [1238], [362727],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Removal Failed, [315], [353151],1.0.1064
PUP.Optional.RussAd, C:\USERS\DANI\APPDATA\LOCAL\MAIL.RU\SPUTNIK\IESEARCHPLUGIN.DLL, Quarantined, [25], [351113],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Removal Failed, [837], [357355],1.0.1064
PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, Quarantined, [117], [254335],1.0.1064
PUP.Optional.Linkury.Generic, C:\USERS\DANI\APPDATA\ROAMING\AGENT.DAT, Quarantined, [2382], [360491],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\WARMDANFAN.BIN, Quarantined, [398], [326154],1.0.1064
PUP.Optional.Linkury.Gen, C:\USERS\DANI\APPDATA\ROAMING\BLUEFRESH.TST, Quarantined, [19819], [261636],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\MD.XML, Quarantined, [398], [258091],1.0.1064
Trojan.Agent.E, C:\USERS\DANI\APPDATA\ROAMING\ADOBE\MANAGER.EXE, Quarantined, [204], [363232],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\USERS\DANI\APPDATA\ROAMING\CONFIG.XML, Quarantined, [96], [302553],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\NOAH.DAT, Quarantined, [398], [258092],1.0.1064
PUP.Optional.NoteUp, C:\USERS\DANI\APPDATA\ROAMING\NOTE-UP\NOTE-UP.DB, Quarantined, [3167], [246759],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\ROAMING\MYDESKTOP\LINKME.EXE, Quarantined, [315], [363415],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\SEARCHPLUGINS\H9KAFBC6.XML, Quarantined, [419], [324483],1.0.1064
Trojan.Agent, C:\USERS\DANI\APPDATA\ROAMING\BLUEFRESH.EXE, Quarantined, [22], [363443],1.0.1064
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\BS7OBWXLNS\CAST.CONFIG, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\IVVABZT5H.exe.config, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\uninstaller.exe, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\uninstaller.exe.config, Quarantined, [2403], [357599],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\FLEXKAYSTRING.BIN, Quarantined, [398], [331415],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\UNINSTALL_TEMP.ICO, Quarantined, [398], [258093],1.0.1064
Adware.Tuto4PC, C:\$RECYCLE.BIN\S-1-5-21-3925801674-1894051899-1639661203-1001\$REQA8GG.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Elex.Generic, C:\PROGRAMDATA\2657Q72J91Z1361\2657Q72J91Z1361.DLL, Quarantined, [2144], [363783],1.0.1064
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE.CONFIG, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64\SQLite.Interop.dll, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\Config.json, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.dll, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.Linq.dll, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.xml, Quarantined, [4495], [183111],1.0.1064
Adware.Elex.Generic, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL.INI, Quarantined, [2144], [358276],1.0.1064
PUP.Optional.Citadel, C:\USERS\DANI\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\MONHOST.LNK, Quarantined, [2005], [338481],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\Settings.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\SignIn with Twitter.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\Social2Search Website.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\uninstall.lnk, Quarantined, [1772], [348378],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.eot, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.ttf, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.woff, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\fonts.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\jquery-ui.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\site.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\weather.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\128x128.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\16x16.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\19x19.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\38x38.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\favicon.ico, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\pop.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\ic_refresh_black_24dp_2x.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\ic_search_black_24dp_2x.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\logo.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\m1-min.jpg, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\bootstrap.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery-ui.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery.simpleWeather.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\list.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\weather.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\background.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\site.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata\computed_hashes.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata\verified_contents.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\main.html, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\manifest.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, Quarantined, [96], [259512],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\USERS\DANI\APPDATA\ROAMING\INSTALLATIONCONFIGURATION.XML, Quarantined, [96], [302554],1.0.1064
PUP.Optional.LogicHandler, C:\USERS\DANI\APPDATA\ROAMING\VILLALA.BIN, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G7E1F.TMP, Quarantined, [1033], [365112],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\HNEDEZRUF0.EXE, Quarantined, [113], [314786],1.0.1064
Trojan.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\LINKER.EXE, Quarantined, [22], [363443],1.0.1064
PUP.Optional.Sputnik, C:\USERS\DANI\APPDATA\LOCAL\TEMP\BE2E332ADEE14FEE80B1E99391CD5861, Quarantined, [3291], [352247],1.0.1064
Adware.OxyPumper, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DRIVERBOOSTERSETUP.EXE, Quarantined, [464], [366316],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EWSZ9KWMLC.EXE, Quarantined, [113], [314786],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G908F.TMP.EXE, Quarantined, [1033], [361888],1.0.1064
PUP.Optional.Sputnik, C:\USERS\DANI\APPDATA\LOCAL\TEMP\290.TMP.EXE, Quarantined, [3291], [352247],1.0.1064
PUP.Optional.InstallCore, C:\USERS\DANI\APPDATA\LOCAL\TEMP\AUTOTIME51495.EXE, Quarantined, [8], [356458],1.0.1064
Adware.Downloader, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PL_INST.EXE, Quarantined, [673], [347498],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\ASU19RR4BU.EXE, Quarantined, [113], [314786],1.0.1064
PUP.Optional.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\TROTUX.EXE, Quarantined, [15], [315776],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\LINKME.EXE, Quarantined, [315], [363415],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\JII4RCSSJ8T0.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Social2Search, C:\USERS\DANI\APPDATA\LOCAL\TEMP\WAJAM_INSTALL.EXE, Quarantined, [2422], [366028],1.0.1064
PUP.Optional.Zaxar, C:\USERS\DANI\APPDATA\LOCAL\TEMP\ZAXARSETUP.4.001.1827.EXE, Quarantined, [4194], [8813],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\MXWW4NEOBQ\UNINMODULE.EXE, Quarantined, [2318], [350732],1.0.1064
PUP.Optional.LogicHandler, C:\USERS\DANI\APPDATA\LOCAL\TEMP\RARSFX0\LOGICHANDLER.EXE, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Zaxar, C:\USERS\DANI\APPDATA\LOCAL\TEMP\_IU14D2N.TMP, Quarantined, [4194], [8813],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\APPSOFT.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\IS-O6TBA.TMP\AUTOTIME.EXE, Quarantined, [315], [323847],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G.EXE, Quarantined, [817], [342951],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GLOBAL_INSTALLER.EXE, Quarantined, [2318], [350730],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\00017477\NEWAUTOTIME_51495.JPG, Quarantined, [315], [323624],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\EZJP2EQS7U\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR\S--TOP.ICO, Quarantined, [398], [259312],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\LOCAL\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HOWTOREMOVE\HOWTOREMOVE.HTML, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\chromium-min.jpg, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\control panel-min-min.JPG, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\down.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\ff menu.JPG, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\ff search engine-min.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\hp-min ff.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\hp-min ie.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\search engine.gif, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\setup pages.gif, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\sp-min.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\start-min.jpg, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\up.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_chmm.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_ff.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_ie.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\como, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\install.log, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\maci, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\nati, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\sifo, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\Sqlite3.dll, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninst.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninst.exe, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninstp.dat, Quarantined, [117], [302717],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\appsoft.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\asasa.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\asasa.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\appsoft.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\asasa.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\asasa.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.MyRadioXP, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\LOCAL STORAGE\chrome-extension_fnhfdmnphmbbjbgppnpcddkefmeokfho_0.localstorage, Quarantined, [3112], [360496],1.0.1064
PUP.Optional.MyRadioXP, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\LOCAL STORAGE\chrome-extension_fnhfdmnphmbbjbgppnpcddkefmeokfho_0.localstorage-journal, Quarantined, [3112], [360496],1.0.1064
PUP.Optional.YesSearches, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\wgudv439.default\SEARCHPLUGINS\findit.xml, Quarantined, [129], [184250],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\PROGRAM FILES (X86)\COMMON FILES\HOTANLAX\INSTALLATIONCONFIGURATION.XML, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.dat, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.exe, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.ico, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\3024dd91c9e4ec72e8f828ca22b6216e.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\6eefebd7f3019e059917e8e6d34fbf1c.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\df04f60fd0a26c7028e4e23fea33ce94.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\2f75411bf6d0e0de2855d2d68e443b23, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\33eb93120bb8a46f0ff9c6f25a291358.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\6eefebd7f3019e059917e8e6d34fbf1c.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\726200b333459e6ea0910b12573e5ccd.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\879df99fc6b12eb3726fea38189ecc51.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\SEARCHPLUGINS\YAHOO! POWERED.XML, Quarantined, [117], [302287],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\SEARCHPLUGINS\H9KAFBC6.XML, Quarantined, [419], [302745],1.0.1064
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 2/2/17
Scan Time: 11:35 PM
Logfile: mbam log1.txt
Administrator: Yes
 
-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1064
License: Trial
 
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-ATJ3K0V\Dani
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356056
Time Elapsed: 13 min, 3 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 10
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Quarantined, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Quarantined, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Quarantined, [385], [351682],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Quarantined, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Quarantined, [13], [118034],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Quarantined, [315], [353151],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Quarantined, [837], [357355],1.0.1064
 
Module: 14
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Quarantined, [4495], [24306],1.0.1064
Adware.Elex, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL, Quarantined, [1033], [360556],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Quarantined, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Quarantined, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Quarantined, [385], [351682],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Quarantined, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Quarantined, [13], [118034],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Quarantined, [1238], [362727],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Quarantined, [315], [353151],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Quarantined, [837], [357355],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Quarantined, [4495], [183111],1.0.1064
 
Registry Key: 55
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\backlh, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Nettrans, Quarantined, [398], [331415],1.0.1064
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dcffce27b5ac8a40b8b8a9720e08e441, Quarantined, [2072], [336669],1.0.1064
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [2072], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{7FBEA058-DE40-11E6-83E9-64006A5CFC23}, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{7FBEA058-DE40-11E6-83E9-64006A5CFC23}\InprocServer32, Quarantined, [1238], [362727],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO.1, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B8C25002-E842-8182-59C2-F10289422282}, Quarantined, [117], [302717],1.0.1064
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [260991],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, Quarantined, [96], [259989],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [117], [254683],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASAPI32, Quarantined, [96], [259740],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASMANCS, Quarantined, [96], [259740],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP, Quarantined, [96], [259956],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9745D94D-821A-438C-8D61-3F876A6DE498}, Quarantined, [398], [259072],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\PRODUCTSETUP, Quarantined, [17237], [242047],1.0.1064
PUP.Optional.Wajam.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, Quarantined, [96], [259928],1.0.1064
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\jhdbca, Quarantined, [1033], [358186],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtRonzap, Quarantined, [96], [259866],1.0.1064
PUP.Optional.Social2Search, HKLM\SOFTWARE\WOW6432NODE\Socia2Sear Browser Enhancer, Quarantined, [443], [345866],1.0.1064
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\trotuxSoftware, Quarantined, [419], [182848],1.0.1064
PUP.Optional.InstallCore, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\csastats, Quarantined, [8], [260986],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\mtRonzap, Quarantined, [96], [259575],1.0.1064
Adware.Norassie, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\Norassie, Quarantined, [3260], [361347],1.0.1064
PUP.Optional.Wajam, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\WajIEnhance, Quarantined, [131], [244670],1.0.1064
PUP.Optional.Tuto4PC, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\wewewe, Quarantined, [113], [339689],1.0.1064
Adware.Elex, HKU\S-1-5-18\SOFTWARE\jhdbca, Quarantined, [1033], [358190],1.0.1064
PUP.Optional.SearchManager, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [183362],1.0.1064
PUP.Optional.Linkury, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, Quarantined, [398], [259313],1.0.1064
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18111], [261569],1.0.1064
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [260991],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Ronzap.exe, Quarantined, [96], [259795],1.0.1064
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h9kafbc6, Quarantined, [2086], [339986],1.0.1064
Adware.Elex, HKLM\SOFTWARE\jhdbca, Quarantined, [1033], [358186],1.0.1064
PUP.Optional.Social2Search, HKLM\SOFTWARE\Socia2Sear Browser Enhancer, Quarantined, [443], [345866],1.0.1064
 
Registry Value: 30
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|wd, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|EUWF0Z82WR, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|produpd, Quarantined, [817], [342951],1.0.1064
Adware.Wajam.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Wajam.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{7FBEA058-DE40-11E6-83E9-64006A5CFC23}, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, Quarantined, [1238], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, Quarantined, [1238], [-1],0.0.0
Trojan.Zbot.Generic, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|hdtask, Quarantined, [837], [357355],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNF, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, Quarantined, [96], [259989],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP|IMAGEPATH, Quarantined, [96], [259956],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9745D94D-821A-438C-8D61-3F876A6DE498}|DISPLAYNAME, Quarantined, [398], [259072],1.0.1064
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETTRANS|IMAGEPATH, Quarantined, [398], [331424],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNP, Quarantined, [96], [259518],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNF, Quarantined, [96], [259517],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\PRODUCTSETUP|TB, Quarantined, [17237], [242047],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|OMEWPRODUCT_F5AW2, Quarantined, [113], [314799],1.0.1064
PUP.Optional.Linkury, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, Quarantined, [398], [259313],1.0.1064
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\e2fb43cbfdafb5148d3874d650396f3e|DISPLAYNAME, Quarantined, [18111], [261569],1.0.1064
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h9kafbc6|NAME, Quarantined, [2086], [339986],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Quarantined, [96], [259988],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Quarantined, [398], [259314],1.0.1064
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH|IMAGEPATH, Quarantined, [4495], [183112],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, Quarantined, [96], [259987],1.0.1064
 
Registry Data: 7
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replaced, [398], [293477],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [117], [293283],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Replaced, [96], [293486],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [117], [293283],1.0.1064
 
Data Stream: 0
(No malicious items detected)
 
Folder: 30
PUP.Optional.Linkury, C:\PROGRAMDATA\NetworkPacketManitor, Removal Failed, [398], [331423],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\USERS\DANI\APPDATA\ROAMING\Mozilla\Firefox\naweriweentcofise, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.NoteUp, C:\USERS\DANI\APPDATA\ROAMING\NOTE-UP, Quarantined, [3167], [246759],1.0.1064
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\BS7OBWXLNS, Removal Failed, [2403], [357599],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER, Removal Failed, [4495], [183111],1.0.1064
Adware.Elex.Generic, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE, Removal Failed, [2144], [358276],1.0.1064
Adware.Wajam, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SOCIA2SEAR BROWSER ENHANCER, Quarantined, [1772], [348378],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\EXTENSIONS\fnhfdmnphmbbjbgppnpcddkefmeokfho, Quarantined, [3110], [360481],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR, Quarantined, [398], [259312],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\LOCAL\{0C573A0B-28FF-56B3-4567-735B610F8FC3}, Quarantined, [117], [302717],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\PROGRAM FILES (X86)\COMMON FILES\HOTANLAX, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Clicker, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER, Removal Failed, [983], [365168],1.0.1064
 
File: 178
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Removal Failed, [4495], [24306],1.0.1064
Adware.Elex, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL, Removal Failed, [1033], [360556],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Removal Failed, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Removal Failed, [1033], [361532],1.0.1064
PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Config.xml, Quarantined, [398], [331423],1.0.1064
PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Nettrans.exe.config, Quarantined, [398], [331423],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Removal Failed, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Removal Failed, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Removal Failed, [385], [351682],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\prefs.js, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\profiles.ini, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search-metadata.json, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search.json, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search.json.mozlz4, Quarantined, [2759], [363173],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Removal Failed, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Removal Failed, [13], [118034],1.0.1064
Adware.Wajam.Generic, C:\WINDOWS\SYSTEM32\DRIVERS\DCFFCE27B5AC8A40B8B8A9720E08E441.SYS, Removal Failed, [2072], [336669],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Removal Failed, [1238], [362727],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Removal Failed, [315], [353151],1.0.1064
PUP.Optional.RussAd, C:\USERS\DANI\APPDATA\LOCAL\MAIL.RU\SPUTNIK\IESEARCHPLUGIN.DLL, Quarantined, [25], [351113],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Removal Failed, [837], [357355],1.0.1064
PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, Quarantined, [117], [254335],1.0.1064
PUP.Optional.Linkury.Generic, C:\USERS\DANI\APPDATA\ROAMING\AGENT.DAT, Quarantined, [2382], [360491],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\WARMDANFAN.BIN, Quarantined, [398], [326154],1.0.1064
PUP.Optional.Linkury.Gen, C:\USERS\DANI\APPDATA\ROAMING\BLUEFRESH.TST, Quarantined, [19819], [261636],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\MD.XML, Quarantined, [398], [258091],1.0.1064
Trojan.Agent.E, C:\USERS\DANI\APPDATA\ROAMING\ADOBE\MANAGER.EXE, Quarantined, [204], [363232],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\USERS\DANI\APPDATA\ROAMING\CONFIG.XML, Quarantined, [96], [302553],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\NOAH.DAT, Quarantined, [398], [258092],1.0.1064
PUP.Optional.NoteUp, C:\USERS\DANI\APPDATA\ROAMING\NOTE-UP\NOTE-UP.DB, Quarantined, [3167], [246759],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\ROAMING\MYDESKTOP\LINKME.EXE, Quarantined, [315], [363415],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\SEARCHPLUGINS\H9KAFBC6.XML, Quarantined, [419], [324483],1.0.1064
Trojan.Agent, C:\USERS\DANI\APPDATA\ROAMING\BLUEFRESH.EXE, Quarantined, [22], [363443],1.0.1064
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\BS7OBWXLNS\CAST.CONFIG, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\IVVABZT5H.exe.config, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\uninstaller.exe, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\uninstaller.exe.config, Quarantined, [2403], [357599],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\FLEXKAYSTRING.BIN, Quarantined, [398], [331415],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\UNINSTALL_TEMP.ICO, Quarantined, [398], [258093],1.0.1064
Adware.Tuto4PC, C:\$RECYCLE.BIN\S-1-5-21-3925801674-1894051899-1639661203-1001\$REQA8GG.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Elex.Generic, C:\PROGRAMDATA\2657Q72J91Z1361\2657Q72J91Z1361.DLL, Quarantined, [2144], [363783],1.0.1064
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE.CONFIG, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64\SQLite.Interop.dll, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\Config.json, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.dll, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.Linq.dll, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.xml, Quarantined, [4495], [183111],1.0.1064
Adware.Elex.Generic, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL.INI, Quarantined, [2144], [358276],1.0.1064
PUP.Optional.Citadel, C:\USERS\DANI\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\MONHOST.LNK, Quarantined, [2005], [338481],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\Settings.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\SignIn with Twitter.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\Social2Search Website.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\uninstall.lnk, Quarantined, [1772], [348378],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.eot, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.ttf, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.woff, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\fonts.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\jquery-ui.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\site.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\weather.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\128x128.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\16x16.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\19x19.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\38x38.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\favicon.ico, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\pop.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\ic_refresh_black_24dp_2x.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\ic_search_black_24dp_2x.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\logo.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\m1-min.jpg, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\bootstrap.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery-ui.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery.simpleWeather.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\list.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\weather.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\background.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\site.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata\computed_hashes.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata\verified_contents.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\main.html, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\manifest.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, Quarantined, [96], [259512],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\USERS\DANI\APPDATA\ROAMING\INSTALLATIONCONFIGURATION.XML, Quarantined, [96], [302554],1.0.1064
PUP.Optional.LogicHandler, C:\USERS\DANI\APPDATA\ROAMING\VILLALA.BIN, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G7E1F.TMP, Quarantined, [1033], [365112],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\HNEDEZRUF0.EXE, Quarantined, [113], [314786],1.0.1064
Trojan.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\LINKER.EXE, Quarantined, [22], [363443],1.0.1064
PUP.Optional.Sputnik, C:\USERS\DANI\APPDATA\LOCAL\TEMP\BE2E332ADEE14FEE80B1E99391CD5861, Quarantined, [3291], [352247],1.0.1064
Adware.OxyPumper, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DRIVERBOOSTERSETUP.EXE, Quarantined, [464], [366316],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EWSZ9KWMLC.EXE, Quarantined, [113], [314786],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G908F.TMP.EXE, Quarantined, [1033], [361888],1.0.1064
PUP.Optional.Sputnik, C:\USERS\DANI\APPDATA\LOCAL\TEMP\290.TMP.EXE, Quarantined, [3291], [352247],1.0.1064
PUP.Optional.InstallCore, C:\USERS\DANI\APPDATA\LOCAL\TEMP\AUTOTIME51495.EXE, Quarantined, [8], [356458],1.0.1064
Adware.Downloader, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PL_INST.EXE, Quarantined, [673], [347498],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\ASU19RR4BU.EXE, Quarantined, [113], [314786],1.0.1064
PUP.Optional.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\TROTUX.EXE, Quarantined, [15], [315776],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\LINKME.EXE, Quarantined, [315], [363415],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\JII4RCSSJ8T0.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Social2Search, C:\USERS\DANI\APPDATA\LOCAL\TEMP\WAJAM_INSTALL.EXE, Quarantined, [2422], [366028],1.0.1064
PUP.Optional.Zaxar, C:\USERS\DANI\APPDATA\LOCAL\TEMP\ZAXARSETUP.4.001.1827.EXE, Quarantined, [4194], [8813],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\MXWW4NEOBQ\UNINMODULE.EXE, Quarantined, [2318], [350732],1.0.1064
PUP.Optional.LogicHandler, C:\USERS\DANI\APPDATA\LOCAL\TEMP\RARSFX0\LOGICHANDLER.EXE, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Zaxar, C:\USERS\DANI\APPDATA\LOCAL\TEMP\_IU14D2N.TMP, Quarantined, [4194], [8813],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\APPSOFT.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\IS-O6TBA.TMP\AUTOTIME.EXE, Quarantined, [315], [323847],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G.EXE, Quarantined, [817], [342951],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GLOBAL_INSTALLER.EXE, Quarantined, [2318], [350730],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\00017477\NEWAUTOTIME_51495.JPG, Quarantined, [315], [323624],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\EZJP2EQS7U\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR\S--TOP.ICO, Quarantined, [398], [259312],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\LOCAL\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HOWTOREMOVE\HOWTOREMOVE.HTML, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\chromium-min.jpg, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\control panel-min-min.JPG, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\down.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\ff menu.JPG, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\ff search engine-min.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\hp-min ff.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\hp-min ie.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\search engine.gif, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\setup pages.gif, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\sp-min.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\start-min.jpg, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\up.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_chmm.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_ff.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_ie.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\como, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\install.log, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\maci, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\nati, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\sifo, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\Sqlite3.dll, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninst.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninst.exe, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninstp.dat, Quarantined, [117], [302717],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\appsoft.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\asasa.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\asasa.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\appsoft.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\asasa.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\asasa.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.MyRadioXP, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\LOCAL STORAGE\chrome-extension_fnhfdmnphmbbjbgppnpcddkefmeokfho_0.localstorage, Quarantined, [3112], [360496],1.0.1064
PUP.Optional.MyRadioXP, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\LOCAL STORAGE\chrome-extension_fnhfdmnphmbbjbgppnpcddkefmeokfho_0.localstorage-journal, Quarantined, [3112], [360496],1.0.1064
PUP.Optional.YesSearches, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\wgudv439.default\SEARCHPLUGINS\findit.xml, Quarantined, [129], [184250],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\PROGRAM FILES (X86)\COMMON FILES\HOTANLAX\INSTALLATIONCONFIGURATION.XML, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.dat, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.exe, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.ico, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\3024dd91c9e4ec72e8f828ca22b6216e.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\6eefebd7f3019e059917e8e6d34fbf1c.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\df04f60fd0a26c7028e4e23fea33ce94.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\2f75411bf6d0e0de2855d2d68e443b23, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\33eb93120bb8a46f0ff9c6f25a291358.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\6eefebd7f3019e059917e8e6d34fbf1c.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\726200b333459e6ea0910b12573e5ccd.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\879df99fc6b12eb3726fea38189ecc51.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\SEARCHPLUGINS\YAHOO! POWERED.XML, Quarantined, [117], [302287],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\SEARCHPLUGINS\H9KAFBC6.XML, Quarantined, [419], [302745],1.0.1064
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)
 
I do think the installed chrome is fake because a virus keeps closing it and makes one copy of it which is a virus. it has even multiple names. for example: Dayglad, Zoohair, etc.
and it's annoying because everyday i get this.
 
BIT.dll is located in ProgramData, WinSAPSvc is located in Appdata > Roaming. Kitty.dll in Program Files or either Program Files x86. Nosupyyzed in Program Files x86.
 
I don't have any error messages. Instead i have a fake one when my chrome gets closed by the virus, the text is "WHoa! Google Chrome has closed, Relaunch?" and when i relaunch it opens the fake chrome.
 
An unexpected symptom is many more viruses were installed anonymously.
 
i do not have FRST.txt and Addition.txt in my pc.
 

The viruses that were installed always waste my 1gb space in my HDD.

 

will post more soon.



#6 beepbleepboopbapbip

beepbleepboopbapbip
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 13 May 2017 - 04:27 AM

Whoops sorry dude i sent the wrong one because it was in the top one.

so here is the real one

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 2/2/17
Scan Time: 11:35 PM
Logfile: 
Administrator: Yes
 
-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1064
License: Trial
 
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-ATJ3K0V\Dani
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356056
Time Elapsed: 13 min, 3 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 10
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Quarantined, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Quarantined, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Quarantined, [385], [351682],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Quarantined, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Quarantined, [13], [118034],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Quarantined, [315], [353151],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Quarantined, [837], [357355],1.0.1064
 
Module: 14
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Quarantined, [4495], [24306],1.0.1064
Adware.Elex, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL, Quarantined, [1033], [360556],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Quarantined, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Quarantined, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Quarantined, [385], [351682],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Quarantined, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Quarantined, [13], [118034],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Quarantined, [1238], [362727],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Quarantined, [315], [353151],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Quarantined, [837], [357355],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Quarantined, [4495], [183111],1.0.1064
 
Registry Key: 55
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\backlh, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Nettrans, Quarantined, [398], [331415],1.0.1064
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dcffce27b5ac8a40b8b8a9720e08e441, Quarantined, [2072], [336669],1.0.1064
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [2072], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{7FBEA058-DE40-11E6-83E9-64006A5CFC23}, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{7FBEA058-DE40-11E6-83E9-64006A5CFC23}\InprocServer32, Quarantined, [1238], [362727],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO.1, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Quarantined, [25], [351113],1.0.1064
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Quarantined, [25], [351113],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [131], [170024],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B8C25002-E842-8182-59C2-F10289422282}, Quarantined, [117], [302717],1.0.1064
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [260991],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, Quarantined, [96], [259989],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [117], [254683],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASAPI32, Quarantined, [96], [259740],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Ronzap_RASMANCS, Quarantined, [96], [259740],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP, Quarantined, [96], [259956],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9745D94D-821A-438C-8D61-3F876A6DE498}, Quarantined, [398], [259072],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\PRODUCTSETUP, Quarantined, [17237], [242047],1.0.1064
PUP.Optional.Wajam.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, Quarantined, [96], [259928],1.0.1064
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\jhdbca, Quarantined, [1033], [358186],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtRonzap, Quarantined, [96], [259866],1.0.1064
PUP.Optional.Social2Search, HKLM\SOFTWARE\WOW6432NODE\Socia2Sear Browser Enhancer, Quarantined, [443], [345866],1.0.1064
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\trotuxSoftware, Quarantined, [419], [182848],1.0.1064
PUP.Optional.InstallCore, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\csastats, Quarantined, [8], [260986],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\mtRonzap, Quarantined, [96], [259575],1.0.1064
Adware.Norassie, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\Norassie, Quarantined, [3260], [361347],1.0.1064
PUP.Optional.Wajam, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\WajIEnhance, Quarantined, [131], [244670],1.0.1064
PUP.Optional.Tuto4PC, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\wewewe, Quarantined, [113], [339689],1.0.1064
Adware.Elex, HKU\S-1-5-18\SOFTWARE\jhdbca, Quarantined, [1033], [358190],1.0.1064
PUP.Optional.SearchManager, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [183362],1.0.1064
PUP.Optional.Linkury, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, Quarantined, [398], [259313],1.0.1064
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18111], [261569],1.0.1064
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Quarantined, [647], [260991],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Ronzap.exe, Quarantined, [96], [259795],1.0.1064
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h9kafbc6, Quarantined, [2086], [339986],1.0.1064
Adware.Elex, HKLM\SOFTWARE\jhdbca, Quarantined, [1033], [358186],1.0.1064
PUP.Optional.Social2Search, HKLM\SOFTWARE\Socia2Sear Browser Enhancer, Quarantined, [443], [345866],1.0.1064
 
Registry Value: 30
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|wd, Quarantined, [1033], [361532],1.0.1064
Adware.Amonetize, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|EUWF0Z82WR, Quarantined, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|produpd, Quarantined, [817], [342951],1.0.1064
Adware.Wajam.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Wajam.Generic, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Wajam.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [2072], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{7FBEA058-DE40-11E6-83E9-64006A5CFC23}, Quarantined, [1238], [362727],1.0.1064
Adware.Elex.SHHKRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, Quarantined, [1238], [-1],0.0.0
Adware.Elex.SHHKRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER|ENABLESHELLEXECUTEHOOKS, Quarantined, [1238], [-1],0.0.0
Trojan.Zbot.Generic, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|hdtask, Quarantined, [837], [357355],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNF, Quarantined, [96], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, Quarantined, [96], [259989],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RONZAP|IMAGEPATH, Quarantined, [96], [259956],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9745D94D-821A-438C-8D61-3F876A6DE498}|DISPLAYNAME, Quarantined, [398], [259072],1.0.1064
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETTRANS|IMAGEPATH, Quarantined, [398], [331424],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNP, Quarantined, [96], [259518],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\ENVIRONMENT|SNF, Quarantined, [96], [259517],1.0.1064
PUP.Optional.ProductSetup, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\PRODUCTSETUP|TB, Quarantined, [17237], [242047],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Quarantined, [117], [254683],1.0.1064
PUP.Optional.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|OMEWPRODUCT_F5AW2, Quarantined, [113], [314799],1.0.1064
PUP.Optional.Linkury, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, Quarantined, [398], [259313],1.0.1064
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\e2fb43cbfdafb5148d3874d650396f3e|DISPLAYNAME, Quarantined, [18111], [261569],1.0.1064
Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\h9kafbc6|NAME, Quarantined, [2086], [339986],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Quarantined, [96], [259988],1.0.1064
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Quarantined, [398], [259314],1.0.1064
PUP.Optional.LogicHandler, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BACKLH|IMAGEPATH, Quarantined, [4495], [183112],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, Quarantined, [96], [259987],1.0.1064
 
Registry Data: 7
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replaced, [398], [293477],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [117], [293283],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Replaced, [96], [293485],1.0.1064
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3925801674-1894051899-1639661203-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Replaced, [96], [293486],1.0.1064
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replaced, [117], [293283],1.0.1064
 
Data Stream: 0
(No malicious items detected)
 
Folder: 30
PUP.Optional.Linkury, C:\PROGRAMDATA\NetworkPacketManitor, Removal Failed, [398], [331423],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\USERS\DANI\APPDATA\ROAMING\Mozilla\Firefox\naweriweentcofise, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.NoteUp, C:\USERS\DANI\APPDATA\ROAMING\NOTE-UP, Quarantined, [3167], [246759],1.0.1064
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\BS7OBWXLNS, Removal Failed, [2403], [357599],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER, Removal Failed, [4495], [183111],1.0.1064
Adware.Elex.Generic, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE, Removal Failed, [2144], [358276],1.0.1064
Adware.Wajam, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\SOCIA2SEAR BROWSER ENHANCER, Quarantined, [1772], [348378],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\EXTENSIONS\fnhfdmnphmbbjbgppnpcddkefmeokfho, Quarantined, [3110], [360481],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR, Quarantined, [398], [259312],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\LOCAL\{0C573A0B-28FF-56B3-4567-735B610F8FC3}, Quarantined, [117], [302717],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\PROGRAM FILES (X86)\COMMON FILES\HOTANLAX, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\e2fb43cbfdafb5148d3874d650396f3e, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Clicker, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER, Removal Failed, [983], [365168],1.0.1064
 
File: 178
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE, Removal Failed, [4495], [24306],1.0.1064
Adware.Elex, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL, Removal Failed, [1033], [360556],1.0.1064
PUP.Optional.Linkury, C:\PROGRAMDATA\NETWORKPACKETMANITOR\NETTRANS.EXE, Removal Failed, [398], [331415],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GD885.TMP.EXE, Removal Failed, [1033], [361532],1.0.1064
PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Config.xml, Quarantined, [398], [331423],1.0.1064
PUP.Optional.Linkury, C:\ProgramData\NetworkPacketManitor\Nettrans.exe.config, Quarantined, [398], [331423],1.0.1064
Adware.Amonetize, C:\PROGRAM FILES\BS7OBWXLNS\IVVABZT5H.EXE, Removal Failed, [2509], [366629],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\PRODUPD.EXE, Removal Failed, [817], [342951],1.0.1064
Trojan.Glupteba, C:\USERS\DANI\APPDATA\ROAMING\VDI\SHARED\PRODUCT UPDATER\MONHOST.EXE, Removal Failed, [385], [351682],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\prefs.js, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\profiles.ini, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search-metadata.json, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search.json, Quarantined, [2759], [363173],1.0.1064
PUP.Optional.FakeFFProfile, C:\Users\Dani\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\wgudv439.default\search.json.mozlz4, Quarantined, [2759], [363173],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DBUPDATER.EXE, Removal Failed, [1033], [365107],1.0.1064
PUP.Optional.Amonetize, C:\USERS\DANI\APPDATA\LOCAL\TEMP\SDFD2FD.EXE, Removal Failed, [13], [118034],1.0.1064
Adware.Wajam.Generic, C:\WINDOWS\SYSTEM32\DRIVERS\DCFFCE27B5AC8A40B8B8A9720E08E441.SYS, Removal Failed, [2072], [336669],1.0.1064
Adware.Elex.SHHKRST, C:\USERS\DANI\APPDATA\ROAMING\KOWELYSTZOTHER\SHUQUTY.DLL, Removal Failed, [1238], [362727],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PREPREINSTALLER_WIN.EXE, Removal Failed, [315], [353151],1.0.1064
PUP.Optional.RussAd, C:\USERS\DANI\APPDATA\LOCAL\MAIL.RU\SPUTNIK\IESEARCHPLUGIN.DLL, Quarantined, [25], [351113],1.0.1064
Trojan.Zbot.Generic, C:\PROGRAMDATA\HDTASK\HDTASK.EXE, Removal Failed, [837], [357355],1.0.1064
PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, Quarantined, [117], [254335],1.0.1064
PUP.Optional.Linkury.Generic, C:\USERS\DANI\APPDATA\ROAMING\AGENT.DAT, Quarantined, [2382], [360491],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\WARMDANFAN.BIN, Quarantined, [398], [326154],1.0.1064
PUP.Optional.Linkury.Gen, C:\USERS\DANI\APPDATA\ROAMING\BLUEFRESH.TST, Quarantined, [19819], [261636],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\MD.XML, Quarantined, [398], [258091],1.0.1064
Trojan.Agent.E, C:\USERS\DANI\APPDATA\ROAMING\ADOBE\MANAGER.EXE, Quarantined, [204], [363232],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\USERS\DANI\APPDATA\ROAMING\CONFIG.XML, Quarantined, [96], [302553],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\NOAH.DAT, Quarantined, [398], [258092],1.0.1064
PUP.Optional.NoteUp, C:\USERS\DANI\APPDATA\ROAMING\NOTE-UP\NOTE-UP.DB, Quarantined, [3167], [246759],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\PREFS.JS, Replaced, [419], [324486],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\ROAMING\MYDESKTOP\LINKME.EXE, Quarantined, [315], [363415],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\PROFILES\FERNILYRAVISE.DEFAULT\SEARCHPLUGINS\H9KAFBC6.XML, Quarantined, [419], [324483],1.0.1064
Trojan.Agent, C:\USERS\DANI\APPDATA\ROAMING\BLUEFRESH.EXE, Quarantined, [22], [363443],1.0.1064
Adware.Tuto4PC.Generic, C:\PROGRAM FILES\BS7OBWXLNS\CAST.CONFIG, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\IVVABZT5H.exe.config, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\uninstaller.exe, Quarantined, [2403], [357599],1.0.1064
Adware.Tuto4PC.Generic, C:\Program Files\BS7OBWXLNS\uninstaller.exe.config, Quarantined, [2403], [357599],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\FLEXKAYSTRING.BIN, Quarantined, [398], [331415],1.0.1064
PUP.Optional.Linkury, C:\USERS\DANI\APPDATA\ROAMING\UNINSTALL_TEMP.ICO, Quarantined, [398], [258093],1.0.1064
Adware.Tuto4PC, C:\$RECYCLE.BIN\S-1-5-21-3925801674-1894051899-1639661203-1001\$REQA8GG.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Elex.Generic, C:\PROGRAMDATA\2657Q72J91Z1361\2657Q72J91Z1361.DLL, Quarantined, [2144], [363783],1.0.1064
PUP.Optional.LogicHandler, C:\PROGRAMDATA\LOGIC HANDLER\SET.EXE.CONFIG, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64\SQLite.Interop.dll, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\Config.json, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.dll, Removal Failed, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.Linq.dll, Quarantined, [4495], [183111],1.0.1064
PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.xml, Quarantined, [4495], [183111],1.0.1064
Adware.Elex.Generic, C:\PROGRAM FILES (X86)\JUQGEHUWUK CACHE\LOCAL64SPL.DLL.INI, Quarantined, [2144], [358276],1.0.1064
PUP.Optional.Citadel, C:\USERS\DANI\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\MONHOST.LNK, Quarantined, [2005], [338481],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\Settings.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\SignIn with Twitter.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\Social2Search Website.lnk, Quarantined, [1772], [348378],1.0.1064
Adware.Wajam, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer\uninstall.lnk, Quarantined, [1772], [348378],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.eot, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.ttf, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\webfonts\anfinity.woff, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\fonts.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\jquery-ui.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\site.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\content\weather.css, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\128x128.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\16x16.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\19x19.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\38x38.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\favicon.ico, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\icons\pop.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\ic_refresh_black_24dp_2x.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\ic_search_black_24dp_2x.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\logo.png, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\images\m1-min.jpg, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\bootstrap.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery-ui.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\jquery.simpleWeather.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\list.min.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\external\weather.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\background.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\scripts\site.js, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata\computed_hashes.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\_metadata\verified_contents.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\main.html, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.SplinterSearch, C:\Users\Dani\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fnhfdmnphmbbjbgppnpcddkefmeokfho\0.5.5_0\manifest.json, Quarantined, [3110], [360481],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, Quarantined, [96], [259512],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\USERS\DANI\APPDATA\ROAMING\INSTALLATIONCONFIGURATION.XML, Quarantined, [96], [302554],1.0.1064
PUP.Optional.LogicHandler, C:\USERS\DANI\APPDATA\ROAMING\VILLALA.BIN, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\PREFS.JS, Replaced, [419], [302758],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G7E1F.TMP, Quarantined, [1033], [365112],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\HNEDEZRUF0.EXE, Quarantined, [113], [314786],1.0.1064
Trojan.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\LINKER.EXE, Quarantined, [22], [363443],1.0.1064
PUP.Optional.Sputnik, C:\USERS\DANI\APPDATA\LOCAL\TEMP\BE2E332ADEE14FEE80B1E99391CD5861, Quarantined, [3291], [352247],1.0.1064
Adware.OxyPumper, C:\USERS\DANI\APPDATA\LOCAL\TEMP\DRIVERBOOSTERSETUP.EXE, Quarantined, [464], [366316],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EWSZ9KWMLC.EXE, Quarantined, [113], [314786],1.0.1064
Adware.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G908F.TMP.EXE, Quarantined, [1033], [361888],1.0.1064
PUP.Optional.Sputnik, C:\USERS\DANI\APPDATA\LOCAL\TEMP\290.TMP.EXE, Quarantined, [3291], [352247],1.0.1064
PUP.Optional.InstallCore, C:\USERS\DANI\APPDATA\LOCAL\TEMP\AUTOTIME51495.EXE, Quarantined, [8], [356458],1.0.1064
Adware.Downloader, C:\USERS\DANI\APPDATA\LOCAL\TEMP\PL_INST.EXE, Quarantined, [673], [347498],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\ASU19RR4BU.EXE, Quarantined, [113], [314786],1.0.1064
PUP.Optional.Elex, C:\USERS\DANI\APPDATA\LOCAL\TEMP\TROTUX.EXE, Quarantined, [15], [315776],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\LINKME.EXE, Quarantined, [315], [363415],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\JII4RCSSJ8T0.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Social2Search, C:\USERS\DANI\APPDATA\LOCAL\TEMP\WAJAM_INSTALL.EXE, Quarantined, [2422], [366028],1.0.1064
PUP.Optional.Zaxar, C:\USERS\DANI\APPDATA\LOCAL\TEMP\ZAXARSETUP.4.001.1827.EXE, Quarantined, [4194], [8813],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\MXWW4NEOBQ\UNINMODULE.EXE, Quarantined, [2318], [350732],1.0.1064
PUP.Optional.LogicHandler, C:\USERS\DANI\APPDATA\LOCAL\TEMP\RARSFX0\LOGICHANDLER.EXE, Quarantined, [4495], [24306],1.0.1064
PUP.Optional.Zaxar, C:\USERS\DANI\APPDATA\LOCAL\TEMP\_IU14D2N.TMP, Quarantined, [4194], [8813],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\APPSOFT.EXE, Quarantined, [2318], [350732],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\IS-O6TBA.TMP\AUTOTIME.EXE, Quarantined, [315], [323847],1.0.1064
PUP.Optional.ProductUpdater, C:\USERS\DANI\APPDATA\LOCAL\TEMP\G.EXE, Quarantined, [817], [342951],1.0.1064
Adware.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\GLOBAL_INSTALLER.EXE, Quarantined, [2318], [350730],1.0.1064
Adware.Agent, C:\USERS\DANI\APPDATA\LOCAL\TEMP\00017477\NEWAUTOTIME_51495.JPG, Quarantined, [315], [323624],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\EZJP2EQS7U\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\EZJP2EQS7U\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Tuto4PC, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K\CAS.EXE, Quarantined, [113], [331647],1.0.1064
PUP.Optional.Linkury, C:\WINDOWS\TEMP\SMARTBAR\S--TOP.ICO, Quarantined, [398], [259312],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\LOCAL\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HOWTOREMOVE\HOWTOREMOVE.HTML, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\chromium-min.jpg, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\control panel-min-min.JPG, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\down.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\ff menu.JPG, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\ff search engine-min.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\hp-min ff.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\hp-min ie.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\search engine.gif, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\setup pages.gif, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\sp-min.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\start-min.jpg, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\HowToRemove\up.png, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_chmm.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_ff.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\bapi_ie.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\como, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\install.log, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\maci, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\nati, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\sifo, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\Sqlite3.dll, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninst.dat, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninst.exe, Quarantined, [117], [302717],1.0.1064
PUP.Optional.WinYahoo, C:\Users\Dani\AppData\Local\{0C573A0B-28FF-56B3-4567-735B610F8FC3}\uninstp.dat, Quarantined, [117], [302717],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\XSGCXAIGKK\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\appsoft.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\asasa.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\asasa.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\XSGCXAIGKK\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\USERS\DANI\APPDATA\LOCAL\TEMP\YK8P7TLL8K\APPSOFT.EXE.CONFIG.CONFIG, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\appsoft.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\asasa.exe, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\asasa.exe.config.config, Quarantined, [2403], [360183],1.0.1064
Adware.Tuto4PC.Generic, C:\Users\Dani\AppData\Local\Temp\YK8P7TLL8K\cas.exe.config.config, Quarantined, [2403], [360183],1.0.1064
PUP.Optional.MyRadioXP, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\LOCAL STORAGE\chrome-extension_fnhfdmnphmbbjbgppnpcddkefmeokfho_0.localstorage, Quarantined, [3112], [360496],1.0.1064
PUP.Optional.MyRadioXP, C:\USERS\DANI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\ChromeDefaultData\LOCAL STORAGE\chrome-extension_fnhfdmnphmbbjbgppnpcddkefmeokfho_0.localstorage-journal, Quarantined, [3112], [360496],1.0.1064
PUP.Optional.YesSearches, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\wgudv439.default\SEARCHPLUGINS\findit.xml, Quarantined, [129], [184250],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\PROGRAM FILES (X86)\COMMON FILES\HOTANLAX\INSTALLATIONCONFIGURATION.XML, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.dat, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.exe, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Linkury.ACMB1, C:\Program Files (x86)\Common Files\Hotanlax\uninstall.ico, Quarantined, [96], [302562],1.0.1064
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\3024dd91c9e4ec72e8f828ca22b6216e.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\6eefebd7f3019e059917e8e6d34fbf1c.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\88194c9f244b9641c5f4708e05e51fa1\df04f60fd0a26c7028e4e23fea33ce94.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\2f75411bf6d0e0de2855d2d68e443b23, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\33eb93120bb8a46f0ff9c6f25a291358.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\6eefebd7f3019e059917e8e6d34fbf1c.ico, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\726200b333459e6ea0910b12573e5ccd.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.Wajam.Gen, C:\Program Files\e2fb43cbfdafb5148d3874d650396f3e\879df99fc6b12eb3726fea38189ecc51.exe, Quarantined, [18064], [259462],1.0.1064
PUP.Optional.WinYahoo, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\SEARCHPLUGINS\YAHOO! POWERED.XML, Quarantined, [117], [302287],1.0.1064
PUP.Optional.Trotux, C:\USERS\DANI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WGUDV439.DEFAULT\SEARCHPLUGINS\H9KAFBC6.XML, Quarantined, [419], [302745],1.0.1064
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)
 
dunno why it says the date is 2/2/17
even though when i tried to export it said 5/13/17 2:03 AM.


#7 RayS

RayS

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:30 PM

Posted 14 May 2017 - 11:21 AM

Hi Bleepy,

Thank you for the MBAM logs and info about locations of spurious created files.

You didn't confirm whether you have backed up all your important files (documents, spreadsheets, photos, etc.). Any repairs to a computer have the potential to cause unintended loss or corruption of data. I make every effort to avoid doing any harm, but I must know you have secure copies of all your important files before we proceed with a fix.

 

<<<<<<
 

 
i do not have FRST.txt and Addition.txt in my pc.

You will obtain FRST.txt and Addition.txt when you complete the procedures in Step :step6: of the Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help by Lawrence Abrams. In your case, you have a 64-bit operating system, therefore, you need to download FRST64.exe. Please download FRST64.exe from here.

 

Notice the location where FRST64.exe is downloaded to. Right-click FRST64.exe and press Run as administrator. Then press Scan. You will find FRST.txt and Addition.txt in the same folder where FRST64.exe is.

 

The procedure in step :step6: of the preparation guide contains very good illustrations. Please review it again.

 

Summary

  1. Confirm you have backed up your important files.
  2. Copy and paste the entire contents of FRST.txt and Addition.txt into the body of your reply.

Before you post your reply, be sure you have addressed both issues in the summary above.

Thank you,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#8 RayS

RayS

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:30 PM

Posted 16 May 2017 - 12:05 PM

Hi Bleepy,

3 Day Bump

It has been 3 days since my last post.

  • Do you still need help with this? If not, please let me know as soon as possible. Other people are requesting my help.
  • If you will be away for an extended period, please let me know in advance.
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Thank you,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#9 beepbleepboopbapbip

beepbleepboopbapbip
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 19 May 2017 - 12:44 AM

Ok, sorry for my inactive, seems like Malwarebytes removed the virus.

so i don't need any help again, but thank you for helping me out.

 

sorry if i seems rude.



#10 RayS

RayS

  • Malware Study Hall Senior
  • 2,376 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:09:30 PM

Posted 19 May 2017 - 11:02 AM

Hi Bleepy,

 

...seems like Malwarebytes removed the virus. so i don't need any help again...

 

I'm glad to hear that. Here's some parting advice:

 

 

Guard against ransomware
A growing trend among cybercriminals is to encrypt all your data and then demand payment for the decryption key. For an overview, see Information on Ransomware (includes guides for some prevalent varieties of ransomware). See also the very comprehensive article, CryptoLocker Ransomware Information Guide and FAQ by Lawrence Abrams.

Prevention is far better than attempting to cure, therefore, I recommend the free version of CryptoPrevent. The Premium version includes some advanced features. Other security companies are developing products in this area as well.

The smartest way to stay unaffected by ransomware? Backup! Highly recommended!


Manage your passwords
Use different passwords on each account. Install one of the password managers like LastPass (free or premium version) or KeePass Password Safe.


Backup your data
Make frequent backups of all your important files such as documents, spreadsheets, photos, business records, etc. Synchronized files are convenient, but are just as vulnerable as local files. Offline storage is best because malware can infect all machines in a network. Fire and theft can affect all devices in a single physical location. Consider cloud storage, but be sure to encrypt all traffic to and from the cloud and protect your files with strong passwords. Disconnect from the service except when you are actually storing or retrieving files.


Please also consider doing the following in order to keep your PC secure and running well:

Install and update the following programs regularly:

An outbound firewall
If you are connected to the internet through a router, you are already behind a hardware firewall, and, as such, you do not need an extra software firewall. However, a comprehensive tutorial and a list of possible firewalls can be found here.

AntiVirus Software
It is imperative that you update your AntiVirus Software on regular basis. If you do not update your AntiVirus Software, then it will not be able to catch the latest threats.

Anti-Spyware program
Malwarebyte's Anti-Malware (MBAM) is an excellent Anti-Spyware scanner. Its scan times are usually under ten minutes, and it has excellent detection and removal rates. MBAM can remain resident without nagging you to purchase the paid version.

Spyware Blaster
A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.

MVPs hosts file
A tutorial for MVPs HOSTS file can be found here. If you would like automatic updates, you might want to take a look at HostMan host file manager. For more information on the HOSTS file, and what it can do for you, please consult the Tutorial on the HOSTS file.



Keep Windows (and your other Microsoft software) up to date!

I cannot overstress this point. Holes are often found in Internet Explorer or Windows itself. Sometimes, these holes will allow an attacker unrestricted access to your computer. Therefore, please visit the Microsoft Update Website, and follow the on-screen instructions to set up Windows Update. It may be necessary to REBOOT several times until there are no more updates to install.

Keep your other software up to date as well
Malware can attack the software from any manufacturer. You can use the Secunia Personal Software Inspector occasionally to help you keep your software up-to-date.

Stay up to date!
The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then malware will always be one step ahead. That's not a good thing!




Some final closing thoughts and information for your consideration:

Lawrence Abrams, founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:

Simple and easy ways to keep your computer safe and secure on the Internet.

Here are some additional links you might find of interest:

If you ever need help with your PC in the future, we here at Bleeping Computer will be glad to assist.

 

 

Please reply one more time to let us know that we can close this topic.

Best regards,

Ray


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#11 beepbleepboopbapbip

beepbleepboopbapbip
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:06:30 PM

Posted 22 May 2017 - 01:24 AM

Oh ok, thank for your advice.

Man, i really don't know what to say, but okay just close this topic.



#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:08:30 PM

Posted 22 May 2017 - 02:00 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users