A
AmanShukla2
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 9/22/18
Scan Time: 10:30 PM
Log File: 06988cc0-be89-11e8-87a3-6045cbc4563b.json
-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.463
Update Package Version: 1.0.6961
License: Trial
-System Information-
OS: Windows 10 (Build 17134.254)
CPU: x64
File System: NTFS
User: DESKTOP-BKGO32K\aman shukla
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 327107
Threats Detected: 366
Threats Quarantined: 366
Time Elapsed: 10 min, 50 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 11
Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC\CRMSvc.exe, Quarantined, [103], [403162],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe, Quarantined, [2775], [425765],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\Quinwood.exe, Quarantined, [5248], [552310],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, Quarantined, [398], [537387],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MzBiYTA2.exe, Quarantined, [463], [556539],1.0.6961
Module: 13
Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC\CRMSvc.exe, Quarantined, [103], [403162],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe, Quarantined, [2775], [425765],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\Quinwood.exe, Quarantined, [5248], [552310],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, Quarantined, [398], [537387],1.0.6961
RiskWare.BitCoinMiner, C:\WINDOWS\SYSTEM32\MCICDA64.DLL, Quarantined, [948], [506365],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MzBiYTA2.exe, Quarantined, [463], [556539],1.0.6961
Adware.Wajam, C:\WINDOWS\YKGJAUYOYSVATIKD.YKGEA, Quarantined, [463], [530164],1.0.6961
Registry Key: 69
Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CRMSvc, Delete-on-Reboot, [103], [403162],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\UPDATER_ONLINE_APPLICATION, Delete-on-Reboot, [3678], [391429],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DE4CB9FF-40E4-4118-9824-2B9241BCD6AB}, Delete-on-Reboot, [3678], [391429],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{DE4CB9FF-40E4-4118-9824-2B9241BCD6AB}, Delete-on-Reboot, [3678], [391429],1.0.6961
Trojan.Egguard, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SysSvc, Delete-on-Reboot, [5031], [550057],1.0.6961
Adware.DNSUnlocker.ACMB3, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Service, Delete-on-Reboot, [5248], [552310],1.0.6961
Adware.DNSUnlocker.ACMB3, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7753FBBA-09F5-4968-9700-B051AC808831}_is1, Delete-on-Reboot, [5248], [552310],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G1, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CDA44C53-A447-4F7A-B251-606841E866EA}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{CDA44C53-A447-4F7A-B251-606841E866EA}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G2, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{74E83AB6-118E-4214-A7E7-EC3FE0B1644A}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{74E83AB6-118E-4214-A7E7-EC3FE0B1644A}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G3, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2E4FF85-DB00-4104-BFE1-7214C0EA5248}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D2E4FF85-DB00-4104-BFE1-7214C0EA5248}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G4, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{64392E14-A683-4DFB-9CFE-7C879F2D8CE9}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{64392E14-A683-4DFB-9CFE-7C879F2D8CE9}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G5, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0FFF6E41-5F47-4AEE-807F-24069C619EF3}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0FFF6E41-5F47-4AEE-807F-24069C619EF3}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G6, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{948952DB-C617-4F7F-A9BE-5F88477C660B}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{948952DB-C617-4F7F-A9BE-5F88477C660B}, Delete-on-Reboot, [1141], [399420],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, Delete-on-Reboot, [720], [259987],1.0.6961
Trojan.Agent, HKLM\SOFTWARE\CRMSvc, Delete-on-Reboot, [398], [533736],1.0.6961
Adware.SearchAwesome, HKLM\SOFTWARE\SrcAAAesom Browser Enhancer, Delete-on-Reboot, [7251], [509886],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, Delete-on-Reboot, [720], [259989],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe, Delete-on-Reboot, [720], [260624],1.0.6961
RiskWare.EventSvc, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTSVC, Delete-on-Reboot, [4107], [561519],1.0.6961
PUP.Optional.Wajam, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\WajIEnhance, Delete-on-Reboot, [207], [244670],1.0.6961
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Delete-on-Reboot, [207], [-1],0.0.0
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, Delete-on-Reboot, [426], [518478],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, Delete-on-Reboot, [426], [518476],1.0.6961
Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\EWMON, Delete-on-Reboot, [2775], [411543],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\Speedycar, Delete-on-Reboot, [426], [518473],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\TechnologyDesktopnew, Delete-on-Reboot, [426], [518479],1.0.6961
Adware.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, Delete-on-Reboot, [1116], [527830],1.0.6961
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, Delete-on-Reboot, [2883], [260251],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASAPI32, Delete-on-Reboot, [720], [260623],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASMANCS, Delete-on-Reboot, [720], [260623],1.0.6961
Adware.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, Delete-on-Reboot, [1116], [527830],1.0.6961
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PowerSvc, Delete-on-Reboot, [398], [537387],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [398592],1.0.6961
PUP.Optional.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\wewewe, Delete-on-Reboot, [619], [339689],1.0.6961
Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\BIGTIME, Delete-on-Reboot, [2775], [411542],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online Application, Delete-on-Reboot, [1141], [399423],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online.io Application, Delete-on-Reboot, [3678], [317312],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [339688],1.0.6961
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Delete-on-Reboot, [2883], [260247],1.0.6961
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D1946C87-79CC-462A-A924-D4C43636BF82}, Delete-on-Reboot, [242], [239939],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLICONOVERLAYIDENTIFIERS\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}\InprocServer32, Delete-on-Reboot, [948], [506365],1.0.6961
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NjlhNjVjYzN, Delete-on-Reboot, [463], [556539],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtQuoteex, Delete-on-Reboot, [720], [260625],1.0.6961
Adware.SearchAwesome, HKLM\SOFTWARE\WOW6432NODE\SrcAAAesom Browser Enhancer, Delete-on-Reboot, [7251], [509886],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\DMUNVERSION, Delete-on-Reboot, [426], [518477],1.0.6961
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Delete-on-Reboot, [2883], [260247],1.0.6961
Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NjlhNjVjYzN, Delete-on-Reboot, [463], [533738],1.0.6961
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MzhhZGVj, Delete-on-Reboot, [463], [530164],1.0.6961
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\YzVjN2E5MzhiZWY1Z, Delete-on-Reboot, [463], [535778],1.0.6961
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [207], [170024],1.0.6961
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [207], [170024],1.0.6961
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [207], [170024],1.0.6961
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\jVBtL, Delete-on-Reboot, [2772], [519971],1.0.6961
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B83CA01A-D138-4C5D-A0EB-A510F07F4B00}, Delete-on-Reboot, [2772], [519971],1.0.6961
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{B83CA01A-D138-4C5D-A0EB-A510F07F4B00}, Delete-on-Reboot, [2772], [519971],1.0.6961
Registry Value: 40
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Delete-on-Reboot, [720], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Delete-on-Reboot, [720], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\ENVIRONMENT|SNF, Delete-on-Reboot, [720], [-1],0.0.0
Adware.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ShutdownTime, Delete-on-Reboot, [2775], [425765],1.0.6961
Trojan.Agent.VBS, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MicrosoftRuntimeUpdate, Delete-on-Reboot, [2772], [536192],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0FFF6E41-5F47-4AEE-807F-24069C619EF3}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, Delete-on-Reboot, [720], [259987],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{64392E14-A683-4DFB-9CFE-7C879F2D8CE9}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{74E83AB6-118E-4214-A7E7-EC3FE0B1644A}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{948952DB-C617-4F7F-A9BE-5F88477C660B}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CDA44C53-A447-4F7A-B251-606841E866EA}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2E4FF85-DB00-4104-BFE1-7214C0EA5248}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DE4CB9FF-40E4-4118-9824-2B9241BCD6AB}|PATH, Delete-on-Reboot, [3678], [391427],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, Delete-on-Reboot, [720], [259989],1.0.6961
RiskWare.EventSvc, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTSVC|IMAGEPATH, Delete-on-Reboot, [4107], [561519],1.0.6961
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{318aac38-51bb-4ef0-91e9-b0a1f16550ed}|NAMESERVER, Delete-on-Reboot, [7550], [260227],1.0.6961
PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [207], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [207], [-1],0.0.0
PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [207], [-1],0.0.0
Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\EWMON|PARTNER, Delete-on-Reboot, [2775], [411543],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Delete-on-Reboot, [720], [259988],1.0.6961
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Delete-on-Reboot, [242], [259314],1.0.6961
Trojan.Egguard, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SYSSVC|IMAGEPATH, Delete-on-Reboot, [5031], [550056],1.0.6961
Adware.DNSUnlocker.ACMB3, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UPDATE SERVICE|IMAGEPATH, Delete-on-Reboot, [5248], [552317],1.0.6961
Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CRMSVC|IMAGEPATH, Delete-on-Reboot, [103], [403160],1.0.6961
Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\BIGTIME|PARTNER, Delete-on-Reboot, [2775], [411542],1.0.6961
PUP.Optional.Linkury, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, Delete-on-Reboot, [242], [259313],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|CONTACT, Delete-on-Reboot, [3678], [333852],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|URLINFOABOUT, Delete-on-Reboot, [3678], [321304],1.0.6961
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D1946C87-79CC-462A-A924-D4C43636BF82}|PUBLISHER, Delete-on-Reboot, [242], [239939],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELL EXTENSIONS\APPROVED|{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\ENVIRONMENT|SNF, Delete-on-Reboot, [720], [259517],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\ENVIRONMENT|SNP, Delete-on-Reboot, [720], [259518],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\DMUNVERSION|VERSION, Delete-on-Reboot, [426], [518477],1.0.6961
Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NjlhNjVjYzN|DISPLAYNAME, Delete-on-Reboot, [463], [533738],1.0.6961
Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NjlhNjVjYzN|PUBLISHER, Delete-on-Reboot, [463], [533738],1.0.6961
Adware.DNSUnlocker.ACMB3, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7753FBBA-09F5-4968-9700-B051AC808831}_is1|DISPLAYNAME, Delete-on-Reboot, [5248], [552316],1.0.6961
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MzhhZGVj|IMAGEPATH, Delete-on-Reboot, [463], [530164],1.0.6961
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POWERSVC|IMAGEPATH, Delete-on-Reboot, [398], [537386],1.0.6961
Registry Data: 19
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, Replace-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, Replace-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Replace-on-Reboot, [720], [293485],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replace-on-Reboot, [720], [293485],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Replace-on-Reboot, [720], [293485],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Replace-on-Reboot, [720], [293485],1.0.6961
PUP.Optional.Linkury, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replace-on-Reboot, [242], [293476],1.0.6961
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replace-on-Reboot, [242], [293477],1.0.6961
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0edf278e-efaf-451b-8520-151d97a7d4b4}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0edf278e-efaf-451b-8520-151d97a7d4b4}|DhcpNameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{318aac38-51bb-4ef0-91e9-b0a1f16550ed}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{318aac38-51bb-4ef0-91e9-b0a1f16550ed}|DhcpNameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{d9efb5e2-79ef-4da7-9d07-849813b99883}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{edbdf693-22d8-43e1-aefd-6a5dfaaa582d}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f60d45a3-d4e7-4042-bb82-445123257273}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{fdcacaf0-2028-4957-b9b7-4b20ccc43c23}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Replace-on-Reboot, [720], [293486],1.0.6961
Data Stream: 0
(No malicious items detected)
Folder: 40
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\ondemand, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.WinNetSvc, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\WMPNETWORKACSVC, Delete-on-Reboot, [753], [346624],1.0.6961
Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC, Delete-on-Reboot, [103], [403162],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\SHUTDOWNTIME, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\0ZKH8JK4HC, Delete-on-Reboot, [2775], [487472],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en_US, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\NTVHOST, Delete-on-Reboot, [5031], [550057],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\EXAMS, Delete-on-Reboot, [2775], [569781],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\PROGRAM FILES\fik Quinwood Updater, Delete-on-Reboot, [5248], [552310],1.0.6961
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [391425],1.0.6961
Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0\install, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\MICROLEAVES, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\X64, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\X86, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE, Delete-on-Reboot, [1116], [431817],1.0.6961
Trojan.Agent, C:\WINDOWS\SYSWOW64\SSL, Delete-on-Reboot, [398], [479103],1.0.6961
Adware.DNSUnlocker.Generic, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\fik Quinwood Updater, Delete-on-Reboot, [3491], [568543],1.0.6961
Adware.Wajam, C:\WINDOWS\SYSWOW64\SSL, Delete-on-Reboot, [463], [533889],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\431957687, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\432633843, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234, Delete-on-Reboot, [415], [463480],1.0.6961
Adware.Wajam, C:\PROGRAM FILES\NjlhNjVjYzN, Delete-on-Reboot, [463], [556539],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\_metadata, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NMEINLFOJLCEGBLPOGPJBHIPMONCLEJH, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS, Delete-on-Reboot, [222], [380106],1.0.6961
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\ZUMLEX, Delete-on-Reboot, [14211], [444929],1.0.6961
File: 174
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX\conf.config, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Dentotough.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Dongtam.dll, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Doubledamstrong.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Faseex.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\HotTech.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Ittam.dll, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\md.xml, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\New-Tough.exe, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\New-Tough.exe.config, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.d.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Sololux.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Solstrong.exe, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Solstrong.exe.config, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\TampHold.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Techstrong.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Trans-Lab.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Triotam.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\uninstall.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Uno-Tip.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\vblh5rpf.xml, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [391431],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, Delete-on-Reboot, [720], [259512],1.0.6961
PUP.Optional.WinNetSvc, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\WMPNETWORKACSVC\CONFIG.INI, Delete-on-Reboot, [753], [346624],1.0.6961
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\UPDATER_ONLINE_APPLICATION.JOB, Delete-on-Reboot, [3678], [391430],1.0.6961
Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC\CRMSvc.exe, Delete-on-Reboot, [103], [403162],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, Delete-on-Reboot, [3738], [404862],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\MD.XML, Delete-on-Reboot, [3738], [404866],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\NOAH.DAT, Delete-on-Reboot, [3738], [404865],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\AGENT.DAT, Delete-on-Reboot, [3738], [404872],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\SHUTDOWNTIME\UNINS000.DAT, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\9AD.exe, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\cast.config, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\config.conf, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\MTKMYV1GDB0YT9D.exe.config, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\NHSTS.exe.config, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\unins000.exe, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\uninstaller.exe.config, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\Freshstrong.tst, Delete-on-Reboot, [3738], [404871],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\0ZKH8JK4HC\up.exe.config, Delete-on-Reboot, [2775], [487472],1.0.6961
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\UPDATER_ONLINE_APPLICATION, Delete-on-Reboot, [3678], [391429],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\SHAM.DB, Delete-on-Reboot, [3738], [516191],1.0.6961
Trojan.Egguard, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\NTVHOST\SYSSVC.EXE, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\128.png, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\16.png, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\32.png, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\48.png, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en\messages.json, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en_US\messages.json, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\background.html, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\background.js, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\manifest.json, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\host.json, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\native.exe, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ntd.cfg, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\syssvc.exe.config, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\syssvc.wrapper.log, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\syssvc.xml, Delete-on-Reboot, [5031], [550057],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\EXAMS\3232493.exe.config, Delete-on-Reboot, [2775], [569781],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\Exams\4154234.exe, Delete-on-Reboot, [2775], [569781],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\Exams\4154234.exe.config, Delete-on-Reboot, [2775], [569781],1.0.6961
Adware.Linkury.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\SHAM.DB, Delete-on-Reboot, [3738], [516189],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G1.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G2.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G3.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G4.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G5.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G6.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Trojan.Agent.VBS, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\LIBRARIES\MicrosoftRuntimeUpdate.vbe, Delete-on-Reboot, [2772], [536192],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\PROGRAM FILES\fik Quinwood Updater\unins000.dat, Delete-on-Reboot, [5248], [552310],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\Quinwood.exe, Delete-on-Reboot, [5248], [552310],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\unins000.exe, Delete-on-Reboot, [5248], [552310],1.0.6961
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, Delete-on-Reboot, [3678], [391425],1.0.6961
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, Delete-on-Reboot, [3678], [391425],1.0.6961
Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1\Basic Installer with memory detection.msi, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES\Online Application\Online Application Updater.exe, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io EULA.url, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io Privacy.url, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Uninstall Online Application.lnk, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.ini, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G1, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G2, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G3, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G4, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G5, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G6, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\X64\SQLite.Interop.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\Config.json, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe.config, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.Linq.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.xml, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\Stimstring.tst, Delete-on-Reboot, [3738], [404871],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\MAIN.DAT, Delete-on-Reboot, [3738], [442900],1.0.6961
Trojan.Agent, C:\WINDOWS\SYSWOW64\SSL\XV.DB, Delete-on-Reboot, [398], [479103],1.0.6961
Trojan.Agent, C:\Windows\SysWOW64\SSL\cert.db, Delete-on-Reboot, [398], [479103],1.0.6961
Trojan.Agent, C:\Windows\SysWOW64\SSL\NmRiNWY5NzQ 2.cer, Delete-on-Reboot, [398], [479103],1.0.6961
Adware.DNSUnlocker.Generic, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fik Quinwood Updater\fik Quinwood Updater.lnk, Delete-on-Reboot, [3491], [568543],1.0.6961
RiskWare.EventSvc, C:\PROGRAMDATA\MICROSOFT\WINDOWS\EVENTSVC\EVENTSVC.EXE, Delete-on-Reboot, [4107], [561519],1.0.6961
Adware.Wajam, C:\WINDOWS\SYSWOW64\SSL\CERT.DB, Delete-on-Reboot, [463], [533889],1.0.6961
Adware.Wajam, C:\Windows\SysWOW64\SSL\NmRiNWY5NzQ 2.cer, Delete-on-Reboot, [463], [533889],1.0.6961
Adware.Wajam, C:\Windows\SysWOW64\SSL\xv.db, Delete-on-Reboot, [463], [533889],1.0.6961
Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, Delete-on-Reboot, [398], [537387],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\431957687\ic-0.eaf875c22b5f6.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\431957687\dlreport, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\432633843\ic-0.19b687c602f698.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\432633843\dlreport, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234\ic-0.72a17317142484.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.95ac436d4514e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.bfaa9e68176c7.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.cefaaf2ed8c87.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.db9915aa4c19e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234\ic-0.bfaa9e68176c7.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.95ac436d4514e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.cefaaf2ed8c87.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.db9915aa4c19e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
RiskWare.BitCoinMiner, C:\WINDOWS\SYSTEM32\MCICDA64.DLL, Delete-on-Reboot, [948], [506365],1.0.6961
Adware.Wajam, C:\PROGRAM FILES\NjlhNjVjYzN\WBE_uninstall.dat, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MDEyY.exe, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\mozcrt19.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MzBiYTA2.exe, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\NjM5ZDg3M2Q, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\nspr4.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\nss3.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\ODEyNGNkNjc3M.exe, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\plc4.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\plds4.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\service.dat, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\service_64.dat, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\softokn3.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\YmE2ODNiNzZmNzky.ico, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\WINDOWS\YKGJAUYOYSVATIKD.YKGEA, Delete-on-Reboot, [463], [530164],1.0.6961
PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NMEINLFOJLCEGBLPOGPJBHIPMONCLEJH\2.0.0_0\MANIFEST.JSON, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\colza-field-bee.jpg, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\laptop-empty.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\marq.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\promo.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\scrns.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons\128x128.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons\16x16.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons\favicon.ico, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\_metadata\computed_hashes.json, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\_metadata\verified_contents.json, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\background.js, Delete-on-Reboot, [224], [470343],1.0.6961
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, [14211], [444922],1.0.6961
Generic.Malware/Suspicious, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\FRESHSTRONG.EXE, Delete-on-Reboot, [0], [392686],1.0.6961
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS\FF.HP, Delete-on-Reboot, [222], [380106],1.0.6961
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\ff.NT, Delete-on-Reboot, [222], [380106],1.0.6961
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\snp.sc, Delete-on-Reboot, [222], [380106],1.0.6961
Adware.Linkury.TskLnk, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, [14211], [444923],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\CONFIG.XML, Delete-on-Reboot, [3738], [404859],1.0.6961
Generic.Malware/Suspicious, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\STIMSTRING.EXE, Delete-on-Reboot, [0], [392686],1.0.6961
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\ZUMLEX\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, [14211], [444929],1.0.6961
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Zumlex\uninstall.dat, Delete-on-Reboot, [14211], [444929],1.0.6961
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Zumlex\uninstall.exe, Delete-on-Reboot, [14211], [444929],1.0.6961
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Zumlex\uninstall.ico, Delete-on-Reboot, [14211], [444929],1.0.6961
Adware.Wajam, C:\WINDOWS\SYSTEM32\DRIVERS\YZVJN2E5MZHIZWY1Z.SYS, Delete-on-Reboot, [463], [535778],1.0.6961
Trojan.Agent.VBS, C:\WINDOWS\SYSTEM32\TASKS\jVBtL, Delete-on-Reboot, [2772], [519971],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES\HWXMUG5SI7\UNINSTALLER.EXE, Delete-on-Reboot, [2775], [548720],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\IS-IK84J.TMP\SETUP.EXE, Delete-on-Reboot, [2775], [569767],1.0.6961
Generic.Malware/Suspicious, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\XFOHSWWNJCI\SETUP337.EXE, Delete-on-Reboot, [0], [392686],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\IS-2QASV.TMP\WITHHOLDING.EXE, Delete-on-Reboot, [2775], [568619],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\QJCVMUTTVQD\1ZQNSEQAV1N.EXE, Delete-on-Reboot, [2775], [548720],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\TAYXXQ0SCIA.EXE, Delete-on-Reboot, [2775], [474076],1.0.6961
Adware.Wajam, C:\WINDOWS\MDEYY.EXE, Delete-on-Reboot, [463], [552510],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\IS-PRUAV.TMP\WITHHOLDING.EXE, Delete-on-Reboot, [2775], [568619],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\XQ4VSJWLCH1\FPCNNA5ABIN.EXE, Delete-on-Reboot, [2775], [554557],1.0.6961
Adware.Linkury, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\MATSTRING.BIN, Delete-on-Reboot, [1116], [504848],1.0.6961
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Continue reading...
www.malwarebytes.com
-Log Details-
Scan Date: 9/22/18
Scan Time: 10:30 PM
Log File: 06988cc0-be89-11e8-87a3-6045cbc4563b.json
-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.463
Update Package Version: 1.0.6961
License: Trial
-System Information-
OS: Windows 10 (Build 17134.254)
CPU: x64
File System: NTFS
User: DESKTOP-BKGO32K\aman shukla
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 327107
Threats Detected: 366
Threats Quarantined: 366
Time Elapsed: 10 min, 50 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 11
Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC\CRMSvc.exe, Quarantined, [103], [403162],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe, Quarantined, [2775], [425765],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\Quinwood.exe, Quarantined, [5248], [552310],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, Quarantined, [398], [537387],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MzBiYTA2.exe, Quarantined, [463], [556539],1.0.6961
Module: 13
Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC\CRMSvc.exe, Quarantined, [103], [403162],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe, Quarantined, [2775], [425765],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\Quinwood.exe, Quarantined, [5248], [552310],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, Quarantined, [398], [537387],1.0.6961
RiskWare.BitCoinMiner, C:\WINDOWS\SYSTEM32\MCICDA64.DLL, Quarantined, [948], [506365],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MzBiYTA2.exe, Quarantined, [463], [556539],1.0.6961
Adware.Wajam, C:\WINDOWS\YKGJAUYOYSVATIKD.YKGEA, Quarantined, [463], [530164],1.0.6961
Registry Key: 69
Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CRMSvc, Delete-on-Reboot, [103], [403162],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\UPDATER_ONLINE_APPLICATION, Delete-on-Reboot, [3678], [391429],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DE4CB9FF-40E4-4118-9824-2B9241BCD6AB}, Delete-on-Reboot, [3678], [391429],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{DE4CB9FF-40E4-4118-9824-2B9241BCD6AB}, Delete-on-Reboot, [3678], [391429],1.0.6961
Trojan.Egguard, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SysSvc, Delete-on-Reboot, [5031], [550057],1.0.6961
Adware.DNSUnlocker.ACMB3, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Service, Delete-on-Reboot, [5248], [552310],1.0.6961
Adware.DNSUnlocker.ACMB3, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7753FBBA-09F5-4968-9700-B051AC808831}_is1, Delete-on-Reboot, [5248], [552310],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G1, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CDA44C53-A447-4F7A-B251-606841E866EA}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{CDA44C53-A447-4F7A-B251-606841E866EA}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G2, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{74E83AB6-118E-4214-A7E7-EC3FE0B1644A}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{74E83AB6-118E-4214-A7E7-EC3FE0B1644A}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G3, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2E4FF85-DB00-4104-BFE1-7214C0EA5248}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D2E4FF85-DB00-4104-BFE1-7214C0EA5248}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G4, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{64392E14-A683-4DFB-9CFE-7C879F2D8CE9}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{64392E14-A683-4DFB-9CFE-7C879F2D8CE9}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G5, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0FFF6E41-5F47-4AEE-807F-24069C619EF3}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0FFF6E41-5F47-4AEE-807F-24069C619EF3}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G6, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{948952DB-C617-4F7F-A9BE-5F88477C660B}, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{948952DB-C617-4F7F-A9BE-5F88477C660B}, Delete-on-Reboot, [1141], [399420],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, Delete-on-Reboot, [720], [259987],1.0.6961
Trojan.Agent, HKLM\SOFTWARE\CRMSvc, Delete-on-Reboot, [398], [533736],1.0.6961
Adware.SearchAwesome, HKLM\SOFTWARE\SrcAAAesom Browser Enhancer, Delete-on-Reboot, [7251], [509886],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, Delete-on-Reboot, [720], [259989],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe, Delete-on-Reboot, [720], [260624],1.0.6961
RiskWare.EventSvc, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTSVC, Delete-on-Reboot, [4107], [561519],1.0.6961
PUP.Optional.Wajam, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\WajIEnhance, Delete-on-Reboot, [207], [244670],1.0.6961
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Delete-on-Reboot, [207], [-1],0.0.0
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, Delete-on-Reboot, [426], [518478],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, Delete-on-Reboot, [426], [518476],1.0.6961
Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\EWMON, Delete-on-Reboot, [2775], [411543],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\Speedycar, Delete-on-Reboot, [426], [518473],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\TechnologyDesktopnew, Delete-on-Reboot, [426], [518479],1.0.6961
Adware.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, Delete-on-Reboot, [1116], [527830],1.0.6961
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, Delete-on-Reboot, [2883], [260251],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASAPI32, Delete-on-Reboot, [720], [260623],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASMANCS, Delete-on-Reboot, [720], [260623],1.0.6961
Adware.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, Delete-on-Reboot, [1116], [527830],1.0.6961
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PowerSvc, Delete-on-Reboot, [398], [537387],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [398592],1.0.6961
PUP.Optional.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\wewewe, Delete-on-Reboot, [619], [339689],1.0.6961
Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\BIGTIME, Delete-on-Reboot, [2775], [411542],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online Application, Delete-on-Reboot, [1141], [399423],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online.io Application, Delete-on-Reboot, [3678], [317312],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [339688],1.0.6961
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Delete-on-Reboot, [2883], [260247],1.0.6961
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D1946C87-79CC-462A-A924-D4C43636BF82}, Delete-on-Reboot, [242], [239939],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLICONOVERLAYIDENTIFIERS\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}\InprocServer32, Delete-on-Reboot, [948], [506365],1.0.6961
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NjlhNjVjYzN, Delete-on-Reboot, [463], [556539],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtQuoteex, Delete-on-Reboot, [720], [260625],1.0.6961
Adware.SearchAwesome, HKLM\SOFTWARE\WOW6432NODE\SrcAAAesom Browser Enhancer, Delete-on-Reboot, [7251], [509886],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\DMUNVERSION, Delete-on-Reboot, [426], [518477],1.0.6961
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Delete-on-Reboot, [2883], [260247],1.0.6961
Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NjlhNjVjYzN, Delete-on-Reboot, [463], [533738],1.0.6961
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MzhhZGVj, Delete-on-Reboot, [463], [530164],1.0.6961
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\YzVjN2E5MzhiZWY1Z, Delete-on-Reboot, [463], [535778],1.0.6961
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [207], [170024],1.0.6961
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [207], [170024],1.0.6961
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [207], [170024],1.0.6961
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\jVBtL, Delete-on-Reboot, [2772], [519971],1.0.6961
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B83CA01A-D138-4C5D-A0EB-A510F07F4B00}, Delete-on-Reboot, [2772], [519971],1.0.6961
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{B83CA01A-D138-4C5D-A0EB-A510F07F4B00}, Delete-on-Reboot, [2772], [519971],1.0.6961
Registry Value: 40
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Delete-on-Reboot, [720], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Delete-on-Reboot, [720], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\ENVIRONMENT|SNF, Delete-on-Reboot, [720], [-1],0.0.0
Adware.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ShutdownTime, Delete-on-Reboot, [2775], [425765],1.0.6961
Trojan.Agent.VBS, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MicrosoftRuntimeUpdate, Delete-on-Reboot, [2772], [536192],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0FFF6E41-5F47-4AEE-807F-24069C619EF3}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, Delete-on-Reboot, [720], [259987],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{64392E14-A683-4DFB-9CFE-7C879F2D8CE9}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{74E83AB6-118E-4214-A7E7-EC3FE0B1644A}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{948952DB-C617-4F7F-A9BE-5F88477C660B}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CDA44C53-A447-4F7A-B251-606841E866EA}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2E4FF85-DB00-4104-BFE1-7214C0EA5248}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DE4CB9FF-40E4-4118-9824-2B9241BCD6AB}|PATH, Delete-on-Reboot, [3678], [391427],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, Delete-on-Reboot, [720], [259989],1.0.6961
RiskWare.EventSvc, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTSVC|IMAGEPATH, Delete-on-Reboot, [4107], [561519],1.0.6961
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{318aac38-51bb-4ef0-91e9-b0a1f16550ed}|NAMESERVER, Delete-on-Reboot, [7550], [260227],1.0.6961
PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [207], [-1],0.0.0
PUP.Optional.Wajam, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [207], [-1],0.0.0
PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [207], [-1],0.0.0
Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\EWMON|PARTNER, Delete-on-Reboot, [2775], [411543],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Delete-on-Reboot, [720], [259988],1.0.6961
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Delete-on-Reboot, [242], [259314],1.0.6961
Trojan.Egguard, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SYSSVC|IMAGEPATH, Delete-on-Reboot, [5031], [550056],1.0.6961
Adware.DNSUnlocker.ACMB3, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UPDATE SERVICE|IMAGEPATH, Delete-on-Reboot, [5248], [552317],1.0.6961
Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CRMSVC|IMAGEPATH, Delete-on-Reboot, [103], [403160],1.0.6961
Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\BIGTIME|PARTNER, Delete-on-Reboot, [2775], [411542],1.0.6961
PUP.Optional.Linkury, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, Delete-on-Reboot, [242], [259313],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|CONTACT, Delete-on-Reboot, [3678], [333852],1.0.6961
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|URLINFOABOUT, Delete-on-Reboot, [3678], [321304],1.0.6961
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D1946C87-79CC-462A-A924-D4C43636BF82}|PUBLISHER, Delete-on-Reboot, [242], [239939],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELL EXTENSIONS\APPROVED|{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\ENVIRONMENT|SNF, Delete-on-Reboot, [720], [259517],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\ENVIRONMENT|SNP, Delete-on-Reboot, [720], [259518],1.0.6961
Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\DMUNVERSION|VERSION, Delete-on-Reboot, [426], [518477],1.0.6961
Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NjlhNjVjYzN|DISPLAYNAME, Delete-on-Reboot, [463], [533738],1.0.6961
Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NjlhNjVjYzN|PUBLISHER, Delete-on-Reboot, [463], [533738],1.0.6961
Adware.DNSUnlocker.ACMB3, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7753FBBA-09F5-4968-9700-B051AC808831}_is1|DISPLAYNAME, Delete-on-Reboot, [5248], [552316],1.0.6961
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MzhhZGVj|IMAGEPATH, Delete-on-Reboot, [463], [530164],1.0.6961
Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POWERSVC|IMAGEPATH, Delete-on-Reboot, [398], [537386],1.0.6961
Registry Data: 19
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, Replace-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, Replace-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Replace-on-Reboot, [720], [293485],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replace-on-Reboot, [720], [293485],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Replace-on-Reboot, [720], [293485],1.0.6961
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Replace-on-Reboot, [720], [293485],1.0.6961
PUP.Optional.Linkury, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replace-on-Reboot, [242], [293476],1.0.6961
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replace-on-Reboot, [242], [293477],1.0.6961
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0edf278e-efaf-451b-8520-151d97a7d4b4}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0edf278e-efaf-451b-8520-151d97a7d4b4}|DhcpNameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{318aac38-51bb-4ef0-91e9-b0a1f16550ed}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{318aac38-51bb-4ef0-91e9-b0a1f16550ed}|DhcpNameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{d9efb5e2-79ef-4da7-9d07-849813b99883}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{edbdf693-22d8-43e1-aefd-6a5dfaaa582d}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f60d45a3-d4e7-4042-bb82-445123257273}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{fdcacaf0-2028-4957-b9b7-4b20ccc43c23}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Replace-on-Reboot, [720], [293486],1.0.6961
Data Stream: 0
(No malicious items detected)
Folder: 40
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\ondemand, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.WinNetSvc, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\WMPNETWORKACSVC, Delete-on-Reboot, [753], [346624],1.0.6961
Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC, Delete-on-Reboot, [103], [403162],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\SHUTDOWNTIME, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\0ZKH8JK4HC, Delete-on-Reboot, [2775], [487472],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en_US, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\NTVHOST, Delete-on-Reboot, [5031], [550057],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\EXAMS, Delete-on-Reboot, [2775], [569781],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\PROGRAM FILES\fik Quinwood Updater, Delete-on-Reboot, [5248], [552310],1.0.6961
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [391425],1.0.6961
Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0\install, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\MICROLEAVES, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\X64, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\X86, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE, Delete-on-Reboot, [1116], [431817],1.0.6961
Trojan.Agent, C:\WINDOWS\SYSWOW64\SSL, Delete-on-Reboot, [398], [479103],1.0.6961
Adware.DNSUnlocker.Generic, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\fik Quinwood Updater, Delete-on-Reboot, [3491], [568543],1.0.6961
Adware.Wajam, C:\WINDOWS\SYSWOW64\SSL, Delete-on-Reboot, [463], [533889],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\431957687, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\432633843, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234, Delete-on-Reboot, [415], [463480],1.0.6961
Adware.Wajam, C:\PROGRAM FILES\NjlhNjVjYzN, Delete-on-Reboot, [463], [556539],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\_metadata, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NMEINLFOJLCEGBLPOGPJBHIPMONCLEJH, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS, Delete-on-Reboot, [222], [380106],1.0.6961
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\ZUMLEX, Delete-on-Reboot, [14211], [444929],1.0.6961
File: 174
PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX\conf.config, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Dentotough.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Dongtam.dll, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Doubledamstrong.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Faseex.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\HotTech.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Ittam.dll, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\md.xml, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\New-Tough.exe, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\New-Tough.exe.config, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.d.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Sololux.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Solstrong.exe, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Solstrong.exe.config, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\TampHold.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Techstrong.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Trans-Lab.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Triotam.bin, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\uninstall.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Uno-Tip.dat, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\vblh5rpf.xml, Delete-on-Reboot, [720], [260620],1.0.6961
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [391431],1.0.6961
PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, Delete-on-Reboot, [720], [259512],1.0.6961
PUP.Optional.WinNetSvc, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\WMPNETWORKACSVC\CONFIG.INI, Delete-on-Reboot, [753], [346624],1.0.6961
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\UPDATER_ONLINE_APPLICATION.JOB, Delete-on-Reboot, [3678], [391430],1.0.6961
Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC\CRMSvc.exe, Delete-on-Reboot, [103], [403162],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, Delete-on-Reboot, [3738], [404862],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\MD.XML, Delete-on-Reboot, [3738], [404866],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\NOAH.DAT, Delete-on-Reboot, [3738], [404865],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\AGENT.DAT, Delete-on-Reboot, [3738], [404872],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\SHUTDOWNTIME\UNINS000.DAT, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\9AD.exe, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\cast.config, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\config.conf, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\MTKMYV1GDB0YT9D.exe.config, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\NHSTS.exe.config, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\unins000.exe, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\uninstaller.exe.config, Delete-on-Reboot, [2775], [425765],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\Freshstrong.tst, Delete-on-Reboot, [3738], [404871],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\0ZKH8JK4HC\up.exe.config, Delete-on-Reboot, [2775], [487472],1.0.6961
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\UPDATER_ONLINE_APPLICATION, Delete-on-Reboot, [3678], [391429],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\SHAM.DB, Delete-on-Reboot, [3738], [516191],1.0.6961
Trojan.Egguard, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\NTVHOST\SYSSVC.EXE, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\128.png, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\16.png, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\32.png, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\48.png, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en\messages.json, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en_US\messages.json, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\background.html, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\background.js, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\manifest.json, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\host.json, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\native.exe, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ntd.cfg, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\syssvc.exe.config, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\syssvc.wrapper.log, Delete-on-Reboot, [5031], [550057],1.0.6961
Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\syssvc.xml, Delete-on-Reboot, [5031], [550057],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES (X86)\EXAMS\3232493.exe.config, Delete-on-Reboot, [2775], [569781],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\Exams\4154234.exe, Delete-on-Reboot, [2775], [569781],1.0.6961
Adware.Tuto4PC, C:\Program Files (x86)\Exams\4154234.exe.config, Delete-on-Reboot, [2775], [569781],1.0.6961
Adware.Linkury.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\SHAM.DB, Delete-on-Reboot, [3738], [516189],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G1.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G2.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G3.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G4.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G5.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G6.job, Delete-on-Reboot, [1141], [527823],1.0.6961
Trojan.Agent.VBS, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\LIBRARIES\MicrosoftRuntimeUpdate.vbe, Delete-on-Reboot, [2772], [536192],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\PROGRAM FILES\fik Quinwood Updater\unins000.dat, Delete-on-Reboot, [5248], [552310],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\Quinwood.exe, Delete-on-Reboot, [5248], [552310],1.0.6961
Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\unins000.exe, Delete-on-Reboot, [5248], [552310],1.0.6961
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, Delete-on-Reboot, [3678], [391425],1.0.6961
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, Delete-on-Reboot, [3678], [391425],1.0.6961
Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1\Basic Installer with memory detection.msi, Delete-on-Reboot, [1141], [399763],1.0.6961
Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES\Online Application\Online Application Updater.exe, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io EULA.url, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io Privacy.url, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Uninstall Online Application.lnk, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.ini, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G1, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G2, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G3, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G4, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G5, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G6, Delete-on-Reboot, [1141], [399420],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\X64\SQLite.Interop.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\Config.json, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe.config, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.Linq.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.xml, Delete-on-Reboot, [1116], [431817],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\Stimstring.tst, Delete-on-Reboot, [3738], [404871],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\MAIN.DAT, Delete-on-Reboot, [3738], [442900],1.0.6961
Trojan.Agent, C:\WINDOWS\SYSWOW64\SSL\XV.DB, Delete-on-Reboot, [398], [479103],1.0.6961
Trojan.Agent, C:\Windows\SysWOW64\SSL\cert.db, Delete-on-Reboot, [398], [479103],1.0.6961
Trojan.Agent, C:\Windows\SysWOW64\SSL\NmRiNWY5NzQ 2.cer, Delete-on-Reboot, [398], [479103],1.0.6961
Adware.DNSUnlocker.Generic, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fik Quinwood Updater\fik Quinwood Updater.lnk, Delete-on-Reboot, [3491], [568543],1.0.6961
RiskWare.EventSvc, C:\PROGRAMDATA\MICROSOFT\WINDOWS\EVENTSVC\EVENTSVC.EXE, Delete-on-Reboot, [4107], [561519],1.0.6961
Adware.Wajam, C:\WINDOWS\SYSWOW64\SSL\CERT.DB, Delete-on-Reboot, [463], [533889],1.0.6961
Adware.Wajam, C:\Windows\SysWOW64\SSL\NmRiNWY5NzQ 2.cer, Delete-on-Reboot, [463], [533889],1.0.6961
Adware.Wajam, C:\Windows\SysWOW64\SSL\xv.db, Delete-on-Reboot, [463], [533889],1.0.6961
Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, Delete-on-Reboot, [398], [537387],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\431957687\ic-0.eaf875c22b5f6.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\431957687\dlreport, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\432633843\ic-0.19b687c602f698.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\432633843\dlreport, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234\ic-0.72a17317142484.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.95ac436d4514e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.bfaa9e68176c7.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.cefaaf2ed8c87.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.db9915aa4c19e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234\ic-0.bfaa9e68176c7.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.95ac436d4514e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.cefaaf2ed8c87.exe, Delete-on-Reboot, [415], [463480],1.0.6961
PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.db9915aa4c19e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
RiskWare.BitCoinMiner, C:\WINDOWS\SYSTEM32\MCICDA64.DLL, Delete-on-Reboot, [948], [506365],1.0.6961
Adware.Wajam, C:\PROGRAM FILES\NjlhNjVjYzN\WBE_uninstall.dat, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MDEyY.exe, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\mozcrt19.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MzBiYTA2.exe, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\NjM5ZDg3M2Q, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\nspr4.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\nss3.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\ODEyNGNkNjc3M.exe, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\plc4.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\plds4.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\service.dat, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\service_64.dat, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\softokn3.dll, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\Program Files\NjlhNjVjYzN\YmE2ODNiNzZmNzky.ico, Delete-on-Reboot, [463], [556539],1.0.6961
Adware.Wajam, C:\WINDOWS\YKGJAUYOYSVATIKD.YKGEA, Delete-on-Reboot, [463], [530164],1.0.6961
PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NMEINLFOJLCEGBLPOGPJBHIPMONCLEJH\2.0.0_0\MANIFEST.JSON, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\colza-field-bee.jpg, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\laptop-empty.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\marq.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\promo.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\scrns.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons\128x128.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons\16x16.png, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons\favicon.ico, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\_metadata\computed_hashes.json, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\_metadata\verified_contents.json, Delete-on-Reboot, [224], [470343],1.0.6961
PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\background.js, Delete-on-Reboot, [224], [470343],1.0.6961
Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, [14211], [444922],1.0.6961
Generic.Malware/Suspicious, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\FRESHSTRONG.EXE, Delete-on-Reboot, [0], [392686],1.0.6961
PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS\FF.HP, Delete-on-Reboot, [222], [380106],1.0.6961
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\ff.NT, Delete-on-Reboot, [222], [380106],1.0.6961
PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\snp.sc, Delete-on-Reboot, [222], [380106],1.0.6961
Adware.Linkury.TskLnk, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, [14211], [444923],1.0.6961
Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\CONFIG.XML, Delete-on-Reboot, [3738], [404859],1.0.6961
Generic.Malware/Suspicious, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\STIMSTRING.EXE, Delete-on-Reboot, [0], [392686],1.0.6961
Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\ZUMLEX\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, [14211], [444929],1.0.6961
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Zumlex\uninstall.dat, Delete-on-Reboot, [14211], [444929],1.0.6961
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Zumlex\uninstall.exe, Delete-on-Reboot, [14211], [444929],1.0.6961
Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Zumlex\uninstall.ico, Delete-on-Reboot, [14211], [444929],1.0.6961
Adware.Wajam, C:\WINDOWS\SYSTEM32\DRIVERS\YZVJN2E5MZHIZWY1Z.SYS, Delete-on-Reboot, [463], [535778],1.0.6961
Trojan.Agent.VBS, C:\WINDOWS\SYSTEM32\TASKS\jVBtL, Delete-on-Reboot, [2772], [519971],1.0.6961
Adware.Tuto4PC, C:\PROGRAM FILES\HWXMUG5SI7\UNINSTALLER.EXE, Delete-on-Reboot, [2775], [548720],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\IS-IK84J.TMP\SETUP.EXE, Delete-on-Reboot, [2775], [569767],1.0.6961
Generic.Malware/Suspicious, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\XFOHSWWNJCI\SETUP337.EXE, Delete-on-Reboot, [0], [392686],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\IS-2QASV.TMP\WITHHOLDING.EXE, Delete-on-Reboot, [2775], [568619],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\QJCVMUTTVQD\1ZQNSEQAV1N.EXE, Delete-on-Reboot, [2775], [548720],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\TAYXXQ0SCIA.EXE, Delete-on-Reboot, [2775], [474076],1.0.6961
Adware.Wajam, C:\WINDOWS\MDEYY.EXE, Delete-on-Reboot, [463], [552510],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\IS-PRUAV.TMP\WITHHOLDING.EXE, Delete-on-Reboot, [2775], [568619],1.0.6961
Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\XQ4VSJWLCH1\FPCNNA5ABIN.EXE, Delete-on-Reboot, [2775], [554557],1.0.6961
Adware.Linkury, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\MATSTRING.BIN, Delete-on-Reboot, [1116], [504848],1.0.6961
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Continue reading...