Windows 10: i m stuck to this may be the trojan is hidden in my computer and the defender is unable to...

Discus and support i m stuck to this may be the trojan is hidden in my computer and the defender is unable to... in AntiVirus, Firewalls and System Security to solve the problem; Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 9/22/18 Scan Time: 10:30 PM Log File: 06988cc0-be89-11e8-87a3-6045cbc4563b.json -Software... Discussion in 'AntiVirus, Firewalls and System Security' started by AmanShukla2, Sep 22, 2018.

  1. AMANSHUKLA2
    AmanShukla2 Win User

    i m stuck to this may be the trojan is hidden in my computer and the defender is unable to...


    Malwarebytes
    www.malwarebytes.com
    -Log Details-
    Scan Date: 9/22/18
    Scan Time: 10:30 PM
    Log File: 06988cc0-be89-11e8-87a3-6045cbc4563b.json
    -Software Information-
    Version: 3.6.1.2711
    Components Version: 1.0.463
    Update Package Version: 1.0.6961
    License: Trial
    -System Information-
    OS: Windows 10 (Build 17134.254)
    CPU: x64
    File System: NTFS
    User: DESKTOP-BKGO32K\aman shukla
    -Scan Summary-
    Scan Type: Threat Scan
    Scan Initiated By: Manual
    Result: Completed
    Objects Scanned: 327107
    Threats Detected: 366
    Threats Quarantined: 366
    Time Elapsed: 10 min, 50 sec
    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect
    -Scan Details-
    Process: 11
    Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC\CRMSvc.exe, Quarantined, [103], [403162],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe, Quarantined, [2775], [425765],1.0.6961
    Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\Quinwood.exe, Quarantined, [5248], [552310],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, Quarantined, [398], [537387],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MzBiYTA2.exe, Quarantined, [463], [556539],1.0.6961
    Module: 13
    Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC\CRMSvc.exe, Quarantined, [103], [403162],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe, Quarantined, [2775], [425765],1.0.6961
    Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\Quinwood.exe, Quarantined, [5248], [552310],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Quarantined, [1141], [399420],1.0.6961
    Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, Quarantined, [398], [537387],1.0.6961
    RiskWare.BitCoinMiner, C:\WINDOWS\SYSTEM32\MCICDA64.DLL, Quarantined, [948], [506365],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MzBiYTA2.exe, Quarantined, [463], [556539],1.0.6961
    Adware.Wajam, C:\WINDOWS\YKGJAUYOYSVATIKD.YKGEA, Quarantined, [463], [530164],1.0.6961
    Registry Key: 69
    Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CRMSvc, Delete-on-Reboot, [103], [403162],1.0.6961
    PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\UPDATER_ONLINE_APPLICATION, Delete-on-Reboot, [3678], [391429],1.0.6961
    PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DE4CB9FF-40E4-4118-9824-2B9241BCD6AB}, Delete-on-Reboot, [3678], [391429],1.0.6961
    PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{DE4CB9FF-40E4-4118-9824-2B9241BCD6AB}, Delete-on-Reboot, [3678], [391429],1.0.6961
    Trojan.Egguard, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SysSvc, Delete-on-Reboot, [5031], [550057],1.0.6961
    Adware.DNSUnlocker.ACMB3, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Service, Delete-on-Reboot, [5248], [552310],1.0.6961
    Adware.DNSUnlocker.ACMB3, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7753FBBA-09F5-4968-9700-B051AC808831}_is1, Delete-on-Reboot, [5248], [552310],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G1, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CDA44C53-A447-4F7A-B251-606841E866EA}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{CDA44C53-A447-4F7A-B251-606841E866EA}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G2, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{74E83AB6-118E-4214-A7E7-EC3FE0B1644A}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{74E83AB6-118E-4214-A7E7-EC3FE0B1644A}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G3, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2E4FF85-DB00-4104-BFE1-7214C0EA5248}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{D2E4FF85-DB00-4104-BFE1-7214C0EA5248}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G4, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{64392E14-A683-4DFB-9CFE-7C879F2D8CE9}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{64392E14-A683-4DFB-9CFE-7C879F2D8CE9}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G5, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0FFF6E41-5F47-4AEE-807F-24069C619EF3}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{0FFF6E41-5F47-4AEE-807F-24069C619EF3}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application V2G6, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{948952DB-C617-4F7F-A9BE-5F88477C660B}, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{948952DB-C617-4F7F-A9BE-5F88477C660B}, Delete-on-Reboot, [1141], [399420],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}, Delete-on-Reboot, [720], [259987],1.0.6961
    Trojan.Agent, HKLM\SOFTWARE\CRMSvc, Delete-on-Reboot, [398], [533736],1.0.6961
    Adware.SearchAwesome, HKLM\SOFTWARE\SrcAAAesom Browser Enhancer, Delete-on-Reboot, [7251], [509886],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch, Delete-on-Reboot, [720], [259989],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe, Delete-on-Reboot, [720], [260624],1.0.6961
    RiskWare.EventSvc, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTSVC, Delete-on-Reboot, [4107], [561519],1.0.6961
    PUP.Optional.Wajam, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\WajIEnhance, Delete-on-Reboot, [207], [244670],1.0.6961
    PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Delete-on-Reboot, [207], [-1],0.0.0
    Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\campaign9961, Delete-on-Reboot, [426], [518478],1.0.6961
    Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\multitimercampaign84170, Delete-on-Reboot, [426], [518476],1.0.6961
    Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\EWMON, Delete-on-Reboot, [2775], [411543],1.0.6961
    Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\Speedycar, Delete-on-Reboot, [426], [518473],1.0.6961
    Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\TechnologyDesktopnew, Delete-on-Reboot, [426], [518479],1.0.6961
    Adware.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, Delete-on-Reboot, [1116], [527830],1.0.6961
    PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, Delete-on-Reboot, [2883], [260251],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASAPI32, Delete-on-Reboot, [720], [260623],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Quoteex_RASMANCS, Delete-on-Reboot, [720], [260623],1.0.6961
    Adware.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\Quoteex.exe, Delete-on-Reboot, [1116], [527830],1.0.6961
    Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PowerSvc, Delete-on-Reboot, [398], [537387],1.0.6961
    PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [398592],1.0.6961
    PUP.Optional.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\wewewe, Delete-on-Reboot, [619], [339689],1.0.6961
    Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\BIGTIME, Delete-on-Reboot, [2775], [411542],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online Application, Delete-on-Reboot, [1141], [399423],1.0.6961
    PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\Online.io Application, Delete-on-Reboot, [3678], [317312],1.0.6961
    PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROLEAVES\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [339688],1.0.6961
    PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Delete-on-Reboot, [2883], [260247],1.0.6961
    PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D1946C87-79CC-462A-A924-D4C43636BF82}, Delete-on-Reboot, [242], [239939],1.0.6961
    RiskWare.BitCoinMiner, HKLM\SOFTWARE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
    RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLICONOVERLAYIDENTIFIERS\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
    RiskWare.BitCoinMiner, HKLM\SOFTWARE\CLASSES\CLSID\{BFD98515-CD74-48A4-98E2-13D209E3EE4F}\InprocServer32, Delete-on-Reboot, [948], [506365],1.0.6961
    Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NjlhNjVjYzN, Delete-on-Reboot, [463], [556539],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtQuoteex, Delete-on-Reboot, [720], [260625],1.0.6961
    Adware.SearchAwesome, HKLM\SOFTWARE\WOW6432NODE\SrcAAAesom Browser Enhancer, Delete-on-Reboot, [7251], [509886],1.0.6961
    Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\DMUNVERSION, Delete-on-Reboot, [426], [518477],1.0.6961
    PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, Delete-on-Reboot, [2883], [260247],1.0.6961
    Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NjlhNjVjYzN, Delete-on-Reboot, [463], [533738],1.0.6961
    Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MzhhZGVj, Delete-on-Reboot, [463], [530164],1.0.6961
    Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\YzVjN2E5MzhiZWY1Z, Delete-on-Reboot, [463], [535778],1.0.6961
    PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [207], [170024],1.0.6961
    PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [207], [170024],1.0.6961
    PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [207], [170024],1.0.6961
    Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\jVBtL, Delete-on-Reboot, [2772], [519971],1.0.6961
    Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B83CA01A-D138-4C5D-A0EB-A510F07F4B00}, Delete-on-Reboot, [2772], [519971],1.0.6961
    Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{B83CA01A-D138-4C5D-A0EB-A510F07F4B00}, Delete-on-Reboot, [2772], [519971],1.0.6961
    Registry Value: 40
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Delete-on-Reboot, [720], [-1],0.0.0
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Delete-on-Reboot, [720], [-1],0.0.0
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\ENVIRONMENT|SNF, Delete-on-Reboot, [720], [-1],0.0.0
    Adware.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ShutdownTime, Delete-on-Reboot, [2775], [425765],1.0.6961
    Trojan.Agent.VBS, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MicrosoftRuntimeUpdate, Delete-on-Reboot, [2772], [536192],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0FFF6E41-5F47-4AEE-807F-24069C619EF3}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, Delete-on-Reboot, [720], [259987],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{64392E14-A683-4DFB-9CFE-7C879F2D8CE9}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{74E83AB6-118E-4214-A7E7-EC3FE0B1644A}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{948952DB-C617-4F7F-A9BE-5F88477C660B}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CDA44C53-A447-4F7A-B251-606841E866EA}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
    Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D2E4FF85-DB00-4104-BFE1-7214C0EA5248}|PATH, Delete-on-Reboot, [1141], [527820],1.0.6961
    PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DE4CB9FF-40E4-4118-9824-2B9241BCD6AB}|PATH, Delete-on-Reboot, [3678], [391427],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, Delete-on-Reboot, [720], [259989],1.0.6961
    RiskWare.EventSvc, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTSVC|IMAGEPATH, Delete-on-Reboot, [4107], [561519],1.0.6961
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{318aac38-51bb-4ef0-91e9-b0a1f16550ed}|NAMESERVER, Delete-on-Reboot, [7550], [260227],1.0.6961
    PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [207], [-1],0.0.0
    PUP.Optional.Wajam, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [207], [-1],0.0.0
    PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [207], [-1],0.0.0
    Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\EWMON|PARTNER, Delete-on-Reboot, [2775], [411543],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|DEFAULT, Delete-on-Reboot, [720], [259988],1.0.6961
    PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DISPLAYNAME, Delete-on-Reboot, [242], [259314],1.0.6961
    Trojan.Egguard, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SYSSVC|IMAGEPATH, Delete-on-Reboot, [5031], [550056],1.0.6961
    Adware.DNSUnlocker.ACMB3, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UPDATE SERVICE|IMAGEPATH, Delete-on-Reboot, [5248], [552317],1.0.6961
    Adware.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CRMSVC|IMAGEPATH, Delete-on-Reboot, [103], [403160],1.0.6961
    Adware.Tuto4PC, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\BIGTIME|PARTNER, Delete-on-Reboot, [2775], [411542],1.0.6961
    PUP.Optional.Linkury, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DISPLAYNAME, Delete-on-Reboot, [242], [259313],1.0.6961
    PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|CONTACT, Delete-on-Reboot, [3678], [333852],1.0.6961
    PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}|URLINFOABOUT, Delete-on-Reboot, [3678], [321304],1.0.6961
    PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{D1946C87-79CC-462A-A924-D4C43636BF82}|PUBLISHER, Delete-on-Reboot, [242], [239939],1.0.6961
    RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHELLEXECUTEHOOKS|{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
    RiskWare.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\SHELL EXTENSIONS\APPROVED|{BFD98515-CD74-48A4-98E2-13D209E3EE4F}, Delete-on-Reboot, [948], [506365],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\ENVIRONMENT|SNF, Delete-on-Reboot, [720], [259517],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\ENVIRONMENT|SNP, Delete-on-Reboot, [720], [259518],1.0.6961
    Adware.ICLoader, HKLM\SOFTWARE\MICROSOFT\DMUNVERSION|VERSION, Delete-on-Reboot, [426], [518477],1.0.6961
    Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NjlhNjVjYzN|DISPLAYNAME, Delete-on-Reboot, [463], [533738],1.0.6961
    Adware.Wajam, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\NjlhNjVjYzN|PUBLISHER, Delete-on-Reboot, [463], [533738],1.0.6961
    Adware.DNSUnlocker.ACMB3, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7753FBBA-09F5-4968-9700-B051AC808831}_is1|DISPLAYNAME, Delete-on-Reboot, [5248], [552316],1.0.6961
    Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MzhhZGVj|IMAGEPATH, Delete-on-Reboot, [463], [530164],1.0.6961
    Trojan.Agent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\POWERSVC|IMAGEPATH, Delete-on-Reboot, [398], [537386],1.0.6961
    Registry Data: 19
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, Replace-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, Replace-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH PAGE, Replace-on-Reboot, [720], [293485],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replace-on-Reboot, [720], [293485],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCH BAR, Replace-on-Reboot, [720], [293485],1.0.6961
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SEARCHASSISTANT, Replace-on-Reboot, [720], [293485],1.0.6961
    PUP.Optional.Linkury, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replace-on-Reboot, [242], [293476],1.0.6961
    PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DEFAULTSCOPE, Replace-on-Reboot, [242], [293477],1.0.6961
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0edf278e-efaf-451b-8520-151d97a7d4b4}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{0edf278e-efaf-451b-8520-151d97a7d4b4}|DhcpNameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{318aac38-51bb-4ef0-91e9-b0a1f16550ed}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{318aac38-51bb-4ef0-91e9-b0a1f16550ed}|DhcpNameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{d9efb5e2-79ef-4da7-9d07-849813b99883}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{edbdf693-22d8-43e1-aefd-6a5dfaaa582d}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{f60d45a3-d4e7-4042-bb82-445123257273}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{fdcacaf0-2028-4957-b9b7-4b20ccc43c23}|NameServer, Replace-on-Reboot, [7550], [-1],0.0.0
    PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-505047028-3334559609-311164196-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|DEFAULT_SEARCH_URL, Replace-on-Reboot, [720], [293486],1.0.6961
    Data Stream: 0
    (No malicious items detected)
    Folder: 40
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\ondemand, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.WinNetSvc, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\WMPNETWORKACSVC, Delete-on-Reboot, [753], [346624],1.0.6961
    Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC, Delete-on-Reboot, [103], [403162],1.0.6961
    Adware.Tuto4PC, C:\PROGRAM FILES (X86)\SHUTDOWNTIME, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\0ZKH8JK4HC, Delete-on-Reboot, [2775], [487472],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en_US, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\NTVHOST, Delete-on-Reboot, [5031], [550057],1.0.6961
    Adware.Tuto4PC, C:\PROGRAM FILES (X86)\EXAMS, Delete-on-Reboot, [2775], [569781],1.0.6961
    Adware.DNSUnlocker.ACMB3, C:\PROGRAM FILES\fik Quinwood Updater, Delete-on-Reboot, [5248], [552310],1.0.6961
    PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [391425],1.0.6961
    Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1, Delete-on-Reboot, [1141], [399763],1.0.6961
    Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0\install, Delete-on-Reboot, [1141], [399763],1.0.6961
    Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0, Delete-on-Reboot, [1141], [399763],1.0.6961
    Adware.OnlineIO, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\MICROLEAVES, Delete-on-Reboot, [1141], [399763],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.Linkury, C:\ProgramData\Logic Cramble\X64, Delete-on-Reboot, [1116], [431817],1.0.6961
    Adware.Linkury, C:\ProgramData\Logic Cramble\X86, Delete-on-Reboot, [1116], [431817],1.0.6961
    Adware.Linkury, C:\PROGRAMDATA\LOGIC CRAMBLE, Delete-on-Reboot, [1116], [431817],1.0.6961
    Trojan.Agent, C:\WINDOWS\SYSWOW64\SSL, Delete-on-Reboot, [398], [479103],1.0.6961
    Adware.DNSUnlocker.Generic, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\fik Quinwood Updater, Delete-on-Reboot, [3491], [568543],1.0.6961
    Adware.Wajam, C:\WINDOWS\SYSWOW64\SSL, Delete-on-Reboot, [463], [533889],1.0.6961
    PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\431957687, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\432633843, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234, Delete-on-Reboot, [415], [463480],1.0.6961
    Adware.Wajam, C:\PROGRAM FILES\NjlhNjVjYzN, Delete-on-Reboot, [463], [556539],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\_metadata, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NMEINLFOJLCEGBLPOGPJBHIPMONCLEJH, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS, Delete-on-Reboot, [222], [380106],1.0.6961
    Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\ZUMLEX, Delete-on-Reboot, [14211], [444929],1.0.6961
    File: 174
    PUP.Optional.Linkury.ACMB1, C:\PROGRAMDATA\QUOTEEX\conf.config, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Dentotough.bin, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Dongtam.dll, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Doubledamstrong.dat, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Faseex.dat, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\HotTech.bin, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Ittam.dll, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\md.xml, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\New-Tough.exe, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\New-Tough.exe.config, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.d.dat, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.dat, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Sololux.bin, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Solstrong.exe, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Solstrong.exe.config, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\TampHold.bin, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Techstrong.bin, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Trans-Lab.bin, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Triotam.bin, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\uninstall.dat, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Uno-Tip.dat, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\vblh5rpf.xml, Delete-on-Reboot, [720], [260620],1.0.6961
    PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Delete-on-Reboot, [3678], [391431],1.0.6961
    PUP.Optional.Linkury.ACMB1, C:\WINDOWS\SYSWOW64\FINDIT.XML, Delete-on-Reboot, [720], [259512],1.0.6961
    PUP.Optional.WinNetSvc, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\WMPNETWORKACSVC\CONFIG.INI, Delete-on-Reboot, [753], [346624],1.0.6961
    PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\UPDATER_ONLINE_APPLICATION.JOB, Delete-on-Reboot, [3678], [391430],1.0.6961
    Adware.Agent, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\CRMSVC\CRMSvc.exe, Delete-on-Reboot, [103], [403162],1.0.6961
    Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\UNINSTALL_TEMP.ICO, Delete-on-Reboot, [3738], [404862],1.0.6961
    Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\MD.XML, Delete-on-Reboot, [3738], [404866],1.0.6961
    Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\NOAH.DAT, Delete-on-Reboot, [3738], [404865],1.0.6961
    Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\AGENT.DAT, Delete-on-Reboot, [3738], [404872],1.0.6961
    Adware.Tuto4PC, C:\PROGRAM FILES (X86)\SHUTDOWNTIME\UNINS000.DAT, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\9AD.exe, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\cast.config, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\config.conf, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\MTKMYV1GDB0YT9D.exe.config, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\NHSTS.exe.config, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\ShutdownTime.exe, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\unins000.exe, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\ShutdownTime\uninstaller.exe.config, Delete-on-Reboot, [2775], [425765],1.0.6961
    Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\Freshstrong.tst, Delete-on-Reboot, [3738], [404871],1.0.6961
    Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\0ZKH8JK4HC\up.exe.config, Delete-on-Reboot, [2775], [487472],1.0.6961
    PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\UPDATER_ONLINE_APPLICATION, Delete-on-Reboot, [3678], [391429],1.0.6961
    Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\SHAM.DB, Delete-on-Reboot, [3738], [516191],1.0.6961
    Trojan.Egguard, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\NTVHOST\SYSSVC.EXE, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\128.png, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\16.png, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\32.png, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\ico\48.png, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en\messages.json, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\_locales\en_US\messages.json, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\background.html, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\background.js, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ext\manifest.json, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\host.json, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\native.exe, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\ntd.cfg, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\syssvc.exe.config, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\syssvc.wrapper.log, Delete-on-Reboot, [5031], [550057],1.0.6961
    Trojan.Egguard, C:\Users\aman shukla\AppData\Local\NtvHost\syssvc.xml, Delete-on-Reboot, [5031], [550057],1.0.6961
    Adware.Tuto4PC, C:\PROGRAM FILES (X86)\EXAMS\3232493.exe.config, Delete-on-Reboot, [2775], [569781],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\Exams\4154234.exe, Delete-on-Reboot, [2775], [569781],1.0.6961
    Adware.Tuto4PC, C:\Program Files (x86)\Exams\4154234.exe.config, Delete-on-Reboot, [2775], [569781],1.0.6961
    Adware.Linkury.Generic, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\SHAM.DB, Delete-on-Reboot, [3738], [516189],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G1.job, Delete-on-Reboot, [1141], [527823],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G2.job, Delete-on-Reboot, [1141], [527823],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G3.job, Delete-on-Reboot, [1141], [527823],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G4.job, Delete-on-Reboot, [1141], [527823],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G5.job, Delete-on-Reboot, [1141], [527823],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\TASKS\Online Application V2G6.job, Delete-on-Reboot, [1141], [527823],1.0.6961
    Trojan.Agent.VBS, C:\USERS\AMAN SHUKLA\APPDATA\ROAMING\LIBRARIES\MicrosoftRuntimeUpdate.vbe, Delete-on-Reboot, [2772], [536192],1.0.6961
    Adware.DNSUnlocker.ACMB3, C:\PROGRAM FILES\fik Quinwood Updater\unins000.dat, Delete-on-Reboot, [5248], [552310],1.0.6961
    Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\Quinwood.exe, Delete-on-Reboot, [5248], [552310],1.0.6961
    Adware.DNSUnlocker.ACMB3, C:\Program Files\fik Quinwood Updater\unins000.exe, Delete-on-Reboot, [5248], [552310],1.0.6961
    PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, Delete-on-Reboot, [3678], [391425],1.0.6961
    PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, Delete-on-Reboot, [3678], [391425],1.0.6961
    Adware.OnlineIO, C:\Users\aman shukla\AppData\Roaming\Microleaves\Online Application 2.7.0\install\CFCBAA1\Basic Installer with memory detection.msi, Delete-on-Reboot, [1141], [399763],1.0.6961
    Adware.OnlineIO, C:\PROGRAM FILES (X86)\MICROLEAVES\Online Application\Online Application Updater.exe, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io EULA.url, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online.io Privacy.url, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Uninstall Online Application.lnk, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.ini, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G1, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G2, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G3, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G4, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G5, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application V2G6, Delete-on-Reboot, [1141], [399420],1.0.6961
    Adware.Linkury, C:\ProgramData\Logic Cramble\X64\SQLite.Interop.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
    Adware.Linkury, C:\ProgramData\Logic Cramble\X86\SQLite.Interop.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
    Adware.Linkury, C:\ProgramData\Logic Cramble\Config.json, Delete-on-Reboot, [1116], [431817],1.0.6961
    Adware.Linkury, C:\ProgramData\Logic Cramble\set.exe.config, Delete-on-Reboot, [1116], [431817],1.0.6961
    Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
    Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.Linq.dll, Delete-on-Reboot, [1116], [431817],1.0.6961
    Adware.Linkury, C:\ProgramData\Logic Cramble\System.Data.SQLite.xml, Delete-on-Reboot, [1116], [431817],1.0.6961
    Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\Stimstring.tst, Delete-on-Reboot, [3738], [404871],1.0.6961
    Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\MAIN.DAT, Delete-on-Reboot, [3738], [442900],1.0.6961
    Trojan.Agent, C:\WINDOWS\SYSWOW64\SSL\XV.DB, Delete-on-Reboot, [398], [479103],1.0.6961
    Trojan.Agent, C:\Windows\SysWOW64\SSL\cert.db, Delete-on-Reboot, [398], [479103],1.0.6961
    Trojan.Agent, C:\Windows\SysWOW64\SSL\NmRiNWY5NzQ 2.cer, Delete-on-Reboot, [398], [479103],1.0.6961
    Adware.DNSUnlocker.Generic, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fik Quinwood Updater\fik Quinwood Updater.lnk, Delete-on-Reboot, [3491], [568543],1.0.6961
    RiskWare.EventSvc, C:\PROGRAMDATA\MICROSOFT\WINDOWS\EVENTSVC\EVENTSVC.EXE, Delete-on-Reboot, [4107], [561519],1.0.6961
    Adware.Wajam, C:\WINDOWS\SYSWOW64\SSL\CERT.DB, Delete-on-Reboot, [463], [533889],1.0.6961
    Adware.Wajam, C:\Windows\SysWOW64\SSL\NmRiNWY5NzQ 2.cer, Delete-on-Reboot, [463], [533889],1.0.6961
    Adware.Wajam, C:\Windows\SysWOW64\SSL\xv.db, Delete-on-Reboot, [463], [533889],1.0.6961
    Trojan.Agent, C:\PROGRAMDATA\MICROSOFT\WINDOWS\POWER\POWERSVC.EXE, Delete-on-Reboot, [398], [537387],1.0.6961
    PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\431957687\ic-0.eaf875c22b5f6.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\431957687\dlreport, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\432633843\ic-0.19b687c602f698.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\432633843\dlreport, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234\ic-0.72a17317142484.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.95ac436d4514e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.bfaa9e68176c7.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.cefaaf2ed8c87.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.db9915aa4c19e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\433602234\ic-0.bfaa9e68176c7.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.95ac436d4514e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.cefaaf2ed8c87.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    PUP.Optional.BundleInstaller, C:\Users\aman shukla\AppData\Local\Temp\433602234\ic-0.db9915aa4c19e.exe, Delete-on-Reboot, [415], [463480],1.0.6961
    RiskWare.BitCoinMiner, C:\WINDOWS\SYSTEM32\MCICDA64.DLL, Delete-on-Reboot, [948], [506365],1.0.6961
    Adware.Wajam, C:\PROGRAM FILES\NjlhNjVjYzN\WBE_uninstall.dat, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MDEyY.exe, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\mozcrt19.dll, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\MzBiYTA2.exe, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\NjM5ZDg3M2Q, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\nspr4.dll, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\nss3.dll, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\ODEyNGNkNjc3M.exe, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\plc4.dll, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\plds4.dll, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\service.dat, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\service_64.dat, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\softokn3.dll, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\Program Files\NjlhNjVjYzN\YmE2ODNiNzZmNzky.ico, Delete-on-Reboot, [463], [556539],1.0.6961
    Adware.Wajam, C:\WINDOWS\YKGJAUYOYSVATIKD.YKGEA, Delete-on-Reboot, [463], [530164],1.0.6961
    PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\NMEINLFOJLCEGBLPOGPJBHIPMONCLEJH\2.0.0_0\MANIFEST.JSON, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\colza-field-bee.jpg, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\laptop-empty.png, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\marq.png, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\promo.png, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\external imgs\scrns.png, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons\128x128.png, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons\16x16.png, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\icons\favicon.ico, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\_metadata\computed_hashes.json, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\_metadata\verified_contents.json, Delete-on-Reboot, [224], [470343],1.0.6961
    PUP.Optional.BazzSearch, C:\Users\aman shukla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh\2.0.0_0\background.js, Delete-on-Reboot, [224], [470343],1.0.6961
    Adware.Linkury.TskLnk, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, [14211], [444922],1.0.6961
    Generic.Malware/Suspicious, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\FRESHSTRONG.EXE, Delete-on-Reboot, [0], [392686],1.0.6961
    PUP.Optional.Linkury.Generic, C:\PROGRAMDATA\QUOTEEXS\FF.HP, Delete-on-Reboot, [222], [380106],1.0.6961
    PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\ff.NT, Delete-on-Reboot, [222], [380106],1.0.6961
    PUP.Optional.Linkury.Generic, C:\ProgramData\Quoteexs\snp.sc, Delete-on-Reboot, [222], [380106],1.0.6961
    Adware.Linkury.TskLnk, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, [14211], [444923],1.0.6961
    Adware.Linkury.Generic, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\CONFIG.XML, Delete-on-Reboot, [3738], [404859],1.0.6961
    Generic.Malware/Suspicious, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\STIMSTRING.EXE, Delete-on-Reboot, [0], [392686],1.0.6961
    Adware.Linkury.TskLnk, C:\PROGRAM FILES (X86)\COMMON FILES\ZUMLEX\INSTALLATIONCONFIGURATION.XML, Delete-on-Reboot, [14211], [444929],1.0.6961
    Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Zumlex\uninstall.dat, Delete-on-Reboot, [14211], [444929],1.0.6961
    Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Zumlex\uninstall.exe, Delete-on-Reboot, [14211], [444929],1.0.6961
    Adware.Linkury.TskLnk, C:\Program Files (x86)\Common Files\Zumlex\uninstall.ico, Delete-on-Reboot, [14211], [444929],1.0.6961
    Adware.Wajam, C:\WINDOWS\SYSTEM32\DRIVERS\YZVJN2E5MZHIZWY1Z.SYS, Delete-on-Reboot, [463], [535778],1.0.6961
    Trojan.Agent.VBS, C:\WINDOWS\SYSTEM32\TASKS\jVBtL, Delete-on-Reboot, [2772], [519971],1.0.6961
    Adware.Tuto4PC, C:\PROGRAM FILES\HWXMUG5SI7\UNINSTALLER.EXE, Delete-on-Reboot, [2775], [548720],1.0.6961
    Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\IS-IK84J.TMP\SETUP.EXE, Delete-on-Reboot, [2775], [569767],1.0.6961
    Generic.Malware/Suspicious, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\XFOHSWWNJCI\SETUP337.EXE, Delete-on-Reboot, [0], [392686],1.0.6961
    Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\IS-2QASV.TMP\WITHHOLDING.EXE, Delete-on-Reboot, [2775], [568619],1.0.6961
    Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\QJCVMUTTVQD\1ZQNSEQAV1N.EXE, Delete-on-Reboot, [2775], [548720],1.0.6961
    Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\TAYXXQ0SCIA.EXE, Delete-on-Reboot, [2775], [474076],1.0.6961
    Adware.Wajam, C:\WINDOWS\MDEYY.EXE, Delete-on-Reboot, [463], [552510],1.0.6961
    Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\IS-PRUAV.TMP\WITHHOLDING.EXE, Delete-on-Reboot, [2775], [568619],1.0.6961
    Adware.Tuto4PC, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\TEMP\XQ4VSJWLCH1\FPCNNA5ABIN.EXE, Delete-on-Reboot, [2775], [554557],1.0.6961
    Adware.Linkury, C:\USERS\AMAN SHUKLA\APPDATA\LOCAL\MATSTRING.BIN, Delete-on-Reboot, [1116], [504848],1.0.6961
    Physical Sector: 0
    (No malicious items detected)
    WMI: 0
    (No malicious items detected)

    (end)

    :)
     
    AmanShukla2, Sep 22, 2018
    #1
  2. DEEPIKA GOWDA
    Deepika Gowda Win User

    All hidden files turned Un-hidden

    Hi,

    Thank you for posting in Microsoft Community and being part of Windows 10.

    I suggest you to re-add them to the hidden items list and check.

    Steps:

    • Right click on the folders to hide, select Properties.
    • Go to General tab, under Attributes check mark the option
      Hidden.
    • Click on Apply and on Ok.

    I suggest you not to use any third party anti-virus software. Try to use Windows Defender.

    Refer: Using Windows Defender

    Hope it helps. Feel free to contact us for further assistance on Windows Operating System, we will be happy to help you.
     
    Deepika Gowda, Sep 22, 2018
    #2
  3. WOOD
    Wood Win User
    trojan windows defender


    I change over to windows defender a few months ago and I just had my first fake trojan.
    I just go to very safe sites and got hit with the fake trojan, sorry, forgot to write any info down.
    I had seen it before on friends computers and cleaned it out, it wants you to call the number but all you have to do is disconnect from net and turn off computer, turn on computer and run ccleaner and defender, running mrt now.
    My question is how did it get passed defender, I know some web sites get a hidden infection and if you go there you could get infected but how did defender let it in, it may be new code in it but it is an old one, just turn off pc.
    I know antivirus just plays catch up before they can write code to stop something, still I am wondering why it got through.
    I am probably in the top ten percent for safe computing.
     
    Wood, Sep 22, 2018
    #3
  4. MEGGG100
    MEGGG100 Win User

    i m stuck to this may be the trojan is hidden in my computer and the defender is unable to...

    Trojans

    Windows Defender is not getting rid of the Trojans. Does anyone have suggestions?

    Thank you
     
    MEGGG100, Sep 22, 2018
    #4
Thema:

i m stuck to this may be the trojan is hidden in my computer and the defender is unable to...

Loading...

  1. i m stuck to this may be the trojan is hidden in my computer and the defender is unable to... - Similar Threads - stuck may trojan

  2. unable to remove trojan with windows defender offline scan

    in Windows 10 Gaming
    unable to remove trojan with windows defender offline scan: ### *Remediation Incomplete* *Date:* 12/03/2025 3:50 AM *Severity:* Severe ### *Detected using Microsoft Defender Antivirus offline scan* - *Detected:* Trojan:Win64/Malgent!MSR - *Status:* Quarantine failed - *Message:* This threat or app might not be completely...

  3. unable to remove trojan with windows defender offline scan

    in Windows 10 Software and Apps
    unable to remove trojan with windows defender offline scan: ### *Remediation Incomplete* *Date:* 12/03/2025 3:50 AM *Severity:* Severe ### *Detected using Microsoft Defender Antivirus offline scan* - *Detected:* Trojan:Win64/Malgent!MSR - *Status:* Quarantine failed - *Message:* This threat or app might not be completely...

  4. A trojan defender will not remove

    in Windows 10 Gaming
    A trojan defender will not remove: Windows Defender says I have a Trojan: HTML/Redirector.GPAY!MTB. I have tried several times to remove it via Defender. I ran Malwarebytes and it does not find it. My File Explorer is acting weird. Does not display photos correctly, empty file with no thumbnail, and on the...

  5. Windows Defender is unable to quarantine trojan on hard drive stuck on read only.

    in Windows 10 Gaming
    Windows Defender is unable to quarantine trojan on hard drive stuck on read only.: My entire drive is set to read only, I'm unable to change it using multiple methods, anytime I try to alter the attributes I'm told that the files are write protected, unable to format drive or delete any files, and windows defender has identified, but failed to quarantine...

  6. Windows Defender is unable to quarantine trojan on hard drive stuck on read only.

    in Windows 10 Software and Apps
    Windows Defender is unable to quarantine trojan on hard drive stuck on read only.: My entire drive is set to read only, I'm unable to change it using multiple methods, anytime I try to alter the attributes I'm told that the files are write protected, unable to format drive or delete any files, and windows defender has identified, but failed to quarantine...

  7. I have a trojan on my computer

    in Windows 10 Gaming
    I have a trojan on my computer: For some reason I was playing a game then windows security says threat found at first, I was like it's probably not a problem but then the windows logo disappeared, and I look in windows antivirus and it says trojan: Win32/Doplink so I tried quartined it but then windows...

  8. I have a trojan on my computer

    in Windows 10 Software and Apps
    I have a trojan on my computer: For some reason I was playing a game then windows security says threat found at first, I was like it's probably not a problem but then the windows logo disappeared, and I look in windows antivirus and it says trojan: Win32/Doplink so I tried quartined it but then windows...

  9. my computer is infected with Tool:AndroidOs multiverze trojan, defender detected it but...

    in AntiVirus, Firewalls and System Security
    my computer is infected with Tool:AndroidOs multiverze trojan, defender detected it but...: My friend sent me an apk file, now I am infected with a trojan. microsoft safety scanner also detected 12 infected files, but at the end it showed everything's clean....

  10. Trojan on my computer

    in AntiVirus, Firewalls and System Security
    Trojan on my computer: I've been told a Trojan has been placed on my computer. What do you advise? https://answers.microsoft.com/en-us/windows/forum/all/trojan-on-my-computer/dfd758a3-77de-4b30-b9f5-c793f46da4c5"

Users found this page by searching for:

  1. MDEyY.exe

    ,

  2. powersvc.exe virus removal

    ,

  3. riskware.eventsvc