Премини към съдържанието
Eden Ilko

Не знам с какъв точно зловредния софтуер си имам работа

Препоръчан отговор

публикувано (редактирано)

Добър вечер.

Купих си нов лаптоп HP Probook 450 G2 (вижте прикаченият файл за инфо за процесора)

и видео :

Вградено : Intel® HD graphics 5500

Външно : AMD Radeon R5 M255 (2GB)

 

Имам следния проблем-значи инсталирах си driver-а на видеокартата на Интел,после на чипсета,после NEt.framework 4.5, и чак накрая на АМД  от сайта на HP(всичките са точно за този модел лаптоп) и като пусна някоя игра примерно FIFA 14 играта ми върви всичко е идеално. Но когато рестартирам лаптопа и пусна играта отново играта засича и АМД то явно не се включва . за да мога да си играя трябва след всеки рестарт на лаптопа да си инсталирам driver-a на АМД наново.

Как мога да го оправя това . също така като инсталирам driver-a накрая ми дава следната грешка : вижте втория прикачен файл.


Имам диск с ОС.


  • Копирайте съдържанието на файла FRST.txt в следващия си пост. Прикачете Addition.txt в коментар си (погледнете опциятаПрикачване на файлове, когато публикувате мнение).
  • не разбрах точно как се прави това , опитах се да напиша отговор със съдържанието на FRST файла но не успях.

 

 

post-360324-0-28728900-1436464453_thumb.

post-360324-0-90995400-1436464456_thumb.

post-360324-0-64649400-1436464459_thumb.

Addition.txt

FRST.txt

Редактирано от Eden Ilko (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте!

В действителност има редица проблеми, но точно този проблем не е ясно дали причината е в следствие на някой от тях. Нека опитаме:

Стъпка 1

Моля, деинсталирайте следните програми:

Advanced SystemCare 8

CinemaPlus-4.5vV04.07

Driver Booster 2.3

Driver Sweeper version 3.2.0

globalupdate Helper

IObit Malware Fighter 3

IObit Uninstaller

Surfing Protection

Стъпка 2

Моля, изтеглете Malwarebytes Anti-Malware 2.1.8.1057 и я запазете на вашия десктоп.

  • Стартирайте файла mbam-setup-2.0.3.1025.exe и следвайте указанията за да инсталирате програмата.
  • След като инсталацията приключи се уверете че сте сложили отметка пред:
  • Launch Malwarebytes Anti-Malware
  • Отметката активираща пробния 14 дневен период също е маркиран по-подразбиране. Ако не желаете да тествате защитата в реално време на програмата през следващите 14 дни тогава премахнете отметката.
  • Натиснете бутона Finish.
  • Отидете до табът Settings > Detection and Protection > и под категорията Detection Options включете опцията "Scan for rootkits".
  • Отидете до табът Scan, сложете радио-бутона пред Threat Scan и след това натиснете бутона Scan Now >> . Ако е намерена актуализация тогава натиснете бутона Update Now.
  • Ще започне проверка за зловреден софтуер.
  • При някои инфекции можете да видите съобщението:
  • "Could not load DDA driver"
  • Натиснете "Yes" на това съобщение за да позволите драйвера да се зареди след рестарт.
  • Разрешете на компютъра да се рестартира и след това продължете с останалите инструкции.
  • След като проверката приключи натиснете бутона Apply Actions.
  • Изчакайте да се появи прозореца подканващ ви да рестартирате и след това натиснете бутона Yes.
  • След рестарта, когато се появи десктопа MBAM ще се зареди още веднъж.
  • Отидете то табът History > Application Logs.
  • Отворете рапорта с последната дата и час и натиснете бутона "Copy to Clipboard"
  • Сега вече поставете съдържанието на лог файла с клавишната комбинация Ctrl + V и го публикувайте в следващия си коментар.
В следващия си коментар в тази тема, включете следните лог файлове:
  • Лог файл от Malwarebytes Anti-Malware
  • Нови лог файлове от FRST
  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11.7.2015 г.
Scan Time: 14:54
Logfile: 
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.07.11.02
Rootkit Database: v2015.07.10.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: ilko
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342375
Time Elapsed: 21 min, 30 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 4
PUP.Optional.WProtectManager.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1548, Delete-on-Reboot, [344acf117713e94de9b2d9879c69e818]
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, 2020, Delete-on-Reboot, [1965fbe58109c96d0d14e576f70a728e]
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\CmdShell.exe, 3356, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83]
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\HPNotify.exe, 4152, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83]
 
Modules: 10
PUP.Optional.SearchProtect, C:\Program Files (x86)\MiuiTab\BrowserAction.dll, Delete-on-Reboot, [d4aace12dab045f17a94870402ffa858], 
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll, Delete-on-Reboot, [a7d7c31dbfcb48eedc9346d0ec19fa06], 
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll, Delete-on-Reboot, [9de121bf39517db927488c8a897ccf31], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
 
Registry Keys: 86
PUP.Optional.WProtectManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, Quarantined, [344acf117713e94de9b2d9879c69e818], 
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, Quarantined, [1965fbe58109c96d0d14e576f70a728e], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.LuckyTab.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, Quarantined, [b3cb03dd741655e1fdc3942acf3354ac], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, Quarantined, [b3cb03dd741655e1fdc3942acf3354ac], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, Quarantined, [b3cb03dd741655e1fdc3942acf3354ac], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, Quarantined, [b3cb03dd741655e1fdc3942acf3354ac], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, Quarantined, [b3cb03dd741655e1fdc3942acf3354ac], 
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, Quarantined, [b3cb03dd741655e1fdc3942acf3354ac], 
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, Quarantined, [97e7e1ff9feb6fc7758d414eaf52a55b], 
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, Quarantined, [97e7e1ff9feb6fc7758d414eaf52a55b], 
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\HighDefAction, Quarantined, [7e0090508505072f44b86c20c044fb05], 
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\YorkNewCin, Quarantined, [3846617f5c2ec670d0377d10cb39f60a], 
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD, Quarantined, [d6a8ecf43951b97ddb00662210f402fe], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE, Quarantined, [f28c429ef8929c9a69fd4e3cae56d12f], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE, Quarantined, [f18d57890684cc6a97cfa1e9d4306f91], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, Quarantined, [a5d9dd03cfbb4de9fc33f44b4db69d63], 
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [344a558b69215bdb18f801886f9515eb], 
PUP.Optional.Crossbrowse.C, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\crossbrowse.exe, Quarantined, [a7d7c31d6e1c0a2c9640788cf2111ae6], 
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, Quarantined, [245a3ca46e1cd95d708005fb0ef5d030], 
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-4.5vV04.07, Quarantined, [7509d709593141f5595ecb4d25deef11], 
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-4.5vV04.07-nv, Quarantined, [8af409d7b4d6ce68e0d74dcb8e754fb1], 
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-4.5vV04.07-nv-ie, Quarantined, [225c736d72184fe71f98d246917214ec], 
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, Quarantined, [007e88588cfeee4839c34e3ee420b44c], 
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, Quarantined, [89f50bd50288b87e395a7b9773909b65], 
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\oursurfingSoftware, Quarantined, [9ce25789b2d80333956f51b132d1ab55], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Quarantined, [aed016ca404a1422da962354a361b848], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, Quarantined, [67170dd3503a5dd95bf448c77c871ce4], 
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, Quarantined, [6915da06e1a9a1951ceb216c46be39c7], 
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [750906da1c6ea492198cc04215ee02fe], 
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, Quarantined, [0b73429e1d6db284419abfc97c88e818], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE, Quarantined, [fb83af31840653e33d290e7ccf3522de], 
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [a6d8637deb9f4bebc34dd3b6e71de41c], 
PUP.Optional.Crossbrowse.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\crossbrowse.exe, Quarantined, [f28cca1654369a9cf409cc381ae9c53b], 
PUP.Optional.Crossbrowse.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\crossbrowse.exe, Quarantined, [1668a937dcaee5515680e222867d8d73], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Quarantined, [c1bdf9e7642652e47cfa52ba669d0ff1], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Quarantined, [6c12a13f1a7045f1581dae5e5ea501ff], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Quarantined, [2856bc243c4e38fe47b4ea2f887bc23e], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Quarantined, [bdc1bc24d2b89d99066efc1007fc8d73], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [5b23a7399dedf3434c6a5f1a55af30d0], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [2559b7295d2dab8be8cf136622e2f30d], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Quarantined, [c4ba29b7dab02214bcb10e17c53e2ed2], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [d5a9bd230e7c5ed8e062839949ba1ce4], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-4.5vV04.07-nv, Quarantined, [df9fd60a3b4f59dda5139b7d58ab53ad], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-18\SOFTWARE\CinemaPlus-4.5vV04.07-nv-ie, Quarantined, [79057868721833035e5ad93f46bdd62a], 
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, Quarantined, [add17f614248989e8559cfb9a75df709], 
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\AskPartnerNetwork, Quarantined, [c1bd25bb5a30231337b813eda45fde22], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\CinemaPlus-4.5vV04.07, Quarantined, [2b5325bbbbcfae881e9a8b8dd82b32ce], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\CinemaPlus-4.5vV04.07-nv, Quarantined, [2f4f2fb1a6e43ff7991fd840e91afc04], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\CinemaPlus-4.5vV04.07-nv-ie, Quarantined, [6d11e000c9c1c96d516755c38b78f10f], 
PUP.Optional.Crossbrowse.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\CrossBrowser, Quarantined, [7e00ce12b1d980b6976322e2768d53ad], 
PUP.Optional.HighDefAction.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\HighDefAction, Quarantined, [c9b57c64325852e4fdfe4a428f75d927], 
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\HomeTab, Quarantined, [423cca16860457df7ee59a9a55ae36ca], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\SearchProtectWS, Quarantined, [1b6326bad2b846f0a3d533d944bfa858], 
PUP.Optional.TNT.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\TNT2, Quarantined, [394533ad642676c07ca6c94506fdec14], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\WajIEnhance, Quarantined, [a1dd25bb3753a4929a8b9e7651b2ca36], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\WajIntEnhance, Quarantined, [5e20fbe5aedcb284c18f64abe61df709], 
PUP.Optional.YorkNewCin.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\YorkNewCin, Quarantined, [f68847990f7b57dfb3537617956fab55], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [a6d80fd12268231359efb4bcf01454ac], 
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\ARENAHD, Quarantined, [c8b69d43d6b493a3419982063ec67f81], 
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, Quarantined, [25596e726d1d6cca21a7eb190cf77e82], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, Quarantined, [99e588588bffa294d48063bf8a797f81], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Cinema PlusV04.07, Quarantined, [0c725e826525f3431920be5aa360c63a], 
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Quarantined, [afcfbb256228d066c44b4643fa0aec14], 
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, Quarantined, [b6c803dd2e5c013537d8b0d925dfc33d], 
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [81fda13f88027bbb97785237e2224fb1], 
PUP.Optional.Spigot.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{824DB265-6A00-40D4-BA01-49750103362F}, Quarantined, [4a34d50bb0dade58b1ab54b0a65d26da], 
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, Quarantined, [0e7027b92268d462fd1290f99e664eb2], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, Quarantined, [245a7d637a1045f11efe18f1748fd030], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, Quarantined, [91ed2cb4e8a2f83e130a69a0ab58d42c], 
PUP.Optional.Linkey.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, Quarantined, [9ee0b82853373501011d6a9f10f3f50b], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, Quarantined, [c5b923bd97f343f35020226618ecd927], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, Quarantined, [85f9924e3555999dda4548c16d9660a0], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, Quarantined, [f08e2ab61c6e7cba120e7594a65df709], 
PUP.Optional.SweetSearch.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [97e79d43c7c362d40c0dc53e33d01ce4], 
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\SIMPLYTECH\HomeTab, Quarantined, [69152fb1e2a85adc1163b29362a14ab6], 
 
Registry Values: 34
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD|value, 1, Quarantined, [d6a8ecf43951b97ddb00662210f402fe]
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\CLASSES\.HTML\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [760820c0adddf93da8de1e6c3acaf60a], 
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\CLASSES\.HTM\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [e995865aadddc670384d2d5d8f757f81], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, Quarantined, [f28c429ef8929c9a69fd4e3cae56d12f]
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.HTML\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [c2bc865a4644ed49f78fa1e993717d83], 
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\.HTM\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [d0aeecf4c4c681b52d58e3a7be4631cf], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, Quarantined, [f18d57890684cc6a97cfa1e9d4306f91]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, Quarantined, [add1bb25f298d462895dbcccea1a12ee]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, Quarantined, [344a558b69215bdb18f801886f9515eb]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?type=ds&ts=1436041844&z=fc1dfcf3b5b8667a40f53bfg6z8c4q1eezegcbezdz&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX&q={searchTerms},Quarantined, [2f4f5a86fd8d7abc818fdfaafb09ca36]
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\REGISTEREDAPPLICATIONS|Crossbrowse, Software\Clients\StartMenuInternet\Crossbrowse\Capabilities, Quarantined, [d7a77d63a0eabd79deffb8d02bd9c838]
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, Quarantined, [0b73429e1d6db284419abfc97c88e818]
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.HTML\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [8af4f1efd8b20c2a6323a4e661a3748c], 
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\.HTM\OPENWITHPROGIDS|CRSBRWSHTML, Quarantined, [b9c5e1ff4248d462cfb62367bc48f20e], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, Quarantined, [fb83af31840653e33d290e7ccf3522de]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, Quarantined, [403e07d93a50cd69c66f29db43c00ff1]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, Quarantined, [d7a7479994f6fb3bf1f5b6d2768efa06]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, Quarantined, [a6d8637deb9f4bebc34dd3b6e71de41c]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?type=ds&ts=1436041844&z=fc1dfcf3b5b8667a40f53bfg6z8c4q1eezegcbezdz&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX&q={searchTerms},Quarantined, [acd214cc3e4c26104ec28efb05ff46ba]
PUP.Optional.SweetSearch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|sweetsearch@gmail.com, C:\Users\ilko\AppData\Roaming\Mozilla\Firefox\Profiles\hogdzv5s.default\extensions\sweetsearch@gmail.com, Quarantined, [403e50904347999d6192da280af9669a]
PUP.Optional.CrossBrowse.C, HKLM\SOFTWARE\WOW6432NODE\REGISTEREDAPPLICATIONS|Crossbrowse, Software\Clients\StartMenuInternet\Crossbrowse\Capabilities, Quarantined, [daa48957eb9fcb6b716cf89015efc33d]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, amt, Quarantined, [c4ba29b7dab02214bcb10e17c53e2ed2]
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\ARENAHD|value, 1, Quarantined, [c8b69d43d6b493a3419982063ec67f81]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, Quarantined, [25596e726d1d6cca21a7eb190cf77e82]
PUP.Optional.PCTuner.C, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\HIGHDEFACTION|value, 1, Quarantined, [c3bb12cedcaeb581499bb6d2da2a24dc]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://www.oursurfing.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX&ts=1436041867&type=default&q={searchTerms},Quarantined, [afcfbb256228d066c44b4643fa0aec14]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://www.oursurfing.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX&ts=1436041867&type=default&q={searchTerms},Quarantined, [b6c803dd2e5c013537d8b0d925dfc33d]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://www.oursurfing.com//favicon.ico, Quarantined, [d5a919c7e1a9ab8b2fe01c6d0cf8b749]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, Quarantined, [81fda13f88027bbb97785237e2224fb1]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?type=dspp&ts=1436041852&z=7b9a7d5e4399be94ef04794g4z6c0q0e7zcg7b4w7o&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX&q={searchTerms},Quarantined, [84fa6c74533790a6b857e6a3689c35cb]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURL, http://www.oursurfing.com/web/?type=ds&ts=1436041844&z=fc1dfcf3b5b8667a40f53bfg6z8c4q1eezegcbezdz&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX&q={searchTerms},Quarantined, [8df134ac662453e34fc04643c0444cb4]
PUP.Optional.Spigot.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{824DB265-6A00-40D4-BA01-49750103362F}|URL, https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms},Quarantined, [4a34d50bb0dade58b1ab54b0a65d26da]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://www.oursurfing.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX&ts=1436041867&type=default&q={searchTerms},Quarantined, [0e7027b92268d462fd1290f99e664eb2]
PUP.Optional.SweetSearch.A, HKU\S-1-5-21-3856949486-3813085638-2492078522-1001\SOFTWARE\MOZILLA\EXTENDS|appid, sweetsearch@gmail.com, Quarantined, [97e79d43c7c362d40c0dc53e33d01ce4]
 
Registry Data: 12
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.oursurfing.com/?type=sc&ts=1436041844&z=fc1dfcf3b5b8667a40f53bfg6z8c4q1eezegcbezdz&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX, Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.oursurfing.com/?type=sc&ts=1436041844&z=fc1dfcf3b5b8667a40f53bfg6z8c4q1eezegcbezdz&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX),Replaced,[0a748f512763f73f967d34fae91c9070]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[671705db8ffb6dc90462b27a739223dd]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.oursurfing.com/?type=sc&ts=1436041844&z=fc1dfcf3b5b8667a40f53bfg6z8c4q1eezegcbezdz&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX, Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.oursurfing.com/?type=sc&ts=1436041844&z=fc1dfcf3b5b8667a40f53bfg6z8c4q1eezegcbezdz&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX),Replaced,[c9b5845caae0cf677d96141aa95cf907]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1436041844&z=fc1dfcf3b5b8667a40f53bfg6z8c4q1eezegcbezdz&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1436041844&z=fc1dfcf3b5b8667a40f53bfg6z8c4q1eezegcbezdz&from=amt&uid=HGSTXHTS541010A9E680_JD100ACH0SKNNK0SKNNKX),Replaced,[007e3fa1cac002344bca2d01867f6898]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[90ee18c8ff8b61d5e97d161602036d93]
 
Folders: 32
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Delete-on-Reboot, [bac4736db9d16dc94a15825eec16f10f], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [bac4736db9d16dc94a15825eec16f10f], 
PUP.Optional.GlobalUpdate.A, C:\Users\ilko\AppData\Local\Temp\comh.336586, Quarantined, [84fae9f75f2bd4626525598810f2ca36], 
PUP.Optional.GlobalUpdate.A, C:\Users\ilko\AppData\Local\Temp\comh.82838, Quarantined, [3c42c21eed9dea4c8bffb72a659d619f], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, Quarantined, [047a29b74842df57ea7b46ae3ac8847c], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, Quarantined, [047a29b74842df57ea7b46ae3ac8847c], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\image, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW, Quarantined, [3b43ecf4395142f437358579837f7d83], 
 
Files: 132
PUP.Optional.WProtectManager.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Delete-on-Reboot, [344acf117713e94de9b2d9879c69e818], 
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, Delete-on-Reboot, [1965fbe58109c96d0d14e576f70a728e], 
PUP.Optional.SearchProtect, C:\Program Files (x86)\MiuiTab\BrowserAction.dll, Delete-on-Reboot, [d4aace12dab045f17a94870402ffa858], 
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll, Delete-on-Reboot, [a7d7c31dbfcb48eedc9346d0ec19fa06], 
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll, Delete-on-Reboot, [9de121bf39517db927488c8a897ccf31], 
PUP.Optional.LuckyTab.A, C:\Program Files (x86)\MiuiTab\SupTab.dll, Quarantined, [2757489891f93afcfb036e0ec93920e0], 
PUP.Optional.Amonetize.A, C:\Users\ilko\AppData\Local\19164\Updater.exe, Quarantined, [b3cb03dd741655e1fdc3942acf3354ac], 
PUP.Optional.Crossrider, C:\Program Files (x86)\6af09d7e-ecfd-4b5f-b439-2a9a195e41a8\5d547ddd-482c-4791-9592-3939dc899532.dll, Quarantined, [0d7111cf1f6b48ee067d911b8d7443bd], 
PUP.Optional.Nova.A, C:\Program Files (x86)\6af09d7e-ecfd-4b5f-b439-2a9a195e41a8\7891153b-8878-4b2b-bd31-d74f6faafba9.dll, Quarantined, [0876a937d1b9e94d32d3f465f40dfa06], 
PUP.Optional.Spigot.SID, C:\Users\ilko\AppData\Local\Temp\~spC5AB.tmp, Quarantined, [730beaf6503af73f275b6ef1010407f9], 
PUP.Optional.CrossRider.A, C:\Users\ilko\AppData\Local\Temp\185.exe, Quarantined, [8bf3b927276343f36f7fbd9b4eb7cc34], 
PUP.Optional.Crossbrowse.C, C:\Users\ilko\AppData\Local\Temp\4504.exe, Quarantined, [e698736dd5b51224ad0d9308b849926e], 
PUP.Optional.CrossRider.A, C:\Users\ilko\AppData\Local\Temp\7753.exe, Quarantined, [d1adad33553538fe9e50352337ce6e92], 
PUP.Optional.CrossRider.A, C:\Users\ilko\AppData\Local\Temp\8732.exe, Quarantined, [e49a27b9fe8c2b0ba34b68f091745da3], 
PUP.Optional.Crossbrowse.C, C:\Users\ilko\AppData\Local\Temp\5000.exe, Quarantined, [ccb2f0f0d0ba95a13a80a8f3c43df10f], 
PUP.Optional.CrossRider.A, C:\Users\ilko\AppData\Local\Temp\5792.exe, Quarantined, [116df2eebdcd6dc9d51912460afb20e0], 
PUP.Optional.Spigot.SID, C:\Users\ilko\AppData\Local\Temp\nsxDAA9.tmp\SM.dll, Quarantined, [275708d841490432453d7ee15fa60ff1], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.336586\globalupdate.exe, Quarantined, [97e7e1ff9feb6fc7758d414eaf52a55b], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.336586\globalupdateBroker.exe, Quarantined, [90ee1ac61278fe38b64c79168d74d927], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.336586\globalupdateCrashHandler.exe, Quarantined, [0579fde38505cf67ba488a0559a84bb5], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.336586\globalupdateOnDemand.exe, Quarantined, [97e705db6e1cd56160a2b1ded72a3cc4], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.336586\goopdate.dll, Quarantined, [df9fd20ee8a2300632d02e61e91844bc], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.336586\goopdateres_en.dll, Quarantined, [473736aa7218270f758db1de748dd927], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.336586\npglobalupdateUpdate4.dll, Quarantined, [562831af2c5e90a6738fdcb3c43dc937], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.336586\psmachine.dll, Quarantined, [443a1fc1bad0f0460200d7b831d00df3], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.336586\psuser.dll, Quarantined, [81fd5090484278bec53d0a8518e904fc], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.82838\globalupdate.exe, Quarantined, [f28cac3494f64ee8c141a8e726db1de3], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.82838\globalupdateBroker.exe, Quarantined, [bdc17c64305a4aec788a2768768bb44c], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.82838\globalupdateCrashHandler.exe, Quarantined, [2c52da063654a98d936feea1dd24aa56], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.82838\globalupdateOnDemand.exe, Quarantined, [89f5bf212a6012246999ade280818977], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.82838\goopdate.dll, Quarantined, [601eb32d7e0cb87ed62c0c83f01139c7], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.82838\goopdateres_en.dll, Quarantined, [7e0048988efc1620a161c5ca0ef358a8], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.82838\npglobalupdateUpdate4.dll, Quarantined, [9fdf23bd3f4b87af40c2d3bce0214ab6], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.82838\psmachine.dll, Quarantined, [69151bc50684c175f60c305f0af7e020], 
PUP.Optional.ModGoog, C:\Users\ilko\AppData\Local\Temp\comh.82838\psuser.dll, Quarantined, [0876cd13b4d6979f3dc5b1de9c655fa1], 
PUP.Optional.OpenCandy, C:\Users\ilko\AppData\Local\Temp\HYD8F60.tmp.1436024840\HTA\install.1436024840.zip, Quarantined, [007e07d94941261090f25af810f5b14f], 
PUP.Optional.Crossbrowse.C, C:\Users\ilko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk, Quarantined, [bdc1e4fcb3d78babb51c996bd033e020], 
PUP.Optional.Crossbrowse.C, C:\Windows\System32\Tasks\Crossbrowse, Quarantined, [f68835ab5f2b71c5d8faa85c0df6d32d], 
PUP.Optional.Crossbrowse.C, C:\Windows\Tasks\Crossbrowse.job, Quarantined, [770703ddbecc8aac874cee16768d6d93], 
PUP.Optional.Crossbrowse.A, C:\Users\ilko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk, Quarantined, [a7d78957c1c92e0824dd07fe48bb6799], 
PUP.Optional.Spigot.A, C:\Users\ilko\AppData\Roaming\Mozilla\Firefox\Profiles\hogdzv5s.default\searchplugins\yahoo_ff.xml, Quarantined, [532ba33d3f4ba096df2480933ec5dd23], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-1-6, Quarantined, [45399e42dfabe25439b3012a3ec5de22], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-1-7, Quarantined, [c2bc0ed21377b87ec527db50e3200cf4], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-10_user, Quarantined, [acd21ac6acdeb38395572308ac57649c], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-11, Quarantined, [47370bd53e4cde58be2e919a0ef51ae6], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-3, Quarantined, [1569f1ef7e0cf6401ad279b2ae554fb1], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-4, Quarantined, [cdb15b8512782b0bde0e6bc0f70c639d], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-5, Quarantined, [eb932bb5f79365d1638981aa798a25db], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-5_user, Quarantined, [35497f617d0d57df7874a784e61d6898], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-6, Quarantined, [6a1413cd91f945f159937facff04e51b], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-7, Quarantined, [275739a7bdcd8bab7d6fa58636cd718f], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-1-6.job, Quarantined, [275716ca107a75c1eff72651dd277888], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-1-7.job, Quarantined, [037bb52b8dfd0b2b776faccbd82ce11f], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-10_user.job, Quarantined, [126c02deb6d4d75fa2448ceb1be90ef2], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-11.job, Quarantined, [e6985e8293f792a4d511ff782dd7da26], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-3.job, Quarantined, [334b20c0f199191db036284fa2623ac6], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-4.job, Quarantined, [2e5040a01f6b4ee89b4b5621ef1513ed], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-5.job, Quarantined, [89f53aa6f199e05652948bec27ddd22e], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-5_user.job, Quarantined, [7d01518fc2c8e94d92540d6a5da7d42c], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-6.job, Quarantined, [b3cb934d71191c1a53939bdc679de917], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\96143760-4458-4f35-bae7-d641d2fe1578-7.job, Quarantined, [007e2eb23f4bcf67d31393e446be966a], 
PUP.Optional.OurSurfing.A, C:\Users\ilko\AppData\Roaming\Mozilla\Firefox\Profiles\hogdzv5s.default\searchplugins\oursurfing.xml, Quarantined, [c6b8a63a12787eb821ebf396fc08ad53], 
PUP.Optional.OurSurfing.A, C:\Users\ilko\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.oursurfing.com_0.localstorage, Quarantined, [6618f8e814760b2ba16cbbce06fe7a86], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Quarantined, [bac4736db9d16dc94a15825eec16f10f], 
PUP.Optional.GlobalUpdate.A, C:\Users\ilko\AppData\Local\Temp\comh.336586\globalupdateHelper.msi, Quarantined, [84fae9f75f2bd4626525598810f2ca36], 
PUP.Optional.GlobalUpdate.A, C:\Users\ilko\AppData\Local\Temp\comh.82838\globalupdateHelper.msi, Quarantined, [3c42c21eed9dea4c8bffb72a659d619f], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\CmdShell.exe, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\conf, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\HPNotify.exe, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\install.data, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, Delete-on-Reboot, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\searchProvider.xml, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\uninstall.exe, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about_bk.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn_apply.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\close.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf.xml, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf_back.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\input_bk.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\logo.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\main.xml, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_1.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_2.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\rigth_arrow.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\settings.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\data.html, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE.html, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE8.html, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\main.css, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\ver.txt, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\google_trends.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon128.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon16.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon48.png, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\loading.gif, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\logo32.ico, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\common.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\ga.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery-1.11.0.min.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.autocomplete.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.xdomainrequest.min.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\js.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\library.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit-ie8.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit2.0.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xdomain.min.js, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW\messages.json, Quarantined, [3b43ecf4395142f437358579837f7d83], 
PUP.Optional.Spigot.A, C:\Users\ilko\AppData\Roaming\Mozilla\Firefox\Profiles\hogdzv5s.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=");), Replaced,[abd3914f8208c76f944efb6852b304fc]
PUP.Optional.CrossRider.A, C:\Users\ilko\AppData\Roaming\Mozilla\Firefox\Profiles\hogdzv5s.default\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "14e5d674d075cd1377b5b6d45c8d3dbb") ;), Replaced,[4f2fbc247d0d2b0b0eb3c5a0b451a55b]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Може ли да кажете кои са тези лог файлове и къде се намират.


Тези ли са?

лог malwaerbytes.txt

FRST.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Точно тези от FRST.exe , но този, който сте ми предоставили е стар:

Ran by ilko (administrator) on ILKNUR on 09-07-2015 21:01:41

Моля, ръчно изтрийте FRST.txt и Addition.txt и генерирайте изцяло нови такива, както направихте за първия ви пост в тази тема.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Готово

FRST.txt

Addition.txt


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Чудесно!

Стъпка 1

Изтеглете fixlist.txt и го запазете в папката от която стартирахте FRST.exe.

Стартирайте FRST.exe и натиснете бутона Fix веднъж!

След като приключи, ако ви поиска рестарт - съгласете се. След рестарта публикувайте лог файла - fixlog.txt, който ще се създаде след работата на програмата.

 

Внимание: Скрипта е създаден за текущата система. Да не се ползва за други системи с подобни проблеми!

Стъпка 2

Видях, че не сте деинсталирали globalupdate Helper, предполагам че е поради причината, че сте не сте го видели в списъка с инсталираните програми. Моля, проверете отново и ако го виждате се опитайте да го деинсталирате.

Стъпка 3

Моля изтеглете icon1351185104.pngJunkware Removal Tool на вашия десктоп.

  • Спрете временно работата на защитните програми.
  • Стартирайте инструмента JRT.exe
  • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
  • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
  • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
  • Моля копирайте съдържанието на лог файла в следващия си пост.
Стъпка 4
  • Изтеглете и стартирайте 6sv1DN9.jpgAdwCleaner.exe.
  • Натиснете бутона Scan.
  • AdwCleaner ще започне да проверява компютъра.
  • След като проверката приключи натиснете бутона Clean.
  • Програмата ще затвори всички излишни процеси и след почистването ще иска да рестартира машината. Съгласете се.
  • Ще се появи автоматично лог файл с името (AdwCleaner[s0].txt) в C:\Adwcleaner
  • Публикувайте съдържанието му в следващия си коментар.
В следващия си коментар в тази тема, включете следните лог файлове:
  • Резултата от fixlog
  • Лог файл от Junkware Removal Tool
  • Лог файл от AdwCleaner

fixlist.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Kъде е fixlist.txt?


Също така  globalupdate Helper го няма при инсталираните програми,не успях да го намеря .

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не е успял да се прикачи, когато съм публикувал предишния си пост. Прикачих го към него. Извинявам се!

globalupdate Helper би трябвало да се появи при изпълнението на стъпка 1.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Чудесно!

Има ли някакво подобрение?

  • Моля изтеглете и стартирайте изпълнимия файл от линка отдолу:

    ESET OnlineScan

  • Сложете отметката предesetAcceptTerms.png
  • Натиснете бутона esetStart.png.
  • Сложете отметката пред Enable detection of potentially unwanted applications.
  • Сега кликнете на Advanced Settings и се уверете, че опцията Remove found threats не е маркирана, а следните са маркирани:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
    • Изберете сега бутона Change и изберете само Operating memory и дял C:\
fhSji42.png
  • Натиснете бутона Start.
  • ESET ще започне да сваля и инсталира актуализации за вирусните дефиниции и след това ще започне да сканира компютъра. Бъдете търпеливи, защото процеса е бавен и може да отнеме доста време.
  • След като проверката приключи натиснете бутонаesetListThreats.png
  • Сега натиснете бутона esetExport.png, и запазете файла на десктопа с име по избор като например (ESETScan.txt). Копирайте резултата в следващия си коментар.
  • Натиснете бутона esetBack.png и след това натиснете бутона esetFinish.png за да затворите приложението.
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Има подобрение определено , мерси много. Сега ще опитам с ESET

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Чудесно! На финалната права сме. :)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
C:\FRST\Quarantine\C\Users\ilko\Downloads\IObit Malware Fighter PRO v2.5.0.8\IMF PRO activator & keygen.rar BAT/HostsChanger.A potentially unsafe application
C:\FRST\Quarantine\C\Users\ilko\Downloads\IObit Malware Fighter PRO v2.5.0.8\imf-setup.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application
C:\FRST\Quarantine\C\Users\ilko\Downloads\IObit Malware Fighter PRO v2.5.0.8\IMF PRO activator & keygen\hostblock.bat BAT/HostsChanger.A potentially unsafe application
C:\FRST\Quarantine\C\Windows\SECOH-QAD.dll.xBAD Win64/HackKMS.D potentially unsafe application
C:\FRST\Quarantine\C\Windows\SECOH-QAD.exe.xBAD Win64/HackKMS.C potentially unsafe application
C:\Games\FIFA 15\3dmgame.dll a variant of Win64/HackTool.Crack.B potentially unsafe application
C:\Users\ilko\AppData\Roaming\uTorrent\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\ilko\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\ilko\Downloads\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\ilko\Downloads\FIFA 15 PC full game ^^nosTEAM^^\FIFA15_nosTEAM.part1.exe a variant of Win64/HackTool.Crack.B potentially unsafe application
C:\Users\ilko\Downloads\FIFA15 V3\3dmgame.dll a variant of Win64/HackTool.Crack.B potentially unsafe application

ето и самия файл

esetscan.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Супер!

Сега, моля повторете сканирането като този път сложете отметка на Remove found threats.

След това ми пишете как е положението към настоящия момент.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да, запазете ги.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
C:\FRST\Quarantine\C\Users\ilko\Downloads\IObit Malware Fighter PRO v2.5.0.8\IMF PRO activator & keygen.rar BAT/HostsChanger.A potentially unsafe application deleted - quarantined
C:\FRST\Quarantine\C\Users\ilko\Downloads\IObit Malware Fighter PRO v2.5.0.8\imf-setup.exe a variant of Win32/Toolbar.Widgi.N potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\ilko\Downloads\IObit Malware Fighter PRO v2.5.0.8\IMF PRO activator & keygen\hostblock.bat BAT/HostsChanger.A potentially unsafe application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Windows\SECOH-QAD.dll.xBAD Win64/HackKMS.D potentially unsafe application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Windows\SECOH-QAD.exe.xBAD Win64/HackKMS.C potentially unsafe application cleaned by deleting - quarantined
C:\Games\FIFA 15\3dmgame.dll a variant of Win64/HackTool.Crack.B potentially unsafe application cleaned by deleting - quarantined
C:\Users\ilko\AppData\Roaming\uTorrent\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\ilko\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\ilko\Downloads\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined
C:\Users\ilko\Downloads\FIFA 15 PC full game ^^nosTEAM^^\FIFA15_nosTEAM.part1.exe a variant of Win64/HackTool.Crack.B potentially unsafe application deleted - quarantined
C:\Users\ilko\Downloads\FIFA15 V3\3dmgame.dll a variant of Win64/HackTool.Crack.B potentially unsafe application cleaned by deleting - quarantined
 

eset2remove.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Как е системата ви в момента?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Как е системата ви в момента?

4

Добре е сякаш. Имам 1 въпрос ако това е всичко. Като стартира уиндоус ме пита дали да отворя следното приложение :raptr desktop App . Да го позволявам ли ?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Това приложение е легитимно. То е за game статистика, предполагам че се го използвали. Можете да го позволите, зависи напълно от вас.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Това приложение е легитимно. То е за game статистика, предполагам че се го използвали. Можете да го позволите, зависи напълно от вас.

Благодаря Ви много. Вече лаптопа е изчистен нали?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да, вече всичко е наред.

Изтеглете Delfix.exe и го стартирайте. Сложете отметка пред Remove disinfection tools (трябва да има такава по-подразбиране, но все пак да си кажа) => натиснете бутона Run. Инструмента ще се самоизтрие след като приключи своята задача!

Край! :)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.