Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93098 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Need Help! Kometa took over my pc

Started by NicoleD , Jan 28 2018 01:33 PM
adware malware spyware

  • This topic is locked This topic is locked
11 replies to this topic

#1 NicoleD

NicoleD

    Authentic Member

  • Authentic Member
  • PipPip
  • 225 posts
  • Interests:Social Media, Marketing, IT, Graphic Design, Real Estate

Posted 28 January 2018 - 01:33 PM

Hi,

I'm hoping someone can help me remove a couple unwanted apps from my PC.  The main one is Kometa and then there's a couple using the same icon but i different languages.  I already ran a copy of hijackthis - so I'll add it to the forum.  Thanks

 

actually I can't seem to attach the log.  I get an error about permissions

 

 


    Advertisements

Register to Remove

#2 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 29 January 2018 - 12:07 PM

Have you checked add/remove programs list?

~~~

RQKuhw1.pngRogueKiller
  • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
  • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
  • Wait for the scan to complete
  • On completion, the results will be displayed
  • Check every single entry (threat found), and click on the Remove Selected button
  • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
  • This will open the report in Notepad. Copy/paste its content in your next reply
created by Arua
~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
zcMPezJ.pngAdwCleaner
  • Download AdwCleaner and move it to your Desktop
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all active processes
    V7SD4El.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply
  • created by Arua
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

j1Bynr2.pngMalwarebytes
  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan
    Tu39lqJ.png
  • Let the scan run, the time required to complete the scan depends of your system and computer specs
    Qqbh4g8.png
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button
    • If it asks you to restart your computer to complete the removal, do so
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard.
    1CtdZ26.png
  • Paste the content in your next reply
created by Arua

~~
please post
RogueKiller log
AdwCleaner log
Malwarebytes log
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#3 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 31 January 2018 - 07:06 AM

bump
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#4 NicoleD

NicoleD

    Authentic Member

  • Authentic Member
  • PipPip
  • 225 posts
  • Interests:Social Media, Marketing, IT, Graphic Design, Real Estate

Posted 01 February 2018 - 08:54 AM

hi.  what does bump mean?  I've been replying to these emails from my email.  It doen't look like they're on here


#5 NicoleD

NicoleD

    Authentic Member

  • Authentic Member
  • PipPip
  • 225 posts
  • Interests:Social Media, Marketing, IT, Graphic Design, Real Estate

Posted 01 February 2018 - 08:55 AM

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 2/1/18
Scan Time: 8:30 AM
Log File: 1fa7f346-0754-11e8-adca-141877cb833b.json
Administrator: Yes
 
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3840
License: Trial
 
-System Information-
OS: Windows 10 (Build 16299.192)
CPU: x64
File System: NTFS
User: DESKTOP-NJ10C2V\miaso
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 325686
Threats Detected: 357
Threats Quarantined: 356
Time Elapsed: 3 min, 30 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 15
Backdoor.XTRat, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, Quarantined, [607], [224521],1.0.3840
Backdoor.XTRat, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, Quarantined, [607], [224521],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\curl, Quarantined, [322], [416306],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{160CD03B-D4A0-4FFE-9764-68B8C47F0730}, Quarantined, [322], [416306],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{160CD03B-D4A0-4FFE-9764-68B8C47F0730}, Quarantined, [322], [416306],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\curls, Quarantined, [322], [416303],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9AEE7BCF-9EEC-427F-8BF1-C3178AEC94C9}, Quarantined, [322], [416303],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{9AEE7BCF-9EEC-427F-8BF1-C3178AEC94C9}, Quarantined, [322], [416303],1.0.3840
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, Quarantined, [5054], [425124],1.0.3840
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\TASKENG.EXE, Quarantined, [5054], [425125],1.0.3840
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bhjhnafpiilpffhglajcaepjbnbjemci, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hcadgijmedbfgciegjomfpjcdchlhnif, Quarantined, [618], [403165],1.0.3840
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ngdlmklkpclkhjopnhihdedhjgjmhlaa, Quarantined, [10], [485558],1.0.3840
PUP.Optional.MailRu, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}, Quarantined, [618], [382913],1.0.3840
Adware.DNSUnlocker.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MCohsrXquBS0 Updater_is1, Quarantined, [8311], [446621],1.0.3840
 
Registry Value: 11
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, Quarantined, [5054], [425124],1.0.3840
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, Quarantined, [5054], [425125],1.0.3840
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, Quarantined, [5054], [425126],1.0.3840
PUP.Optional.MailRu, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|URL, Quarantined, [618], [382913],1.0.3840
PUP.Optional.MailRu, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|FAVICONURLFALLBACK, Quarantined, [618], [382913],1.0.3840
PUP.Optional.MailRu, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|SUGGESTIONSURL, Quarantined, [618], [382913],1.0.3840
PUP.Optional.StartPage.Generic, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|UESPYQWHYC, Quarantined, [545], [182786],1.0.3840
Adware.DNSUnlocker.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MCohsrXquBS0 Updater_is1|UNINSTALLSTRING, Quarantined, [8311], [446621],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{160CD03B-D4A0-4FFE-9764-68B8C47F0730}|PATH, Quarantined, [322], [416300],1.0.3840
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{b734f9ad-f7e7-4fae-b1d1-a8d53d700354}|NAMESERVER, Removal Failed, [5310], [260227],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9AEE7BCF-9EEC-427F-8BF1-C3178AEC94C9}|PATH, Quarantined, [322], [416301],1.0.3840
 
Registry Data: 15
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4a16fb61-b5b5-4196-9e15-bf21170879d5}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|DhcpNameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{63ffe266-7996-4469-aad3-b502195375b1}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{b734f9ad-f7e7-4fae-b1d1-a8d53d700354}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{b734f9ad-f7e7-4fae-b1d1-a8d53d700354}|DhcpNameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c6c68813-cea0-4e6c-a3c8-bab8f6d44cbf}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|NameServer, Replaced, [725], [479116],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|NameServer, Replaced, [725], [479117],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|NameServer, Replaced, [725], [479118],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{63ffe266-7996-4469-aad3-b502195375b1}|NameServer, Replaced, [725], [479116],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{63ffe266-7996-4469-aad3-b502195375b1}|NameServer, Replaced, [725], [479117],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{63ffe266-7996-4469-aad3-b502195375b1}|NameServer, Replaced, [725], [479118],1.0.3840
 
Data Stream: 0
(No malicious items detected)
 
Folder: 48
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration\distribution, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\_metadata, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\distribution, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\unity, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\_metadata, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif, Quarantined, [618], [403165],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special\new-year, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\recommendation, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\chrome, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\amigo, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\page-action, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\_metadata, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\external, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\css, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa, Quarantined, [10], [485558],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\update, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\temp, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\PROGRAM FILES (X86)\MCOHSRXQUBS0 UPDATER, Quarantined, [1637], [422716],1.0.3840
 
File: 268
Backdoor.XTRat, C:\WINDOWS\MICROSOFT\SVCHOST.EXE, Quarantined, [607], [224521],1.0.3840
PUP.Optional.MisusedCurl.Generic, C:\WINDOWS\SYSTEM32\TASKS\CURL, Quarantined, [322], [416306],1.0.3840
PUP.Optional.MisusedCurl.Generic, C:\WINDOWS\SYSTEM32\TASKS\CURLS, Quarantined, [322], [416303],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\128.png, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\16.png, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\48.png, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\512.png, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration\distribution\background.js, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration\distribution\distribution-module.js, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\_metadata\computed_hashes.json, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\_metadata\verified_contents.json, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\manifest.json, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\metrics.js, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\128.png, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\16.png, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\48.png, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\512.png, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\distribution\background.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\distribution\distribution-module.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\unity\unity-stub-background.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\unity\unity-stub-inject.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\_metadata\computed_hashes.json, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\_metadata\verified_contents.json, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\manifest.json, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\metrics.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.RussAd, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\css\cs-add-site.css, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\css\main.css, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\external\build.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\Lato-Black.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\Lato-Bold.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\Lato-Light.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\Lato-Regular.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\OpenSans-Bold.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\OpenSans-Light.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\OpenSans-Regular.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\OpenSans-Semibold.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\PTM75F_W.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\at-sign.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\games.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\horo-large.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\horo-medium.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\horo-small.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\mail-large.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\mail-medium.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\mail-small.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\music-large.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\music-medium.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\music-small.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\music-special.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\anchor-scroll.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\downloads.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\favorites.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\history.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\message-center.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\settings.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-left-arrow-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-left-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-left-from-top-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-left-from-top-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-right-from-top-arrow-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-right-from-top-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\top left-arrow-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\top-left-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\top-right-arrow-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\top-right-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\add-site.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\add-tile.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\can-drag-tile.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\drag-tile-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\hint-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\hint-more-themes.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\restore-tile.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\robot.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\libra-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\aquarius-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Aquarius.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\aries-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\aries.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\cancer-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Cancer.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\capricorn-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Capricorn.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\gemini-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Gemini.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\leo-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Leo.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Libra.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\pisces-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\pisces.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\sagittarius-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Sagittarius.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\scorpio-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Scorpio.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\taurus-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Taurus.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\virgo-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Virgo.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\amigo\icon128.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\amigo\icon16.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\amigo\icon48.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\chrome\icon128.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\chrome\icon19.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\chrome\icon48.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\hitech.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\media-arrow-left.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\media-arrow-old.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\media-arrow-right.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\recipes-left.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\recipes-right.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\adding-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\adding.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\menu-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\menu.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\onboarding-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\onboarding-done.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\search-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\search.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\sites-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\sites.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\start.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\page-action\add.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\page-action\added.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\page-action\disabled.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\aliexpress.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\ask.fm.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\cloud.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\confluence.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\dobro.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\facebook.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\fotostrana.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\games.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\hr.corp.mail.ru_irj_portal.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\instagram.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\jira.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\my.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\news.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\ok.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\otvet.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\sf.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\sys.mail.ru.blog.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\sys.mail.ru.ideas.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\sys.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\tanks.mail.ru_game_unity.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\twitter.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\vk.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\vkontakte.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\wf.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\wikipedia.org.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\youtube.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\recommendation\heart.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search\loupe.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search\search-arrow.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings\collections-icon.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings\modes-icon.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings\presets-description-icon.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings\themes-icon.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\1.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\2.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\3.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\4.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\5.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\6.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\facebook.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\fb-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\mm-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\my.mail.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\ok-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\ok.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\tw-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\twitter.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\vk-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\vk.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special\new-year\new_year_big.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special\new-year\new_year_middle.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special\new-year\new_year_small.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\authors-info.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\authors-info.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\error.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\loaded-empty.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\random.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\shuffle.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\themes__arrow-left.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\themes__arrow-right.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\upload.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\upload.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-large.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-medium.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-mix.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-small.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-switch.gif, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\1.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\10.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\11.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\2.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\3.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\4.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\5.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\6.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\7.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\8.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\9.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\no-int-big-black.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\arrows.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\black-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\boards-icon.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\boards-panel-preview.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\combined.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\combined.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\currency-arrow-light-rotated.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\currency-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\currency-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\dialog-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\dots.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\drag-arrows.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\drop-arrow-up.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\drop-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\green-circle.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\no-int-big-white.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\options-spritesheet.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\pencil.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\plus.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\puppy-error.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\remove-tile-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search-cancel-button.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search-crosses.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\side-menu.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\spinner.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\spinner.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\trash.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\white-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\app.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\background.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\cs-add-site.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\preload.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\vendors.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\_metadata\computed_hashes.json, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\_metadata\verified_contents.json, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\background.html, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\manifest.json, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\visual-bookmarks.html, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\000003.log, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\CURRENT, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\LOCK, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\LOG, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\LOG.old, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\MANIFEST-000001, Quarantined, [10], [485558],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\PROGRAM FILES (X86)\MCOHSRXQUBS0 UPDATER\CFG.INI, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\temp\response.ini, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\temp\update.ini, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\unins000.dat, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\unins000.exe, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\updateStatus.ini, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\F806764996D07387.VIR, Quarantined, [361], [440024],1.0.3840
Adware.Agent, C:\$RECYCLE.BIN\S-1-5-21-4086589808-1271659277-1357685244-1001\$R2YF476.7Z, Quarantined, [204], [382959],1.0.3840
Trojan.AdLoad, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\58AC988D2FB8FDFE.VIR, Quarantined, [286], [472332],1.0.3840
Adware.Agent, C:\$RECYCLE.BIN\S-1-5-21-4086589808-1271659277-1357685244-1001\$RZDJ3XV.7Z, Quarantined, [204], [382959],1.0.3840
Adware.Agent, C:\$RECYCLE.BIN\S-1-5-21-4086589808-1271659277-1357685244-1001\$RPQAFTH.7Z, Quarantined, [204], [382959],1.0.3840
Adware.RuKometa, C:\USERS\MIASO\APPDATA\LOCAL\TEMP\T285425811\KOMETAPANEL.EXE, Quarantined, [445], [454317],1.0.3840
Adware.DNSUnlocker.Generic, C:\USERS\MIASO\APPDATA\LOCAL\TEMP\QY0F9PSKGZK6.EXE, Quarantined, [8311], [442194],1.0.3840
PUP.Optional.GameHack, C:\USERS\MIASO\DOWNLOADS\CHECK CASHED V3.ZIP, Quarantined, [646], [393793],1.0.3840
PUP.Optional.OneSystemCare, C:\USERS\MIASO\APPDATA\LOCAL\TEMP\XZQVNNTWYUPR.EXE, Quarantined, [422], [424149],1.0.3840
Adware.MailRu.BatBitRst, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [8262], [481467],1.0.3840
Adware.MailRu.BatBitRst, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [8262], [481467],1.0.3840
PUP.Optional.MailRu, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [618], [454830],1.0.3840
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)

#6 NicoleD

NicoleD

    Authentic Member

  • Authentic Member
  • PipPip
  • 225 posts
  • Interests:Social Media, Marketing, IT, Graphic Design, Real Estate

Posted 01 February 2018 - 09:40 AM

RogueKiller V12.12.2.0 (x64) [Jan 29 2018] (Free) by Adlice Software
 
Operating System : Windows 10 (10.0.16299) 64 bits version
Started in : Normal mode
User : miaso [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 02/01/2018 09:55:50 (Duration : 00:41:05)
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 9 ¤¤¤
[PUP.Gen0] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SWDUMon (\SystemRoot\system32\DRIVERS\SWDUMon.sys) -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-4086589808-1271659277-1357685244-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012018084451595\Software\Microsoft\Internet Explorer\Main | Start Page : http://dell17win10.msn.com/?pc=DCTE -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-4086589808-1271659277-1357685244-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012018084451595\Software\Microsoft\Internet Explorer\Main | Start Page : http://dell17win10.msn.com/?pc=DCTE -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-4086589808-1271659277-1357685244-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell17win10.msn.com/?pc=DCTE -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-4086589808-1271659277-1357685244-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell17win10.msn.com/?pc=DCTE -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-4086589808-1271659277-1357685244-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012018084450314\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell17win10.msn.com/?pc=DCTE -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-4086589808-1271659277-1357685244-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012018084450314\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell17win10.msn.com/?pc=DCTE -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-4086589808-1271659277-1357685244-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012018084451595\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell17win10.msn.com/?pc=DCTE -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-4086589808-1271659277-1357685244-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02012018084451595\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://dell17win10.msn.com/?pc=DCTE -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ WMI : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 2 ¤¤¤
[PUP.PCProtect][Chrome:Addon] Default : Total AV Web Shield [looohgelibjoplmkhecmalapkgadkfcc] -> Found
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://mail.ru/cnt/10445?gp=855403]-> Found
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10JPVX-75JC3T0 +++++
--- User ---
[MBR] eaf95156a8c96b749deb19da40e081a4
[BSP] c8c079471fd1814429dec05b843d3580 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1026048 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1288192 | Size: 939438 MB
3 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 1925257216 | Size: 450 MB
4 - [SYSTEM][MAN-MOUNT]  | Offset (sectors): 1926178816 | Size: 13352 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: PNY USB 3.0 FD USB Device +++++
--- User ---
[MBR] 5a9dde57946e69cd5c1dcd06543cf486
[BSP] e58f36b225593c1fca384cf30a885757 : Windows XP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 136016 | Size: 236093 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

#7 NicoleD

NicoleD

    Authentic Member

  • Authentic Member
  • PipPip
  • 225 posts
  • Interests:Social Media, Marketing, IT, Graphic Design, Real Estate

Posted 01 February 2018 - 09:56 AM

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 2/1/18
Scan Time: 8:30 AM
Log File: 1fa7f346-0754-11e8-adca-141877cb833b.json
Administrator: Yes
 
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3840
License: Trial
 
-System Information-
OS: Windows 10 (Build 16299.192)
CPU: x64
File System: NTFS
User: DESKTOP-NJ10C2V\miaso
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 325686
Threats Detected: 357
Threats Quarantined: 356
Time Elapsed: 3 min, 30 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 15
Backdoor.XTRat, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, Quarantined, [607], [224521],1.0.3840
Backdoor.XTRat, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SVCHOST.EXE, Quarantined, [607], [224521],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\curl, Quarantined, [322], [416306],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{160CD03B-D4A0-4FFE-9764-68B8C47F0730}, Quarantined, [322], [416306],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{160CD03B-D4A0-4FFE-9764-68B8C47F0730}, Quarantined, [322], [416306],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\curls, Quarantined, [322], [416303],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9AEE7BCF-9EEC-427F-8BF1-C3178AEC94C9}, Quarantined, [322], [416303],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{9AEE7BCF-9EEC-427F-8BF1-C3178AEC94C9}, Quarantined, [322], [416303],1.0.3840
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, Quarantined, [5054], [425124],1.0.3840
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\TASKENG.EXE, Quarantined, [5054], [425125],1.0.3840
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bhjhnafpiilpffhglajcaepjbnbjemci, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hcadgijmedbfgciegjomfpjcdchlhnif, Quarantined, [618], [403165],1.0.3840
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ngdlmklkpclkhjopnhihdedhjgjmhlaa, Quarantined, [10], [485558],1.0.3840
PUP.Optional.MailRu, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}, Quarantined, [618], [382913],1.0.3840
Adware.DNSUnlocker.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MCohsrXquBS0 Updater_is1, Quarantined, [8311], [446621],1.0.3840
 
Registry Value: 11
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, Quarantined, [5054], [425124],1.0.3840
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, Quarantined, [5054], [425125],1.0.3840
PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, Quarantined, [5054], [425126],1.0.3840
PUP.Optional.MailRu, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|URL, Quarantined, [618], [382913],1.0.3840
PUP.Optional.MailRu, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|FAVICONURLFALLBACK, Quarantined, [618], [382913],1.0.3840
PUP.Optional.MailRu, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|SUGGESTIONSURL, Quarantined, [618], [382913],1.0.3840
PUP.Optional.StartPage.Generic, HKU\S-1-5-21-4086589808-1271659277-1357685244-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|UESPYQWHYC, Quarantined, [545], [182786],1.0.3840
Adware.DNSUnlocker.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MCohsrXquBS0 Updater_is1|UNINSTALLSTRING, Quarantined, [8311], [446621],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{160CD03B-D4A0-4FFE-9764-68B8C47F0730}|PATH, Quarantined, [322], [416300],1.0.3840
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{b734f9ad-f7e7-4fae-b1d1-a8d53d700354}|NAMESERVER, Removal Failed, [5310], [260227],1.0.3840
PUP.Optional.MisusedCurl.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9AEE7BCF-9EEC-427F-8BF1-C3178AEC94C9}|PATH, Quarantined, [322], [416301],1.0.3840
 
Registry Data: 15
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{4a16fb61-b5b5-4196-9e15-bf21170879d5}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|DhcpNameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{63ffe266-7996-4469-aad3-b502195375b1}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{b734f9ad-f7e7-4fae-b1d1-a8d53d700354}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{b734f9ad-f7e7-4fae-b1d1-a8d53d700354}|DhcpNameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{c6c68813-cea0-4e6c-a3c8-bab8f6d44cbf}|NameServer, Replaced, [5310], [-1],0.0.0
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|NameServer, Replaced, [725], [479116],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|NameServer, Replaced, [725], [479117],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{61c9b2fa-58f4-4a27-8720-a17f16ac0af1}|NameServer, Replaced, [725], [479118],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{63ffe266-7996-4469-aad3-b502195375b1}|NameServer, Replaced, [725], [479116],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{63ffe266-7996-4469-aad3-b502195375b1}|NameServer, Replaced, [725], [479117],1.0.3840
Trojan.DNSChanger, HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{63ffe266-7996-4469-aad3-b502195375b1}|NameServer, Replaced, [725], [479118],1.0.3840
 
Data Stream: 0
(No malicious items detected)
 
Folder: 48
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration\distribution, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\_metadata, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\distribution, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\unity, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\_metadata, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif, Quarantined, [618], [403165],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special\new-year, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\recommendation, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\chrome, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\amigo, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\page-action, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\_metadata, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\external, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\css, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa, Quarantined, [10], [485558],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\update, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\temp, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\PROGRAM FILES (X86)\MCOHSRXQUBS0 UPDATER, Quarantined, [1637], [422716],1.0.3840
 
File: 268
Backdoor.XTRat, C:\WINDOWS\MICROSOFT\SVCHOST.EXE, Quarantined, [607], [224521],1.0.3840
PUP.Optional.MisusedCurl.Generic, C:\WINDOWS\SYSTEM32\TASKS\CURL, Quarantined, [322], [416306],1.0.3840
PUP.Optional.MisusedCurl.Generic, C:\WINDOWS\SYSTEM32\TASKS\CURLS, Quarantined, [322], [416303],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\128.png, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\16.png, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\48.png, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\img\512.png, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration\distribution\background.js, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\integration\distribution\distribution-module.js, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\_metadata\computed_hashes.json, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\_metadata\verified_contents.json, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\manifest.json, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci\12.0.23_0\metrics.js, Quarantined, [618], [448286],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\128.png, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\16.png, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\48.png, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\icons\512.png, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\distribution\background.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\distribution\distribution-module.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\unity\unity-stub-background.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\integration\unity\unity-stub-inject.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\_metadata\computed_hashes.json, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\_metadata\verified_contents.json, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\manifest.json, Quarantined, [618], [403165],1.0.3840
PUP.Optional.MailRu, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif\12.0.28_0\metrics.js, Quarantined, [618], [403165],1.0.3840
PUP.Optional.RussAd, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\css\cs-add-site.css, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\css\main.css, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\external\build.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\Lato-Black.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\Lato-Bold.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\Lato-Light.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\Lato-Regular.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\OpenSans-Bold.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\OpenSans-Light.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\OpenSans-Regular.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\OpenSans-Semibold.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\fonts\PTM75F_W.woff, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\at-sign.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\games.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\horo-large.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\horo-medium.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\horo-small.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\mail-large.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\mail-medium.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\mail-small.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\music-large.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\music-medium.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\music-small.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\extensions\music-special.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\anchor-scroll.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\downloads.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\favorites.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\history.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\message-center.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\footer-icons\settings.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-left-arrow-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-left-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-left-from-top-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-left-from-top-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-right-from-top-arrow-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\bottom-right-from-top-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\top left-arrow-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\top-left-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\top-right-arrow-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\arrows\top-right-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\add-site.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\add-tile.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\can-drag-tile.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\drag-tile-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\hint-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\hint-more-themes.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\restore-tile.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\hints\robot.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\libra-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\aquarius-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Aquarius.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\aries-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\aries.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\cancer-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Cancer.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\capricorn-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Capricorn.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\gemini-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Gemini.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\leo-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Leo.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Libra.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\pisces-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\pisces.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\sagittarius-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Sagittarius.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\scorpio-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Scorpio.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\taurus-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Taurus.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\virgo-dark.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\horo\Virgo.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\amigo\icon128.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\amigo\icon16.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\amigo\icon48.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\chrome\icon128.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\chrome\icon19.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\icons\chrome\icon48.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\hitech.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\media-arrow-left.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\media-arrow-old.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\media-arrow-right.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\recipes-left.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\media-tile\recipes-right.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\adding-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\adding.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\menu-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\menu.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\onboarding-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\onboarding-done.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\search-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\search.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\sites-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\sites.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\onboarding\start.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\page-action\add.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\page-action\added.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\page-action\disabled.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\aliexpress.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\ask.fm.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\cloud.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\confluence.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\dobro.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\facebook.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\fotostrana.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\games.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\hr.corp.mail.ru_irj_portal.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\instagram.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\jira.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\my.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\news.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\ok.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\otvet.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\sf.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\sys.mail.ru.blog.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\sys.mail.ru.ideas.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\sys.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\tanks.mail.ru_game_unity.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\twitter.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\vk.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\vkontakte.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\wf.mail.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\wikipedia.org.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\predefined\youtube.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\recommendation\heart.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search\loupe.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search\search-arrow.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings\collections-icon.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings\modes-icon.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings\presets-description-icon.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\settings\themes-icon.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\1.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\2.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\3.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\4.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\5.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\showcase-placeholders\games\6.jpg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\facebook.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\fb-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\mm-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\my.mail.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\ok-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\ok.ru.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\tw-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\twitter.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\vk-hover.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\social\vk.com.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special\new-year\new_year_big.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special\new-year\new_year_middle.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\special\new-year\new_year_small.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\authors-info.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\authors-info.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\error.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\loaded-empty.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\random.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\shuffle.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\themes__arrow-left.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\themes__arrow-right.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\upload.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\themes\upload.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-large.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-medium.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-mix.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-small.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\tiles-settings\mode-switch.gif, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\1.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\10.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\11.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\2.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\3.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\4.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\5.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\6.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\7.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\8.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\weather\9.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\no-int-big-black.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\arrows.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\black-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\boards-icon.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\boards-panel-preview.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\combined.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\combined.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\currency-arrow-light-rotated.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\currency-arrow-light.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\currency-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\dialog-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\dots.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\drag-arrows.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\drop-arrow-up.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\drop-arrow.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\green-circle.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\no-int-big-white.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\options-spritesheet.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\pencil.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\plus.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\puppy-error.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\remove-tile-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search-cancel-button.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search-crosses.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\search.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\side-menu.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\spinner.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\spinner.svg, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\trash.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\img\white-cross.png, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\app.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\background.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\cs-add-site.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\preload.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\js\vendors.js, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\_metadata\computed_hashes.json, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\_metadata\verified_contents.json, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\background.html, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\manifest.json, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngdlmklkpclkhjopnhihdedhjgjmhlaa\3.5.6_0\visual-bookmarks.html, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\000003.log, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\CURRENT, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\LOCK, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\LOG, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\LOG.old, Quarantined, [10], [485558],1.0.3840
PUP.Optional.RussAd, C:\Users\miaso\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ngdlmklkpclkhjopnhihdedhjgjmhlaa\MANIFEST-000001, Quarantined, [10], [485558],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\PROGRAM FILES (X86)\MCOHSRXQUBS0 UPDATER\CFG.INI, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\temp\response.ini, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\temp\update.ini, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\unins000.dat, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\unins000.exe, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker.ACMB2, C:\Program Files (x86)\MCohsrXquBS0 Updater\updateStatus.ini, Quarantined, [1637], [422716],1.0.3840
Adware.DNSUnlocker, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\F806764996D07387.VIR, Quarantined, [361], [440024],1.0.3840
Adware.Agent, C:\$RECYCLE.BIN\S-1-5-21-4086589808-1271659277-1357685244-1001\$R2YF476.7Z, Quarantined, [204], [382959],1.0.3840
Trojan.AdLoad, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\58AC988D2FB8FDFE.VIR, Quarantined, [286], [472332],1.0.3840
Adware.Agent, C:\$RECYCLE.BIN\S-1-5-21-4086589808-1271659277-1357685244-1001\$RZDJ3XV.7Z, Quarantined, [204], [382959],1.0.3840
Adware.Agent, C:\$RECYCLE.BIN\S-1-5-21-4086589808-1271659277-1357685244-1001\$RPQAFTH.7Z, Quarantined, [204], [382959],1.0.3840
Adware.RuKometa, C:\USERS\MIASO\APPDATA\LOCAL\TEMP\T285425811\KOMETAPANEL.EXE, Quarantined, [445], [454317],1.0.3840
Adware.DNSUnlocker.Generic, C:\USERS\MIASO\APPDATA\LOCAL\TEMP\QY0F9PSKGZK6.EXE, Quarantined, [8311], [442194],1.0.3840
PUP.Optional.GameHack, C:\USERS\MIASO\DOWNLOADS\CHECK CASHED V3.ZIP, Quarantined, [646], [393793],1.0.3840
PUP.Optional.OneSystemCare, C:\USERS\MIASO\APPDATA\LOCAL\TEMP\XZQVNNTWYUPR.EXE, Quarantined, [422], [424149],1.0.3840
Adware.MailRu.BatBitRst, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [8262], [481467],1.0.3840
Adware.MailRu.BatBitRst, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [8262], [481467],1.0.3840
PUP.Optional.MailRu, C:\USERS\MIASO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [618], [454830],1.0.3840
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)

#8 NicoleD

NicoleD

    Authentic Member

  • Authentic Member
  • PipPip
  • 225 posts
  • Interests:Social Media, Marketing, IT, Graphic Design, Real Estate

Posted 01 February 2018 - 10:03 AM

that should be all the logs.  btw, IE is no longer working


#9 NicoleD

NicoleD

    Authentic Member

  • Authentic Member
  • PipPip
  • 225 posts
  • Interests:Social Media, Marketing, IT, Graphic Design, Real Estate

Posted 01 February 2018 - 10:14 AM

# AdwCleaner 7.0.7.0 - Logfile created on Thu Feb 01 16:05:42 2018
# Updated on 2018/18/01 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
No malicious folders deleted.
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
No malicious registry entries deleted.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
Plugin deleted: Total AV Web Shield - 
 
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[C0].txt - [6966 B] - [2018/2/1 13:4:3]
C:/AdwCleaner/AdwCleaner[S0].txt - [7970 B] - [2018/2/1 12:27:45]
C:/AdwCleaner/AdwCleaner[S1].txt - [1248 B] - [2018/2/1 16:3:9]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

#10 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 01 February 2018 - 10:53 AM

I'm surprised Google Chrome is still working since it was so heavily attacked.

Malwarebytes found Backdoor.XTRat,
https://blog.malware...backdoor-xtrat/

users should take precaution, assuming that there has been a security breach and information has been stolen.
one or more of the identified infections is a backdoor Trojan. If this computer is ever used for on-line banking, I suggest you do the following IMMEDIATELY:

* Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
* From a clean computer, change ALL your on-line passwords for email, for banks, financial accounts, PayPal, eBay, on-line companies, any on-line forums or groups you belong to.

Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information. Please refrain from using this computer for online-banking/financial purpose until we give it all clear

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
You should reset your browsers back to default

Instructions on how to backup your Favourites/Bookmarks and other data can be found below.Proceed with the reset once done.~~~~~~~~~~~~~~~~~~~

When you ran RogueKiller, did you allow it to remove all that it found?

~~~

Let's see if we can check for remnants using an online scan.

G0tu5D9.pngEmsisoft Emergency Kit
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder;
  • Once the extraction is complete, the EEK folder will open. Right-click on G0tu5D9.pngstart emergency kit scanner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • EEK will suggest that you run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes).
  • Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button;
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, open EEK again (in the C:\EEK folder);
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply;

Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#11 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 07 February 2018 - 04:17 AM

still need help?
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

#12 Juliet

Juliet

    SuperHelper

  • Retired Classroom Teacher
  • 7,686 posts
  • Interests:Boo!....
  • MVP

Posted 11 February 2018 - 03:31 PM

Glad we could help. SakDYGv.gif
Since this issue appears resolved ... this Topic is closed.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...


MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

Also tagged with one or more of these keywords: adware, malware, spyware

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·