Anti-malware scan started at: 13.08.

2020 9:38:15 AM
13.08.2020 9:38:28 AM Unwanted Software Files
Probably Malicious: C:\REI\ = C:\REI\
Delete Marked Items Auto Start Apps->Unwanted Software Files. C:\REI\=C:\REI\
Deleted: C:\REI\cfl.rei
Deleted: C:\REI
Cannot remove folder: C:\REI\
Error: 0
Delete At reboot: C:\REI
-------------------------------------------------------
13.08.2020 9:38:51 AM Approved File Replacement
Delete: C:\REI
13.08.2020 9:39:09 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
13.08.2020 9:39:09 AM User Shortcuts
Unknown: C:\Users\ali\Desktop\Dashlane.lnk =
C:\Users\ali\AppData\Roaming\Dashlane\Dashlane.exe
13.08.2020 9:39:09 AM User Shortcuts
Unknown: C:\Users\ali\Desktop\Movavi Video Editor Plus 2020.lnk =
C:\Users\ali\AppData\Roaming\Movavi Video Editor Plus 2020\VideoEditorPlus.exe
13.08.2020 9:39:09 AM User Shortcuts
Unknown: C:\Users\ali\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
13.08.2020 9:39:09 AM User Shortcuts
Unknown: C:\Users\Public\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
13.08.2020 9:39:10 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
Anti-malware scan started at: 13.08.2020 9:53:56 AM
8/13/2020 9:54:25 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
8/13/2020 9:54:25 AM User Shortcuts
Unknown: C:\Users\ali\Desktop\Dashlane.lnk =
C:\Users\ali\AppData\Roaming\Dashlane\Dashlane.exe
8/13/2020 9:54:25 AM User Shortcuts
Unknown: C:\Users\ali\Desktop\Movavi Video Editor Plus 2020.lnk =
C:\Users\ali\AppData\Roaming\Movavi Video Editor Plus 2020\VideoEditorPlus.exe
8/13/2020 9:54:25 AM User Shortcuts
Unknown: C:\Users\ali\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
8/13/2020 9:54:25 AM User Shortcuts
Unknown: C:\Users\Public\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
8/13/2020 9:54:25 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
Anti-malware scan finished at: 8/13/2020 9:54:39 AM
Anti-malware scan started at: 13.08.2020 1:54:56 PM
13.08.2020 1:55:10 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
13.08.2020 1:55:21 PM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
13.08.2020 1:55:21 PM User Shortcuts
Unknown: C:\Users\ali\Desktop\Dashlane.lnk =
C:\Users\ali\AppData\Roaming\Dashlane\Dashlane.exe
13.08.2020 1:55:21 PM User Shortcuts
Unknown: C:\Users\ali\Desktop\Movavi Video Editor Plus 2020.lnk =
C:\Users\ali\AppData\Roaming\Movavi Video Editor Plus 2020\VideoEditorPlus.exe
13.08.2020 1:55:21 PM User Shortcuts
Unknown: C:\Users\ali\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
13.08.2020 1:55:21 PM User Shortcuts
Unknown: C:\Users\Public\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
13.08.2020 1:55:22 PM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
Anti-malware scan finished at: 13.08.2020 1:55:58 PM
Anti-malware scan started at: 13.08.2020 5:56:26 PM
13.08.2020 5:56:34 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
13.08.2020 5:56:39 PM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
13.08.2020 5:56:39 PM User Shortcuts
Unknown: C:\Users\ali\Desktop\Dashlane.lnk =
C:\Users\ali\AppData\Roaming\Dashlane\Dashlane.exe
13.08.2020 5:56:40 PM User Shortcuts
Unknown: C:\Users\ali\Desktop\Movavi Video Editor Plus 2020.lnk =
C:\Users\ali\AppData\Roaming\Movavi Video Editor Plus 2020\VideoEditorPlus.exe
13.08.2020 5:56:40 PM User Shortcuts
Unknown: C:\Users\ali\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
13.08.2020 5:56:40 PM User Shortcuts
Unknown: C:\Users\Public\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
13.08.2020 5:56:40 PM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
Anti-malware scan finished at: 13.08.2020 5:56:57 PM
Anti-malware scan started at: 22.09.2020 10:05:13 AM
22.09.2020 10:05:34 AM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
22.09.2020 10:05:45 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
22.09.2020 10:05:45 AM User Shortcuts
Unknown: C:\Users\ali\Desktop\Dashlane.lnk =
C:\Users\ali\AppData\Roaming\Dashlane\Dashlane.exe
22.09.2020 10:05:45 AM User Shortcuts
Unknown: C:\Users\ali\Desktop\Movavi Video Editor Plus 2020.lnk =
C:\Users\ali\AppData\Roaming\Movavi Video Editor Plus 2020\VideoEditorPlus.exe
22.09.2020 10:05:45 AM User Shortcuts
Unknown: C:\Users\ali\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
22.09.2020 10:05:45 AM User Shortcuts
Unknown: C:\Users\Public\Desktop\SpeedVPN.lnk =
C:\Users\ali\AppData\Roaming\SpeedVPN\SpeedVPN.exe
22.09.2020 10:05:45 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
22.09.2020 10:05:45 AM Registry RunOnce
Probably Malicious: CleanUp RzS2S3Wizard = C:\PROGRAM FILES
(X86)\RAZER\RZS3WIZARDS2S3\RZINSTALLERDELETIONS2S3.VBS
Anti-malware scan finished at: 22.09.2020 10:06:24 AM
Anti-malware scan started at: 22.09.2020 10:21:01 AM
22.09.2020 10:22:03 AM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
Anti-malware scan started at: 20.10.2020 12:08:22 PM
20.10.2020 12:08:37 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
10/20/2020 12:08:55 PM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
10/20/2020 12:08:55 PM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
10/20/2020 12:08:55 PM Registry RunOnce
Probably Malicious: CleanUp RzS2S3Wizard = C:\PROGRAM FILES
(X86)\RAZER\RZS3WIZARDS2S3\RZINSTALLERDELETIONS2S3.VBS
Anti-malware scan finished at: 10/20/2020 12:09:36 PM
Anti-malware scan started at: 20.10.2020 12:12:17 PM
20.10.2020 12:13:37 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
Anti-malware scan finished at: 10/20/2020 12:24:38 PM
Anti-malware scan started at: 20.10.2020 12:24:57 PM
Anti-malware scan started at: 20.10.2020 12:25:23 PM
20.10.2020 12:26:29 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
Anti-malware scan finished at: 20.10.2020 12:28:16 PM
Anti-malware scan started at: 20.10.2020 4:32:09 PM
20.10.2020 4:33:03 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
20.10.2020 4:33:29 PM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
20.10.2020 4:33:29 PM User Shortcuts
Unknown: C:\Users\Public\Desktop\Resume Reimage Repair Installation.lnk =
C:\Users\ali\Downloads\ReimageRepair.exe
20.10.2020 4:33:29 PM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
20.10.2020 4:33:29 PM Registry RunOnce
Probably Malicious: CleanUp RzS2S3Wizard = C:\PROGRAM FILES
(X86)\RAZER\RZS3WIZARDS2S3\RZINSTALLERDELETIONS2S3.VBS
20.10.2020 4:33:31 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
20.10.2020 4:33:31 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
20.10.2020 4:33:31 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
20.10.2020 4:33:31 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
20.10.2020 4:33:31 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
20.10.2020 4:33:31 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
20.10.2020 4:33:31 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
20.10.2020 4:33:31 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
20.10.2020 4:33:31 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
Anti-malware scan finished at: 20.10.2020 4:35:27 PM
Anti-malware scan started at: 21.10.2020 1:19:58 PM
21.10.2020 1:20:20 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
21.10.2020 1:20:36 PM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
21.10.2020 1:20:36 PM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
21.10.2020 1:20:36 PM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
21.10.2020 1:20:37 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
21.10.2020 1:20:38 PM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
21.10.2020 1:20:38 PM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
21.10.2020 1:20:38 PM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
21.10.2020 1:20:38 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
21.10.2020 1:20:38 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
21.10.2020 1:20:38 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
21.10.2020 1:20:38 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
21.10.2020 1:20:38 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
21.10.2020 1:20:38 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
21.10.2020 1:20:38 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
21.10.2020 1:20:38 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
21.10.2020 1:20:38 PM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
21.10.2020 1:20:38 PM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
Anti-malware scan finished at: 21.10.2020 1:22:09 PM
Anti-malware scan started at: 22.10.2020 10:28:34 AM
22.10.2020 10:28:53 AM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
22.10.2020 10:29:10 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
22.10.2020 10:29:10 AM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
22.10.2020 10:29:10 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
22.10.2020 10:29:11 AM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
22.10.2020 10:29:11 AM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
22.10.2020 10:29:11 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
22.10.2020 10:29:11 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 10:29:11 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 10:29:12 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
22.10.2020 10:29:12 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
22.10.2020 10:29:12 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
22.10.2020 10:29:12 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
22.10.2020 10:29:12 AM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
22.10.2020 10:29:12 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
22.10.2020 10:29:12 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 10:29:12 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
22.10.2020 10:29:12 AM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
22.10.2020 10:29:12 AM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
10/22/2020 10:30:44 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
10/22/2020 10:30:44 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
4\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
10/22/2020 10:30:44 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
10/22/2020 10:30:44 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 10/22/2020 10:31:23 AM
Anti-malware scan started at: 22.10.2020 2:33:36 PM
22.10.2020 2:35:12 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
22.10.2020 2:36:18 PM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
22.10.2020 2:36:18 PM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
22.10.2020 2:36:18 PM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
22.10.2020 2:36:20 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
22.10.2020 2:36:20 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 2:36:20 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 2:36:20 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
22.10.2020 2:36:20 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
22.10.2020 2:36:20 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
22.10.2020 2:36:21 PM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
22.10.2020 2:36:21 PM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
22.10.2020 2:36:21 PM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
22.10.2020 2:36:21 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
22.10.2020 2:36:21 PM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
22.10.2020 2:36:21 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
22.10.2020 2:36:21 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 2:36:21 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
22.10.2020 2:36:21 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 2:36:22 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
22.10.2020 2:36:22 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
22.10.2020 2:36:22 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
22.10.2020 2:36:22 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
22.10.2020 2:36:22 PM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
22.10.2020 2:36:22 PM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
22.10.2020 2:41:13 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
22.10.2020 2:41:14 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
22.10.2020 2:41:14 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 22.10.2020 2:44:03 PM
Anti-malware scan started at: 22.10.2020 8:32:19 PM
22.10.2020 8:32:33 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
22.10.2020 8:32:48 PM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
22.10.2020 8:32:48 PM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
22.10.2020 8:32:48 PM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
22.10.2020 8:32:50 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
22.10.2020 8:32:50 PM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
22.10.2020 8:32:50 PM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
22.10.2020 8:32:50 PM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
22.10.2020 8:32:50 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
22.10.2020 8:32:50 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 8:32:50 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 8:32:50 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
22.10.2020 8:32:50 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
22.10.2020 8:32:50 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
22.10.2020 8:32:50 PM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
22.10.2020 8:32:50 PM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
22.10.2020 8:32:50 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
22.10.2020 8:32:51 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 8:32:51 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
22.10.2020 8:32:51 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
22.10.2020 8:32:51 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
22.10.2020 8:32:51 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
22.10.2020 8:32:51 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
22.10.2020 8:32:51 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
22.10.2020 8:32:51 PM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
22.10.2020 8:32:51 PM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
22.10.2020 8:34:08 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
22.10.2020 8:34:09 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
22.10.2020 8:34:09 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 22.10.2020 8:34:28 PM
Anti-malware scan started at: 23.10.2020 3:58:51 AM
23.10.2020 3:59:05 AM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
23.10.2020 3:59:20 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
23.10.2020 3:59:21 AM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
23.10.2020 3:59:21 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
23.10.2020 3:59:22 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
23.10.2020 3:59:22 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 3:59:22 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
23.10.2020 3:59:22 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 3:59:22 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
23.10.2020 3:59:22 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
23.10.2020 3:59:22 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
23.10.2020 3:59:22 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
23.10.2020 3:59:22 AM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
23.10.2020 3:59:22 AM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
23.10.2020 3:59:22 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
23.10.2020 3:59:22 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 3:59:23 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 3:59:23 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
23.10.2020 3:59:23 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
23.10.2020 3:59:23 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
23.10.2020 3:59:23 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
23.10.2020 3:59:23 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
23.10.2020 3:59:23 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
23.10.2020 3:59:23 AM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
23.10.2020 3:59:23 AM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
23.10.2020 3:59:23 AM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
23.10.2020 4:00:39 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 23.10.2020 4:00:58 AM
Anti-malware scan started at: 23.10.2020 8:03:48 AM
23.10.2020 8:04:26 AM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
23.10.2020 8:04:49 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
23.10.2020 8:04:49 AM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
23.10.2020 8:04:50 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
23.10.2020 8:04:51 AM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
23.10.2020 8:04:51 AM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
23.10.2020 8:04:51 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
23.10.2020 8:04:51 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 8:04:52 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 8:04:52 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
23.10.2020 8:04:52 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
23.10.2020 8:04:52 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
23.10.2020 8:04:52 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
23.10.2020 8:04:52 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
23.10.2020 8:04:52 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
23.10.2020 8:04:52 AM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
23.10.2020 8:04:52 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
23.10.2020 8:04:53 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 8:04:53 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
23.10.2020 8:04:53 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 8:04:53 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
23.10.2020 8:04:53 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
23.10.2020 8:04:53 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
23.10.2020 8:04:53 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
23.10.2020 8:04:53 AM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
23.10.2020 8:04:54 AM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
23.10.2020 8:05:37 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
23.10.2020 8:05:38 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
23.10.2020 8:05:38 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 23.10.2020 8:06:15 AM
Anti-malware scan started at: 23.10.2020 9:31:44 PM
23.10.2020 9:32:01 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
23.10.2020 9:32:17 PM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
23.10.2020 9:32:17 PM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
23.10.2020 9:32:17 PM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
23.10.2020 9:32:18 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
23.10.2020 9:32:18 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 9:32:18 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
23.10.2020 9:32:18 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 9:32:18 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
23.10.2020 9:32:18 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
23.10.2020 9:32:18 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
23.10.2020 9:32:18 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
23.10.2020 9:32:18 PM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
23.10.2020 9:32:19 PM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
23.10.2020 9:32:19 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
23.10.2020 9:32:19 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 9:32:19 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
23.10.2020 9:32:19 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
23.10.2020 9:32:19 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
23.10.2020 9:32:19 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
23.10.2020 9:32:19 PM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
23.10.2020 9:32:19 PM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
23.10.2020 9:32:19 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
23.10.2020 9:32:19 PM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
23.10.2020 9:32:19 PM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
23.10.2020 9:32:20 PM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
23.10.2020 9:33:37 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
23.10.2020 9:33:37 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
23.10.2020 9:33:37 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 23.10.2020 9:33:57 PM
Anti-malware scan started at: 24.10.2020 1:40:06 AM
24.10.2020 1:40:21 AM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
24.10.2020 1:40:44 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
24.10.2020 1:40:44 AM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
24.10.2020 1:40:44 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
24.10.2020 1:40:44 AM Registry RunOnce
Probably Malicious: Application Restart #0 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 1:40:44 AM Registry RunOnce
Probably Malicious: Application Restart #1 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 1:40:44 AM Registry RunOnce
Probably Malicious: Application Restart #2 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 1:40:45 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
24.10.2020 1:40:45 AM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
24.10.2020 1:40:45 AM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
24.10.2020 1:40:46 AM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
24.10.2020 1:40:46 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
24.10.2020 1:40:46 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
24.10.2020 1:40:46 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 1:40:47 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
24.10.2020 1:40:47 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
24.10.2020 1:40:47 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
24.10.2020 1:40:47 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
24.10.2020 1:40:47 AM Google Chrome Notifications
Probably Malicious: 2 = https://cryptotabbrowser.com:443,*
24.10.2020 1:40:47 AM Google Chrome Notifications
Probably Malicious: 5 = https://freebitco.in:443,*
24.10.2020 1:42:04 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
24.10.2020 1:42:04 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
24.10.2020 1:42:04 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 24.10.2020 1:42:23 AM
Anti-malware scan started at: 24.10.2020 5:42:37 AM
24.10.2020 5:43:06 AM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
24.10.2020 5:43:28 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
24.10.2020 5:43:29 AM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
24.10.2020 5:43:29 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
24.10.2020 5:43:29 AM Registry RunOnce
Probably Malicious: Application Restart #0 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 5:43:29 AM Registry RunOnce
Probably Malicious: Application Restart #1 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 5:43:29 AM Registry RunOnce
Probably Malicious: Application Restart #2 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 5:43:30 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
24.10.2020 5:43:30 AM Google Chrome Notifications
Probably Malicious: 3 = https://cryptotabbrowser.com:443,*
24.10.2020 5:43:30 AM Google Chrome Notifications
Probably Malicious: 6 = https://freebitco.in:443,*
24.10.2020 5:43:30 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
24.10.2020 5:43:31 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 5:43:31 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 5:43:31 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
24.10.2020 5:43:31 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
24.10.2020 5:43:31 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
24.10.2020 5:43:31 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
24.10.2020 5:43:31 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
24.10.2020 5:43:31 AM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
24.10.2020 5:43:31 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
24.10.2020 5:43:31 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 5:43:31 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
24.10.2020 5:43:32 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 5:43:32 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
24.10.2020 5:43:32 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
24.10.2020 5:43:32 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
24.10.2020 5:43:32 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
24.10.2020 5:43:32 AM Google Chrome Notifications
Probably Malicious: 3 = https://cryptotabbrowser.com:443,*
24.10.2020 5:43:32 AM Google Chrome Notifications
Probably Malicious: 6 = https://freebitco.in:443,*
24.10.2020 5:44:57 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
24.10.2020 5:44:57 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
24.10.2020 5:44:57 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 24.10.2020 5:45:18 AM
Anti-malware scan started at: 24.10.2020 9:45:47 AM
24.10.2020 9:46:36 AM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
24.10.2020 9:47:05 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
24.10.2020 9:47:05 AM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
24.10.2020 9:47:05 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
24.10.2020 9:47:05 AM Registry RunOnce
Probably Malicious: Application Restart #0 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 9:47:05 AM Registry RunOnce
Probably Malicious: Application Restart #1 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 9:47:05 AM Registry RunOnce
Probably Malicious: Application Restart #2 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 9:47:07 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
24.10.2020 9:47:07 AM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
24.10.2020 9:47:07 AM Google Chrome Notifications
Probably Malicious: 4 = https://cryptotabbrowser.com:443,*
24.10.2020 9:47:07 AM Google Chrome Notifications
Probably Malicious: 7 = https://freebitco.in:443,*
24.10.2020 9:47:07 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
24.10.2020 9:47:07 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 9:47:07 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 9:47:07 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
24.10.2020 9:47:07 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
24.10.2020 9:47:08 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
24.10.2020 9:47:08 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
24.10.2020 9:47:08 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
24.10.2020 9:47:08 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
24.10.2020 9:47:08 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 9:47:08 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
24.10.2020 9:47:08 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
24.10.2020 9:47:08 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
24.10.2020 9:47:08 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
24.10.2020 9:47:09 AM Google Chrome Notifications
Probably Malicious: 4 = https://cryptotabbrowser.com:443,*
24.10.2020 9:47:09 AM Google Chrome Notifications
Probably Malicious: 7 = https://freebitco.in:443,*
24.10.2020 9:47:35 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
24.10.2020 9:47:35 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
24.10.2020 9:47:35 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 24.10.2020 9:47:57 AM
Anti-malware scan started at: 24.10.2020 1:48:23 PM
24.10.2020 1:48:40 PM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
24.10.2020 1:49:11 PM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
24.10.2020 1:49:11 PM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
24.10.2020 1:49:11 PM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
24.10.2020 1:49:11 PM Registry RunOnce
Probably Malicious: Application Restart #2 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
24.10.2020 1:49:13 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
24.10.2020 1:49:13 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 1:49:13 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
24.10.2020 1:49:13 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 1:49:13 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
24.10.2020 1:49:13 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
24.10.2020 1:49:13 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
24.10.2020 1:49:13 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
24.10.2020 1:49:13 PM Google Chrome Notifications
Probably Malicious: 4 = https://cryptotabbrowser.com:443,*
24.10.2020 1:49:13 PM Google Chrome Notifications
Probably Malicious: 7 = https://freebitco.in:443,*
24.10.2020 1:49:13 PM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
24.10.2020 1:49:14 PM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 1:49:14 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
24.10.2020 1:49:14 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
24.10.2020 1:49:14 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
24.10.2020 1:49:14 PM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
24.10.2020 1:49:14 PM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
24.10.2020 1:49:14 PM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
24.10.2020 1:49:14 PM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
24.10.2020 1:49:14 PM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
24.10.2020 1:49:14 PM Google Chrome Notifications
Probably Malicious: 4 = https://cryptotabbrowser.com:443,*
24.10.2020 1:49:14 PM Google Chrome Notifications
Probably Malicious: 7 = https://freebitco.in:443,*
24.10.2020 1:50:30 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
24.10.2020 1:50:30 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
24.10.2020 1:50:30 PM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 24.10.2020 1:50:49 PM
Anti-malware scan started at: 25.10.2020 11:30:59 AM
25.10.2020 11:31:14 AM Unwanted Software Files
Probably Malicious: REIMAGE.INI = C:\WINDOWS\REIMAGE.INI
25.10.2020 11:31:45 AM Internet Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start
Menu\Programs\8GadgetPack\Website.lnk = HTTPS://8GADGETPACK.NET/
25.10.2020 11:31:45 AM User Shortcuts
Probably Malicious: C:\Users\ali\Desktop\KMPlayer 64X.lnk = C:\PROGRAM
FILES\KMPLAYER 64X\KMPLAYER64.EXE
25.10.2020 11:31:45 AM User Shortcuts
Unknown: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software
Update.lnk = C:\Windows\Installer\{A3985C05-7386-411F-A4BF-
32A73F37EB44}\AppleSoftwareUpdateIco.exe
25.10.2020 11:31:45 AM Registry RunOnce
Probably Malicious: Application Restart #2 = C:\PROGRAM FILES
(X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
25.10.2020 11:31:47 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb
25.10.2020 11:31:47 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
25.10.2020 11:31:47 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.favicon_url =
https://search.cryptobrowser.site/favicon.ico
25.10.2020 11:31:47 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
25.10.2020 11:31:47 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?q={searchTerms}&f=cb
25.10.2020 11:31:47 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabsearch
25.10.2020 11:31:48 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
25.10.2020 11:31:48 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
25.10.2020 11:31:48 AM Google Chrome Notifications
Probably Malicious: 4 = https://cryptotabbrowser.com:443,*
25.10.2020 11:31:48 AM Google Chrome Notifications
Probably Malicious: 7 = https://freebitco.in:443,*
25.10.2020 11:31:48 AM Chrome Protected Settings
Probably Malicious: search_web_data.url = https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
25.10.2020 11:31:48 AM Chrome Protected Settings
Probably Malicious: search_web_data.suggest_url =
https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
25.10.2020 11:31:48 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.suggestions_url
= https://search.cryptobrowser.site/api/suggestions/?
{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:sugge
stRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}
{google:currentPageUrl}{google:pageClassification}{google:searchVersion}
{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
25.10.2020 11:31:48 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.url =
https://search.cryptobrowser.site/?
q={searchTerms}&f=cb&sid=g6F0zl9yYimjdWlkzgDNLu2jYmlkxBCQZ8qVDrRGSp_vrgO0f26v
25.10.2020 11:31:48 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.keyword =
cryptotabnewsearch
25.10.2020 11:31:48 AM Chrome Protected Settings
Probably Malicious: default_search_provider_data.template_url_data.short_name =
CryptoTab
25.10.2020 11:31:48 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
25.10.2020 11:31:48 AM Google Chrome Notifications
Probably Malicious: 0 = https://freebitco.in:443,*
25.10.2020 11:31:48 AM Google Chrome Notifications
Probably Malicious: 1 = https://freebitco.in:443,*
25.10.2020 11:31:49 AM Google Chrome Notifications
Probably Malicious: 2 = https://faucetville.io:443,*
25.10.2020 11:31:49 AM Google Chrome Notifications
Probably Malicious: 4 = https://cryptotabbrowser.com:443,*
25.10.2020 11:31:49 AM Google Chrome Notifications
Probably Malicious: 7 = https://freebitco.in:443,*
25.10.2020 11:32:12 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
25.10.2020 11:32:12 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User Data\Profile
3\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
25.10.2020 11:32:13 AM Google Chrome Addons
Probably Malicious: jlmilpphhoonfclkcaakafcmkgfalkhl =
C:\Users\ali\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlmilpphhoonfclkcaakafcmkgfalkhl
Anti-malware scan finished at: 25.10.2020 11:32:33 AM