Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

This happens when i open Google Chrome


  • Please log in to reply
4 replies to this topic

#1 Nitrux

Nitrux

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 20 April 2015 - 11:22 AM

Hello this happened just an hour ago. I downloaded a file and saw that it was detected by Nod 32 as a threat so i immediately deleted it and ran a scan for computer. I also used CCleaner just in case. And this happens when i open any browser. I'm just gonna use piclair for the picture since i don't really know any other program. http://piclair.com/wad0p . Sometimes the IP address changes so does the website link. I would like to know if it's a virus or something and how to fix it. Since i don't really want to log in into some important site when i have this threat coming up everytime. I'm using Windows 8.1


Edited by Nitrux, 20 April 2015 - 11:27 AM.


BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:29 PM

Posted 20 April 2015 - 02:34 PM

Hi Nitrux, Let's see if there are other items. What is your browser?

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Hold down Control and click on this link to open ESET Online Scanner in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE: Sometimes if ESET finds no infections it will not create a log.
>>>

51a46ae42d560-malwarebytes_anti_malware.Malwarebytes Anti-Malware
  • Download MalwareBytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.exe to start the installation of Malwarebytes Anti-Malware.
  • Follow the instructions on your screen to complete the installation. You can find the complete installation procedure here.
  • Click the Scan Now button, a threat scan will start automatically.
  • MalwareBytes Anti-Malware will now check for the latest updates. Click Update Now if new updates are available.
  • Your computer is now being scanned, please do not use your computer during the scan.
    • If no threats were found, click View detailed log.
      • Click Export and save the log as a .txt file on your Desktop or another location.
    • If the scan detected any threats, click Apply Actions.
      • To complete any actions taken you will be prompted to restart your computer...click on Yes.
      • After reboot, start Malwarebytes Anti-Malware again and click the History Tab at the top and select Application Logs.
      • Check the box next to Scan Log. Choose the most current scan and click View.
      • Click Export and save the log as a .txt file on your Desktop or another location.
  • Providing the MalwareBytes' Anti-Malware log file
    • Attach the log file you just saved to your next reply for further review.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Nitrux

Nitrux
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 21 April 2015 - 06:53 AM

Hello, sorry for late reply i didn't have enough time to do all the things you posted, I'm using Google Chrome. So here's the results:
MiniTool Box:

MiniToolBox by Farbar  Version: 14-04-2015
Ran by Marius (administrator) on 21-04-2015 at 14:18:58
Running from "C:\Users\Marius\Desktop"
Microsoft Windows 8.1 Pro  (X64)
Model: All Series Manufacturer: ASUS
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
VPN Client Adapter - VPN = VPN - VPN Client (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.5 metric=1 publish=Yes
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="VPN - VPN Client" forwarding=enabled advertise=enabled metric=1 nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Mariaus-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : asusAud22
 
Ethernet adapter VPN - VPN Client:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : VPN Client Adapter - VPN
   Physical Address. . . . . . . . . : 00-AC-AD-E1-9F-A5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : asusAud22
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 78-24-AF-41-B5-07
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::98a1:44ae:599d:4e82%3(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 2015 m. baland�io 21 d. 14:05:43
   Lease Expires . . . . . . . . . . : 2015 m. baland�io 21 d. 14:43:13
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 58205359
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-E9-91-69-78-24-AF-41-B5-07
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.asusAud22:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : asusAud22
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:38aa:1892:3f57:fefc(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::38aa:1892:3f57:fefc%5(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 134217728
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-E9-91-69-78-24-AF-41-B5-07
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  my.router
Address:  192.168.1.1
 
Name:    google.com
Addresses:  195.12.177.54
 195.12.177.55
 195.12.177.59
 195.12.177.20
 195.12.177.24
 195.12.177.25
 195.12.177.29
 195.12.177.30
 195.12.177.34
 195.12.177.35
 195.12.177.39
 195.12.177.40
 195.12.177.44
 195.12.177.45
 195.12.177.49
 195.12.177.50
 
 
Pinging google.com [195.12.177.54] with 32 bytes of data:
Reply from 195.12.177.54: bytes=32 time=14ms TTL=60
Reply from 195.12.177.54: bytes=32 time=14ms TTL=60
 
Ping statistics for 195.12.177.54:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 14ms, Maximum = 14ms, Average = 14ms
Server:  my.router
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=180ms TTL=49
Reply from 98.138.253.109: bytes=32 time=178ms TTL=49
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 178ms, Maximum = 180ms, Average = 179ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  7...00 ac ad e1 9f a5 ......VPN Client Adapter - VPN
  3...78 24 af 41 b5 07 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
  4...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.3     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      169.254.0.0      255.255.0.0      192.168.1.5      192.168.1.3     21
      192.168.1.0    255.255.255.0         On-link       192.168.1.3    276
      192.168.1.3  255.255.255.255         On-link       192.168.1.3    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.3    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.3    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.3    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
      169.254.0.0      255.255.0.0      192.168.1.5       1
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  5    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  5    306 2001::/32                On-link
  5    306 2001:0:9d38:6abd:38aa:1892:3f57:fefc/128
                                    On-link
  3    276 fe80::/64                On-link
  5    306 fe80::/64                On-link
  5    306 fe80::38aa:1892:3f57:fefc/128
                                    On-link
  3    276 fe80::98a1:44ae:599d:4e82/128
                                    On-link
  1    306 ff00::/8                 On-link
  3    276 ff00::/8                 On-link
  5    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/18/2015 10:34:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: GTA5.exe, version: 1.0.323.1, time stamp: 0x5527f187
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff8c77a272e
Faulting process id: 0xd10
Faulting application start time: 0xGTA5.exe0
Faulting application path: GTA5.exe1
Faulting module path: GTA5.exe2
Report Id: GTA5.exe3
Faulting package full name: GTA5.exe4
Faulting package-relative application ID: GTA5.exe5
 
Error: (04/18/2015 11:56:01 AM) (Source: Application Error) (User: )
Description: Faulting application name: GTA5.exe, version: 1.0.323.1, time stamp: 0x5527f187
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff8b08e272e
Faulting process id: 0x2a4
Faulting application start time: 0xGTA5.exe0
Faulting application path: GTA5.exe1
Faulting module path: GTA5.exe2
Report Id: GTA5.exe3
Faulting package full name: GTA5.exe4
Faulting package-relative application ID: GTA5.exe5
 
Error: (04/17/2015 02:50:48 PM) (Source: Application Hang) (User: )
Description: The program GTA5.exe version 1.0.323.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1aa0
 
Start Time: 01d07902a9c4b484
 
Termination Time: 4294967295
 
Application Path: E:\Atsiuntimai\Zaidimai\GTA V\Grand Theft Auto V-FULL UNLOCKED-SG\Grand Theft Auto V\GTA5.exe
 
Report Id: fc2c25a4-e4f7-11e4-829f-7824af41b507
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (04/17/2015 02:07:11 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (04/17/2015 02:02:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: igfxCUIService.exe, version: 6.15.10.3960, time stamp: 0x54299ab0
Faulting module name: igfxCUIService.exe, version: 6.15.10.3960, time stamp: 0x54299ab0
Exception code: 0xc0000005
Fault offset: 0x0000000000017719
Faulting process id: 0x41c
Faulting application start time: 0xigfxCUIService.exe0
Faulting application path: igfxCUIService.exe1
Faulting module path: igfxCUIService.exe2
Report Id: igfxCUIService.exe3
Faulting package full name: igfxCUIService.exe4
Faulting package-relative application ID: igfxCUIService.exe5
 
Error: (04/16/2015 03:26:31 PM) (Source: Application Error) (User: )
Description: Faulting application name: igfxCUIService.exe, version: 6.15.10.3960, time stamp: 0x54299ab0
Faulting module name: igfxCUIService.exe, version: 6.15.10.3960, time stamp: 0x54299ab0
Exception code: 0xc0000005
Fault offset: 0x0000000000012bb8
Faulting process id: 0x440
Faulting application start time: 0xigfxCUIService.exe0
Faulting application path: igfxCUIService.exe1
Faulting module path: igfxCUIService.exe2
Report Id: igfxCUIService.exe3
Faulting package full name: igfxCUIService.exe4
Faulting package-relative application ID: igfxCUIService.exe5
 
Error: (04/16/2015 09:21:59 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcCan continue stopping. [18]
 
Error: (04/16/2015 09:06:48 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (04/14/2015 05:56:55 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume Recovery was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (04/12/2015 03:32:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: L2.exe, version: 0.0.0.0, time stamp: 0x542109bc
Faulting module name: NWindow.DLL, version: 0.0.0.0, time stamp: 0x5449e10b
Exception code: 0xc0000005
Fault offset: 0x007538a2
Faulting process id: 0x1350
Faulting application start time: 0xL2.exe0
Faulting application path: L2.exe1
Faulting module path: L2.exe2
Report Id: L2.exe3
Faulting package full name: L2.exe4
Faulting package-relative application ID: L2.exe5
 
 
System errors:
=============
Error: (04/20/2015 07:41:26 PM) (Source: DCOM) (User: Mariaus-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (04/20/2015 07:40:56 PM) (Source: DCOM) (User: Mariaus-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (04/20/2015 06:35:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (04/20/2015 05:43:33 PM) (Source: DCOM) (User: Mariaus-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (04/20/2015 05:43:03 PM) (Source: DCOM) (User: Mariaus-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (04/19/2015 01:58:54 PM) (Source: DCOM) (User: Mariaus-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (04/19/2015 01:58:24 PM) (Source: DCOM) (User: Mariaus-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (04/19/2015 11:59:17 AM) (Source: DCOM) (User: Mariaus-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (04/19/2015 11:58:47 AM) (Source: DCOM) (User: Mariaus-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (04/18/2015 03:03:32 PM) (Source: DCOM) (User: Mariaus-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
 
Microsoft Office Sessions:
=========================
Error: (04/18/2015 10:34:55 PM) (Source: Application Error)(User: )
Description: GTA5.exe1.0.323.15527f187unknown0.0.0.000000000c000000500007ff8c77a272ed1001d07a0c2989b010E:\Atsiuntimai\Zaidimai\GTA V\Grand Theft Auto V-FULL UNLOCKED-SG\Grand Theft Auto V\GTA5.exeunknownfcf9f991-e601-11e4-829f-7824af41b507
 
Error: (04/18/2015 11:56:01 AM) (Source: Application Error)(User: )
Description: GTA5.exe1.0.323.15527f187unknown0.0.0.000000000c000000500007ff8b08e272e2a401d079ac18176aacE:\Atsiuntimai\Zaidimai\GTA V\Grand Theft Auto V-FULL UNLOCKED-SG\Grand Theft Auto V\GTA5.exeunknownbc0bf1df-e5a8-11e4-829f-7824af41b507
 
Error: (04/17/2015 02:50:48 PM) (Source: Application Hang)(User: )
Description: GTA5.exe1.0.323.11aa001d07902a9c4b4844294967295E:\Atsiuntimai\Zaidimai\GTA V\Grand Theft Auto V-FULL UNLOCKED-SG\Grand Theft Auto V\GTA5.exefc2c25a4-e4f7-11e4-829f-7824af41b507
 
Error: (04/17/2015 02:07:11 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147024883
 
Error: (04/17/2015 02:02:41 PM) (Source: Application Error)(User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c0000005000000000001771941c01d078fe03eb72feC:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe43ae4a4f-e4f1-11e4-829f-7824af41b507
 
Error: (04/16/2015 03:26:31 PM) (Source: Application Error)(User: )
Description: igfxCUIService.exe6.15.10.396054299ab0igfxCUIService.exe6.15.10.396054299ab0c00000050000000000012bb844001d078408fd6aa86C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.execf922ecb-e433-11e4-829e-7824af41b507
 
Error: (04/16/2015 09:21:59 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcCan continue stopping. [18]
 
Error: (04/16/2015 09:06:48 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (04/14/2015 05:56:55 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: RecoveryThe parameter is incorrect. (0x80070057)
 
Error: (04/12/2015 03:32:45 PM) (Source: Application Error)(User: )
Description: L2.exe0.0.0.0542109bcNWindow.DLL0.0.0.05449e10bc0000005007538a2135001d0751a611cb058E:\Games\l2god\Lineage 2 Ertheia\system-en\L2.exeE:\Games\l2god\Lineage 2 Ertheia\system-en\NWindow.DLL05069919-e110-11e4-829d-7824af41b507
 
 
 
„Microsoft Office 2013“ tikrinimo įrankiai – lietuvių k. (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1355, 14.07.2014 - AIMP DevTeam)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ?Canon Inc.?)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ?Canon Inc.?)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CodeBlocks (HKCU\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - )
DLC Quest (HKLM-x32\...\DLC Quest_is1) (Version: 1.2.4806.1711 - Going Loud Studios)
Dragonball Xenoverse (HKLM-x32\...\Dragonball Xenoverse_is1) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
ESET NOD32 Antivirus (HKLM\...\{7F39EB28-B9B7-41B8-8564-DB33284A010D}) (Version: 8.0.304.0 - ESET, spol s r. o.)
Final Fantasy XIII (HKLM-x32\...\RmluYWxGYW50YXN5WElJSQ==_is1) (Version: 1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - „Google Inc.“)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel® Chipset Device Software (Version: 10.0.17 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.28 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Management Engine Components (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (Version: 10.0.0.1204 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{b7a9966b-b4d6-468e-9f50-ecf4ac2c6ce4}) (Version: 2.0.0.28 - Intel)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.2.3.400 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.35.127.1 - Intel Corporation) Hidden
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
K-Lite Mega Codec Pack 10.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.8.0 - )
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lineage 2 Ertheia High Rate PVP Server (HKLM-x32\...\Lineage 2 Ertheia High Rate PVP Server 1.0.0) (Version: 1.0.0 - Lineage 2 Ertheia)
Lineage 2 Ertheia High Rate PVP Server (x32 Version: 1.0.0 - Lineage 2 Ertheia) Hidden
Lineage II (HKLM-x32\...\{076A6FD8-EE45-4A83-B3C9-C7C34E7CAFDD}) (Version: 90.7.2281 - NCSoft)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Microsoft Access MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Lithuanian) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Lithuanian) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.1599 - Electronic Arts)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 150120.100528 - Square Enix Ltd)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Control Panel 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.69 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1284 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Miracast Virtual Audio 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.69 (Version: 16.13.69 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.69 (Version: 16.13.69 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.69 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.26 (Version: 1.2.26 - NVIDIA Corporation) Hidden
One Way Heroics (HKLM-x32\...\Steam App 266210) (Version:  - Smoking WOLF)
osu! (HKLM-x32\...\{480650b9-16ce-40df-a3f3-b2cc68ac1aa3}) (Version: latest - ppy Pty Ltd)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Sleeping Dogs (HKLM-x32\...\Sleeping Dogs_is1) (Version:  - )
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.14.9530 - SoftEther VPN Project)
Spotify (HKCU\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TNod User & Password Finder (HKLM\...\TNod) (Version: 1.4.2.3 - Tukero[X]Team)
UmmyVideoDownloader 1.2.0.9 (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
USB2.0 PC CAMERA (HKLM-x32\...\{32677A60-A6F2-452C-86E0-9F9853C0CBAA}) (Version: 1.00.0000 - Acme CA04)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
???????? ???????? ???????????? Microsoft Office 2013 — ??????? (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
 
========================= Memory info: ===================================
 
Percentage of memory in use: 24%
Total physical RAM: 8133.88 MB
Available physical RAM: 6156.22 MB
Total Pagefile: 9413.88 MB
Available Pagefile: 6962.49 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.97 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:167.17 GB) (Free:108.8 GB) NTFS
3 Drive e: (Local Disk) (Fixed) (Total:931.39 GB) (Free:500.21 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MARIAUS-PC
 
Administrator            Guest                    Marius                   
 
 
**** End of log ****


Adw Cleaner (i just pressed Clean button since i saw that i wasn't going to delete anything important to me) :
# AdwCleaner v4.201 - Logfile created 21/04/2015 at 14:23:46
# Updated 08/04/2015 by Xplode
# Database : 2015-04-20.1 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Marius - MARIAUS-PC
# Running from : C:\Users\Marius\Desktop\adwcleaner_4.201.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\ac2f58f800001ecb
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\App Lid
Folder Deleted : C:\Program Files (x86)\shopping blast
Folder Deleted : C:\Program Files (x86)\SAAlePlus
Folder Deleted : C:\Users\Marius\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Marius\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\Extensions\2uINLb@4ikBW.com
Folder Deleted : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\Extensions\cGrv9@gmail.com
Folder Deleted : C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\Extensions\l2kXFC51@DlR.org
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
File Deleted : C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
Task Deleted : shopping_blast_updating_service
Task Deleted : shopping_blast_notification_service
Task Deleted : c02fc1aa-4336-4248-8e8e-24b59cb66cc0
Task Deleted : c48fe4d2-e847-4f6c-a6df-af50db53d192-1
Task Deleted : c48fe4d2-e847-4f6c-a6df-af50db53d192-11
Task Deleted : c48fe4d2-e847-4f6c-a6df-af50db53d192-2
Task Deleted : c48fe4d2-e847-4f6c-a6df-af50db53d192-4
Task Deleted : c48fe4d2-e847-4f6c-a6df-af50db53d192-5
Task Deleted : c48fe4d2-e847-4f6c-a6df-af50db53d192-5_user
Task Deleted : c48fe4d2-e847-4f6c-a6df-af50db53d192-6
Task Deleted : c48fe4d2-e847-4f6c-a6df-af50db53d192-7
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\0621304d-f435-47e1-bab1-333a897507bf
Key Deleted : HKLM\SOFTWARE\147244d1-f0bd-4297-bc09-2d3df41b6f6c
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611571143}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575543}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576643}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E52324B-66BF-44AE-A8C5-2DB48E90E729}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644574443}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611571143}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655575543}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666576643}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\TNT2
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\App Lid
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\App Lid
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
 
-\\ Mozilla Firefox v
 
[u1omg1g0.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "mystartsearch");
[u1omg1g0.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
[u1omg1g0.default\prefs.js] - Line Deleted : user_pref("extensions.ad9676068985d4d81bb390a7be93ab3c8e144f694a0509d5com65743.65743.internaldb.Resources_meta.value", "%7B%2219x19.png%22%3A%7B%22id%22%3A853130%2C%22ver%22%3A1%2C%22status%22%3A1%2C%[...]
[u1omg1g0.default\prefs.js] - Line Deleted : user_pref("extensions.ad9676068985d4d81bb390a7be93ab3c8e144f694a0509d5com65743.65743.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D[...]
[u1omg1g0.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "149d8bd548a65347cbded9e5b2976fd8");
 
-\\ Google Chrome v42.0.2311.90
 
[C:\Users\Marius\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Default_Search_Provider_Data] : 
 
*************************
 
AdwCleaner[R0].txt - [25230 bytes] - [21/04/2015 14:21:50]
AdwCleaner[R1].txt - [25290 bytes] - [21/04/2015 14:22:14]
AdwCleaner[S0].txt - [9262 bytes] - [21/04/2015 14:23:46]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9321  bytes] ##########
 


JRT :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.0 (04.20.2015:1)
OS: Windows 8.1 Pro x64
Ran by Marius on 2015-04-21 at 14:32:15,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1264091138-4114139984-12405801-1001
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\NVIDIA Update Core Service
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-04-21 at 14:33:13,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


I'm still running the ESET Online scanner so i'll post it when i'm done. 
By the way.. is there any way to make the test results as a spoiler or something? Since it takes a lot of space in the forum.

Edited by Nitrux, 21 April 2015 - 10:56 AM.


#4 Nitrux

Nitrux
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 21 April 2015 - 07:46 AM

I just finished ESET search and Malware here's the results :

C:\AdwCleaner\Quarantine\C\Program Files (x86)\App Lid\App Lid-bg.exe.vir a variant of Win32/Toolbar.CrossRider.BA potentially unwanted application deleted - quarantined
C:\Games\AuraKingdom\game.bin a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined
C:\Installs\Soft\KMSpico\KMSpico v10.0.1 Stable.rar a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted - quarantined
C:\Installs\Soft\KMSpico\v9.3.3_Install.7z a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted - quarantined
C:\Installs\Soft\KMSpico\KMSpico v10.0.1 Stable\KMSpico v10.0.1 Stable\KMSpico v10.0.1 Stable\KMSpico Install\KMSpico_setup.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted - quarantined
C:\Installs\Soft\KMSpico\v9.3.3_Install\KMSpico Install\KMSpico_setup.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted - quarantined
C:\Installs\Soft\Win8.1\Activation\KMS Pico\KMSpico v9.2.3 Final\MandyInstallv9.2.3Final.7z a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted - quarantined
C:\Installs\Soft\Win8.1\Activation\KMS Pico\KMSpico v9.2.3 Final\MandyInstallv9.2.3Final\KMSpico Install\KMSpico_setup.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted - quarantined
C:\Program Files\KMSpico\AutoPico.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted - quarantined
C:\Program Files\KMSpico\KMSELDI.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted - quarantined
C:\Program Files\KMSpico\Service_KMS.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application deleted - quarantined
C:\Program Files\TNod User & Password Finder\TNODUP.exe Win32/RiskWare.HackAV.II application cleaned by deleting - quarantined
C:\Windows\SECOH-QAD.dll Win64/HackKMS.D potentially unsafe application deleted - quarantined
C:\Windows\SECOH-QAD.exe Win64/HackKMS.C potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\Dragon Age 3 Inquisition\Dragon Age Inquisition\3dmgame.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined
E:\Atsiuntimai\Zaidimai\Final Fantasy XIII\FFXIIIYT.rar MSIL/GameHack.DK potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\Final Fantasy XIII\Final Fantasy XIII - Yello Trainer.exe MSIL/GameHack.DK potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\GTA V\3DMGAME-Grand.Theft.Auto.V.Update.1.and.Crack.v2-3DM.7z a variant of Win64/HackTool.Crack.C potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\GTA V\crack + update\Crack\3dmgame.dll a variant of Win64/HackTool.Crack.C potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\GTA V\Grand Theft Auto V-FULL UNLOCKED-SG\Grand Theft Auto V\3dmgame.dll a variant of Win64/HackTool.Crack.C potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\GTA V\update 2\3DMGAME-Grand.Theft.Auto.V.Update.2.and.Crack-3DM\3DMGAME-Grand.Theft.Auto.V.Update.2.and.Crack-3DM.7z a variant of Win64/HackTool.Crack.C potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\GTA V\update 2\3DMGAME-Grand.Theft.Auto.V.Update.2.and.Crack-3DM\Crack\3dmgame.dll a variant of Win64/HackTool.Crack.C potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\Hyperdimension Neptunia ReBirth1\Hyperdimension.Neptunia.Re.Birth1-RELOADED_\rld-hyperd.iso a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\Hyperdimension Neptunia ReBirth1\Update\HNRBU19.iso a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
E:\Atsiuntimai\Zaidimai\Sleeping Dogs\Sleeping.Dogs-SKIDROW\DVD2\sr-sddvd2.iso a variant of Win32/Packed.VMProtect.AAA trojan deleted - quarantined
E:\Games\Final Fantasy XIII\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
E:\Games\Final Fantasy XIII\white_data\prog\win\bin\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
E:\Games\Hyperdimension Neptunia Re Birth1\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted - quarantined
E:\Games\Square Enix\Sleeping Dogs\buddha.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined



 
Malware:
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2015-04-21
Scan Time: 15:36:18
Logfile: Malware.txt
Administrator: Yes
 
Version: 2.01.4.1018
Malware Database: v2015.04.21.03
Rootkit Database: v2015.04.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Marius
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349943
Time Elapsed: 4 min, 1 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 4
Trojan.Agent.CK, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TNod, Quarantined, [2215452aff8b2313e18447ce8383fb05], 
PUP.Optional.AppLid.A, HKLM\SOFTWARE\WOW6432NODE\App Lid-nv, Quarantined, [f047a6c9f199a393dd4fd8015fa4e020], 
PUP.Optional.AppLid.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\App Lid, Quarantined, [c176452ab1d9999d09251fba49ba27d9], 
PUP.Optional.Linkey.A, HKU\S-1-5-21-1264091138-4114139984-12405801-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, Quarantined, [7cbb87e8335702343adb3c8b768dc63a], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 14
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\defaults, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\defaults\preferences, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\userCode, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\locale, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\locale\en-US, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.MultiPlug, C:\ProgramData\ckbbdjlaaibfflmpmbhnlfkkblldokih, Quarantined, [9d9a48272d5d88ae647942137d8845bb], 
 
Files: 121
Trojan.Agent.CK, C:\Program Files\TNod User & Password Finder\uninst-tnod.exe, Quarantined, [2215452aff8b2313e18447ce8383fb05], 
PUP.Optional.Multiplug.A, C:\Program Files (x86)\SEO Global For Google Search\SEO Global For Google Search.exe, Quarantined, [45f286e9e3a7f83e39e36e896d98fb05], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\crossrider_statusbar.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button1.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button2.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button3.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button4.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\button5.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon128.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon16.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon24.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\icon48.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\panelarrow-up.png, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\popup.html, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\skin.css, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\skin\update.css, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome.manifest, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\install.rdf, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\18e050ca59c9335a369c5aeedbf4f1c2.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\30da81b8cd9a6e2b300f1232faf8e8c4.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\3c67e847727bce12df8f7eabc5e259c5.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\4726993810c96257b50c123dc6c7f6e4.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\59c1a7ce4ce9ad4c177456e9b56a8372.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\adcea440308f674ef206ee0d707196e0.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\background.html, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\browser.xul, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\dialog.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\ffCoreFilesIndex.txt, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\options.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\options.xul, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\search_dialog.xul, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\0b0586cee24313ee092a6e56af965d69.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\0c6f99fa15ca54e5b3070b3725b5f4c2.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\15b84e07f22375e79b8298a164850048.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\18c3319b52f7f031ddeb0a514969142c.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\1eb24b73bcf8a0f17f7c060d198dcd9d.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\42ec504cb76580fd176a9616b2269c98.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\585e864dd3ce5d36111e82233eb662e9.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\697e9c03469c661b3294ea13b25f9e54.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\8bcf7ebe79f0ec0f3db89adb1f9e673c.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\8f34caa7ec145a3e294f838595e54f2a.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\9a75db61a614b90ea4b11433befbd51f.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\ab5afce6d099aefb2d197927acafc7aa.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\b25c92abbeab7221cbc15a33ec697273.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\c8366ff8c983cfae0f5e7f09919be2d8.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\ebd54e3134d14ee437ea15fe10477184.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\api\f17ef0af4960982f804db67bd07db49c.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\07e9ce2819323dba71145dc52f722ccb.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\13ae00dca4cdf49b88adadd1b35718b5.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\13bf8e6675ff4e60c2ead3725eafe90d.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\16c28ca47712b26e69230a4ca405bfc1.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\1af1384a4e428ef2884025f5bebb4fdd.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\1d1f88ba2b8bfc3bcaa297279d0f5085.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\63af25ad53ce2fc9152e8a9b69086a09.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\6cdd582d9e1ea9c3b66273373162ae33.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\6f11e70763e01001e288fe55fc02c383.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\8c7d499df2dd6c9fc5a026c5ce0b98f0.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\9ab14c2883c0bca1d2eaa94e9eca51e5.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\a3c8603b7b51506acdc777f074d1ecd0.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\b7609df4e07bca828433282b3febb549.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\b9b0dcd3044f33c12a11a9b1e512c797.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\cac256dbdacd02e25b590c0c8d7659c2.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\d1630b34e671c202b5f36338d5fe2a57.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\d266549b9652f121e2532cd369757d3a.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\da5188e539cffcf0a47da8522cc023bc.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\e0c7e1ec78580655bef7924acfb1a3d0.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\e63c33d16ba817abcd59b4bb26f7c9ea.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\chrome\content\core\installer.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\defaults\preferences\prefs.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\manifest.xml, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins.json, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\234.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\1.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\102.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\104.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\13.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\14.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\16.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\17.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\177.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\180.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\182.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\183.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\184.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\195.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\200.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\207.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\22.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\220.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\221.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\223.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\242.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\244.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\246.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\253.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\255.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\262.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\263.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\268.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\281.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\301.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\345.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\354.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\4.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\47.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\64.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\7.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\72.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\78.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\9.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\93.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\plugins\98.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\userCode\background.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\extensionData\userCode\extension.js, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.CrossRider.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\extensions\d9676068985d4d81bb390a@7be93ab3c8e144f694a0509d5.com\locale\en-US\translations.dtd, Quarantined, [72c5d09ff199d75f900962f2966f857b], 
PUP.Optional.MultiPlug, C:\ProgramData\ckbbdjlaaibfflmpmbhnlfkkblldokih\lsdb.js, Quarantined, [9d9a48272d5d88ae647942137d8845bb], 
PUP.Optional.MultiPlug, C:\ProgramData\ckbbdjlaaibfflmpmbhnlfkkblldokih\background.html, Quarantined, [9d9a48272d5d88ae647942137d8845bb], 
PUP.Optional.MultiPlug, C:\ProgramData\ckbbdjlaaibfflmpmbhnlfkkblldokih\content.js, Quarantined, [9d9a48272d5d88ae647942137d8845bb], 
PUP.Optional.MultiPlug, C:\ProgramData\ckbbdjlaaibfflmpmbhnlfkkblldokih\ka.js, Quarantined, [9d9a48272d5d88ae647942137d8845bb], 
PUP.Optional.MultiPlug, C:\ProgramData\ckbbdjlaaibfflmpmbhnlfkkblldokih\manifest.json, Quarantined, [9d9a48272d5d88ae647942137d8845bb], 
PUP.Optional.MyStartSearch.A, C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\u1omg1g0.default\search.json, Good: (), Bad: (mystartsearch), Replaced,[3601f97612781125258cfa451ee86898]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
P.S Is there any way to get some files back from quarantine from ESET search online? Because i know for sure that those files aren't harmful... i had some of those files for atleast few months and nothing happened.

Edited by Nitrux, 21 April 2015 - 07:58 AM.


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:29 PM

Posted 22 April 2015 - 11:53 AM

How do I restore files quarantined by the ESET Online Scanner
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users