Jump to content

Welcome to Geeks to Go
Geeks to Go Welcome
Create Account Login to Account
Photo

Removal instructions for zoolo

- - - - -
Started by Metallica , Jul 12 2014 02:41 AM

  • Please log in to reply
No replies to this topic

#1
Metallica
Posted 12 July 2014 - 02:41 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Content is republished with permission from Malwarebytes.

What is zoolo?

The Malwarebytes research team has determined that zoolo is a browser hijacker. These so-called "hijackers" alter your startpage or searchscopes so that the affected browser visits their site or one of their choice. This one also displays advertisements.

How do I know if my computer is affected by zoolo?

You may see these browser extensions/add-ons:

warning1.png

warning2.png

and this entry in your list of installed programs:

warning4.png


How did zoolo get on my computer?

Browser hijackers use different methods for distributing themselves. This particular one was offered as a video enhancing browser extension.

How do I remove zoolo?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted application.
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Is there anything else I need to do to get rid of zoolo?
  • No, Malwarebytes' Anti-Malware removes zoolo completely.
How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the zoolo hijacker. It would have warned you before the rogue could install itself, giving you a chance to stop it before it became too late.


protection1.png

Technical details for experts

Signs in a HijackThis log:
O2 - BHO: CrossriderApp0059570 - {11111111-1111-1111-1111-110511951170} - C:\Program Files\zoolo\zoolo-bho.dll
Alterations made by the installer:
File system details  
---------------------------------------------
    Adds the folder C:\Program Files\zoolo
       Adds the file 1293297481.mxaddon"="5/22/2014 2:40 PM, 38693 bytes, A
       Adds the file 360-59570.crx"="7/12/2014 9:51 AM, 268065 bytes, A
       Adds the file 59570.xpi"="7/12/2014 9:51 AM, 455746 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058.crx"="7/12/2014 9:51 AM, 266870 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-11.exe"="7/12/2014 9:51 AM, 1927736 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-2.exe"="7/12/2014 9:51 AM, 381496 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-4.exe"="7/12/2014 9:51 AM, 860728 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-5.exe"="7/12/2014 9:52 AM, 473656 bytes, A
       Adds the file background.html"="7/7/2014 2:47 PM, 729 bytes, A
       Adds the file Uninstall.exe"="7/12/2014 9:51 AM, 101944 bytes, A
       Adds the file utils.exe"="7/12/2014 9:51 AM, 2220209 bytes, A
       Adds the file zoolo.ico"="7/7/2014 2:48 PM, 9662 bytes, A
       Adds the file zoolo-bg.exe"="7/12/2014 9:51 AM, 591416 bytes, A
       Adds the file zoolo-bho.dll"="7/12/2014 9:51 AM, 569400 bytes, A
       Adds the file zoolo-codedownloader.exe"="7/12/2014 9:51 AM, 532024 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\defaults\preferences
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\userCode
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\locale\en-US
    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin
    In the existing folder C:\Windows\System32\Tasks
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-1"="7/12/2014 9:51 AM, 4540 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-11"="7/12/2014 9:51 AM, 6468 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-2"="7/12/2014 9:51 AM, 4340 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-4"="7/12/2014 9:51 AM, 5200 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-5"="7/12/2014 9:52 AM, 4432 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-5_user"="7/12/2014 9:52 AM, 4456 bytes, A
    In the existing folder C:\Windows\Tasks
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-1.job"="7/12/2014 9:51 AM, 1510 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-11.job"="7/12/2014 9:51 AM, 3438 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-2.job"="7/12/2014 9:51 AM, 1310 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-4.job"="7/12/2014 9:51 AM, 2170 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-5.job"="7/12/2014 9:52 AM, 1402 bytes, A
       Adds the file b59b3e7b-3243-4031-a926-8cc1ab9a2058-5_user.job"="7/12/2014 9:52 AM, 1420 bytes, A

Registry details  
------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951170}]
       "(Default)"="REG_SZ"", "zoolo"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951170}\Implemented Categories]
       "(Default)"="REG_SZ"", ""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951170}\Implemented Categories\{59fb2056-d625-48d0-a944-1a85b5ab2640}]
       "(Default)"="REG_SZ"", ""
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951170}\InprocServer32]
       "(Default)"="REG_SZ"", "C:\Program Files\zoolo\zoolo-bho.dll"
       "ThreadingModel"="REG_SZ"", "Apartment"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951170}\ProgID]
       "(Default)"="REG_SZ"", "CrossriderApp0059570.BHO.1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951170}\Programmable]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951170}\TypeLib]
       "(Default)"="REG_SZ"", "{44444444-4444-4444-4444-440544954470}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951170}\VersionIndependentProgID]
       "(Default)"="REG_SZ"", "CrossriderApp0059570"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952270}]
       "(Default)"="REG_SZ"", "CrossriderApp0059570.Sandbox"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952270}\InprocServer32]
       "(Default)"="REG_SZ"", "C:\Program Files\zoolo\zoolo-bho.dll"
       "ThreadingModel"="REG_SZ"", "Apartment"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952270}\ProgID]
       "(Default)"="REG_SZ"", "CrossriderApp0059570.Sandbox.1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952270}\Programmable]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952270}\TypeLib]
       "(Default)"="REG_SZ"", "{44444444-4444-4444-4444-440544954470}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952270}\VersionIndependentProgID]
       "(Default)"="REG_SZ"", "CrossriderApp0059570.Sandbox"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.BHO]
       "(Default)"="REG_SZ"", "CrossriderApp0059570"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.BHO\CLSID]
       "(Default)"="REG_SZ"", "{11111111-1111-1111-1111-110511951170}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.BHO\CurVer]
       "(Default)"="REG_SZ"", "CrossriderApp0059570"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.BHO.1]
       "(Default)"="REG_SZ"", "CrossriderApp0059570"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.BHO.1\CLSID]
       "(Default)"="REG_SZ"", "{11111111-1111-1111-1111-110511951170}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.Sandbox]
       "(Default)"="REG_SZ"", "CrossriderApp0059570.Sandbox"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.Sandbox\CLSID]
       "(Default)"="REG_SZ"", "{22222222-2222-2222-2222-220522952270}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.Sandbox\CurVer]
       "(Default)"="REG_SZ"", "CrossriderApp0059570.Sandbox"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.Sandbox.1]
       "(Default)"="REG_SZ"", "CrossriderApp0059570.Sandbox"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CrossriderApp0059570.Sandbox.1\CLSID]
       "(Default)"="REG_SZ"", "{22222222-2222-2222-2222-220522952270}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955570}]
       "(Default)"="REG_SZ"", "ICrossriderBHO"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955570}\ProxyStubClsid]
       "(Default)"="REG_SZ"", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955570}\ProxyStubClsid32]
       "(Default)"="REG_SZ"", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955570}\TypeLib]
       "(Default)"="REG_SZ"", "{44444444-4444-4444-4444-440544954470}"
       "Version"="REG_SZ"", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956670}]
       "(Default)"="REG_SZ"", "ISandBox"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956670}\ProxyStubClsid]
       "(Default)"="REG_SZ"", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956670}\ProxyStubClsid32]
       "(Default)"="REG_SZ"", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956670}\TypeLib]
       "(Default)"="REG_SZ"", "{44444444-4444-4444-4444-440544954470}"
       "Version"="REG_SZ"", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954470}\1.0]
       "(Default)"="REG_SZ"", "CrossriderApp0059570 Type Library"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954470}\1.0\0\win32]
       "(Default)"="REG_SZ"", "C:\Program Files\zoolo\zoolo-bho.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954470}\1.0\FLAGS]
       "(Default)"="REG_SZ"", "0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544954470}\1.0\HELPDIR]
       "(Default)"="REG_SZ"", "C:\Program Files\zoolo"
    [HKEY_LOCAL_MACHINE\SOFTWARE\InstalledBrowserExtensions\19979]
       "59570"="REG_SZ"", "zoolo"
    [HKEY_LOCAL_MACHINE\SOFTWARE\InstalledBrowserExtensions\19979\Status]
       "Installed"="REG_DWORD"", 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951170}
       "(Default)"="REG_SZ"", "CrossriderApp0059570"
       "NoExplorer"="REG_DWORD"", 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID]
       "{11111111-1111-1111-1111-110511951170}"="REG_SZ"", "1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zoolo]
       "CrAppId"="REG_SZ"", "59570"
       "CrPublisherId"="REG_SZ"", "19979"
       "DisplayIcon"="REG_SZ"", "C:\Program Files\zoolo\utils.exe"
       "DisplayName"="REG_SZ"", "zoolo"
       "DisplayVersion"="REG_SZ"", "1.34.7.1"
       "Publisher"="REG_SZ"", "boolo"
       "UninstallString"="REG_SZ"", "C:\Program Files\zoolo\Uninstall.exe /fcp=1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-1.job"="REG_BINARY, ................................
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-1.job.fp"="REG_DWORD"", 706027731
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-11.job"="REG_BINARY, ................................
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-11.job.fp"="REG_DWORD"", -2022884649
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-2.job"="REG_BINARY, ................................
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-2.job.fp"="REG_DWORD"", 1106674170
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-4.job"="REG_BINARY, ................................
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-4.job.fp"="REG_DWORD"", 1829102638
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-5.job"="REG_BINARY, ................................
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-5.job.fp"="REG_DWORD"", 1506670390
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-5_user.job"="REG_BINARY, ................................
       "b59b3e7b-3243-4031-a926-8cc1ab9a2058-5_user.job.fp"="REG_DWORD"", 872172753
    [HKEY_LOCAL_MACHINE\SOFTWARE\zoolo\Firefox]
       "TotalProfiles"="REG_DWORD"", 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\zoolo\Firefox\Profiles]
       "C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835"="REG_DWORD"", 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\zoolo\IE]
       "TotalProfiles"="REG_DWORD"", 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\zoolo\IE\Profiles]
       "S-1-5-21-4016700205-1717049133-1125222536-1001"="REG_DWORD"", 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\zoolo\Installer]
       "BundledAddCh"="REG_DWORD"", 1
       "BundledFirefox"="REG_DWORD"", 1
       "BundledIe"="REG_DWORD"", 1
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Crossrider]
       "Bic"="REG_SZ"", "A07CDE94305B4AEBA7BB34600588BB84IE"
       "Verifier"="REG_SZ"", "8f62b4df250e97a99bed967f2368658f"
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Crossrider\onBeforeNavigate]
       "59570"="REG_SZ"", ""
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Crossrider\onRequest]
       "59570"="REG_SZ"", ""
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\zoolo]
       "ActiveAppId"="REG_SZ"", "59570"
       "BhoRunningVersion"="REG_SZ"", "153"
       "IsBhoEnabled"="REG_DWORD"", 1
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\zoolo\Background]
       " { javascript removed, full log available on request } " 
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\zoolo\Debug]
       "DebuggedAppUrl"="REG_SZ"", "file://C:\Users\{username}\Documents\debug.js"
       "DebuggedBgUrl"="REG_SZ"", "file://C:\Users\{username}\Documents\bg_debug.js"
       "DebuggedNewTabUrl"="REG_SZ"", "file://C:\Users\{username}\Documents\new_debug.js"
       "IsDebuggingPlugins"="REG_DWORD"", 0
       "IsDebugMode"="REG_DWORD"", 0
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\zoolo\Installer]
       "AdditionalInfo"="REG_SZ"", "{"asw":[67108864, 1073750021, 0]}"
       "CodeDownloadDomain"="REG_SZ"", "http://js.geninfocloud.com"
       "CodeDownloadFbDomain"="REG_SZ"", "http://js.clientdemocloud.com"
       "DefaultBrowser"="REG_SZ"", "ie"
       "ErrorsDomain"="REG_SZ"", "http://errors.geninfocloud.com"
       "FullVersion"="REG_SZ"", "1.34.7.1"
       "FullVersionForUrl"="REG_SZ"", "1_34_07_01"
       "OsName"="REG_SZ"", "7"
       "Params"="REG_SZ"", "{   "source_id" : "001690",   "sub_id" : "0",   "uzid" : "0/"}"
       "SrcId"="REG_SZ"", "001690"
       "StatsDomain"="REG_SZ"", "http://stats.geninfocloud.com"
       "SubId"="REG_SZ"", "0"
       "Time"="REG_SZ"", "1405151495"
       "ZData"="REG_SZ"", "0/"
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\zoolo\Manifest]
       "AddressbarURL"="REG_SZ"", "NA"
       "BgVersion"="REG_SZ"", "1"
       "ChangePrevious"="REG_SZ"", "false"
       "Description"="REG_SZ"", "Turn YouTube videos to High Definition by default"
       "DisableIe"="REG_SZ"", "true"
       "EnableSearchIE"="REG_SZ"", "false"
       "HomePageUrl"="REG_SZ"", "NA"
       "IsButtonEnabled"="REG_SZ"", "false"
       "Manifest"="REG_SZ"", "NA"
       "ModeType"="REG_SZ"", "production"
       "Name"="REG_SZ"", "Plus-HD-V1.9"
       "PluginsManifestVersion"="REG_SZ"", "29"
       "PublisherId"="REG_SZ"", "19979"
       "PublisherName"="REG_SZ"", "Plus HD"
       "RunInFrame"="REG_SZ"", "false"
       "SetNewTab"="REG_SZ"", "false"
       "ThanksUrl"="REG_SZ"", "NA"
       "UninstallerOfferAction"="REG_SZ"", "NA"
       "UninstallerOfferUrl"="REG_SZ"", "NA"
       "UpdateInterval"="REG_DWORD"", 360
       "Version"="REG_SZ"", "38"
    [HKEY_CURRENT_USER\Software\AppDataLow\Software\zoolo\Update]
       "LastCheck"="REG_DWORD"", 1405151518
    [HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\19979]
       "59570"="REG_SZ"", "zoolo"
    [HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\19979\Status]
       "Installed"="REG_DWORD"", 1
    [HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\boolo]
       "59570"="REG_SZ"", "zoolo"
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511951170}]
       "Flags"="REG_DWORD"", 1024
       "VerCache"="REG_BINARY, ......................
Malwarebytes Anti-Malware log:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/12/2014
Scan Time: 10:02:48 AM
Logfile: mbamZoolo.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.12.01
Rootkit Database: v2014.07.09.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Malwarebytes

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 239181
Time Elapsed: 2 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\GoogleUpdate.exe, 2560, Delete-on-Reboot, [5a47b2ec9cdfff3748707641f9097d83]

Modules: 1
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll, Delete-on-Reboot, [5a47b2ec9cdfff3748707641f9097d83], 

Registry Keys: 34
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511951170}, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544954470}, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555955570}, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566956670}, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0059570.BHO.1, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511951170}, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0059570.BHO, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110511951170}, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110511951170}, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220522952270}, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0059570.Sandbox.1, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0059570.Sandbox, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511951170}\INPROCSERVER32, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\zoolo, Quarantined, [f4add7c70e6d5cda4bd45960e41e7987], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE, Quarantined, [0d94e0be9ae155e183bffdbb936f59a7], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\19979, Quarantined, [742d613d6813270f4e5ee0f3fb07b44c], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [9f0217871d5e092dccb38d7d09fb34cc], 
PUP.Optional.Zoolo.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\zoolo, Quarantined, [ddc45b43e09bc27454cd2e8b3fc308f8], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\19979, Quarantined, [e7baf0ae473490a609a4c1129171738d], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\boolo, Quarantined, [f2afd6c8c3b8c86e0f13fdbc62a0936d], 
PUP.Optional.Zoolo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\zoolo, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 

Registry Values: 1
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE|path, C:\Program Files\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [0d94e0be9ae155e183bffdbb936f59a7]

Registry Data: 0
(No malicious items detected)

Folders: 22
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\defaults, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\defaults\preferences, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\userCode, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\locale, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\locale\en-US, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update, Delete-on-Reboot, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0, Delete-on-Reboot, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Download, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Install, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline\{5CC22D2A-33D7-4178-BE82-160C03D0BDB7}, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 

Files: 177
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\zoolo-bho.dll, Quarantined, [e9b8ecb2cab155e1b1d945533ec3b64a], 
PUP.Optional.CrossRider.A, C:\Users\{username}\Desktop\zoolo.exe, Quarantined, [247defaf017ad06612e80f300df3b54b], 
PUP.Optional.InstallCore, C:\Users\{username}\Downloads\googleupdatersetup.exe, Quarantined, [7e23108eadce191d8db799f68f7540c0], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-1, Quarantined, [0e93f9a5bdbe1f1789b48c2c25ddb848], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-11, Quarantined, [475a3a64d8a375c1142903b5dc268080], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-2, Quarantined, [3b66e9b5740756e0d766e0d8778ba15f], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-4, Quarantined, [5e43f3ab4833dd59c677dbdd15ed25db], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-5, Quarantined, [9e030b93b7c4a98d65d816a21fe33bc5], 
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-5_user, Quarantined, [6f32b4ea3e3dea4cb38ae8d018eabe42], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-1.job, Quarantined, [9a07c8d688f352e429d30313d43024dc], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-11.job, Quarantined, [c2df0e90c4b75bdbb448b75f719309f7], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-2.job, Quarantined, [c4dd0e906a114aeccd2f0214ad57817f], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-4.job, Quarantined, [277abfdfc7b4f73f619b898dbc485fa1], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-5.job, Quarantined, [e8b9841a54272412bc409680a95bdb25], 
PUP.Optional.CrossRider.T, C:\Windows\Tasks\b59b3e7b-3243-4031-a926-8cc1ab9a2058-5_user.job, Quarantined, [0e93f5a980fb00362dcf5cba768e15eb], 
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Quarantined, [564bf5a9f3885adc13ffe532ca3a817f], 
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Quarantined, [2b76dcc2dd9ee551e92a92853bc952ae], 
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Quarantined, [2e73f5a97b006bcb38dc5cbb867e36ca], 
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Quarantined, [adf4f9a5e695bc7abc59e631fe06956b], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome.manifest, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\install.rdf, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\12069ccb48474469dc06d18ba2a09db3.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\37d938c9b62f1133371e8782bb095151.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\6101bc624964b6e0d52b2c4b1c305e27.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\9af00353f9356fe8b400377f7d89bdd5.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\background.html, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\browser.xul, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\c3dd8270dbc63ccce58b9ab40db4bb50.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\dialog.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\ffCoreFilesIndex.txt, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\options.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\options.xul, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\search_dialog.xul, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\30998b509a7eeaf6c9ff77a30aafe9ee.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\77662311f5b3cc4f7be1e76e9a1309d0.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\8892852928312c2e327785be0ce5e8eb.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\8964d9f4bbe6f92a202db23d5c7c8b59.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\8dcc58c76b45856c6d24d421cab8ad1a.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\95aff9cdca4ff948dfa145f0d70b3aef.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\a5307572e52fce666adea8ca47f51694.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\b54e28d552db42100843755cc452d7b5.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\b5917a04cf811a1bd88d490d896bb3d1.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\c129aa81520bc3b13627b9c5c8734dd6.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\c6886a287cbec291a7e4db21058e819d.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\c6d7ca0065a044a522176022ae030d77.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\ccf522d3403abee6c11950c32bf5f0a7.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\da2b1136771812753d44acf8da6cb55b.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\e95442c67e5e4ffe3869d5e632814e7a.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\api\fff16584f45f27b579e5398ba8fdad37.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\006f295e67eb29c3d3c175f440bc65bd.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\2326bd7683f448186ad424cc6604d36f.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\28da1fb464b9eefdf992a87988fea7b0.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\2b4aa2cd94ce220c5d31275892a674f0.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\484461c43ccf4ba0c8f26fce1c95e489.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\508b5023be17ebf536d0f0d4497e56dc.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\51222700f21c38f89aa9e0ac83e0f722.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\67080b9ed15ed8c3e9c1887f6a743a3f.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\82d0774e5f0f551bf80ebd91b06e10a7.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\8417bb3eb09a6375f4199b49099b93ed.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\a7b24461b812ee12c74742cfc677364f.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\b221b197ebfd8c22005f1810d2bb4241.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\b79c6abd6192a0bf5dbdefa77443d439.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\c9e719094c12e8f31917e8c87a1e0a96.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\db83a351fc03aebe56d7fbf81c03fdc0.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\e1fa8dbefbe42b048bdb957d10ed2a7f.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\eb43c64b177091a4824afad42553e570.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\ed79c2d30331129261551d4c928c25d4.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\f2eec611a44e7dfc0cdef2056e59d59f.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\f6b1a9d809ecf9dfdecc4662da15c420.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\chrome\content\core\installer.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\defaults\preferences\prefs.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\manifest.xml, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins.json, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\22.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\1.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\102.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\104.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\119.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\124.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\13.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\14.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\16.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\17.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\177.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\178.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\179.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\180.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\182.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\183.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\195.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\198.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\199.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\207.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\21.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\220.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\223.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\231.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\244.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\246.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\262.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\263.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\268.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\273.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\28.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\281.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\4.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\47.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\64.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\7.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\72.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\78.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\9.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\91.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\plugins\98.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\userCode\background.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\extensionData\userCode\extension.js, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\locale\en-US\translations.dtd, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\button1.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\button2.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\button3.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\button4.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\button5.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\crossrider_statusbar.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\icon128.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\icon16.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\icon24.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\icon48.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\panelarrow-up.png, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\popup.html, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\skin.css, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com\skin\update.css, Quarantined, [b2ef1f7f8fec38fe2ce94e55b64c3cc4], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\1293297481.mxaddon, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\360-59570.crx, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\59570.xpi, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\b59b3e7b-3243-4031-a926-8cc1ab9a2058-11.exe, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\b59b3e7b-3243-4031-a926-8cc1ab9a2058-2.exe, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\b59b3e7b-3243-4031-a926-8cc1ab9a2058-4.exe, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\b59b3e7b-3243-4031-a926-8cc1ab9a2058-5.exe, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\b59b3e7b-3243-4031-a926-8cc1ab9a2058.crx, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\background.html, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\Uninstall.exe, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\utils.exe, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\zoolo-bg.exe, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\zoolo-codedownloader.exe, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.Zoolo.A, C:\Program Files\zoolo\zoolo.ico, Quarantined, [d7ca405ea5d63ff70035b007be44b54b], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\GoogleUpdate.exe, Delete-on-Reboot, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll, Delete-on-Reboot, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [5a47b2ec9cdfff3748707641f9097d83], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\GoogleCrashHandler.exe, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\GoogleUpdate.exe, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\GoogleUpdateBroker.exe, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\GoogleUpdateHelper.msi, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\GoogleUpdateOnDemand.exe, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\goopdate.dll, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\goopdateres_en.dll, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\npGoogleUpdate4.dll, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\psmachine.dll, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.316624\psuser.dll, Quarantined, [b9e8e8b69cdf01351abaa90ed929f20e], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\GoogleCrashHandler.exe, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\GoogleUpdate.exe, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\GoogleUpdateBroker.exe, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\GoogleUpdateHelper.msi, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\GoogleUpdateOnDemand.exe, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\goopdate.dll, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\goopdateres_en.dll, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\npGoogleUpdate4.dll, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\psmachine.dll, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.356261\psuser.dll, Quarantined, [78290896a9d29f97399bc7f020e25ba5], 
PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "1472992c40ccafe88975a143038036e4");), Replaced,[722f405edc9fff3737c557748f75d42c]

Physical Sectors: 0
(No malicious items detected)


(end)
As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):
  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.
  • 0

Advertisements

Back to Malware Removal Guides and Tutorials


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Malware Removal Guides and Tutorials

As Featured On:

featured
Malware Removal How to Guides Windows 7 System Building Download Files Register welcome

Never used a forum? Learn how.