"Oursurfing" Virus und Chinesische Zeichen

Queenix · 06.05.2015, 18:03

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-05-2015 01
Ran by Belinda at 2015-05-06 18:48:42 Run:2
Running from C:\Users\Belinda\Desktop
Loaded Profiles: Belinda (Available profiles: Belinda & Gast)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\...\Run: [apphide] => C:\Program Files (x86)\baidu\baidu.exe
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
CHR dev: Chrome dev build detected! <======= ATTENTION
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-04-28] (电脑管家)
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [X]
S3 TS888x64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys [X]
S1 TsDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsDefenseBT64.sys [X]
Task: {9DA0B75B-9A57-4FE3-B4B3-CBD09EF4A638} - \PCDEventLauncherTask No Task File <==== ATTENTION
Task: {A24B3C1A-70F9-4BA2-9F0D-D955176806A7} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION
C:\Users\Decayde\AppData\Local\TNT2
C:\program files (x86)\common files\baidu
C:\program files (x86)\common files\tencent
C:\users\belinda\documents\vuze downloads
C:\Program Files (x86)\baidu
C:\Windows\system32\Drivers\TSSKX64.sys
C:\Windows\system32\Drivers\TFsFltX64.sys
C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
C:\Windows\SysWOW64\Drivers\TS888x64.sys
C:\ProgramData\TXQMPC
C:\Program Files\Common Files\Tencent
C:\Users\Belinda\AppData\Roaming\nyiyirds
C:\Users\Belinda\AppData\Roaming\juvaqus
RemoveProxy:
EmptyTemp:
         
*****************

HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\Software\Microsoft\Windows\CurrentVersion\Run\\apphide => value deleted successfully.
"HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
TSSKX64 => Service deleted successfully.
QMUdisk => Service deleted successfully.
TS888x64 => Service deleted successfully.
TsDefenseBt => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DA0B75B-9A57-4FE3-B4B3-CBD09EF4A638} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A24B3C1A-70F9-4BA2-9F0D-D955176806A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A24B3C1A-70F9-4BA2-9F0D-D955176806A7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => Key deleted successfully.
"C:\Users\Decayde\AppData\Local\TNT2" => File/Directory not found.
"C:\program files (x86)\common files\baidu" => File/Directory not found.
C:\program files (x86)\common files\tencent => Moved successfully.
"C:\users\belinda\documents\vuze downloads" => File/Directory not found.
"C:\Program Files (x86)\baidu" => File/Directory not found.
C:\Windows\system32\Drivers\TSSKX64.sys => Moved successfully.
C:\Windows\system32\Drivers\TFsFltX64.sys => Moved successfully.
C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 => Moved successfully.
C:\Windows\SysWOW64\Drivers\TS888x64.sys => Moved successfully.
C:\ProgramData\TXQMPC => Moved successfully.
C:\Program Files\Common Files\Tencent => Moved successfully.
C:\Users\Belinda\AppData\Roaming\nyiyirds => Moved successfully.
"C:\Users\Belinda\AppData\Roaming\juvaqus" => File/Directory not found.

========= RemoveProxy: =========

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-1432196140-1771900234-4215042517-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.


========= End of RemoveProxy: =========

EmptyTemp: => Removed 1.2 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 18:50:07 ====

cosinus · 07.05.2015, 14:53

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Queenix · 10.05.2015, 09:45

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 08.05.2015
Suchlauf-Zeit: 19:56:09
Logdatei: mbam-txt.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.08.06
Rootkit Datenbank: v2015.04.21.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Belinda

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 465627
Verstrichene Zeit: 44 Min, 26 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=19ea06ebcc028742a79ec65308c2d2e1
# engine=23765
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-09 08:03:14
# local_time=2015-05-09 10:03:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 7488436 102452215 0 0
# scanned=221784
# found=174
# cleaned=0
# scan_time=36276
sh=45E7449F1A82158B429BE44611AE49BCEFDAB6E1 ft=1 fh=dffb77abfb1a8bfc vn="Win32/ReImageRepair.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Reimage\Reimage Repair\ReimageRepair.exe.vir"
sh=61CB4B5228E6253863391EF3346C2F9920DBC554 ft=1 fh=c71c00112b13579c vn="Variante von Win64/Adware.MultiPlug.A Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Adblocker\FHLhBbH.x64.dll"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js"
sh=AE0BB882E104214DFE7F304DE9468A778341494B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\ocu9wbj7-nqut@iioeaohtjmjkpwu.org\content\bg.js"
sh=BFEF17CDA3F9756168E6DDCB98C31AE098489D5C ft=1 fh=c0e21e5ab16c27ef vn="Variante von Win32/Adware.Hicosmea.B Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Roaming\nyiyirds\subcalal.dll"
sh=C2CA3F383B4B06C9B2BB64291C4F07AA2DFFC72D ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{38C18ABB-07FE-4C18-AEF3-4FDCE322A84D}\Custom.dll"
sh=D3B521D5AFD90ED22756DCECCA63B4EEC63E10A2 ft=1 fh=3fe680fa8fe1ca5e vn="Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{E61DCF5F-D1F8-41F7-A31C-99DA3DFEEDA9}\_Setupx.dll"
sh=61CB4B5228E6253863391EF3346C2F9920DBC554 ft=1 fh=c71c00112b13579c vn="Variante von Win64/Adware.MultiPlug.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\MySearch\W.x64.dll.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=E12820C3C449E8DF12132666647822B9FE266BA3 ft=1 fh=661cdf041cef5cb3 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\Installer.dll.vir"
sh=E99D65BD24FAF328D7314F02B98EE8C3BD793B77 ft=1 fh=8661b13c20727ec0 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\InstallerLibrary.dll.vir"
sh=49DEEED4E6B0E6134D47A582E209511FCBFD2B72 ft=1 fh=14e2fb72d7f3d82c vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe.vir"
sh=C2CA3F383B4B06C9B2BB64291C4F07AA2DFFC72D ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{38C18ABB-07FE-4C18-AEF3-4FDCE322A84D}\Custom.dll"
sh=D3B521D5AFD90ED22756DCECCA63B4EEC63E10A2 ft=1 fh=3fe680fa8fe1ca5e vn="Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{E61DCF5F-D1F8-41F7-A31C-99DA3DFEEDA9}\_Setupx.dll"
sh=40A1F493FA09E9118A1D7212A5B2C46139974A73 ft=1 fh=636b72ecd8c1df3d vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Anwendungen\ka\iLividSetupV1.exe"
sh=684C94F6C4A3C8AA6776C4439D878529DE5B0957 ft=1 fh=fed0bc5057981e5b vn="Variante von Win64/Adware.Hicosmea.B Anwendung" ac=I fn="C:\Users\Belinda\AppData\Roaming\juvaquse\gendaqof.dll"
sh=BFEF17CDA3F9756168E6DDCB98C31AE098489D5C ft=1 fh=c0e21e5ab16c27ef vn="Variante von Win32/Adware.Hicosmea.B Anwendung" ac=I fn="C:\Users\Belinda\AppData\Roaming\juvaquse\subcalal.dll"
sh=051BCD3EBC2B5BC7533CDA34908304123C74FED2 ft=1 fh=d75091e48776c739 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Downloads\FreeDiscBurner.exe"
sh=96AB69B66F81C713B4F917FDDFC92C60688D9FB1 ft=1 fh=12eba75a92e729e0 vn="Win32/Malavida.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Downloads\microsoft-word-windows-malavida.exe"
sh=FF90074ABC77D301E4C9FB8A8041F54C87C94ADA ft=1 fh=92ec1bccd9e58563 vn="Variante von Win32/InstallCore.ZD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\dwhelper\Downloads\FileZilla_3.10.3_win64-setup.exe"
sh=F3D15D624E158DA63BBC20F13B4B71937C70EC25 ft=1 fh=db680114d8a5e15b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\dwhelper\Downloads\PaintTool SAI - CHIP-Installer.exe"
sh=45E7449F1A82158B429BE44611AE49BCEFDAB6E1 ft=1 fh=dffb77abfb1a8bfc vn="Win32/ReImageRepair.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\dwhelper\Downloads\ReimageRepair.exe"
sh=2C3EAE40B15EFE5D158A9FF5938EBD4305CC3914 ft=1 fh=e37004eca22b5506 vn="Win32/DownloadAdmin.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\K\vlcmediaplayer-setup.exe"
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=19ea06ebcc028742a79ec65308c2d2e1
# engine=23771
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-10 04:24:10
# local_time=2015-05-10 06:24:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 7565293 102525472 0 0
# scanned=521198
# found=179
# cleaned=0
# scan_time=48413
sh=45E7449F1A82158B429BE44611AE49BCEFDAB6E1 ft=1 fh=dffb77abfb1a8bfc vn="Win32/ReImageRepair.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Reimage\Reimage Repair\ReimageRepair.exe.vir"
sh=61CB4B5228E6253863391EF3346C2F9920DBC554 ft=1 fh=c71c00112b13579c vn="Variante von Win64/Adware.MultiPlug.A Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Adblocker\FHLhBbH.x64.dll"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js"
sh=AE0BB882E104214DFE7F304DE9468A778341494B ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\1obdb2lb.default-1381238947563\Extensions\ocu9wbj7-nqut@iioeaohtjmjkpwu.org\content\bg.js"
sh=BFEF17CDA3F9756168E6DDCB98C31AE098489D5C ft=1 fh=c0e21e5ab16c27ef vn="Variante von Win32/Adware.Hicosmea.B Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Belinda\AppData\Roaming\nyiyirds\subcalal.dll"
sh=C2CA3F383B4B06C9B2BB64291C4F07AA2DFFC72D ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{38C18ABB-07FE-4C18-AEF3-4FDCE322A84D}\Custom.dll"
sh=D3B521D5AFD90ED22756DCECCA63B4EEC63E10A2 ft=1 fh=3fe680fa8fe1ca5e vn="Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{E61DCF5F-D1F8-41F7-A31C-99DA3DFEEDA9}\_Setupx.dll"
sh=61CB4B5228E6253863391EF3346C2F9920DBC554 ft=1 fh=c71c00112b13579c vn="Variante von Win64/Adware.MultiPlug.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\MySearch\W.x64.dll.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Belinda\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\lsdb.js.vir"
sh=03A030FAC13FE44002238AD79EB450D988AE4DE9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aooajdbehcmbdjchnonhpoiegloklnho\2.1\P0K.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\content.js.vir"
sh=B97D3115FAF2056D7FFD6288FC2A8472F69AB4A9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\dFfCdZaL_.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\iihioilnlhmofhdhbigchkelfcmabkek\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\lsdb.js.vir"
sh=75B2486D4AA9E496A371804F0E8A6D70C422D2BC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi\222\U07Bl6.js.vir"
sh=D9694ABB5229847ADC75EA4F4255648A4798DA73 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\bIL.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\placaoajpbomigajoaeldfbhglnhdbfp\2.14\lsdb.js.vir"
sh=161639BD2B62781BCCBD4E750F28A94F296A6996 ft=0 fh=0000000000000000 vn="JS/Chromex.Agent.L Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\content.js.vir"
sh=FD579D89B6D6FB2F176CC3D03302F7D6103598F9 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\lsdb.js.vir"
sh=082C7E15068BBDD97AC228FC0F4B45F70DA200FC ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pnoldnhjlgbheenbnfegoenoaaalgjni\1.0\NSnqfsMgh.js.vir"
sh=E12820C3C449E8DF12132666647822B9FE266BA3 ft=1 fh=661cdf041cef5cb3 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\Installer.dll.vir"
sh=E99D65BD24FAF328D7314F02B98EE8C3BD793B77 ft=1 fh=8661b13c20727ec0 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\InstallerLibrary.dll.vir"
sh=49DEEED4E6B0E6134D47A582E209511FCBFD2B72 ft=1 fh=14e2fb72d7f3d82c vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe.vir"
sh=C2CA3F383B4B06C9B2BB64291C4F07AA2DFFC72D ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{38C18ABB-07FE-4C18-AEF3-4FDCE322A84D}\Custom.dll"
sh=D3B521D5AFD90ED22756DCECCA63B4EEC63E10A2 ft=1 fh=3fe680fa8fe1ca5e vn="Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{E61DCF5F-D1F8-41F7-A31C-99DA3DFEEDA9}\_Setupx.dll"
sh=40A1F493FA09E9118A1D7212A5B2C46139974A73 ft=1 fh=636b72ecd8c1df3d vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Anwendungen\ka\iLividSetupV1.exe"
sh=684C94F6C4A3C8AA6776C4439D878529DE5B0957 ft=1 fh=fed0bc5057981e5b vn="Variante von Win64/Adware.Hicosmea.B Anwendung" ac=I fn="C:\Users\Belinda\AppData\Roaming\juvaquse\gendaqof.dll"
sh=BFEF17CDA3F9756168E6DDCB98C31AE098489D5C ft=1 fh=c0e21e5ab16c27ef vn="Variante von Win32/Adware.Hicosmea.B Anwendung" ac=I fn="C:\Users\Belinda\AppData\Roaming\juvaquse\subcalal.dll"
sh=051BCD3EBC2B5BC7533CDA34908304123C74FED2 ft=1 fh=d75091e48776c739 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Downloads\FreeDiscBurner.exe"
sh=96AB69B66F81C713B4F917FDDFC92C60688D9FB1 ft=1 fh=12eba75a92e729e0 vn="Win32/Malavida.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\Downloads\microsoft-word-windows-malavida.exe"
sh=FF90074ABC77D301E4C9FB8A8041F54C87C94ADA ft=1 fh=92ec1bccd9e58563 vn="Variante von Win32/InstallCore.ZD evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\dwhelper\Downloads\FileZilla_3.10.3_win64-setup.exe"
sh=F3D15D624E158DA63BBC20F13B4B71937C70EC25 ft=1 fh=db680114d8a5e15b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\dwhelper\Downloads\PaintTool SAI - CHIP-Installer.exe"
sh=45E7449F1A82158B429BE44611AE49BCEFDAB6E1 ft=1 fh=dffb77abfb1a8bfc vn="Win32/ReImageRepair.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\dwhelper\Downloads\ReimageRepair.exe"
sh=2C3EAE40B15EFE5D158A9FF5938EBD4305CC3914 ft=1 fh=e37004eca22b5506 vn="Win32/DownloadAdmin.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Belinda\K\vlcmediaplayer-setup.exe"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gast\AppData\LocalLow\ClipGrab\ldrtbCli0.dll"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gast\AppData\LocalLow\ClipGrab\tbCli0.dll"
sh=8A72F448F17C026A1B2A59686DE720079CCBA08F ft=1 fh=4d4a711952b3453e vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="E:\Users\Administrator.ASTERIX-1\Downloads\DTLite4481-0347.exe"
sh=C2CA3F383B4B06C9B2BB64291C4F07AA2DFFC72D ft=1 fh=c71c001198f425ea vn="Win32/InstalleRex.M evtl. unerwünschte Anwendung" ac=I fn="E:\Users\All Users\InstallMate\{38C18ABB-07FE-4C18-AEF3-4FDCE322A84D}\Custom.dll"
sh=D3B521D5AFD90ED22756DCECCA63B4EEC63E10A2 ft=1 fh=3fe680fa8fe1ca5e vn="Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="E:\Users\All Users\InstallMate\{E61DCF5F-D1F8-41F7-A31C-99DA3DFEEDA9}\_Setupx.dll"

cosinus · 10.05.2015, 16:04

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\ProgramData\InstallMate
C:\Users\All Users\InstallMate
C:\Users\Belinda\Anwendungen\ka
C:\Users\Belinda\AppData\Roaming\juvaquse
C:\Users\Belinda\Downloads\FreeDiscBurner.exe
C:\Users\Belinda\Downloads\microsoft-word-windows-malavida.exe
C:\Users\Belinda\dwhelper\Downloads\FileZilla_3.10.3_win64-setup.exe
C:\Users\Belinda\dwhelper\Downloads\PaintTool SAI - CHIP-Installer.exe
C:\Users\Belinda\dwhelper\Downloads\ReimageRepair.exe
C:\Users\Belinda\K
C:\Users\Gast\AppData\LocalLow\ClipGrab\ldrtbCli0.dll
C:\Users\Gast\AppData\LocalLow\ClipGrab\tbCli0.dll
E:\Users\Administrator.ASTERIX-1\Downloads\DTLite4481-0347.exe
E:\Users\All Users\InstallMate
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Queenix · 11.05.2015, 06:54

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by Belinda at 2015-05-11 07:48:10 Run:3
Running from C:\Users\Belinda\Desktop
Loaded Profiles: Belinda (Available profiles: Belinda & Gast)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\ProgramData\InstallMate
C:\Users\All Users\InstallMate
C:\Users\Belinda\Anwendungen\ka
C:\Users\Belinda\AppData\Roaming\juvaquse
C:\Users\Belinda\Downloads\FreeDiscBurner.exe
C:\Users\Belinda\Downloads\microsoft-word-windows-malavida.exe
C:\Users\Belinda\dwhelper\Downloads\FileZilla_3.10.3_win64-setup.exe
C:\Users\Belinda\dwhelper\Downloads\PaintTool SAI - CHIP-Installer.exe
C:\Users\Belinda\dwhelper\Downloads\ReimageRepair.exe
C:\Users\Belinda\K
C:\Users\Gast\AppData\LocalLow\ClipGrab\ldrtbCli0.dll
C:\Users\Gast\AppData\LocalLow\ClipGrab\tbCli0.dll
E:\Users\Administrator.ASTERIX-1\Downloads\DTLite4481-0347.exe
E:\Users\All Users\InstallMate
EmptyTemp:
*****************

C:\ProgramData\InstallMate => Moved successfully.
"C:\Users\All Users\InstallMate" => File/Directory not found.
C:\Users\Belinda\Anwendungen\ka => Moved successfully.
C:\Users\Belinda\AppData\Roaming\juvaquse => Moved successfully.
C:\Users\Belinda\Downloads\FreeDiscBurner.exe => Moved successfully.
C:\Users\Belinda\Downloads\microsoft-word-windows-malavida.exe => Moved successfully.
C:\Users\Belinda\dwhelper\Downloads\FileZilla_3.10.3_win64-setup.exe => Moved successfully.
C:\Users\Belinda\dwhelper\Downloads\PaintTool SAI - CHIP-Installer.exe => Moved successfully.
C:\Users\Belinda\dwhelper\Downloads\ReimageRepair.exe => Moved successfully.
C:\Users\Belinda\K => Moved successfully.
C:\Users\Gast\AppData\LocalLow\ClipGrab\ldrtbCli0.dll => Moved successfully.
C:\Users\Gast\AppData\LocalLow\ClipGrab\tbCli0.dll => Moved successfully.
E:\Users\Administrator.ASTERIX-1\Downloads\DTLite4481-0347.exe => Moved successfully.
"E:\Users\All Users\InstallMate" => File/Directory not found.
EmptyTemp: => Removed 437 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 07:51:05 ====

cosinus · 11.05.2015, 12:11

Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

"Oursurfing" Virus und Chinesische Zeichen

Plagegeister aller Art und deren Bekämpfung: "Oursurfing" Virus und Chinesische Zeichen