PUP.optional eingefangen

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/04/26 14:53:14 +0200</date>
<log>mbam-log-2014-04-26 (14-48-07).xml</log>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.1.1004</version>
<rules-database>v2014.04.26.01</rules-database>
<swissarmy-database>v2014.03.27.01</swissarmy-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>de.nay</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>240814</objects>
<time>305</time>
<processes>2</processes>
<modules>1</modules>
<keys>28</keys>
<values>6</values>
<datas>10</datas>
<folders>71</folders>
<files>147</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<shuriken>enabled</shuriken>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<process><path>C:\ProgramData\IePluginService\PluginService.exe</path><vendor>PUP.Optional.IePluginService.A</vendor><action>delete-on-reboot</action><pid>1556</pid><hash>767340eef685f442ae952b277f82c33d</hash></process>
<process><path>C:\ProgramData\WPM\wprotectmanager.exe</path><vendor>PUP.Optional.WpManager</vendor><action>delete-on-reboot</action><pid>1604</pid><hash>49a04be399e28fa7672bec70bc45df21</hash></process>
<module><path>C:\Program Files (x86)\SupTab\DpInterface32.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>delete-on-reboot</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></module>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService</path><vendor>PUP.Optional.IePluginService.A</vendor><action>success</action><hash>767340eef685f442ae952b277f82c33d</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Wpm</path><vendor>PUP.Optional.WpManager</vendor><action>success</action><hash>49a04be399e28fa7672bec70bc45df21</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WPM</path><vendor>PUP.Optional.WpManager</vendor><action>success</action><hash>49a04be399e28fa7672bec70bc45df21</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>45a4f03e552671c548c1d14a936ff808</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>45a4f03e552671c548c1d14a936ff808</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>45a4f03e552671c548c1d14a936ff808</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>45a4f03e552671c548c1d14a936ff808</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>45a4f03e552671c548c1d14a936ff808</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>45a4f03e552671c548c1d14a936ff808</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6CA2A4DE-483E-456B-8634-6445460D7097}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\{6CA2A4DE-483E-456B-8634-6445460D7097}</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FilesFrog Update Checker</path><vendor>PUP.Optional.Somoto</vendor><action>success</action><hash>4c9dda546318e254bd317baba06057a9</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Flowsurf</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}</path><vendor>PUP.Optional.Qone8</vendor><action>success</action><hash>49a0cf5f49328fa71811683fe91a38c8</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\qone8Software</path><vendor>PUP.Optional.Qone8.A</vendor><action>success</action><hash>2cbd74ba6c0ffd39ca0a188dac57b34d</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}</path><vendor>PUP.Optional.Qone8</vendor><action>success</action><hash>757444ea8af188ae1613a9fe63a04fb1</hash></key>
<key><path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>f7f237f7710ab08624308f279e65e41c</hash></key>
<key><path>HKU\S-1-5-21-1546793034-3183003339-3227612086-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>21c86dc15d1e3006f26272447b88ca36</hash></key>
<key><path>HKU\S-1-5-21-1546793034-3183003339-3227612086-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}</path><vendor>PUP.Optional.Qone8</vendor><action>success</action><hash>41a8b6789be006302bfde9be1ce726da</hash></key>
<key><path>HKU\S-1-5-21-1546793034-3183003339-3227612086-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP</path><vendor>PUP.Optional.Somoto.A</vendor><action>success</action><hash>45a46ac4f685c76f8292fca438cb946c</hash></key>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>quick_start@gmail.com</valuename><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><valuedata>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com</valuedata><hash>36b33bf31c5ff73f7d6b5127659d966a</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path><valuename>jid1-tofUlNEIFlkUIA@jetpack</valuename><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><valuedata>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack</valuedata><hash>a4451717e49771c5a4a18fe738ca8779</hash></value>
<value><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM</path><valuename>ImagePath</valuename><vendor>PUP.Optional.WpManager.A</vendor><action>success</action><valuedata>C:\ProgramData\WPM\wprotectmanager.exe -service</valuedata><hash>1dcc111d3d3e96a0bd4a426aa55e6c94</hash></value>
<value><path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF</path><valuename>chrid</valuename><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><valuedata>oglkiljdmflopemijdadoiepkhcaodjn</valuedata><hash>f7f237f7710ab08624308f279e65e41c</hash></value>
<value><path>HKU\S-1-5-21-1546793034-3183003339-3227612086-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF</path><valuename>chrid</valuename><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><valuedata>oglkiljdmflopemijdadoiepkhcaodjn</valuedata><hash>21c86dc15d1e3006f26272447b88ca36</hash></value>
<value><path>HKU\S-1-5-21-1546793034-3183003339-3227612086-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOMOTO\SDP</path><valuename>affid</valuename><vendor>PUP.Optional.Somoto.A</vendor><action>success</action><valuedata>lionskin</valuedata><hash>45a46ac4f685c76f8292fca438cb946c</hash></value>
<data><path>HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND</path><valuename></valuename><vendor>PUP.Optional.Qone8</vendor><action>replaced</action><valuedata>C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</valuedata><baddata>C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</baddata><gooddata>iexplore.exe</gooddata><hash>17d20e202e4ddd59215aaa86ad57d927</hash></data>
<data><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>Hijack.StartPage</vendor><action>replaced</action><valuedata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</valuedata><baddata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</baddata><gooddata>hxxp://www.google.com</gooddata><hash>4c9df23cfb8086b03ca3fc2aea1add23</hash></data>
<data><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Default_Page_URL</valuename><vendor>Hijack.StartPage</vendor><action>replaced</action><valuedata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</valuedata><baddata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</baddata><gooddata>hxxp://www.google.com</gooddata><hash>529705297a01e452e6fbcc5a05ff639d</hash></data>
<data><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path><valuename>DefaultScope</valuename><vendor>PUP.Optional.Qone8</vendor><action>replaced</action><valuedata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</valuedata><baddata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</baddata><gooddata>{0633EE93-D776-472f-A0FF-E1416B8B2E3A}</gooddata><hash>ecfd6bc39cdf3afc5329d7597292eb15</hash></data>
<data><path>HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND</path><valuename></valuename><vendor>PUP.Optional.Qone8</vendor><action>replaced</action><valuedata>C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</valuedata><baddata>C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</baddata><gooddata>iexplore.exe</gooddata><hash>f5f4f5392a51092d92e997993bc92ad6</hash></data>
<data><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>Hijack.StartPage</vendor><action>replaced</action><valuedata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</valuedata><baddata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</baddata><gooddata>hxxp://www.google.com</gooddata><hash>eefb979795e600363aa5ba6c5da7d32d</hash></data>
<data><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Default_Page_URL</valuename><vendor>Hijack.StartPage</vendor><action>replaced</action><valuedata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</valuedata><baddata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</baddata><gooddata>hxxp://www.google.com</gooddata><hash>15d4949a4b302b0bfde4170f9074cd33</hash></data>
<data><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path><valuename>DefaultScope</valuename><vendor>PUP.Optional.Qone8</vendor><action>replaced</action><valuedata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</valuedata><baddata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</baddata><gooddata>{0633EE93-D776-472f-A0FF-E1416B8B2E3A}</gooddata><hash>fbee8ca292e956e096e6ba7623e1a25e</hash></data>
<data><path>HKU\S-1-5-21-1546793034-3183003339-3227612086-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>Hijack.StartPage</vendor><action>replaced</action><valuedata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</valuedata><baddata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</baddata><gooddata>hxxp://www.google.com</gooddata><hash>e20773bb5427171f449c7da901031ae6</hash></data>
<data><path>HKU\S-1-5-21-1546793034-3183003339-3227612086-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Default_Page_URL</valuename><vendor>Hijack.StartPage</vendor><action>replaced</action><valuedata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</valuedata><baddata>hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585</baddata><gooddata>hxxp://www.google.com</gooddata><hash>a3464fdf7506b77f22c07caaee169f61</hash></data>
<folder><path>C:\Program Files (x86)\SupTab</path><vendor>PUP.Optional.SupTab.A</vendor><action>delete-on-reboot</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\img</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\img\weather</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\js</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\en-US</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\es-419</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\es-ES</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\fr-BE</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\fr-CA</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\fr-CH</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\fr-FR</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\fr-LU</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\it-CH</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\it-IT</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\pl</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\pt</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\pt-BR</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\ru</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\ru-MO</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\tr-TR</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\vi-VI</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\zh-CN</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\SupTab\web\_locales\zh-TW</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\defaults</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\defaults\preferences</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\locale</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\addon-sdk</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\addon-sdk\lib</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf\data</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf\lib</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Local\FilesFrog Update Checker</path><vendor>PUP.Optional.FilesFrog.A</vendor><action>success</action><hash>8e5bc9654536cf67c97a1a49b1519868</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker</path><vendor>PUP.Optional.FilesFrog.A</vendor><action>success</action><hash>37b2b27c96e57bbb7aca144ff40e0cf4</hash></folder>
<folder><path>C:\ProgramData\IePluginService</path><vendor>PUP.Optional.IePluginService.A</vendor><action>delete-on-reboot</action><hash>9c4d2fffcab1df577d3e323369996d93</hash></folder>
<folder><path>C:\ProgramData\IePluginService\update</path><vendor>PUP.Optional.IePluginService.A</vendor><action>success</action><hash>9c4d2fffcab1df577d3e323369996d93</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\include</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\include\tools</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\en</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\en-US</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\es</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\es-419</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\it</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\it-CH</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\pl</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\ru</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\tr</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\vi</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\weather</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\defaults</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\defaults\preferences</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<folder><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></folder>
<file><path>C:\ProgramData\IePluginService\PluginService.exe</path><vendor>PUP.Optional.IePluginService.A</vendor><action>delete-on-reboot</action><hash>767340eef685f442ae952b277f82c33d</hash></file>
<file><path>C:\ProgramData\WPM\wprotectmanager.exe</path><vendor>PUP.Optional.WpManager</vendor><action>delete-on-reboot</action><hash>49a04be399e28fa7672bec70bc45df21</hash></file>
<file><path>C:\Program Files (x86)\SupTab\SupTab.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>45a4f03e552671c548c1d14a936ff808</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\flowsurf.dll</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>b93067c7dd9e082ec5cd70a909f928d8</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\SupTab\SupTab.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>ce1bed41aecdd165b19a7fb67c841de3</hash></file>
<file><path>C:\Users\de.nay\AppData\Local\Temp\smt_qone8_new.exe</path><vendor>PUP.Optional.SkyTech.A</vendor><action>success</action><hash>8d5c7eb025568aacdf441141d72a36ca</hash></file>
<file><path>C:\Users\de.nay\AppData\Local\Temp\flowsurf_3786.exe</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>0fda40eeb1cab87e63497c9a1ee42ed2</hash></file>
<file><path>C:\Users\de.nay\AppData\Local\Temp\fullpackage_temp1398512049\alilog.dll</path><vendor>PUP.Optional.SkyTech.A</vendor><action>success</action><hash>6a7fce60d7a400367a992012a65af60a</hash></file>
<file><path>C:\Users\de.nay\AppData\Local\Temp\fullpackage_temp1398512049\tmp\SupTab.exe</path><vendor>PUP.Optional.IePluginService.A</vendor><action>success</action><hash>feeba38bd8a3003660e3fa587d8439c7</hash></file>
<file><path>C:\Users\de.nay\AppData\Local\Temp\fullpackage_temp1398512049\tmp\wpm.exe</path><vendor>PUP.Optional.WpManager</vendor><action>success</action><hash>2abf71bd255615214d45025ad1306c94</hash></file>
<file><path>C:\Users\de.nay\AppData\Local\FilesFrog Update Checker\uninstall.exe</path><vendor>PUP.Optional.Somoto</vendor><action>success</action><hash>4c9dda546318e254bd317baba06057a9</hash></file>
<file><path>C:\Program Files (x86)\SupTab\install.data</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\DpInterface32.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>delete-on-reboot</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\DpInterface64.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\DpInterfacef32.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\ient.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\RSHP.exe</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\SearchProtect32.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\SearchProtect64.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\SpAPPSv32.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\SpAPPSv64.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\uninstall.exe</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\WebDataJs</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\data.html</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\indexIE.html</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\indexIE8.html</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\main.css</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\ver.txt</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\arrow.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\default_add_logo.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\default_logo.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\googlelogo.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\googlelogo2.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\google_trends.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\icon128.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\icon16.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\icon48.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\loading.gif</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\logo32.ico</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\img\weather\0.png</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\js\common.js</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\js\ga.js</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\js\ie8.js</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\js\js.js</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\js\library.js</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\js\xagainit.js</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>dc0d4ee0d2a93afc27c36021b94952ae</hash></file>
<file><path>C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\qone8.xml</path><vendor>PUP.Optional.Qone8.A</vendor><action>success</action><hash>00e90529f18a47ef6a69fda821e219e7</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\install.ico</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\atl110.dll</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\fsupd.exe</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\msvcr110.dll</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\uninstall.exe</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\bootstrap.js</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\harness-options.json</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\icon.png</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\icon64.png</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\install.rdf</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\locales.json</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\defaults\preferences\prefs.js</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack\resources\flowsurf\lib\main.js</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>985186a837440f275bf6694d55ae7789</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk</path><vendor>PUP.Optional.FilesFrog.A</vendor><action>success</action><hash>37b2b27c96e57bbb7aca144ff40e0cf4</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk</path><vendor>PUP.Optional.FilesFrog.A</vendor><action>success</action><hash>37b2b27c96e57bbb7aca144ff40e0cf4</hash></file>
<file><path>C:\ProgramData\IePluginService\update\conf</path><vendor>PUP.Optional.IePluginService.A</vendor><action>success</action><hash>9c4d2fffcab1df577d3e323369996d93</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome.manifest</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\install.rdf</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\index.html</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\quick_start.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\quick_start.xul</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_helper.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\js\common.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\js\doT.min.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\js\ga.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\js\jquery-2.1.0.min.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\js\jquery.autocomplete.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\js\js.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\content\js\xagainit.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\arrow.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\default_logo.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\googlelogo.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\googlelogo2.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\google_trends.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\icon.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\loading.gif</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\logo.ico</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\logo.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\logo32.ico</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\style.css</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\chrome\skin\weather\0.png</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\defaults\preferences\fvd.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\addonmanager.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\aes.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\config.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\dialogs.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\last_tab.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\misc.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\properties.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\remoterequest.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\restoreprefs.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\extensions\quick_start@gmail.com\modules\settings.js</path><vendor>PUP.Optional.QuickStart.A</vendor><action>success</action><hash>92571717accfbf778d01d792eb179e62</hash></file>
<file><path>C:\Users\de.nay\AppData\Roaming\Mozilla\Firefox\Profiles\u6am68b3.default\prefs.js</path><vendor>PUP.Optional.Qone8.A</vendor><action>replaced</action><baddata>user_pref(&quot;browser.startup.homepage&quot;, &quot;hxxp://start.qone8.com/?type=hp&amp;ts=1398512059&amp;from=smt&amp;uid=WDCXWD1003FZEX-00MK2A0_WD-WCC3F296858568585&quot;);</baddata><gooddata></gooddata><hash>db0ed65826551d1956b5e973b1538b75</hash></file>
</items>
</mbam-log>
         

CmdLine - quick
aswBoot.exe /A:"*" /L:"1031" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /wow /dir:"C:\Program Files\AVAST Software\Avast"
CmdLine end
SafeBoot: 0
CreateKbThread
new CKbBuffer
CKbBuffer::Init
CKbBuffer::Init end
NtCreateEvent(g_hStopEvent)
dep_osBeginThread - KbThread
CreateKbThread end
NtInitializeRegistry
KbThread start
ReadRegistry
DATA=C:\ProgramData\AVAST Software\Avast
PROG=C:\Program Files\AVAST Software\Avast
BUILD=2018
Windows 7 Professional N Service Pack 1
SystemRoot=C:\Windows
TEMP=C:\Windows\TEMP
TMP=C:\Windows\TEMP
ReadRegistry end
CreateTemp
CreateTemp end
aswcmnbDllMain
cmnbInit
aswEnginDllMain(DLL_PROCESS_ATTACH)
InitLog
InitLog end
CmdLine - full
aswBoot.exe /A:"*" /L:"1031" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /wow /dir:"C:\Program Files\AVAST Software\Avast"
CmdLine end
Program folder: C:\Program Files\AVAST Software\Avast
Engine folder: C:\Program Files\AVAST Software\Avast\defs\14042600
Base addr: 76fc0000
TimeStamp: 5356976e
Unschedule
61,00,75,00,74,00,6F,00,63,00,68,00,65,00,63,00,
6B,00,20,00,61,00,75,00,74,00,6F,00,63,00,68,00,
6B,00,20,00,2A,00,00,00,61,00,73,00,77,00,42,00,
6F,00,6F,00,74,00,2E,00,65,00,78,00,65,00,20,00,
2F,00,41,00,3A,00,22,00,2A,00,22,00,20,00,2F,00,
4C,00,3A,00,22,00,31,00,30,00,33,00,31,00,22,00,
20,00,2F,00,68,00,65,00,75,00,72,00,3A,00,38,00,
30,00,20,00,2F,00,52,00,41,00,3A,00,61,00,73,00,
6B,00,20,00,2F,00,70,00,75,00,70,00,20,00,2F,00,
61,00,72,00,63,00,68,00,69,00,76,00,65,00,73,00,
20,00,2F,00,49,00,41,00,3A,00,30,00,20,00,2F,00,
4B,00,42,00,44,00,3A,00,32,00,20,00,2F,00,77,00,
6F,00,77,00,20,00,2F,00,64,00,69,00,72,00,3A,00,
22,00,43,00,3A,00,5C,00,50,00,72,00,6F,00,67,00,
72,00,61,00,6D,00,20,00,46,00,69,00,6C,00,65,00,
73,00,5C,00,41,00,56,00,41,00,53,00,54,00,20,00,
53,00,6F,00,66,00,74,00,77,00,61,00,72,00,65,00,
5C,00,41,00,76,00,61,00,73,00,74,00,22,00,00,00,
00,00,
Unschedule end
LoadResources
LoadResources end
InitReport
InitReport end
New global exclusions: 
NtSetEvent(g_hInitEvent) - 1
CPU: Phys(3), Log(6), Aff(6), Feat(00002fff)
FreeMemory: 7908802560
avworkInitialize
InitKeyboard
g_dwKbdNum: 2
\Device\KeyboardClass1 failed: 0xC0000034
\Device\KeyboardClass1 failed: 0xC0000034
FreeMemory: 7867207680
\Device\KeyboardClass1 failed: 0xC0000034
s_dwKbdClassCnt: 2
InitKeyboard end
NtSetEvent(g_hInitEvent) - 2
GetKey
CKbBuffer::Wait
CKbBuffer::Get
CKbBuffer::Get end
CKbBuffer::Wait end
ProcessArea
avfilesScanAdd *MBR0
avfilesScanAdd *BOOTC:
Loading raw access support
avfilesScanAdd *RAW:C:\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanAdd *BOOTD:
avfilesScanAdd *RAW:D:\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanAdd *BOOTE:
avfilesScanAdd *RAW:E:\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanAdd *BOOTG:
avfilesScanAdd *RAW:G:\  [Fs: 00000006, FAT32; Dev: 07, 00000020]
avfilesScanAdd *BOOTH:
avfilesScanAdd *RAW:H:\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanAdd *BOOTVolume{75732481-cc8a-11e3-b5b3-806e6f6e6963}
avfilesScanAdd *RAW:Volume{75732481-cc8a-11e3-b5b3-806e6f6e6963}\  [Fs: 03e700ff, NTFS; Dev: 07, 00000020]
avfilesScanRealMulti begin
CKbBuffer::Get
Key: 1, 3, 0, 0, 0
GetKey end (2/32)
CKbBuffer::Put
CKbBuffer::Put end
GetKey
CKbBuffer::Get end
WaitForKeys (11): 2
Key: 1, 3, 1, 0, 0
Attaching OS: 0
GetErrorText
avfilesScanRealMulti finished
Runtime: 2907938ms
Unloading attached OS
avworkClose
Unloading raw access support
Loading raw access support
Checking deleted files:
MarkFileRemoval
MarkFileRemoval end
TerminateKbThread
GetKey end (?/00)
CloseKeyboard
CloseKeyboard end
KbThread stop
CKbBuffer::~CKbBuffer
CKbBuffer::~CKbBuffer end
aswEnginDllMain(DLL_PROCESS_DETACH)
cmnbFree
FreeResources
CloseReport
CloseLog
         

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 02
Ran by de.nay at 2014-04-26 15:12:16
Running from C:\Users\de.nay\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Steady Video Plug-In  (Version: 2.06.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.375 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.69 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{EF7EA37B-C009-4D53-AE2A-FF7C6AEC35CE}) (Version: 4.26.386 - Futuremark)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
XFast LAN v9.05 (HKLM\...\XFast LAN) (Version: 9.05 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.38 - ASRock Inc.)

==================== Restore Points  =========================

25-04-2014 16:46:05 Removed 3DMark06
25-04-2014 16:46:35 Removed Futuremark SystemInfo
25-04-2014 16:47:08 3DMark 11
25-04-2014 16:47:25 DirectX wurde installiert
25-04-2014 16:48:52 Installed Futuremark SystemInfo
25-04-2014 19:19:37 Removed Microsoft Silverlight
26-04-2014 01:49:58 Windows Update
26-04-2014 10:56:24 DirectX wurde installiert

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2D94114F-2327-4ABD-9AF2-70A8B727FCCC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-25] (AVAST Software)
Task: {38EFA981-CD16-4A9A-AA25-388480E75CE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-25] (Google Inc.)
Task: {6C7A3E70-E7E6-4610-9917-6A8F159CBF96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-25] (Google Inc.)
Task: {76752CBE-5808-4F00-BB07-1379BC25BD4E} - System32\Tasks\fsupdate => C:\PROGRA~2\Flowsurf\fsupd.exe
Task: {FA312A4B-BDA3-4ADA-89E6-619E0F35D772} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-25] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-06 16:06 - 2013-12-06 16:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-04-26 12:39 - 2014-04-26 12:39 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14042600\algo.dll
2014-04-25 17:47 - 2014-04-25 17:47 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-25 17:56 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/26/2014 03:02:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 02:25:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 00:55:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 00:45:31 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 00:42:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 00:40:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2014 09:24:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2014 07:21:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2014 06:49:41 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: 3DMark11.exe, Version: 1.0.132.0, Zeitstempel: 0x52f0a47d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c78c
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000a49d
ID des fehlerhaften Prozesses: 0x1250
Startzeit der fehlerhaften Anwendung: 0x3DMark11.exe0
Pfad der fehlerhaften Anwendung: 3DMark11.exe1
Pfad des fehlerhaften Moduls: 3DMark11.exe2
Berichtskennung: 3DMark11.exe3

Error: (04/25/2014 06:49:40 PM) (Source: .NET Runtime) (User: )
Description: Application: 3DMark11.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
   at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
   at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
   at System.Delegate.DynamicInvokeImpl(System.Object[])
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at Futuremark.BenchmarkUtility.SystemInfo3.WorkerThreadProc()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()


System errors:
=============
Error: (04/26/2014 00:48:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für Internet Explorer 8 für Windows 7 für x64-basierte Systeme (KB2598845)

Error: (04/26/2014 00:44:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405

Error: (04/26/2014 00:40:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "avast! Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/26/2014 04:58:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 4.5 unter Windows 7, Vista, Windows Server 2008 und Windows Server 2008 R2 für x64 (KB2861208)

Error: (04/25/2014 09:22:03 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/25/2014 07:20:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "cpuz137" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/25/2014 06:24:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3


Microsoft Office Sessions:
=========================
Error: (04/26/2014 03:02:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 02:25:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 00:55:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 00:45:31 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 00:42:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 00:40:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2014 09:24:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2014 07:21:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/25/2014 06:49:41 PM) (Source: Application Error)(User: )
Description: 3DMark11.exe1.0.132.052f0a47dKERNELBASE.dll6.1.7601.175144ce7c78ce0434352000000000000a49d125001cf60a62bc7f067C:\Program Files\Futuremark\3DMark 11\bin\x64\3DMark11.exeC:\Windows\system32\KERNELBASE.dll98226249-cc99-11e3-92ab-bc5ff4fb592d

Error: (04/25/2014 06:49:40 PM) (Source: .NET Runtime)(User: )
Description: Application: 3DMark11.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
   at System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
   at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
   at System.Delegate.DynamicInvokeImpl(System.Object[])
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at Futuremark.BenchmarkUtility.SystemInfo3.WorkerThreadProc()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 8149.71 MB
Available physical RAM: 6171.54 MB
Total Pagefile: 20370.89 MB
Available Pagefile: 18074.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.63 GB) (Free:57.83 GB) NTFS
Drive d: () (Fixed) (Total:250.12 GB) (Free:250.02 GB) NTFS
Drive e: () (Fixed) (Total:581.66 GB) (Free:530.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2AB9485E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=250 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=582 GB) - (Type=07 NTFS)

==================== End Of Log ========