Removal instructions for Easy Deals v 1.01

Metallica · October 25, 2014

What is Easy Deals?

The Malwarebytes research team has determined that Easy Deals is a browser hijacker. These so-called "hijackers" manipulate your browser(s), for example to change your startpage or searchscopes, so that the affected browser visits their site or one of their choice. This one also displays advertisements.

How do I know if my computer is affected by Easy Deals?

You may see these browser extensions/add-ons:

and this entry in your list of installed programs:

How did Easy Deals get on my computer?

Browser hijackers use different methods for distributing themselves. This particular one was bundled with other software.

How do I remove Easy Deals?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted application.

Please download Malwarebytes Anti-Malware to your desktop.
Double-click mbam-setup-version.exe and follow the prompts to install the program.
At the end, be sure a check-mark is placed next to the following:
- Enable free trial of Malwarebytes Anti-Malware Premium
- Launch Malwarebytes Anti-Malware
Then click Finish.
If an update is found, you will be prompted to download and install the latest version.
Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
Reboot your computer if prompted.

Is there anything else I need to do to get rid of Easy Deals?

If you are using Opera, you may have to remove the Extension manually under Opera > Extensions click the x behind Easy Deals and click OK in the prompt to confirm.

How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this hijacker.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the Easy Deals hijacker. It would have warned you before the rogue could install itself, giving you a chance to stop it before it became too late.

Technical details for experts

Signs in a HijackThis log:

O2 - BHO: d9b5a250f328013185605118752c52d60061770 - {11111111-1111-1111-1111-110611171170} - C:\Program Files\Easy Deals v 1.01\Easy Deals v 1.01-bho.dll

Alterations made by the installer:

File system details  ---------------------------------------------    Adds the folder C:\Program Files\Easy Deals v 1.01       Adds the file 1293297481.mxaddon"="10/14/2014 6:22 PM, 45407 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d.crx"="10/25/2014 11:10 AM, 371211 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d.xpi"="10/25/2014 11:10 AM, 413236 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-11.exe"="10/25/2014 11:10 AM, 1982368 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-2.exe"="10/25/2014 11:10 AM, 915872 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-4.exe"="10/25/2014 11:10 AM, 1496480 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-5.exe"="10/25/2014 11:10 AM, 848288 bytes, A       Adds the file 4a41817c-d596-487d-a0ad-e6829e1183d5.crx"="10/25/2014 11:10 AM, 372412 bytes, A       Adds the file background.html"="10/16/2014 4:32 AM, 729 bytes, A       Adds the file Easy Deals v 1.01.ico"="10/16/2014 4:32 AM, 9662 bytes, A       Adds the file Easy Deals v 1.01-bg.exe"="10/25/2014 11:10 AM, 583072 bytes, A       Adds the file Easy Deals v 1.01-bho.dll"="10/25/2014 11:10 AM, 560032 bytes, A       Adds the file Easy Deals v 1.01-codedownloader.exe"="10/25/2014 11:10 AM, 1093024 bytes, A       Adds the file Uninstall.exe"="10/25/2014 11:10 AM, 103328 bytes, A       Adds the file utils.exe"="10/25/2014 11:10 AM, 2905665 bytes, A    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\defaults    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData    Adds the folder C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\locale    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\dcjagkpikabnkdnimbnecoagmihpcmcf\1.26.18_0    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\dcjagkpikabnkdnimbnecoagmihpcmcf\1.26.18_0\extensionData    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\dcjagkpikabnkdnimbnecoagmihpcmcf\1.26.18_0\icons    Adds the folder C:\Users\{username}\AppData\Roaming\Opera Software\Opera Stable\Extensions\dcjagkpikabnkdnimbnecoagmihpcmcf\1.26.18_0\js    In the existing folder C:\Windows\System32\Tasks       Adds the file 38ecf267-8710-466b-a604-834afb95234d-1"="10/25/2014 11:10 AM, 6146 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-11"="10/25/2014 11:10 AM, 7864 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-2"="10/25/2014 11:10 AM, 5134 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-5"="10/25/2014 11:10 AM, 5470 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-5_user"="10/25/2014 11:10 AM, 5476 bytes, A    In the existing folder C:\Windows\Tasks       Adds the file 38ecf267-8710-466b-a604-834afb95234d-1.job"="10/25/2014 11:10 AM, 3116 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-11.job"="10/25/2014 11:10 AM, 4834 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-2.job"="10/25/2014 11:10 AM, 2104 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-5.job"="10/25/2014 11:10 AM, 2440 bytes, A       Adds the file 38ecf267-8710-466b-a604-834afb95234d-5_user.job"="10/25/2014 11:10 AM, 2440 bytes, ARegistry details  ------------------------------------------    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171170}]       "(Default)"="REG_SZ", "Easy Deals v 1.01"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171170}\Implemented Categories]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171170}\Implemented Categories\{59fb2056-d625-48d0-a944-1a85b5ab2640}]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171170}\InprocServer32]       "(Default)"="REG_SZ", "C:\Program Files\Easy Deals v 1.01\Easy Deals v 1.01-bho.dll"       "ThreadingModel"="REG_SZ", "Apartment"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171170}\ProgID]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770.BHO.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171170}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171170}\TypeLib]       "(Default)"="REG_SZ", "{44444444-4444-4444-4444-440644174470}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171170}\VersionIndependentProgID]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172270}]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172270}\InprocServer32]       "(Default)"="REG_SZ", "C:\Program Files\Easy Deals v 1.01\Easy Deals v 1.01-bho.dll"       "ThreadingModel"="REG_SZ", "Apartment"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172270}\ProgID]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770.Sandbox.1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172270}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172270}\TypeLib]       "(Default)"="REG_SZ", "{44444444-4444-4444-4444-440644174470}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172270}\VersionIndependentProgID]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.BHO]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.BHO\CLSID]       "(Default)"="REG_SZ", "{11111111-1111-1111-1111-110611171170}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.BHO\CurVer]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.BHO.1]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.BHO.1\CLSID]       "(Default)"="REG_SZ", "{11111111-1111-1111-1111-110611171170}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.Sandbox]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.Sandbox\CLSID]       "(Default)"="REG_SZ", "{22222222-2222-2222-2222-220622172270}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.Sandbox\CurVer]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.Sandbox.1]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770.Sandbox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\d9b5a250f328013185605118752c52d60061770.Sandbox.1\CLSID]       "(Default)"="REG_SZ", "{22222222-2222-2222-2222-220622172270}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175570}]       "(Default)"="REG_SZ", "ICrossriderBHO"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175570}\ProxyStubClsid]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175570}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175570}\TypeLib]       "(Default)"="REG_SZ", "{44444444-4444-4444-4444-440644174470}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176670}]       "(Default)"="REG_SZ", "ISandBox"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176670}\ProxyStubClsid]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176670}\ProxyStubClsid32]       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176670}\TypeLib]       "(Default)"="REG_SZ", "{44444444-4444-4444-4444-440644174470}"       "Version"="REG_SZ", "1.0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174470}\1.0]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770 Type Library"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174470}\1.0\0\win32]       "(Default)"="REG_SZ", "C:\Program Files\Easy Deals v 1.01\Easy Deals v 1.01-bho.dll"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174470}\1.0\FLAGS]       "(Default)"="REG_SZ", "0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174470}\1.0\HELPDIR]       "(Default)"="REG_SZ", "C:\Program Files\Easy Deals v 1.01"    [HKEY_LOCAL_MACHINE\SOFTWARE\Easy Deals v 1.01\fbs1tELN0WSWSr494ifWIyKPhpaRbHu0NfM9RHrTpWQGrVGfW3J4j2QC286LwvtCnBj+B7E1ayj165HykECU1UE63mJKI5BujVii7OeuKCkpWKtbuL1HvpJFVPcY3KVzXNZAGxQQoLbxAmbk8rdo+OTGTTUxnxofF1ynExvpVGc=]       "gRhgwV5AzSI7mVrPtYsDPBW9M3u+d43cCLvtxGlS47xnn3aIh6AMLGDs7UgkeEl0Bltx5RMxlNbgX2lV0Viv6DiFZe/b9GwDzB68RM0T5DyCuhqiu1L87SuMir3eVg12fRhwqeqZgblLDny4ncry1C022rsf0c1TNxW8g5H4JDGXfpzne7bBpeK/tCtyC5ajhBXyMoPfI7LcFwoiDlc8z/G3u7VA9kiwPQSHZxV2lhMIrk9FGqwxzanuvWEgp31oyd/9+iL2Ot/X3pxtKuXNPR1AIrmP/PgqpGVDoqAHFZ9NbeD+e7eQENUI5O3Z4Zle66+qLIXCLVKVZpVO8ByoxQ=="="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Easy Deals v 1.01\i1ltjaWlgr8/xQtwaTfiXg5fXqzCihy8F5CqfYyfEGDa+yE7QDrNHzZpEnzoYSzrk4AqggzT87341ewjSU+u775yXYQJ0ey/SD+RJyhJuZ40zGlUMcJggTGgMCYlzlNEwO13sjciZjwbOGLpYdLI4ubq87/hE5sFg5VYA2mD4kM=]       "sdL0xGJXz+tmnrwtn/6cPkl8S5c9zzxdZ6NCFpz5eNzNvZ12HUrHyxw/hyKsMmfOfxivYOTsBquxFxtBSM9f9F+bQMqtWTM3tbvnTm1w8gusQ3nxXgE5MbzvfarpMyCqFJPcOG9xD9F7kCuVbmj7tCruDq+maShci5EMdzQecKI="="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Easy Deals v 1.01\IE]       "TotalProfiles"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Easy Deals v 1.01\IE\Profiles]       "S-1-5-21-4016700205-1717049133-1125222536-1001"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Easy Deals v 1.01\Installer]       "BundledAddCh"="REG_DWORD", 1       "BundledFirefox"="REG_DWORD", 1       "BundledIe"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Easy Deals v 1.01\OAgavCgsl/M0K6OPRlUwScNRtTEMG3rqne11K+ZmzIPVcgVnO967j2T96fBRUZsiuCDV7FmlLl13RVFU3jJKYhga3+bWVbxlce2kGGVF9hVTgqB12c3xAd+dKjx8ipTEYx7W20k5XABJz4Pp2j0vGAzSPagK+rur/HW/B3qt7zk=]       "sdL0xGJXz+tmnrwtn/6cPkl8S5c9zzxdZ6NCFpz5eNzNvZ12HUrHyxw/hyKsMmfOfxivYOTsBquxFxtBSM9f9F+bQMqtWTM3tbvnTm1w8gusQ3nxXgE5MbzvfarpMyCqFJPcOG9xD9F7kCuVbmj7tCruDq+maShci5EMdzQecKI="="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Easy Deals v 1.01\Q0ECxQfmiwg2fZULKRHIbDzl2lhdnDv9//OT9clh9ogqFoPHZGBjV3tt7K4u5B5O/NORagL4337zkG32kjgWhHPFAMdjg0yLurzw2c+F8A9Uk+6XCa4WbfX/sex3Cou9W8EImRD3dxCNrkT0uakEZjXwtGh7I9Sxn6heKpJAyZY=]       "KBew2v9LMbLt0ENFiJ3NioMAs1hwsREMM8sRj0MXzMHQnn1l6hCcloY3a/OP09cgUtrXm6qTJ2Mgwb+bUorGsWkykvb+p0/ezPCBoJkoT18lhI1/ZI89zMUxxb7dgIzVBjHOxaelJ8C9c3AAPGZ8lZBrkKogI9lbbMmaZegaHBw="="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\InstalledBrowserExtensions\23325]       "61770"="REG_SZ", "Easy Deals v 1.01"    [HKEY_LOCAL_MACHINE\SOFTWARE\InstalledBrowserExtensions\23325\Status]       "Installed"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION]       "Easy Deals v 1.01-bg.exe"="REG_DWORD", 8000    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171170}]       "(Default)"="REG_SZ", "d9b5a250f328013185605118752c52d60061770"       "NoExplorer"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID]       "{11111111-1111-1111-1111-110611171170}"="REG_SZ", "1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Easy Deals v 1.01]       "CrAppId"="REG_SZ", "61770"       "CrPublisherId"="REG_SZ", "23325"       "DisplayIcon"="REG_SZ", "C:\Program Files\Easy Deals v 1.01\utils.exe"       "DisplayName"="REG_SZ", "Easy Deals v 1.01"       "DisplayVersion"="REG_SZ", "1.35.9.29"       "Publisher"="REG_SZ", "Adassistent"       "UninstallString"="REG_SZ", "C:\Program Files\Easy Deals v 1.01\Uninstall.exe /fcp=1"    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures       "38ecf267-8710-466b-a604-834afb95234d-1.job"="REG_BINARY, ................................       "38ecf267-8710-466b-a604-834afb95234d-1.job.fp"="REG_DWORD", -581603542       "38ecf267-8710-466b-a604-834afb95234d-11.job"="REG_BINARY, ................................       "38ecf267-8710-466b-a604-834afb95234d-11.job.fp"="REG_DWORD", 945656151       "38ecf267-8710-466b-a604-834afb95234d-2.job"="REG_BINARY, ................................       "38ecf267-8710-466b-a604-834afb95234d-2.job.fp"="REG_DWORD", -127170154       "38ecf267-8710-466b-a604-834afb95234d-5.job"="REG_BINARY, ...............7................       "38ecf267-8710-466b-a604-834afb95234d-5.job.fp"="REG_DWORD", 132390969       "38ecf267-8710-466b-a604-834afb95234d-5_user.job"="REG_BINARY, ................................       "38ecf267-8710-466b-a604-834afb95234d-5_user.job.fp"="REG_DWORD", -1538977812    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Crossrider]       "Bic"="REG_SZ", "4A3DFAEB346E4BF5815497562DC42948IE"       "Verifier"="REG_SZ", "41e40e84d173ad884461d28bea8a2d54"    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Crossrider\onBeforeNavigate]       "61770"="REG_SZ", ""    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Crossrider\onRequest]       "61770"="REG_SZ", ""    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Easy Deals v 1.01]       "ActiveAppId"="REG_SZ", "61770"       "BhoRunningVersion"="REG_SZ", "154"       "IsBhoEnabled"="REG_DWORD", 1    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Easy Deals v 1.01\Background]       " { javascript removed, full log available on request } "    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Easy Deals v 1.01\Debug]       "DebuggedAppUrl"="REG_SZ", "file://C:\Users\{username}\Documents\debug.js"       "DebuggedBgUrl"="REG_SZ", "file://C:\Users\{username}\Documents\bg_debug.js"       "DebuggedNewTabUrl"="REG_SZ", "file://C:\Users\{username}\Documents\new_debug.js"       "IsDebuggingPlugins"="REG_DWORD", 0       "IsDebugMode"="REG_DWORD", 0    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Easy Deals v 1.01\Installer]       "AdditionalInfo"="REG_SZ", "{"asw":[67108864, -1073733563, 0],"browser_name":"ie","proc_id":"E6D8E423E72D4736AE1417BC1E254DC4PI","os":{"name":"7","build":"7601","product":"Windows 7 Ultimate N","sp":"Service Pack 1","install_date":"1363633411"},"upi":"8655ebc447297b398088e5f1933333c9"}"       "CodeDownloadDomain"="REG_SZ", "http://js.newgenonlinesrv.com"       "CodeDownloadFbDomain"="REG_SZ", "http://js.clientdemocloud.com"       "DefaultBrowser"="REG_SZ", "ie"       "ErrorsDomain"="REG_SZ", "http://errors.newgenonlinesrv.com"       "FullVersion"="REG_SZ", "1.35.9.29"       "FullVersionForUrl"="REG_SZ", "1_35_09_29"       "OsName"="REG_SZ", "7"       "Params"="REG_SZ", "{   "source_id" : "000970",   "sub_id" : "0",   "uzid" : "0"}"       "SrcId"="REG_SZ", "000970"       "StatsDomain"="REG_SZ", "http://stats.newgenonlinesrv.com"       "SubId"="REG_SZ", "0"       "Time"="REG_SZ", "1414228217"       "ZData"="REG_SZ", "0"    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Easy Deals v 1.01\Manifest]       "AddressbarURL"="REG_SZ", "NA"       "BgVersion"="REG_SZ", "1"       "ChangePrevious"="REG_SZ", "false"       "Description"="REG_SZ", "Easy Deals: Deals and Promotions right in your browser"       "DisableIe"="REG_SZ", "true"       "EnableSearchIE"="REG_SZ", "false"       "HomePageUrl"="REG_SZ", "NA"       "IsButtonEnabled"="REG_SZ", "false"       "Manifest"="REG_SZ", "NA"       "ModeType"="REG_SZ", "production"       "Name"="REG_SZ", "Easy Deals v 1.01"       "PluginsManifestVersion"="REG_SZ", "13"       "PublisherId"="REG_SZ", "23325"       "PublisherName"="REG_SZ", "Adassistent"       "RunInFrame"="REG_SZ", "false"       "SetNewTab"="REG_SZ", "false"       "ThanksUrl"="REG_SZ", "NA"       "UninstallerOfferAction"="REG_SZ", "NA"       "UninstallerOfferUrl"="REG_SZ", "NA"       "UpdateInterval"="REG_DWORD", 360       "Version"="REG_SZ", "18"    [HKEY_CURRENT_USER\Software\AppDataLow\Software\Easy Deals v 1.01\Update]       "LastCheck"="REG_DWORD", 1414228243    [HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\23325]       "61770"="REG_SZ", "Easy Deals v 1.01"    [HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\23325\Status]       "Installed"="REG_DWORD", 1    [HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\Adassistent]       "61770"="REG_SZ", "Easy Deals v 1.01"    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611171170}]       "Flags"="REG_DWORD", 1024

Malwarebytes Anti-Malware log:

Malwarebytes Anti-Malwarewww.malwarebytes.orgScan Date: 10/25/2014Scan Time: 11:16:19 AMLogfile: mbamEasyDeals.txtAdministrator: YesVersion: 2.00.3.1025Malware Database: v2014.10.25.02Rootkit Database: v2014.10.22.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: DisabledOS: Windows 7 Service Pack 1CPU: x86File System: NTFSUser: MalwarebytesScan Type: Threat ScanResult: CompletedObjects Scanned: 271496Time Elapsed: 3 min, 33 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 0(No malicious items detected)Modules: 0(No malicious items detected)Registry Keys: 36PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611171170}, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440644174470}, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655175570}, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660666176670}, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\d9b5a250f328013185605118752c52d60061770.BHO.1, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611171170}, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\d9b5a250f328013185605118752c52d60061770.BHO, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110611171170}, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110611171170}, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220622172270}, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\d9b5a250f328013185605118752c52d60061770.Sandbox.1, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\d9b5a250f328013185605118752c52d60061770.Sandbox, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611171170}\INPROCSERVER32, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\Easy Deals v 1.01, Quarantined, [2abc8d8b4933ac8ab6e5c980ef147888], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE, Quarantined, [eff7dd3b6319fd39e655cf62699a1ce4], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\23325, Quarantined, [da0cca4e9ce0af8762df98b40cf750b0], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [95512aee8def1026c012ccc524e0d927], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [0cda32e67dff4fe7478c6f22f410ea16], PUP.Optional.CrossRider.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [499d1cfcabd170c661a8b6cddc2838c8], PUP.Optional.EasyDeals.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Easy Deals v 1.01, Quarantined, [74724fc9b4c87cba86130e3bd92a6d93], PUP.Optional.CrossRider.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\23325, Quarantined, [9452081093e9162022d825ff5da6ee12], PUP.Optional.CrossRider.A, HKU\S-1-5-21-4016700205-1717049133-1125222536-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Adassistent, Quarantined, [7f679484b0cc86b0e81657f4e023f10f], PUP.Optional.EasyDeals.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Easy Deals v 1.01, Quarantined, [4e98d246a5d778be63bd41b95ea4c937], PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], Registry Values: 1PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\GLOBALUPDATE\UPDATE|path, C:\Program Files\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [eff7dd3b6319fd39e655cf62699a1ce4]Registry Data: 0(No malicious items detected)Folders: 21PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01, Quarantined, [4e98d246a5d778be63bd41b95ea4c937], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Download, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Install, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\Offline\{6EFB1448-0060-4CE5-A38E-A6680C2BE86E}, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\defaults, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\defaults\preferences, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\userCode, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\locale, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\locale\en-US, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], Files: 148PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\Easy Deals v 1.01-bho.dll, Quarantined, [f1f564b49edede5879010d8ef20fc937], PUP.Optional.EasyDeals.A, C:\Users\{username}\Desktop\Easy Deals v 1.01.exe, Quarantined, [c0262deb4933979fad3c3b12e31daf51], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\38ecf267-8710-466b-a604-834afb95234d-11.exe, Quarantined, [9f4740d8d0ac94a22357d9c2a958629e], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\38ecf267-8710-466b-a604-834afb95234d-2.exe, Quarantined, [9254f523f58746f0a4d67e1d728ffd03], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\38ecf267-8710-466b-a604-834afb95234d-4.exe, Quarantined, [2db9ab6d423ad363b5c53b60d62b718f], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\38ecf267-8710-466b-a604-834afb95234d-5.exe, Quarantined, [29bda0786616d462b0cadac18f72d927], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\Easy Deals v 1.01-bg.exe, Quarantined, [0bdb17013943c373dc9e75262dd4669a], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\Easy Deals v 1.01-codedownloader.exe, Quarantined, [93534dcb106c5dd9b9c1c8d3ec1526da], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\utils.exe, Quarantined, [d610a177d3a991a5f6f36ae350b0b14f], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\38ecf267-8710-466b-a604-834afb95234d-1, Quarantined, [7d699781a3d982b43bfb75bc37ccbc44], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\38ecf267-8710-466b-a604-834afb95234d-11, Quarantined, [935349cf0c70a195ae88e0518b7831cf], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\38ecf267-8710-466b-a604-834afb95234d-2, Quarantined, [895d8098e89447ef7cba65ccea198f71], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\38ecf267-8710-466b-a604-834afb95234d-5, Quarantined, [d31331e791eba2943600ce63996aac54], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\38ecf267-8710-466b-a604-834afb95234d-5_user, Quarantined, [c4229682e399bd799e986fc2dc27e61a], PUP.Optional.CrossRider.T, C:\Windows\Tasks\38ecf267-8710-466b-a604-834afb95234d-1.job, Quarantined, [a93db16794e82412ca9e048bb351bd43], PUP.Optional.CrossRider.T, C:\Windows\Tasks\38ecf267-8710-466b-a604-834afb95234d-11.job, Quarantined, [c81ea771a0dc77bfbaaeefa0ff05966a], PUP.Optional.CrossRider.T, C:\Windows\Tasks\38ecf267-8710-466b-a604-834afb95234d-2.job, Quarantined, [7a6cb3651963bf77c7a1d1bec53fba46], PUP.Optional.CrossRider.T, C:\Windows\Tasks\38ecf267-8710-466b-a604-834afb95234d-5.job, Quarantined, [866064b40e6ee5511256206f43c19f61], PUP.Optional.CrossRider.T, C:\Windows\Tasks\38ecf267-8710-466b-a604-834afb95234d-5_user.job, Quarantined, [d31353c54a329b9bcc9c2d629371847c], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Quarantined, [af3725f3d7a578be0a74345bca3aed13], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Quarantined, [2eb835e359233501acd3ddb226dede22], PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Quarantined, [11d58197cfad32044b35187714f0e917], PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Quarantined, [a83e21f74e2ef73f9ae76c23f90b837d], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\1293297481.mxaddon, Quarantined, [4e98d246a5d778be63bd41b95ea4c937], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\38ecf267-8710-466b-a604-834afb95234d.crx, Quarantined, [4e98d246a5d778be63bd41b95ea4c937], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\38ecf267-8710-466b-a604-834afb95234d.xpi, Quarantined, [4e98d246a5d778be63bd41b95ea4c937], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\4a41817c-d596-487d-a0ad-e6829e1183d5.crx, Quarantined, [4e98d246a5d778be63bd41b95ea4c937], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\background.html, Quarantined, [4e98d246a5d778be63bd41b95ea4c937], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\Easy Deals v 1.01.ico, Quarantined, [4e98d246a5d778be63bd41b95ea4c937], PUP.Optional.EasyDeals.A, C:\Program Files\Easy Deals v 1.01\Uninstall.exe, Quarantined, [4e98d246a5d778be63bd41b95ea4c937], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.T, C:\Program Files\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [905670a8a2da81b56c65e12aaf5409f7], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\GoogleCrashHandler.exe, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\GoogleUpdate.exe, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\GoogleUpdateBroker.exe, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\GoogleUpdateHelper.msi, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\GoogleUpdateOnDemand.exe, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\goopdate.dll, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\goopdateres_en.dll, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\npGoogleUpdate4.dll, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\psmachine.dll, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.GlobalUpdate.A, C:\Users\{username}\AppData\Local\Temp\comh.86016\psuser.dll, Quarantined, [15d143d5a1db55e1d7164ebd7b88b14f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome.manifest, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\install.rdf, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\08906153ae6eb9e1fe20ddf64c2e266e.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\18e31ed5a40a7c0f4708aef36537a909.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\3fab01af0a23d3d8e0d69b1d75a036f2.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\468c380c6021d7b29724e5137b4c82bd.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\4c0f92db03311b7f07698ab367af9742.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\background.html, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\browser.xul, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\dialog.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\f2731a87887abe4fddcf8864dc3660b3.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\ffCoreFilesIndex.txt, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\options.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\options.xul, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\search_dialog.xul, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\00bda93559e2aa66285ed8d2c9f8e689.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\07b9247723dbc0d00faaa8d01601f94c.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\137a0ef24320637735191ada76545701.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\25d07e5afa0440f0cc3f412e886c55e3.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\384fd536c09439435e9de7b0a7cbc7a6.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\3cca6cf843e7a0a2e1cda99af6188f89.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\3febc957a8efb2daf708332d19d79ce8.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\44526d9f9691370bca4bc471b7d1def3.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\5af5af4fd135aa5bc6a4394ead41209a.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\74227d22785dd80a137bf2efc6f171d8.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\878b8803ca9a444a611d662fcce056df.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\9e78c0d186471bf024cbe2271a34593a.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\a54217fe224323b89a016676fe58cde2.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\df1683c2014c74b4e1f505cbd7ca7029.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\e7d895e2fdf9cfb229a0d1c904a90b51.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\api\fb57b96031748f9dc20780350a38ccaa.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\0b02ba97cf9bb0d559029d752f06d9e4.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\0e3bb3128f8bfd1950594175b84b1d1f.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\15fb716179d0ba17e3f087af4ed1b463.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\266894762b3419c93f51ad168956de29.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\31e98093c4017f99a7ab3fda981a8787.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\3ee788dfe07c41ddebd6213928143007.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\45358c095b06063f0c327642e5048477.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\46262386083cd04bdd61f8999c722ffd.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\508a766eb0a77eaf57fc816450172ff9.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\6a626989aefda7976ef7cf3017f8abfb.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\741cc4e27a11cdf7df9a9e01bf7a5258.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\759328bb43f70ed9c9fe053f9955de0e.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\7f1c63625ba8d26639e141c7153243e9.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\7fa7d24ccc6af9faaa8b63e246e2789c.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\9ae1ec0c43dc72ce8531dfeea2f6378d.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\a154ba49f8cda2139a1c6d3af3c88502.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\a61b87e16434a433172474e9e8496ae8.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\d1bbab25199d8b4f9f7bf27b1ee62fbb.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\de62736813081b3e7cc9149a2cb6c750.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\f90b8a531ae63df7ca695363f13c8483.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\chrome\content\core\installer.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\defaults\preferences\prefs.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\manifest.xml, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins.json, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\102.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\104.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\123.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\13.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\14.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\16.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\17.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\180.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\184.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\192.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\193.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\223.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\246.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\263.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\268.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\273.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\275.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\289.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\300.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\4.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\47.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\64.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\78.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\91.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\plugins\93.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\userCode\background.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\extensionData\userCode\extension.js, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\locale\en-US\translations.dtd, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\button1.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\button2.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\button3.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\button4.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\button5.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\crossrider_statusbar.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\icon128.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\icon16.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\icon24.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\icon48.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\panelarrow-up.png, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\popup.html, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\skin.css, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], PUP.Optional.CrossRider.A, C:\Users\{username}\AppData\Roaming\Mozilla\Firefox\Profiles\6qeoodjs.default-1401006518835\extensions\herera.kingston79@aol.com\skin\update.css, Quarantined, [0dd9ec2c2c50f343dc210e0f58abe11f], Physical Sectors: 0(No malicious items detected)(end)

As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.

We use different ways of protecting your computer(s):

Dynamically Blocks Malware Sites & Servers
Malware Execution Prevention

Save yourself the hassle and get protected.

Sign In

Removal instructions for Easy Deals v 1.01

Recommended Posts

Metallica

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information