Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

pop up virus that affects firefox and chrome


  • Please log in to reply
5 replies to this topic

#1 ktlynw

ktlynw

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:26 PM

Posted 27 July 2014 - 11:21 AM

Pop up virus that affects Firefox and Chrome. Some of the pop ups... jzip, a firefox faux update, spy hunter 4, flix247, etc.
 
I've tried restoring my computer to a previous date, but no luck.

Edited by Queen-Evie, 27 July 2014 - 12:24 PM.
moved from Windows 7 to the appropriate forum


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,366 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:26 PM

Posted 27 July 2014 - 11:36 AM

Please run the following scans.


Please run the ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.
 
 
 
Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 ktlynw

ktlynw
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:26 PM

Posted 28 July 2014 - 11:28 AM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/28/2014
Scan Time: 10:52:28 AM
Logfile: Malwarebytes Scan.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.28.04
Rootkit Database: v2014.07.17.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Katelyn

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 337010
Time Elapsed: 13 min, 56 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 5
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 1484, , [03e17c28c3b8b87eb3969cc31ce5a060]
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1584, , [2fb5daca88f30a2c2423444eea179b65]
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, 4888, , [15cf0b9965166fc755877a4d1ee4e21e]
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, 5480, , [15cf0b9965166fc755877a4d1ee4e21e]
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, 4508, , [15cf0b9965166fc755877a4d1ee4e21e]

Modules: 10
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],

Registry Keys: 24
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, , [03e17c28c3b8b87eb3969cc31ce5a060],
PUP.Optional.WPM.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [2fb5daca88f30a2c2423444eea179b65],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsMangerProtect, , [2fb5daca88f30a2c2423444eea179b65],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [5e863a6a6c0f6bcbcb663e2333cffa06],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, , [5e863a6a6c0f6bcbcb663e2333cffa06],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [5e863a6a6c0f6bcbcb663e2333cffa06],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [5e863a6a6c0f6bcbcb663e2333cffa06],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, , [5e863a6a6c0f6bcbcb663e2333cffa06],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [5e863a6a6c0f6bcbcb663e2333cffa06],
PUP.Optional.SupTab.A, HKU\S-1-5-21-2691382955-3789416768-595039784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [5e863a6a6c0f6bcbcb663e2333cffa06],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}, , [5a8acbd9f58672c4a2f6425728dabc44],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, , [5a8acbd9f58672c4a2f6425728dabc44],
PUP.Optional.Outbrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{03771AEF-400D-4A13-B712-25878EC4A3F5}, , [5a8acbd9f58672c4a2f6425728dabc44],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{2F5F003B-C71B-72E3-42B4-DE51AB079EB2}, , [e301d4d091ea44f25533ec7552b0d62a],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [5d87e5bf5f1c1b1b59f81007897b06fa],
PUP.Optional.FreeSoftToday.A, HKLM\SOFTWARE\WOW6432NODE\FrEeSoFtOdAy, , [4e96b1f38dee77bf41967b53ed15bf41],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [9b49bde7b1caaa8c09ca002be91be21e],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [17cdb9eb89f2cd69163b02156b990df3],
PUP.Optional.V9.A, HKLM\SOFTWARE\WOW6432NODE\V9SOFTWARE\v9hp, , [558ff5afbcbfc175c4164da4de24ca36],
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-2691382955-3789416768-595039784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, , [a440455f94e7e353506a8c3eb44e9f61],
PUP.Optional.Qone8, HKU\S-1-5-21-2691382955-3789416768-595039784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [4d976440413a181e69e723f4a46008f8],
PUP.Optional.DynamicPricer.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.DynamicPricer.A, HKU\S-1-5-21-2691382955-3789416768-595039784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C9C42510-9B41-42C1-9DCD-7282A2D07C61}, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.IStart.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\istart123 uninstall, , [ad37792b84f7e551314d893d4bb7926e],

Registry Values: 5
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_us_139, , [687c0e96ff7c5ed8af8dfee47c864ab6],
PUP.Optional.DynamicPricer.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|DynamicPricer@dynamic-pricer.com, C:\Users\Katelyn\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi, , [28bcf6ae027964d299b3df084bb7ff01]
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com, , [7b695252cab1da5c30bad25857ad619f]
PUP.Optional.V9.A, HKU\S-1-5-21-2691382955-3789416768-595039784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://search.v9.com/web/?type=ds&ts=1404252566&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949&i=psd&t=344ffefe1&q={searchTerms}, , [4a9a2381f388e84e20e6bc19768cf10f]
PUP.Optional.FastStart.A, HKU\S-1-5-21-2691382955-3789416768-595039784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [f6eecdd7bebde74f44bee7ea35cd3cc4]

Registry Data: 19
PUP.Optional.Skytech.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, Good: (), Bad: (C:\PROGRA~2\SupTab\SEARCH~2.DLL),,[4c984c58c3b81323f2a9f39bc33ed12f]
PUP.Optional.Skytech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, Good: (), Bad: (C:\PROGRA~2\SupTab\SEARCH~1.DLL),,[7272a6feeb90f6408f0cbed059a8d22e]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[f3f14c58a0dbae88572e1f9957add729]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[0adaa004ccaf58dedcac27910ff5dd23]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[25bf772d84f7a492abdba6120202c040]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istart123.com/web/?type=ds&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istart123.com/web/?type=ds&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949&q={searchTerms}),,[e3013a6a2d4e1026017b813754b00af6]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (www.google.com), Bad: (http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[11d3b7ed5a21cd69f3874e6abb492ed2]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (www.google.com), Bad: (http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[954fecb88cef2b0b7d01caee11f345bb]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[a83cf5afd9a2e155e74d991e966e4ab6]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (firefox.exe), Bad: ("C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[984c347097e4241213729721a55f857b]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (Chrome.exe), Bad: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[5391564efc7f4cea3d4b595f19ebb64a]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istart123.com/?type=sc&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[8b59c4e0f487c571e4a28e2aea1a639d]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istart123.com/web/?type=ds&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949&q={searchTerms}, Good: (www.google.com), Bad: (http://www.istart123.com/web/?type=ds&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949&q={searchTerms}),,[974d5a4a7803eb4bc1bbcbed1be908f8]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (www.google.com), Bad: (http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[6d77139180fbf640ccae4a6e93714ab6]
PUP.Optional.IStart123.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (www.google.com), Bad: (http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[cc1871337efd082ee797c4f47e8651af]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[f9eb5f45027923134be97146c4405aa6]
PUP.Optional.IStart123.A, HKU\S-1-5-21-2691382955-3789416768-595039784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (www.google.com), Bad: (http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[786ce8bc81fa86b05a25833571936b95]
PUP.Optional.IStart123.A, HKU\S-1-5-21-2691382955-3789416768-595039784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949, Good: (www.google.com), Bad: (http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949),,[ca1af2b2730861d52655c8f06f958f71]
PUP.Optional.V9.A, HKU\S-1-5-21-2691382955-3789416768-595039784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.v9.com/web/?type=ds&ts=1404252566&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949&i=psd&t=344ffefe1&q={searchTerms}, Good: (www.google.com), Bad: (http://search.v9.com/web/?type=ds&ts=1404252566&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949&i=psd&t=344ffefe1&q={searchTerms}),,[bb29a1038eed76c006d4307c709416ea]

Folders: 75
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer\Chrome, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer\Firefox, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer\IE, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.CostMin.A, C:\ProgramData\CostMin, , [885c5c487803e84e52344176719104fc],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [00e4cbd9ceadb68087ba47785aa8e719],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [00e4cbd9ceadb68087ba47785aa8e719],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\include, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\include\tools, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\lib, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\module, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\pack, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\en, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\en-US, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\es, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\es-419, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr-BE, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr-CA, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr-CH, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr-LU, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\it, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\it-CH, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\pl, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\pt-BR, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\ru, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\ru-MO, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\tr, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\vi, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\zh-CN, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\zh-TW, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\defaults, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\defaults\preferences, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [7173ebb91d5e4fe7595cb1106b97b050],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, , [7173ebb91d5e4fe7595cb1106b97b050],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [7173ebb91d5e4fe7595cb1106b97b050],
PUP.Optional.FreeSoftToday.A, C:\Users\Katelyn\AppData\Local\freeSOFTtoday, , [a83c871d4e2d2511329b6a584cb6ba46],
PUP.Optional.FreeSoftToday.A, C:\Users\Katelyn\AppData\Local\freeSOFTtoday\freeSOFTtoday, , [a83c871d4e2d2511329b6a584cb6ba46],
PUP.Optional.FreeSoftToday.A, C:\Users\Katelyn\AppData\Local\freeSOFTtoday\freeSOFTtoday\1.0, , [a83c871d4e2d2511329b6a584cb6ba46],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\code, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, , [15cf0b9965166fc755877a4d1ee4e21e],

Files: 184
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, , [03e17c28c3b8b87eb3969cc31ce5a060],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [2fb5daca88f30a2c2423444eea179b65],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, , [4c984c58c3b81323f2a9f39bc33ed12f],
PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, , [7272a6feeb90f6408f0cbed059a8d22e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, , [5e863a6a6c0f6bcbcb663e2333cffa06],
PUP.Optional.OptimumInstaller.A, C:\$Recycle.Bin\S-1-5-21-2691382955-3789416768-595039784-1000\$RNQMIWG.exe, , [954f1d8783f8a492f3b1fd5939c81be5],
PUP.Optional.SearchHijacker.A, C:\Users\Katelyn\AppData\Local\Temp\GPUpd53D51CC61.exe, , [35aff4b0cdae92a4c46e712f8a77a060],
PUP.Optional.OptimumInstaller.A, C:\Users\Katelyn\Downloads\Setup (2).exe, , [edf7e7bdb3c871c5a5ff6aeccf32a060],
PUP.Optional.OptimumInstaller.A, C:\Users\Katelyn\Downloads\Setup (3).exe, , [578d6a3a0e6ded49a9fb025409f808f8],
PUP.Optional.OptimumInstaller.A, C:\Users\Katelyn\Downloads\Setup (4).exe, , [737180247b001e18168e7cdac43d50b0],
PUP.Optional.OptimumInstaller.A, C:\Users\Katelyn\Downloads\Setup (5).exe, , [06de6d37de9d41f5426240164eb327d9],
PUP.Optional.OptimumInstaller.A, C:\Users\Katelyn\Downloads\Setup(1).exe, , [a440a8fcd8a34de9b6ee2a2c17ea35cb],
PUP.Optional.OutBrowse, C:\Users\Katelyn\Downloads\Spybot (1).exe, , [cf15f1b380fb58dedb7048567e839a66],
PUP.Optional.OutBrowse, C:\Users\Katelyn\Downloads\Spybot.exe, , [5b891193fe7d6bcb0546fda149b88c74],
PUP.Optional.OptimumInstaller.A, C:\Users\Katelyn\Downloads\Setup(2).exe, , [cb196e369be0c274fea6f85ef9080000],
PUP.Optional.MultiPlug, C:\Users\Katelyn\Downloads\Eat Pray Love DC 2010 1080p Bluray x264 anoXmous.exe, , [bc28782ce3986acc5339f952649c0bf5],
PUP.Optional.Downloadster, C:\Users\Katelyn\Downloads\firefox_downloader.exe, , [d90b099b7803a096141c1a08679956aa],
Trojan.Downloader, C:\Users\Katelyn\AppData\Local\DynamicPricer\DynamicPricerInstaller.exe, , [fee67c289fdc05315b1b3f0ab947827e],
PUP.Optional.ShoppingGate.A, C:\Users\Katelyn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage, , [b133cada48336bcb2300fbe2748eef11],
PUP.Optional.ShoppingGate.A, C:\Users\Katelyn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal, , [558f01a3e79420164cd723ba1ce633cd],
PUP.Optional.Superfish.A, C:\Users\Katelyn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [b034d4d02556a88ec2b8c617669c7b85],
PUP.Optional.Superfish.A, C:\Users\Katelyn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [9c480f95b4c7bf77077332abee144db3],
PUP.Optional.CrossRider.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\searchplugins\search-the-web.xml, , [20c4653f96e53ef86e642bbf18ea6d93],
PUP.Optional.IStart123.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istart123.xml, , [c3217c28bcbf3bfb0b82e04d8183639d],
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer\DynamicPricerInstaller.exe, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer\Chrome\background.html, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer\Chrome\background.js, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer\Chrome\manifest.json, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer\Firefox\DynamicPricer.xpi, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.DynamicPricer.A, C:\Users\Katelyn\AppData\Local\DynamicPricer\IE\DynamicPricer.dll, , [558fa301f58616206dc9872a966cd030],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome.manifest, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\install.rdf, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\index.html, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\quick_start.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\quick_start.xul, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\include\speed_dial.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\include\tools\about_blank_hook.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\include\tools\misc.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\include\tools\popup_image_helper.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\include\tools\urlrequestor.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\js.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\lib\doT.min.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\module\hotSearch.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\module\mostgrid.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\module\search.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\module\stat.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\pack\common.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\pack\ga.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\content\js\pack\xagainit.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\en\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\en-US\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\es\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\es-419\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr-BE\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr-CA\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr-CH\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\fr-LU\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\it\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\it-CH\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\pl\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\pt-BR\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\ru\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\ru-MO\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\tr\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\vi\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\zh-CN\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\locale\zh-TW\locale.properties, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin\default_logo.png, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin\googlelogo.png, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin\google_trends.png, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin\icon.png, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin\loading.gif, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin\logo.png, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin\newtab.ico, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin\simple.css, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\chrome\skin\style.css, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\defaults\preferences\fvd.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\defaults\preferences\preferences.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\addonmanager.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\aes.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\config.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\dialogs.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\last_tab.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\misc.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\properties.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\remoterequest.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\restoreprefs.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.FastStart.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\extensions\faststartff@gmail.com\modules\settings.js, , [f0f4257fd7a4db5bff742e92bb470000],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-27[10-40-07-005].log, , [7173ebb91d5e4fe7595cb1106b97b050],
PUP.Optional.FreeSoftToday.A, C:\Users\Katelyn\AppData\Local\freeSOFTtoday\freeSOFTtoday\1.0\freeSOFTtoday.cyl, , [a83c871d4e2d2511329b6a584cb6ba46],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\214.json, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\MessageBox.xml, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\un.ini, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\uninstallDlg2.xml, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\UninstallManager.exe, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\bg.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\bg1.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\bk_shadow.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\button.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\button1.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\checkbox.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\checkbox_select.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\checked.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\close.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\loading_bg.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\loading_light.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\min.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\scrollbar.bmp, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\Thumbs.db, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\unchecked.png, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\code\code1.jpg, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\code\code2.jpg, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\code\code3.jpg, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\code\code4.jpg, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\code\code5.jpg, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\code\code6.jpg, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.IStart.A, C:\Users\Katelyn\AppData\Roaming\istart123\images\code\Thumbs.db, , [ad37792b84f7e551314d893d4bb7926e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, , [15cf0b9965166fc755877a4d1ee4e21e],
PUP.Optional.IStart123.A, C:\Users\Katelyn\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949" ],), ,[6e76673d116ae94dacece206e61eea16]
PUP.Optional.IStart123.A, C:\Users\Katelyn\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (   "homepage": "http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949",), ,[786ccdd7621987afb9e03dab1ee60cf4]
PUP.Optional.IStart123.A, C:\Users\Katelyn\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "search_url": "http://www.istart123.com/web/?type=ds&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949&q={searchTerms}",), ,[994bbee6e79486b02b6f36b25fa52fd1]
PUP.Optional.IStart123.A, C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "http://www.istart123.com/?type=hp&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949");), ,[b4304d57f8830e28078e3dab39cbf808]

Physical Sectors: 0
(No malicious items detected)


(end)


# AdwCleaner v3.301 - Report created 28/07/2014 at 11:13:16
# Updated 28/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Katelyn - KATELYN-PC
# Running from : C:\Users\Katelyn\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IePluginServices

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\GetPrivate
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Katelyn\AppData\Local\apn
Folder Deleted : C:\Users\Katelyn\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Katelyn\AppData\Local\torch
Folder Deleted : C:\Users\Katelyn\AppData\Roaming\GetPrivate
Folder Deleted : C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\Extensions\firefoxdav@icloud.com

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Katelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Katelyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Katelyn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Katelyn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Katelyn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Katelyn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Katelyn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\Software\V9Software
Key Deleted : HKLM\Software\Wpm
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v29.0.1 (en-US)

[ File : C:\Users\Katelyn\AppData\Roaming\Mozilla\Firefox\Profiles\cq7i08pu.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "istart123");
Line Deleted : user_pref("browser.search.selectedEngine", "istart123");
Line Deleted : user_pref("extensions.pdSN1TPErE.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumor[...]

-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\Katelyn\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://www.istart123.com/web/?type=ds&ts=1406475540&from=irs&uid=ST500LM012XHN-M500MBB_S2RSJ9AC391949&q={searchTerms}

*************************

AdwCleaner[R0].txt - [13427 octets] - [28/07/2014 10:55:12]
AdwCleaner[S0].txt - [7442 octets] - [28/07/2014 11:13:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7502 octets] ##########



#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,366 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:26 PM

Posted 28 July 2014 - 12:42 PM

If you have not already done so, please restart your computer.

 

Are you running the Eset online scan?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 ktlynw

ktlynw
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:26 PM

Posted 28 July 2014 - 08:31 PM

Just got done running the Eset

 

 

C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir    a variant of Win32/ELEX.AM potentially unwanted application    
C:\Users\Katelyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UIN3YILQ\WajamChecker[1].exe    Win32/Wajam.F potentially unwanted application    deleted - quarantined



#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,366 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:08:26 PM

Posted 29 July 2014 - 09:04 AM

Please post the whole log.

 

You need to look look in your browser to see if WajamChecker or Wajam is listed as a search engine.

 

In Firefox click on Tools and select add-ons and look for it there.

 

In Chrome click on the Customize icon (the three horizontal bars), then click on Tools and then choose Extensions and look for it.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users