Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

White taskbar, No Audio, No Internet (Windows 7 starter)


  • Please log in to reply
20 replies to this topic

#1 keyron23

keyron23

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 09:23 AM

Maybe you guys have seen a topic title like this before but as one of the posts here said that 
" it's never a good idea to follow a fix for someone else PC as certain things can be different and Crash."
 
the last file i downloaded last night was a subtitle file for a movie.. then the next morning this happens.. most people recommended to reformat but i wanted that to be my last resort.. btw i tried "system restore" and it doesn't work.. atm im doing a system scan using Malwarebytes Anti-Malware and im gonna post the log as soon as its finished....many thanks in advance for those who will help! :D

 

Edited by Queen-Evie, 29 January 2015 - 10:27 AM.
moved from Windows 7 to the appropriate forum


BC AdBot (Login to Remove)

 


#2 keyron23

keyron23
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 09:29 AM

Log
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/29/2015
Scan Time: 10:14:00 PM
Logfile: log.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.11.20.06
Rootkit Database: v2014.11.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x86
File System: NTFS
User: Lenovo
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 288317
Time Elapsed: 13 min, 17 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 20
PUP.Optional.FindRight.A, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2C774641-5504-46A8-B63F-6715AE3FE376}, , [5caa25191f5d3204eceaae1118ea956b], 
PUP.Optional.FindRight.A, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2C774641-5504-46A8-B63F-6715AE3FE376}, , [5caa25191f5d3204eceaae1118ea956b], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [9e68c57919639d99cb399f2126dc18e8], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [9e68c57919639d99cb399f2126dc18e8], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, , [9373ee508def1521582dd26358a8e818], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [9373ee508def1521582dd26358a8e818], 
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{42e50651-9669-456e-9081-d5a836274274}w, , [46c091adaad29d99d11d4f5c1aea06fa], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\delta-homesSoftware, , [09fd1d217309d46211aaed5eb350718f], 
PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\supWindowsProtectManger, , [bf475ee0403cad898264fb56986bdb25], 
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\webssearchesSoftware, , [1cea46f8acd06cca8c1f6efbb2518977], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [fa0c9f9f9fdd3df95873286f0df7916f], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPDP, , [c145fc422458191dc99182c456ad39c7], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB, , [42c41e208fedc76fe9a22e18c83b35cb], 
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, , [58ae7ec005775adc6f223407030044bc], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [57afdc623a42e84e840eac8f9172d729], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [43c3ff3f9ddffb3b8979512514ef40c0], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [d630c9757408da5c5cdbfc90ac5811ef], 
PUP.Optional.Qone8, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [42c46ad48bf1c1751fab3c5b39cb19e7], 
PUP.Optional.SimpleFiles, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SimpleFiles, , [e6200539c9b35cda2b1df832c142946c], 
PUP.Optional.SimpleFiles, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SimpleFiles Update Service, , [4abc98a65b218ea8e168a3873ec57987], 
 
Registry Values: 4
PUP.Optional.FastStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com, , [e026ae90c9b342f4c97faefd4eb6ef11]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPDP|dir, C:\Program Files\SupTab, , [c145fc422458191dc99182c456ad39c7]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB|ptid, exp, , [42c41e208fedc76fe9a22e18c83b35cb]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0B1G1O1S0V1G1F, , [d630c9757408da5c5cdbfc90ac5811ef]
 
Registry Data: 8
PUP.Optional.Skytech.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~1\SupTab\SEARCH~1.DLL, Good: (), Bad: (C:\PROGRA~1\SupTab\SEARCH~1.DLL),,[49bd48f6106c5bdb0f3adec2dc25619f]
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?type=sc&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX, Good: (firefox.exe), Bad: (C:\Program Files\Mozilla Firefox\firefox.exe http://www.delta-homes.com/?type=sc&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX),,[8680e757dd9fd5619488a4ac4eb75aa6]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1404027856&from=exp&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1404027856&from=exp&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX),,[49bd0c32156787af1cde0b391ee7a35d]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://istart.webssearches.com/web/?type=ds&ts=1404027856&from=exp&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX&q={searchTerms}, Good: (www.google.com), Bad: (http://istart.webssearches.com/web/?type=ds&ts=1404027856&from=exp&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX&q={searchTerms}),,[2dd979c57a02d85ece23cb79fa0bbb45]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?type=hp&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX, Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX),,[d234a39bb2cae94d44cebf919471738d]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[b5510a34daa2280e9d765cf394710000]
PUP.Optional.Delta.A, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.delta-homes.com/?type=hp&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX, Good: (www.google.com), Bad: (http://www.delta-homes.com/?type=hp&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX),,[a363ba8499e3dd59749fef6156afbf41]
PUP.Optional.Delta.A, HKU\S-1-5-21-2803577836-2809680846-2492514932-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://search.delta-homes.com/web/?type=ds&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX&q={searchTerms}, Good: (www.google.com), Bad: (http://search.delta-homes.com/web/?type=ds&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX&q={searchTerms}),,[8e788faf92ea8bab20f54808b74e1de3]
 
Folders: 71
PUP.Optional.WebsSearches.A, C:\Users\Lenovo\AppData\Roaming\webssearches, , [a16588b6ceaef24434f851beba49c33d], 
PUP.Optional.WebsSearches.A, C:\Users\Lenovo\AppData\Roaming\webssearches\log, , [a16588b6ceaef24434f851beba49c33d], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [7d89a29ce89461d552d4170711f20ff1], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [7d89a29ce89461d552d4170711f20ff1], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, , [a66074ca2d4f3ff7992fa37b6d96e719], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, , [a66074ca2d4f3ff7992fa37b6d96e719], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, , [a66074ca2d4f3ff7992fa37b6d96e719], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\include, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\include\tools, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\lib, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\module, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\pack, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\en, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\en-US, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\es, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\es-419, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr-BE, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr-CA, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr-CH, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr-LU, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\it, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\it-CH, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\pl, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\pt-BR, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\ru, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\ru-MO, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\tr, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\vi, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\zh-CN, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\zh-TW, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\defaults, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\defaults\preferences, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [f21472cc3b4194a20980a878e61d39c7], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [f21472cc3b4194a20980a878e61d39c7], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\en-US, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-419, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-ES, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-BE, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CA, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CH, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-FR, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-LU, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-CH, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-IT, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pl, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt-BR, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru-MO, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\tr-TR, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\vi-VI, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-CN, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-TW, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Users\Lenovo\AppData\Roaming\SupTab, , [f61045f9d6a6be78f4a6012555ae946c], 
PUP.Optional.SimpleFiles, C:\Program Files\SimpleFiles, , [e6200539c9b35cda2b1df832c142946c], 
PUP.Optional.SimpleFiles, C:\Program Files\SimpleFilesUpdater, , [4abc98a65b218ea8e168a3873ec57987], 
PUP.Optional.SimpleFiles, C:\ProgramData\Microsoft\Windows\Start Menu\SimpleFiles, , [09fdd7675527211597b30822679c7c84], 
 
Files: 144
PUP.Optional.Skytech.A, C:\Program Files\SupTab\SearchProtect32.dll, , [49bd48f6106c5bdb0f3adec2dc25619f], 
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, , [a4626ad486f6b97df882fd73c33e847c], 
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [0bfb85b9ef8de74f96ebc3f93bc62dd3], 
PUP.Optional.Skytech.A, C:\Users\Lenovo\AppData\Roaming\webssearches\UninstallManager.exe, , [3fc7b688502c5ed84aff851bec15a55b], 
PUP.Optional.Skytech.A, C:\Program Files\SupTab\DpInterface32.dll, , [02046fcf03792e08d376c5db2dd4d52b], 
PUP.Optional.Skytech.A, C:\Program Files\SupTab\DpInterface64.dll, , [e323f24c26561f17fa4fdcc4e81918e8], 
PUP.Optional.Skytech.A, C:\Program Files\SupTab\DpInterfacef32.dll, , [d531b886136990a6e762ddc340c17b85], 
PUP.Optional.IEPluginService.A, C:\Program Files\SupTab\RSHP.exe, , [2ed84df1d6a63ff7a2a0e3a04cb5857b], 
PUP.Optional.Skytech.A, C:\Program Files\SupTab\SearchProtect64.dll, , [6a9cdf5f4f2d74c2d079643cfe03c937], 
PUP.Optional.Skytech.A, C:\Program Files\SupTab\SpAPPSv32.dll, , [b6506ad492ea4ceae762ccd40ff27987], 
PUP.Optional.Skytech.A, C:\Program Files\SupTab\SpAPPSv64.dll, , [c6408bb32656f4424702ced210f13cc4], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\SupTab.dll, , [9373ee508def1521582dd26358a8e818], 
PUP.Optional.QuickStart.A, C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, , [4db997a781fb2c0ac7314d5deb192fd1], 
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{42e50651-9669-456e-9081-d5a836274274}w.sys, , [46c091adaad29d99d11d4f5c1aea06fa], 
PUP.Optional.WebsSearches.A, C:\Users\Lenovo\AppData\Roaming\webssearches\log\UninstallManager_2014-06-30[02-30-44-075].log, , [a16588b6ceaef24434f851beba49c33d], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, , [7d89a29ce89461d552d4170711f20ff1], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-29[15-45-23-294].log, , [a66074ca2d4f3ff7992fa37b6d96e719], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, , [a66074ca2d4f3ff7992fa37b6d96e719], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\update.exe, , [a66074ca2d4f3ff7992fa37b6d96e719], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome.manifest, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\install.rdf, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\index.html, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\quick_start.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\quick_start.xul, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\include\speed_dial.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\include\tools\about_blank_hook.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\include\tools\misc.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\include\tools\popup_image_helper.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\include\tools\urlrequestor.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\js.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\lib\doT.min.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\module\hotSearch.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\module\mostgrid.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\module\other.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\module\search.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\module\stat.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\pack\common.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\pack\ga.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\content\js\pack\xagainit.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\en\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\en-US\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\es\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\es-419\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr-BE\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr-CA\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr-CH\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\fr-LU\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\it\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\it-CH\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\pl\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\pt-BR\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\ru\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\ru-MO\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\tr\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\vi\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\zh-CN\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\locale\zh-TW\locale.properties, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\default_add_logo.png, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\default_add_logo_hover.png, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\default_logo.png, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\googlelogo.png, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\google_trends.png, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\icon.png, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\loading.gif, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\logo.ico, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\logo.png, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\logo32.ico, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\simple.css, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\chrome\skin\style.css, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\defaults\preferences\fvd.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\defaults\preferences\preferences.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\addonmanager.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\aes.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\config.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\dialogs.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\last_tab.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\misc.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\properties.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\remoterequest.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\restoreprefs.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.FastStart.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\extensions\faststartff@gmail.com\modules\settings.js, , [ae58fb43f6866ec8311d43dc788b40c0], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [f21472cc3b4194a20980a878e61d39c7], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\ient.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\install.data, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\uninstall.exe, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\WebDataJs, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\data.html, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\indexIE.html, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\indexIE8.html, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\main.css, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\ver.txt, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\arrow.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\default_add_logo.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\default_add_logo_hover.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\default_logo.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\googlelogo.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\googlelogo2.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\google_trends.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon128.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon16.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon48.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\loading.gif, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\logo32.ico, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\0.png, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\common.js, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\ga.js, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\ie8.js, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\jquery-1.11.0.min.js, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\jquery.autocomplete.js, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\js.js, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\library.js, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\xagainit.js, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\en-US\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-419\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-ES\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-BE\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CA\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CH\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-FR\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-LU\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-CH\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-IT\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pl\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt-BR\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru-MO\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\tr-TR\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\vi-VI\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-CN\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-TW\messages.json, , [75919f9f1a62aa8ca4f50b1bf1120000], 
PUP.Optional.SimpleFiles, C:\Program Files\SimpleFiles\downloader.exe, , [e6200539c9b35cda2b1df832c142946c], 
PUP.Optional.SimpleFiles, C:\Program Files\SimpleFiles\htmlayout.dll, , [e6200539c9b35cda2b1df832c142946c], 
PUP.Optional.SimpleFiles, C:\Program Files\SimpleFiles\SimpleFiles.exe, , [e6200539c9b35cda2b1df832c142946c], 
PUP.Optional.SimpleFiles, C:\Program Files\SimpleFiles\Uninstall.exe, , [e6200539c9b35cda2b1df832c142946c], 
PUP.Optional.SimpleFiles, C:\Program Files\SimpleFilesUpdater\htmlayout.dll, , [4abc98a65b218ea8e168a3873ec57987], 
PUP.Optional.SimpleFiles, C:\Program Files\SimpleFilesUpdater\SimpleFilesUpdater.exe, , [4abc98a65b218ea8e168a3873ec57987], 
PUP.Optional.SimpleFiles, C:\Program Files\SimpleFilesUpdater\Uninstall.exe, , [4abc98a65b218ea8e168a3873ec57987], 
PUP.Optional.SimpleFiles, C:\ProgramData\Microsoft\Windows\Start Menu\SimpleFiles\SimpleFiles Uninstall.lnk, , [09fdd7675527211597b30822679c7c84], 
PUP.Optional.SimpleFiles, C:\ProgramData\Microsoft\Windows\Start Menu\SimpleFiles\SimpleFiles.lnk, , [09fdd7675527211597b30822679c7c84], 
PUP.Optional.Delta.A, C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\d4y0dv13.default\prefs.js, Good: (), Bad: (user_pref("browser.newtab.url", "http://www.delta-homes.com/newtab/?type=nt&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX");), ,[4db9d16d9ae29d994b398005be47b24e]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#3 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:37 AM

Posted 29 January 2015 - 10:20 AM

Run malwarebytes again this time remove the items detected. post new log.

 

 

 

 

 

Step 1: Minitoolbox.
 
Please download MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.
 
Step 2: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 3: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Step 4: Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.
 
Step 5: Malwarebytes AntiRootkit
 
 
Download Malwarebytes Anti-Rootkit to your desktop.
  • Double-click the icon to start the tool.
  • It will ask you where to extract make sure it is on the desktop.
  • Malwarebytes Anti-Rootkit needs to be run from an account with admin rights.
  • Click next to continue.
  • Then Click Update
  • Once the update is Finished select Next then Scan.
  • If no malware has been found, at the end of scan select Exit
  • If an infection was found, make sure to select all items and click Cleanup.
  • Reboot your machine.
  • Open the MBAR folder and paste the content of the following into your next reply:
  • mbar-log-{date} (xx-xx-xx).txt
  • system-log.txt

[/*]

Step 6: Security Check Log.
 
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 
Step 7: Report
 
Tell me how the machine is performing, and if you need help performing any steps. Also post all requested logs.



#4 keyron23

keyron23
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 10:51 AM

here is the log from mini tool..btw i didnt get you when you said run malware again.. should i post the same log with less details or make a new scan after  i quarantined the items..im sorry if im confused,, now running the junkware tool
 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Lenovo (administrator) on 29-01-2015 at 23:38:26
Running from "C:\Users\Lenovo\Desktop\re"
Microsoft Windows 7 Starter   (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Could not flush the DNS Resolver Cache: Function failed during execution.
 
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Lenovo-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : homerouter.cpe
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : B8-88-E3-8D-F0-0A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 20-68-9D-CA-ED-2F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...b8 88 e3 8d f0 0a ......Realtek PCIe FE Family Controller
 12...20 68 9d ca ed 2f ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/28/2015 06:35:25 PM) (Source: CVHSVC) (User: )
Description: Information only.
Click-2-Run package registration failure.
 
Error: (01/28/2015 10:38:16 AM) (Source: Google Update) (User: Lenovo-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (01/28/2015 08:16:23 AM) (Source: CVHSVC) (User: )
Description: Information only.
Click-2-Run package registration failure.
 
Error: (01/28/2015 08:16:23 AM) (Source: Application Virtualization Client) (User: )
Description: {tid=9F8}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7134.5001.sft' (rc 24600F0A-10000001, original rc 24600F0A-10000001).
 
Error: (01/27/2015 08:45:54 PM) (Source: CVHSVC) (User: )
Description: Information only.
Click-2-Run package registration failure.
 
Error: (01/27/2015 08:45:54 PM) (Source: Application Virtualization Client) (User: )
Description: {tid=8AC}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7134.5001.sft' (rc 24600F0A-10000001, original rc 24600F0A-10000001).
 
Error: (01/27/2015 09:26:46 AM) (Source: CVHSVC) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
 
Error: (01/27/2015 09:17:31 AM) (Source: CVHSVC) (User: )
Description: Information only.
Click-2-Run package registration failure.
 
Error: (01/27/2015 09:17:31 AM) (Source: Application Virtualization Client) (User: )
Description: {tid=8A8}
The Application Virtualization Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.7134.5001.sft' (rc 24600F0A-10000001, original rc 24600F0A-10000001).
 
Error: (01/26/2015 08:29:36 AM) (Source: CVHSVC) (User: )
Description: Information only.
Click-2-Run package registration failure.
 
 
System errors:
=============
Error: (01/29/2015 11:33:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1058
 
Error: (01/29/2015 11:33:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1058
 
Error: (01/29/2015 11:33:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1058
 
Error: (01/29/2015 11:33:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1058
 
Error: (01/29/2015 11:33:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1058
 
Error: (01/29/2015 11:33:41 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1058
 
Error: (01/29/2015 11:33:23 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
sfdrv01
sfsync02
sfvfs02
 
Error: (01/29/2015 11:33:22 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1058
 
Error: (01/29/2015 11:33:21 PM) (Source: Service Control Manager) (User: )
Description: The Task Scheduler service depends on the Windows Event Log service which failed to start because of the following error: 
%%1058
 
Error: (01/29/2015 11:33:20 PM) (Source: Service Control Manager) (User: )
Description: The Windows Audio service depends on the Multimedia Class Scheduler service which failed to start because of the following error: 
%%1058
 
 
Microsoft Office Sessions:
=========================
Error: (01/28/2015 06:35:25 PM) (Source: CVHSVC)(User: )
Description: Click-2-Run package registration failure.
 
Error: (01/28/2015 10:38:16 AM) (Source: Google Update)(User: Lenovo-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7
 
Error: (01/28/2015 08:16:23 AM) (Source: CVHSVC)(User: )
Description: Click-2-Run package registration failure.
 
Error: (01/28/2015 08:16:23 AM) (Source: Application Virtualization Client)(User: )
Description: {tid=9F8}
 
Error: (01/27/2015 08:45:54 PM) (Source: CVHSVC)(User: )
Description: Click-2-Run package registration failure.
 
Error: (01/27/2015 08:45:54 PM) (Source: Application Virtualization Client)(User: )
Description: {tid=8AC}
 
Error: (01/27/2015 09:26:46 AM) (Source: CVHSVC)(User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
 
Error: (01/27/2015 09:17:31 AM) (Source: CVHSVC)(User: )
Description: Click-2-Run package registration failure.
 
Error: (01/27/2015 09:17:31 AM) (Source: Application Virtualization Client)(User: )
Description: {tid=8A8}
 
Error: (01/26/2015 08:29:36 AM) (Source: CVHSVC)(User: )
Description: Click-2-Run package registration failure.
 
 
 
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader 9.3.4 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.4 - Adobe Systems Incorporated)
aeRO Mini 1.9 (HKCU\...\aeRO Mini 1.9) (Version:  - )
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.0820 - CyberLink Corp.)
CyberLink YouCam (Version: 4.0.0820 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Hero Editor V1.04 (HKLM\...\ST6UNST #1) (Version:  - )
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 2.0.6212.2 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Essentials) (Version: 1.0.1611.0 - Microsoft Corporation)
Microsoft Security Essentials (Version: 1.0.1611.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox (3.6.28) (HKLM\...\Mozilla Firefox (3.6.28)) (Version: 3.6.28 (en-US) - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM\...\TkFSVVRPU0hJUFBVREVOVWx0aW1hdGVOaW5qYVNUT1JNM0Z1~D4302771_is1) (Version: 1 - )
OpenOffice.org 3.2 (HKLM\...\{379F9A64-4317-477A-BBC5-35466F8476B5}) (Version: 3.2.9483 - OpenOffice.org)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.7.0.0 - Pando Networks Inc.)
Prince of Persia T2T (HKLM\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version:  - )
Proteus 8 Professional (HKLM\...\{B8A525DB-6906-4F0C-92D7-33D55345E4E8}) (Version: 8.0.15417.0 - Labcenter Electronics)
Ragnarok Online (HKLM\...\Ragnarok Online 1.0.0) (Version: 1.0.0 - Level Up Games)
Ragnarok Online (Version: 1.0.0 - Level Up Games) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
SHAREit (HKLM\...\AnyShare) (Version: 1.0.38.379 - Lenovo)
Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SMART BRO Hostless Modem (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.2 - ZTE Corporation)
Tattoo (HKLM\...\Tattoo) (Version: 1.11.00.158 - Huawei Technologies Co.,Ltd)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D7D96A96-F61F-48AD-B2DC-4F4B6938D2AB}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
USB Disk Security 5.2.0.5 (HKLM\...\USB Disk Security_is1) (Version:  - Zbshareware Lab)
VLC media player 1.1.4 (HKLM\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Winrar 3.93 (HKLM\...\Winrar 3.93) (Version:  - )
WinZipper (HKLM\...\WinZipper) (Version: 1.5.83 - Taiwan Shui Mu Chih Ching Technology Limited.)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
 
========================= Devices: ================================
 
Name: MpKsld456b871
Description: MpKsld456b871
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKsld456b871
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 27%
Total physical RAM: 2048 MB
Available physical RAM: 1488.17 MB
Total Pagefile: 4096 MB
Available Pagefile: 3572.57 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.5 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:221.62 GB) (Free:63.59 GB) NTFS
2 Drive d: () (Fixed) (Total:244.04 GB) (Free:43.75 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\
 
Administrator            Guest                    Lenovo                   
 
 
**** End of log ****


#5 keyron23

keyron23
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 10:59 AM

log for JRT
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Starter x86
Ran by Lenovo on Thu 01/29/2015 at 23:53:21.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D8AFCAE5-0334-4AA5-8E89-35F2C817AD85}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\prefetch\SPEED.EXE-6002C599.pf
 
 
 
~~~ Folders
 
 
 
~~~ FireFox
 
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\delta-homes.xml"
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\webssearches.xml"
Successfully deleted the following from C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\d4y0dv13.default\prefs.js
 
user_pref("browser.search.defaultenginename", "webssearches");
user_pref("browser.search.selectedEngine", "webssearches");
Emptied folder: C:\Users\Lenovo\AppData\Roaming\mozilla\firefox\profiles\d4y0dv13.default\minidumps [1 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/29/2015 at 23:55:47.83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 keyron23

keyron23
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 11:13 AM

Adware Cleaner log
 

# AdwCleaner v4.109 - Report created 30/01/2015 at 00:08:54
# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.3 [Local]
# Operating System : Windows 7 Starter  (32 bits)
# Username : Lenovo - LENOVO-PC
# Running from : C:\Users\Lenovo\Desktop\re\adwcleaner_4.109.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Users\Lenovo\AppData\Roaming\337Games
Folder Deleted : C:\Users\Lenovo\AppData\Roaming\SimpleFiles
Folder Deleted : C:\Users\Lenovo\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\delta-homes.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\webssearches.xml
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Safe Mode).lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Value Deleted : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\SimpleFiles
Key Deleted : HKCU\Software\V9
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\SimpleFiles
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKLM\SOFTWARE\winzipersvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.7600.17267
 
 
-\\ Mozilla Firefox v3.6.28 (en-US)
 
[d4y0dv13.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[d4y0dv13.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
 
-\\ Google Chrome v40.0.2214.93
 
[C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://rts.dsrlte.com/?q={searchTerms}
[C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX&q={searchTerms}
[C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1419588994&from=wpm12262&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX&q={searchTerms}
[C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=dspp&ts=1422439698&from=exp&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX&q={searchTerms}
[C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://istart.webssearches.com/web/?type=dspp&ts=1422439698&from=exp&uid=HGSTXHTS545050A7E380_TEA55C4921G9KR21G9KRX&q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [3802 octets] - [30/01/2015 00:01:32]
AdwCleaner[R1].txt - [3862 octets] - [30/01/2015 00:05:07]
AdwCleaner[S0].txt - [5119 octets] - [30/01/2015 00:08:54]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5179 octets] ##########


#7 keyron23

keyron23
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 11:30 AM

log from Adware Removal Tool
 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
 
Adware Removal Tool v3.9
Time: 2015_01_30_00_14_39
OS: Windows 7 - 32 Bit
Account Name: Lenovo
U0L0S3
 
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
 
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966:1af74d8104403d847a0ead9035f74f17
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966\1AF74D8104403D847A0EAD9035F74F17:file
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eventlog\Application:WindowsProtectManger
 
\\ Finished


#8 keyron23

keyron23
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 11:41 AM

btw sir InadequateInfirmity both links leading to the Security Check are unavailable...



#9 keyron23

keyron23
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 12:00 PM

MBAR log... i didnt do step 6 yet cuz of the unavailable links. still white taskbar and no audio device/internet


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7600 Windows 7 x86
 
Account is Administrative
 
Internet Explorer version: 8.0.7600.16385
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 1.396000 GHz
Memory total: 2147483648, free: 1545572352
 
No address found
Initializing...
======================
------------ Kernel report ------------
     01/30/2015 00:37:09
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\DRIVERS\msahci.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\sfhlp02.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECI.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\athr.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\AcpiVpc.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\difxapi.dll
\Windows\System32\shell32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\oleaut32.dll
\Windows\System32\urlmon.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\nsi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\sechost.dll
\Windows\System32\iertutil.dll
\Windows\System32\wininet.dll
\Windows\System32\msctf.dll
\Windows\System32\gdi32.dll
\Windows\System32\usp10.dll
\Windows\System32\lpk.dll
\Windows\System32\Wldap32.dll
\Windows\System32\advapi32.dll
\Windows\System32\user32.dll
\Windows\System32\normaliz.dll
\Windows\System32\ws2_32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\comdlg32.dll
\Windows\System32\kernel32.dll
\Windows\System32\setupapi.dll
\Windows\System32\psapi.dll
\Windows\System32\msvcrt.dll
\Windows\System32\wintrust.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
 
Scan started
Database versions:
  main:    v2014.11.18.05
  rootkit: v2014.11.12.01
 
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff884c4a58, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff884c4690, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff884c4a58, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff865d6028, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: D9FA2484
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 511795200
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 512002048  Numsec = 464769024
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 500107862016 bytes
Sector size: 512 bytes
 
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8ab9cac8, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86432020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8ab9cac8, DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff863f05e8, DeviceName: \Device\00000081\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C007C34
 
Partition information:
 
    Partition 0 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 32  Numsec = 31266784
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 16008609792 bytes
Sector size: 512 bytes
 
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished


#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:37 AM

Posted 29 January 2015 - 03:06 PM

Step 1: 9-Lab Scan

 

Download 9-Lab Removal Tool. from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
 

Install the program onto your computer, then right click the icon RRXH2ZG.jpg run as administrator.

Go to the Update tab and update the program.

ZT1y9rP.png

Now go to the scanner tab and select Full Scan.

k68m97f.png

Upon Scan Completion Click Show Results.

FihDIFx.png

Now click the Clean button.

eCCJKcA.png

Once done cleaning you can go to the logs tab double click it and copy paste in your next reply.

 

 

Step 2: Eset Scan

 

Disable your antivirus prior to running this scan.

 

 

 esetonlinebtn.png

 

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Step 3: Hitman Pro

 

 

 

Download Zemana Cloud AntiMalware from one of the links below.

CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.

http://dl9.zemana.com/download/Products/AntiMalware/Build192/ZemanaAntiMalware.exe          32 bit
http://dl9.zemana.com/download/Products/AntiMalware/Build192/ZemanaAntiMalware_x64.exe  64 bit

Note: If you have used Hitman Pro in the past you will not be able to activate a free license for this product.

Save the file to your desktop.
Right Click and run as administrator.
Click Next to scan for malicious software.
Tick the box that reads. " No I only want to perform a one time scan to check this computer"
0X6Id66.jpg

Hit Next.

ccs6wdZ.png

Upon scan completion. Now click on on save log and save to your desktop. Hit next to activate.

yhKtpGe.png

After you activate, remove malware and post the log created in your next reply.



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:37 AM

Posted 29 January 2015 - 03:07 PM

 

make a new scan after  i quarantined the items

 

 

Yes please do this for Malwarebytes. :)



#12 keyron23

keyron23
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 10:06 PM

i tried the eset online scanner but i think it needs internet to run.. my infected laptop cant access the internet :/



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:37 AM

Posted 29 January 2015 - 10:14 PM

i tried the eset online scanner but i think it needs internet to run.. my infected laptop cant access the internet :/

 

Can you go online in safe mode with networking?

How to start Windows in Safe Mode or Safe Mode with ...

#14 keyron23

keyron23
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 29 January 2015 - 10:16 PM

ok ill try what you said.. btw here;s the log with items removed
www.malwarebytes.org
 
Scan Date: 1/30/2015
Scan Time: 10:38:30 AM
Logfile: lollol.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.11.20.06
Rootkit Database: v2014.11.18.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7
CPU: x86
File System: NTFS
User: Lenovo
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 288237
Time Elapsed: 13 min, 11 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:37 AM

Posted 29 January 2015 - 10:27 PM

Ok, if you are not able to go online in safe mode with networking let us know.


Edited by InadequateInfirmity, 29 January 2015 - 10:27 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users