Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chrome Problem - New Pop Up Tabs - Possible Infection or Virus


  • Please log in to reply
32 replies to this topic

#1 Golden-Boy

Golden-Boy

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 28 October 2015 - 04:08 PM

Hello everyone.

 

I am sorry to start off our wonderful relationship this way, but I need help.

 

I don't know how, but I recently downloaded something (don't know what exactly), but it may be related to SpyHunter.  

 

Big mistake!  

 

I think now my computer has a virus.  Quite often now when I open a new webpage, it gets redirected to pages like 

 

www.newpoptab.etc

 

So I have Super Antispyware, and I have run it a few times.  It seems to detect a few threats, fixes them, but the problem comes back.  I just did a complete scan with panda security, but it said everything is fine when it most clearly is not.  My computer is running pretty slowly now  :(

 

Also, when I go to C:\Program Files - there is an Enigma Software folder there containing Spyhunter, but it won't let me delete it.  It says when I try that it cannot because the folder or a file in the folder is open!

 

Help! What do I do?

 

Thanks for any help.



BC AdBot (Login to Remove)

 


#2 Golden-Boy

Golden-Boy
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 28 October 2015 - 08:56 PM

Ummm, any ideas?



#3 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:19 AM

Posted 29 October 2015 - 03:09 AM

Hello, 

 

Please read this topic about SpyHunter.

 

Also remove Super Antispyware because it is outdated software.

 

------------

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

§  Flush DNS

§  Report IE Proxy Settings

§  Reset IE Proxy Settings

§  Report FF Proxy Settings

§  Reset FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

§  List Installed Programs

§  List Devices

§  List Users, Partitions and Memory size.

§  List Minidump Files

§  List Restore Points

Click Go and post the result (MTB.txt). A copy of MTB.txt will be saved in the same directory the tool is run.

----------

 

Please download Rkill to your Desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe
http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
 

§  Double-click on the Rkill desktop icon to run the tool.

§  If using Windows Vista, 7, 8 or 10 right-click on it and choose Run As Administrator.

§  black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

§  If not, delete the file, then download and use the one provided in Link 2.

§  Do not reboot until instructed.

§  If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from Safe Mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

------------

 

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

 

§  Double-click mbam-setup-2.x.x.xxxx.exe and follow the prompts to install the program.

§  At the end, be sure a checkmark is placed next to the following:
 

o    Launch Malwarebytes Anti-Malware

o    A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

 

§  Click Finish.

§  On the Dashboard, click the 'Update Now >>' link

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the 'Scan Now >>' button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.


If you already have MBAM 2.0 installed:
 

§  On the Dashboard, click the 'Update Now >>' link.

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the Scan Now >> button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.

§  After the restart once you are back at your desktop, open MBAM once more.

§  Click on the History tab > Application Logs.

§  Double click on the Scan Log which shows the Date and time of the scan just performed.

§  Click 'Export'.

§  Click 'Copy to Clipboard'

§  Paste the contents of the clipboard into your reply.

---------------

 

Please download AdwCleaner by Xplode onto your desktop.

§  Close all open programs and internet browsers.

§  Double click on adwcleaner.exe to run the tool.

§  In EULA window click I agree.

§  In Options uncheck Reset Winsock settings.

§  Click on Scan button.

§  When the scan has finished click on Cleaning button.

§  Your computer will be rebooted automatically. A text file will open after the restart.

§  Please post the contents of that logfile with your next reply.

§  You can find the logfile at C:\AdwCleaner[C1].txt as well.

 

----------------

Please download Junkware Removal Tool  to your desktop.

§  Shut down your protection software now to avoid potential conflicts.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, 8 or 10; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open and start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

 

§  Post the contents of JRT.txt into your next message.

--------------


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#4 subscriber

subscriber

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 29 October 2015 - 04:34 AM

wow, i have the same problems, I've got that adwares newpoptab a**hole from unknown keygen, yea my bad,,,

after that i have tried many ways to remove it, and same as your problems mate, always comes back

 

Thanks bleepingcomputer especially severac, after googling three days how to remove this annoying newpoptab adwares and now i've got this enlightenment  :idea: threads  :bananas:  :bananas:  :bananas:

 

ill try your solution  :thumbsup2:



#5 Golden-Boy

Golden-Boy
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 29 October 2015 - 06:01 PM

------------

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

§  Flush DNS

§  Report IE Proxy Settings

§  Reset IE Proxy Settings

§  Report FF Proxy Settings

§  Reset FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

§  List Installed Programs

§  List Devices

§  List Users, Partitions and Memory size.

§  List Minidump Files

§  List Restore Points

Click Go and post the result (MTB.txt). A copy of MTB.txt will be saved in the same directory the tool is run.

 

 

Thank you for your assistance.  I would attach this text file but I cannot figure out how.

 

The MTB.txt as follows:

 

MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Alex (administrator) on 29-10-2015 at 18:57:07
Running from "C:\Users\Alex\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Model: Aspire M5802/M3802 Manufacturer: Acer
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
::1 localhost
 
 
127.0.0.1 localhost
 
========================= IP Configuration: ================================
 
Intel® 82567V-2 Gigabit Network Connection = Local Area Connection (Connected)
TAP-Windows Adapter V9 = Local Area Connection 2 (Connected)
Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Alex-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net
 
Ethernet adapter Local Area Connection 2:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-4D-D2-2B-C5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1580:cbab:7402:93b6%15(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.169.1.6(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.252
   Lease Obtained. . . . . . . . . . : Thursday, October 29, 2015 6:41:20 PM
   Lease Expires . . . . . . . . . . : Friday, October 28, 2016 6:41:20 PM
   Default Gateway . . . . . . . . . : 
   DHCP Server . . . . . . . . . . . : 10.169.1.5
   DHCPv6 IAID . . . . . . . . . . . : 553713485
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A4-25-09-00-25-11-89-25-33
   DNS Servers . . . . . . . . . . . : 209.222.18.222
                                       209.222.18.218
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-06-4F-87-E1-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC
   Physical Address. . . . . . . . . : 00-06-4F-87-E1-F9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Intel® 82567V-2 Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-25-11-89-25-33
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f09e:edf9:6a2b:bc9f%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.2.10(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, October 23, 2015 11:45:49 PM
   Lease Expires . . . . . . . . . . : Sunday, November 01, 2015 6:41:20 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 234890513
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-A4-25-09-00-25-11-89-25-33
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  resolver1.privateinternetaccess.com
Address:  209.222.18.222
 
Name:    google.com.gateway.2wire.net
Address:  173.45.161.113
 
 
Pinging google.com [216.58.192.46] with 32 bytes of data:
Reply from 216.58.192.46: bytes=32 time=95ms TTL=52
Reply from 216.58.192.46: bytes=32 time=96ms TTL=52
 
Ping statistics for 216.58.192.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 95ms, Maximum = 96ms, Average = 95ms
Server:  resolver1.privateinternetaccess.com
Address:  209.222.18.222
 
Name:    yahoo.com.gateway.2wire.net
Address:  173.45.161.113
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=160ms TTL=43
Reply from 98.139.183.24: bytes=32 time=159ms TTL=43
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 159ms, Maximum = 160ms, Average = 159ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...00 ff 4d d2 2b c5 ......TAP-Windows Adapter V9
 14...00 06 4f 87 e1 f9 ......Microsoft Virtual WiFi Miniport Adapter
 12...00 06 4f 87 e1 f9 ......Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC
 10...00 25 11 89 25 33 ......Intel® 82567V-2 Gigabit Network Connection
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.10     20
          0.0.0.0        128.0.0.0       10.169.1.5       10.169.1.6     20
       10.169.1.1  255.255.255.255       10.169.1.5       10.169.1.6     20
       10.169.1.4  255.255.255.252         On-link        10.169.1.6    276
       10.169.1.6  255.255.255.255         On-link        10.169.1.6    276
       10.169.1.7  255.255.255.255         On-link        10.169.1.6    276
   46.166.190.176  255.255.255.255      192.168.2.1     192.168.2.10     20
   77.247.182.241  255.255.255.255      192.168.2.1     192.168.2.10     20
   104.200.154.34  255.255.255.255      192.168.2.1     192.168.2.10     20
  104.200.154.104  255.255.255.255      192.168.2.1     192.168.2.10     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        128.0.0.0        128.0.0.0       10.169.1.5       10.169.1.6     20
      192.168.2.0    255.255.255.0         On-link      192.168.2.10    276
     192.168.2.10  255.255.255.255         On-link      192.168.2.10    276
    192.168.2.255  255.255.255.255         On-link      192.168.2.10    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.2.10    276
        224.0.0.0        240.0.0.0         On-link        10.169.1.6    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.2.10    276
  255.255.255.255  255.255.255.255         On-link        10.169.1.6    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    276 fe80::/64                On-link
 15    276 fe80::/64                On-link
 15    276 fe80::1580:cbab:7402:93b6/128
                                    On-link
 10    276 fe80::f09e:edf9:6a2b:bc9f/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
 15    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/28/2015 12:37:34 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (10/28/2015 12:01:26 AM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 46.0.2490.80 stopped interacting with Windows and was closed. To see if more information about the 
 
problem is available, check the problem history in the Action Center control panel.
 
Process ID: 13b4
 
Start Time: 01d1111133e9d86e
 
Termination Time: 6
 
Application Path: C:\Program Files\Google\Chrome\Application\chrome.exe
 
Report Id: 86fe38ca-7d28-11e5-ab1b-00064f87e1f9
 
Error: (10/25/2015 11:42:14 PM) (Source: Application Hang) (User: )
Description: The program SUPERAntiSpyware.exe version 6.0.0.1208 stopped interacting with Windows and was closed. To see if more information about 
 
the problem is available, check the problem history in the Action Center control panel.
 
Process ID: f58
 
Start Time: 01d10ea72749c21d
 
Termination Time: 189
 
Application Path: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
Report Id: 87f3c372-7b93-11e5-ab1b-00064f87e1f9
 
Error: (10/24/2015 08:53:45 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (10/24/2015 05:58:39 PM) (Source: Application Hang) (User: )
Description: The program SUPERAntiSpyware.exe version 6.0.0.1208 stopped interacting with Windows and was closed. To see if more information about 
 
the problem is available, check the problem history in the Action Center control panel.
 
Process ID: d98
 
Start Time: 01d10e0cb0b0392e
 
Termination Time: 5
 
Application Path: C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
Report Id: 5ef9fc98-7a9a-11e5-ab1b-00064f87e1f9
 
Error: (10/24/2015 01:37:25 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (10/23/2015 11:45:16 PM) (Source: Application Hang) (User: )
Description: The program SpyHunter4.exe version 4.20.9.4533 stopped interacting with Windows and was closed. To see if more information about the 
 
problem is available, check the problem history in the Action Center control panel.
 
Process ID: d68
 
Start Time: 01d10e0e59e7c8c5
 
Termination Time: 2
 
Application Path: C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
 
Report Id: 9f5b02c5-7a01-11e5-ab1b-00064f87e1f9
 
Error: (10/23/2015 11:30:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: SUPERAntiSpyware.exe, version: 6.0.0.1208, time stamp: 0x5602f2d8
Faulting module name: SUPERAntiSpyware.exe, version: 6.0.0.1208, time stamp: 0x5602f2d8
Exception code: 0x40000015
Fault offset: 0x0001b6b6
Faulting process id: 0x1164
Faulting application start time: 0xSUPERAntiSpyware.exe0
Faulting application path: SUPERAntiSpyware.exe1
Faulting module path: SUPERAntiSpyware.exe2
Report Id: SUPERAntiSpyware.exe3
 
Error: (10/23/2015 06:32:41 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (10/22/2015 11:13:07 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
 
System errors:
=============
Error: (10/27/2015 11:32:26 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{4DD22BC5-B44A-44E2-976A-C1D0BA5B8808} because another computer on 
 
the network has the same name.  The server could not start.
 
Error: (10/21/2015 03:13:31 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (10/21/2015 03:13:14 PM) (Source: Service Control Manager) (User: )
Description: The sbapifs service failed to start due to the following error: 
%%2
 
Error: (10/21/2015 03:13:17 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:10:34 PM on ‎10/‎21/‎2015 was unexpected.
 
Error: (10/21/2015 03:00:34 PM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool 
 
allocations.
 
Error: (10/21/2015 02:58:54 PM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool 
 
allocations.
 
Error: (10/21/2015 12:01:49 AM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool 
 
allocations.
 
Error: (10/21/2015 12:01:09 AM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool 
 
allocations.
 
Error: (10/20/2015 09:40:56 PM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool 
 
allocations.
 
Error: (10/20/2015 09:40:36 PM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool 
 
allocations.
 
 
Microsoft Office Sessions:
=========================
Error: (07/26/2015 12:17:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session 
 
lasted 1179 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error: (10/08/2014 08:35:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session 
 
lasted 24852 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (03/24/2014 11:23:10 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session 
 
lasted 814 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (04/04/2013 04:06:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session 
 
lasted 401978 seconds with 1200 seconds of active time.  This session ended with a crash.
 
Error: (11/04/2012 07:49:03 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session 
 
lasted 608496 seconds with 1260 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-10-05 21:24:57.058
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 
 
2012\Active Virus Control\Avc3_00155_006\avcuf32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-10-03 22:04:21.998
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 
 
2012\Active Virus Control\Avc3_00155_006\avcuf32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-10-03 21:58:30.098
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 
 
2012\Active Virus Control\Avc3_00155_006\avcuf32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-10 09:54:44.789
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\PC Tools Security\smum32.dll 
 
because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-10 09:54:44.667
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\PC Tools Security\TFEngine
 
\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-10 07:43:56.520
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\PC Tools Security\smum32.dll 
 
because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-10 07:43:56.472
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\PC Tools Security\TFEngine
 
\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-10 06:38:49.687
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\PC Tools Security\smum32.dll 
 
because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-10 06:38:49.641
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\PC Tools Security\TFEngine
 
\TFWAH.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-02-10 05:55:40.384
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\PC Tools Security\smum32.dll 
 
because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKLM\...\uTorrent) (Version: 3.2.1.28086 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
BurnAware Free 6.9.4 (HKLM\...\BurnAware Free_is1) (Version:  - Burnaware)
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\{4D7B6C53-B3E7-4D93-B27C-B7A50A9627C9}) (Version: 1.0.198 - CANON INC.) 
 
Hidden
Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 1.0.198.10000 
 
- CANON INC.)
Canon MF Toolbox 4.9.1.1.mf14 (HKLM\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf14 - CANON INC.)
Canon MF4700 Series (HKLM\...\{47A8DB42-4E21-4d55-9931-D4F44CC3F03B}) (Version: 4.1.0.1 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 3.09 - Piriform)
CPUID CPU-Z 1.62.0 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.21 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Deep Shredder 12 (HKLM\...\{08E3C4AA-2FDE-40A4-ADA7-2D4D3A03E330}) (Version: 12.0.0 - ChessBase) Hidden
Direct WAV MP3 Splitter version 3.0.0.0 (HKLM\...\Direct WAV MP3 Splitter_is1) (Version: 3.0.0.0 - Piston Software)
DJ_AIO_03_F4200_Software_Min (HKLM\...\{363CEA5C-C9D0-45DD-9511-A461DBDEE94B}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dragon NaturallySpeaking 10 (HKLM\...\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}) (Version: 10.0.0 - Nuance Communications Inc.)
F4200 (HKLM\...\{C2524280-A5CF-4458-B809-167F13FAB56D}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
FileZilla Client 3.7.4.1 (HKLM\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
Free Window Registry Repair (HKLM\...\Free Window Registry Repair) (Version:  - )
Fritz 13 (HKLM\...\{85EB0F56-3DB3-42CC-9384-A665C5FC5D08}) (Version: 13.0.0.0 - ChessBase)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
hppLaserJetService (HKLM\...\{178F0383-A2F1-427C-9881-6EACB8728C76}) (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
InstallIQ Updater (HKLM\...\{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}) (Version: 1.4.3.0 - W3i, LLC)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) 
 
(Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft 
 
Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft 
 
Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft 
 
Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft 
 
Corporation)
MP3 Cutter 1.9 (HKLM\...\MP3 Cutter_is1) (Version:  - Aiv Software)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero Burning ROM 10 (HKLM\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurningROM 10 Help (CHM) (HKLM\...\{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}) (Version: 10.5.10100 - Nero AG) Hidden
Nero BurnRights 10 (HKLM\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (HKLM\...\{555868C6-49FB-484F-BB43-8980651A1B00}) (Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (HKLM\...\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}) (Version: 10.2.10600.0.6 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (HKLM\...\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}) (Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (HKLM\...\{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}) (Version: 2.0.17400.8.2 - Nero AG) Hidden
Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NVIDIA Graphics Driver 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 275.33 - NVIDIA Corporation)
NVIDIA Update 1.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.3.5 - NVIDIA Corporation)
Panda Internet Security 2015 (HKLM\...\{113C4F3B-C1FB-41B1-877C-193AFE330007}) (Version: 7.84.00.0000 - Panda Security) Hidden
Panda Internet Security 2015 (HKLM\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0006 - Panda Security)
Panda Security Toolbar (HKLM\...\pandasecuritytb) (Version: 4.3.0.3 - Panda Security and Visicom Media Inc.)
PC Connectivity Solution (HKLM\...\{C373F7C4-05D2-4047-96D1-6AF30661C6AA}) (Version: 11.4.21.0 - Nokia)
Playlist Creator 3.6.2 (HKLM\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
Private Internet Access Support Files (HKLM\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
ReadPlease 2003/ReadPlease PLUS 2003 (HKLM\...\ReadPlease 2003_is1) (Version: 2003.1.10 - ReadPlease Corporation)
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (HKLM\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1108 - SUPERAntiSpyware.com)
Swift Paste 2.0 (HKLM\...\Swift Paste_is1) (Version:  - SwiftPaste.com)
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-
 
47AAAA68E92D}) (Version:  - Microsoft)
Visual C++ Runtime for Dragon NaturallySpeaking (HKLM\...\{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}) (Version: 10.00.000.038 - Nuance 
 
Communications Inc.)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft 
 
Corporation)
WinRAR 4.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
 
========================= Devices: ================================
 
Name: Android Composite ADB Interface
Description: Android Composite ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Google, Inc.
Service: WinUSB
Device ID: ROOT\ANDROIDUSBDEVICECLASS\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Device ID: ACPI\PNP0F03\4&242CC0DB&0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 70%
Total physical RAM: 3071.14 MB
Available physical RAM: 900.91 MB
Total Virtual: 6140.57 MB
Available Virtual: 2245.47 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:698.54 GB) (Free:352.86 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ALEX-PC
 
Administrator            Alex                     Guest                    
UpdatusUser              
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
13-10-2015 05:04:14 Scheduled Checkpoint
13-10-2015 06:34:23 Revo Uninstaller's restore point - Tablet Video Converter 1.0.1
13-10-2015 08:23:30 Windows Update
18-10-2015 23:00:32 Windows Backup
22-10-2015 09:59:45 Windows Update
24-10-2015 03:04:34 Revo Uninstaller's restore point - WizTree v1.07
24-10-2015 03:05:29 Revo Uninstaller's restore point - SpringFiles
24-10-2015 04:15:23 Revo Uninstaller's restore point - SpyHunter 4
25-10-2015 16:20:23 Removed Adobe Reader XI (11.0.13).
25-10-2015 16:21:09 Revo Uninstaller's restore point - Adobe Reader XI (11.0.13)
25-10-2015 16:31:07 Revo Uninstaller's restore point - Mozilla Firefox 10.0.2 (x86 en-US)
27-10-2015 17:11:57 Windows Update
 
**** End of log ****


#6 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:19 AM

Posted 29 October 2015 - 06:06 PM

Thank you for your assistance.  I would attach this text file but I cannot figure out how.

 

 

 

You can't attach logs here, you can only past the results.  :wink:


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#7 Golden-Boy

Golden-Boy
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 29 October 2015 - 06:07 PM

Please download Rkill to your Desktop.

There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe
http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
 

§  Double-click on the Rkill desktop icon to run the tool.

§  If using Windows Vista, 7, 8 or 10 right-click on it and choose Run As Administrator.

§  black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

§  If not, delete the file, then download and use the one provided in Link 2.

§  Do not reboot until instructed.

§  If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from Safe Mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

 

Okay I did this.  Here is the text file:

 

 

Rkill 2.8.2 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 10/29/2015 07:03:51 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Reparse Point/Junctions Found (Most likely legitimate)!
 
     * C:\Windows\$NtUninstallKB23455$ => <Unknown Target> [Dir]
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1 localhost
  ::1 localhost
 
Program finished at: 10/29/2015 07:05:09 PM
Execution time: 0 hours(s), 1 minute(s), and 17 seconds(s)

Edited by Golden-Boy, 29 October 2015 - 06:08 PM.


#8 Golden-Boy

Golden-Boy
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 29 October 2015 - 06:11 PM

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

 

When I click the link to download this, a Panda security page comes up saying 

 


Contains malware and exploits!

Panda Security Technology protected you this time.

We have detected that the page you are trying to access contains malware and exploits that could infect your computer.

 

We advise you not to proceed with visiting

data-cdn.mbamupdates.com/web/mbam-setup-2.2.0.1024.exe



#9 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:19 AM

Posted 29 October 2015 - 06:27 PM

It is false positive. You can turn off your Panda Antivirus until we do this check. 


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#10 Golden-Boy

Golden-Boy
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 29 October 2015 - 09:22 PM

It is false positive. You can turn off your Panda Antivirus until we do this check. 

 

I do not understand what is happening.

 

I uninstalled Panda, then tried to access the link to download Malwarebytes, and the same Panda Antivirus Safe Search Protection

page comes up!

 

I tried clicking the 'I understanding that visiting may infect my computer' option, and it still won't let me go to the page.

 

What do I do now?



#11 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:19 AM

Posted 30 October 2015 - 03:17 AM

You should turn off Panda Antivirus until you finish scanning, and then to turn on Panda again, not to uninstall.

 

Panda Antivirus Safe Search protection is an extension in your browser and work independently from Antivirus. So, you have to remove it manually from your browser, or simple click I understand that visiting the web page could infect my computer and continue with download.

 

After we finish check, you can install Panda again, or choose other AV solution. 


Edited by severac, 30 October 2015 - 03:18 AM.

I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#12 christabelle

christabelle

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 31 October 2015 - 09:39 AM

I have the same problem. Severac do you mean I should do all the things you list or just one of them?



#13 screamgfx

screamgfx

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Egypt, Cairo
  • Local time:07:19 AM

Posted 31 October 2015 - 11:12 AM

Hi
 

well, i have almost the same problem about redirecting thing but after doing all the steps mentioned in the 2nd reply it's much less active now BUT it's still there redirecting me on the first click on most of the pages i visit ( including here )

 

should i create a new topic or may i post the reports here ?



#14 Golden-Boy

Golden-Boy
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:19 AM

Posted 31 October 2015 - 04:21 PM

You should turn off Panda Antivirus until you finish scanning, and then to turn on Panda again, not to uninstall.

 

Panda Antivirus Safe Search protection is an extension in your browser and work independently from Antivirus. So, you have to remove it manually from your browser, or simple click I understand that visiting the web page could infect my computer and continue with download.

 

After we finish check, you can install Panda again, or choose other AV solution. 

 

Thank you for your help severac.

 

I went into Google Chrome extensions, and there was no Panda extension.  Can you please provide instructions on where I can find this extension, so I can disable it?  Panda is already uninstalled, but the page still comes up blocking me from downloading the program.  Clicking the 'proceed anyway' link does not solve the problem.  The page remains.  I tried, so I'm hoping if I can somehow delete the extension, that that might work.


Edited by Golden-Boy, 31 October 2015 - 04:22 PM.


#15 screamgfx

screamgfx

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Egypt, Cairo
  • Local time:07:19 AM

Posted 31 October 2015 - 04:37 PM

 

You should turn off Panda Antivirus until you finish scanning, and then to turn on Panda again, not to uninstall.

 

Panda Antivirus Safe Search protection is an extension in your browser and work independently from Antivirus. So, you have to remove it manually from your browser, or simple click I understand that visiting the web page could infect my computer and continue with download.

 

After we finish check, you can install Panda again, or choose other AV solution. 

 

Thank you for your help severac.

 

I went into Google Chrome extensions, and there was no Panda extension.  Can you please provide instructions on where I can find this extension, so I can disable it?  Panda is already uninstalled, but the page still comes up blocking me from downloading the program.  Clicking the 'proceed anyway' link does not solve the problem.  The page remains.  I tried, so I'm hoping if I can somehow delete the extension, that that might work.

 

 

@Golden-Boy You may check chrome plugins till @Severac comes back and guide you.

 

Just type " chrome://plugins " in the address bar and enter

and see if there's something related to Panda you can disable it






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users