Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91987 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

awesomehp & nengine.dll - log to analyse

malwere nengine.dll awesomehp log analyse

  • This topic is locked This topic is locked
1 reply to this topic

#1 poiuytrewq86

poiuytrewq86

    New Member

  • New Member
  • Pip
  • 1 posts

Posted 01 March 2014 - 03:31 AM

hey
 
i'm trying to delete awesomehp and related bugs. Also trying to figure out why during start the system shows information about problem with loading nengine.dll
can anyone take a look at the log from malwarebytes and help to analyse it?
 
_______________________________________________________________________________
 
Registry Keys Detected: 7
HKCR\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> No action taken.
HKCR\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} (PUP.Optional.SupTab.A) -> No action taken.
HKCR\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} (PUP.Optional.SupTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab (PUP.Optional.SupTab.A) -> No action taken.
 
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\SysWOW64\rundll32.exe "C:\Users\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> No action taken.
 
Registry Data Items Detected: 6
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.Awesomehp.A) -> Bad: (http://www.awesomehp...S19HNEAD216067P) Good: (http://www.google.com) -> No action taken.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.Awesomehp.A) -> Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp...S19HNEAD216067P) Good: (iexplore.exe) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.Awesomehp.A) -> Bad: (http://www.awesomehp...HNEAD216067P&q={searchTerms}) Good: (http://www.google.com) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Awesomehp.A) -> Bad: (http://www.awesomehp...S19HNEAD216067P) Good: (http://www.google.com) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> No action taken.
HKLM\Software\Microsoft\Internet Explorer\Main|Default_Page_URL (PUP.Optional.Awesomehp.A) -> Bad: (http://www.awesomehp...S19HNEAD216067P) Good: (http://www.google.com) -> No action taken.
 
Folders Detected: 28
C:\Program Files (x86)\SupTab (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\js (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\en-US (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\es-419 (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\es-ES (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\it-CH (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\it-IT (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\pl (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\ru (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW (PUP.Optional.SupTab.A) -> No action taken.
C:\Users\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> No action taken.
C:\ProgramData\IePluginService (PUP.Optional.IePluginService.A) -> No action taken.
C:\ProgramData\IePluginService\update (PUP.Optional.IePluginService.A) -> No action taken.
 
Files Detected: 102
C:\Program Files (x86)\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe (PUP.Optional.IePluginService.A) -> No action taken.
C:\Users\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36QDJ0AP\Setup[2].exe (PUP.Optional.Surftastic.A) -> No action taken.
C:\Users\AppData\Local\Temp\fullpackage_temp1393328424\package1.zip (PUP.Optional.SkyTech.A) -> No action taken.
C:\Users\AppData\Local\Temp\fullpackage_temp1393328424\QQBrowserFrame.dll (PUP.Optional.SkyTech.A) -> No action taken.
C:\Users\AppData\Local\Temp\fullpackage_temp1393328424\tmp\SupTab.exe (PUP.Optional.SupTab.A) -> No action taken.
C:\Users\AppData\Local\Temp\NeroInstallFiles\NERO20131212105334547\ISSetupPrerequisites\opencandy\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\AppData\Roaming\SupTab\SupTab.dll (PUP.Optional.SupTab.A) -> No action taken.
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> No action taken.
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\awesomehp.xml (PUP.Optional.Awesomehp.A) -> No action taken.
C:\Program Files (x86)\SupTab\install.data (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\BHOEnabler.exe (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\uninstall.exe (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\indexIE.html (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\indexIE8.html (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\style.css (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\ver.txt (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\default_logo.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\icon128.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\icon16.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\icon48.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\loading.gif (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\0.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\1.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\10.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\11.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\12.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\13.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\14.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\15.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\16.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\17.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\18.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\19.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\2.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\20.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\21.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\22.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\23.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\24.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\25.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\26.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\27.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\28.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\29.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\3.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\30.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\31.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\32.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\33.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\34.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\35.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\36.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\37.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\38.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\39.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\4.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\40.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\41.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\42.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\43.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\44.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\45.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\46.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\47.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\5.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\6.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\7.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\8.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\img\weather\9.png (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\js\background.js (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\js\ga.js (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\js\jquery-base.js (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\js\js.js (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\js\xagainit.js (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json (PUP.Optional.SupTab.A) -> No action taken.
C:\Users\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx (PUP.Optional.NewTab.A) -> No action taken.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> No action taken.
C:\Users\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> No action taken.
C:\Users\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> No action taken.
C:\ProgramData\IePluginService\update\conf (PUP.Optional.IePluginService.A) -> No action taken.
 
(end)
 

    Advertisements

Register to Remove


#2 Juliet

Juliet

    SuperHelper

  • Classroom Teacher
  • 7,100 posts
  • Interests:Boo!....
  • MVP

Posted 02 March 2014 - 03:56 PM

This user is being helped here

http://www.bleepingc...log-to-analyse/

This topic will be closed.
Sometimes the angels fly close enough to you that you can hear the flutter of their wings...

Want to help others? Join the ClassRoom and learn how.
MS - MVP Consumer Security 2009 - 2016, WI-MVP 2016-17
Antivirus Scanners Online Scanners Firewalls Slow Computer??

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users