Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Got a PUP-FHQ warning when restoring from Recycle Bin


  • Please log in to reply
3 replies to this topic

#1 Melisae21

Melisae21

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 27 June 2014 - 10:31 PM

I'm doing this out of an abundance of caution since, well, this was... weird.

 

I was restoring a file I deleted the other week from my Recycle Bin (a .dmi art template I use regularly but had deleted along with other stuff) and immediately got this really unsettling message from my McAfee antivirus.

 

u5x6o.png

 

I hit "remove" and it did so, but then I got a Chrome popup asking me if I wanted to change my homepage to "About: Blank" which I denied. Immediately afterwards, I got another one of these McAfee messages, which I again removed, and I didn't have a third instance.

 

I'm in the middle of doing a Malwarebytes/Spybot/McAfee sweep (so far all but the last turned out clean and the last is in progress), but are there any other steps and should I be concerned? The Recycle Bin is not someplace I'm used to this occurring.

 

Thanks in advance!



BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,804 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:45 PM

Posted 28 June 2014 - 09:08 AM

Please run the following.

 

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.
 
 

Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 Melisae21

Melisae21
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:45 PM

Posted 28 June 2014 - 11:51 AM

Good morning! Thanks a bunch for walking me through double-checking this. Let's see...

 

On AdwCleaner, the only thing I asked it not to remove was the BillP files, since my understanding is that those belong to this WinPatrol program I keep on my desktop.

 

I am still hoping McAfee caught and removed the PUP-FHQ entirely, but you will know much better than I do. Thanks again. :)

 

 

AdwCleaner:

# AdwCleaner v3.213 - Report created 28/06/2014 at 09:30:06
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tenken - TENKEN-PC
# Running from : C:\Users\Tenken\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
[x] Not Deleted : HKCU\Software\BillP Studios
[x] Not Deleted : HKLM\Software\BillP Studios
[x] Not Deleted : [x64] HKCU\Software\BillP Studios
[x] Not Deleted : [x64] HKLM\SOFTWARE\BillP Studios
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{84481A87-2316-4923-8FAB-3BA8CA29323D}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Tenken\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/tracking?d_ch=en_US_joystiq&q={searchTerms}&s_it=search_addon
Deleted [Search Provider] : hxxp://search.aol.com/aol/tracking?d_ch=en_US_massively&q={searchTerms}&s_it=search_addon
 
*************************
 
AdwCleaner[R0].txt - [1459 octets] - [28/06/2014 09:28:16]
AdwCleaner[S0].txt - [1402 octets] - [28/06/2014 09:30:06]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1462 octets] ##########
 

 

Malwarebytes:

I reinstalled over the one I had and ran a scan after updating it, but it said 0 files infected were found. Here's the log any way:

 

mbam-check result log version:     2.1.0.0002
========================================
 
User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Build Number:              7601
Current Version Number:            6.1
Current CSDVersion:                Service Pack 1
Malwarebytes Anti-Malware:         2.0.2.1012
Installed On:                      2014/06/28
Malware Database:                  2014.06.28.03
Rootkit Database:                  2014.06.23.02
Remediation Database:              2013.10.16.01
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Free
Malware Protection:                0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector
Malicious Website Protection:      0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMWebAccessControl
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2014/06/28 09:51:46
Compatibility Flag Settings:
=================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Users\Tenken\Downloads\ME2_Zaeed.exeREG_SZ VISTARTM
C:\Users\Tenken\Downloads\ME2_NormandyCrash.exeREG_SZ VISTARTM
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
 
Malwarebytes Anti-Malware Service and Driver Status:
=======================================================
 
--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size: 25816     BYTES FileVersion: 0.1.13.0 MD5: [f92b0e478c0faa6d6661e6e977247e60]
C:\Windows\system32\drivers\mwac.sys
File Size: 63704     BYTES FileVersion: 1.0.1.0 MD5: [15e8abc06843672955ce26a009533bad]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size: 122584    BYTES FileVersion: 0.1.7.0 MD5: [8a50d5304e6ae48664cf5838ec32f647]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size: 91352     BYTES FileVersion: 1.0.4.0 MD5: [9d9ed48f841ea37aa5310d54b9e5d3c7]
 
--------------MBAMProtector:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMProtector
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMService:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMService
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMScheduler:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMWebAccessControl:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MbamWebAccessControl
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
Required Dependencies:
======================
 
--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ErrorControl                  REG_DWORD 1
Start                         REG_DWORD 2
Type                          REG_DWORD 32
DependOnService               REG_MULTI_SZ RpcSs
 
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
{faeb78d3-5395-4bf6-b191-a840ace1bbbc}REG_BINARY Binary Data
 
{ea79b4ee-698a-47f3-a484-2ee6f46c3ce4}REG_BINARY Binary Data
 
{aba6a510-4395-4bc3-9b65-2d7a0c1d49e5}REG_BINARY Binary Data
 
{011da7a6-942e-470c-a6f2-09dd48c1cd73}REG_BINARY Binary Data
 
{99e39278-1739-4a08-9791-3341c6a8d8df}REG_BINARY Binary Data
 
{bcdbe4db-8e00-456a-8555-a3033a99e816}REG_BINARY Binary Data
 
{4b0e938f-3674-4e1f-a5e3-f16b222eb73d}REG_BINARY Binary Data
 
{adaf5489-be3c-46db-a822-5c2516f585fd}REG_BINARY Binary Data
 
{25454128-aba1-43cb-8ba0-646dc9ba4b21}REG_BINARY Binary Data
 
{49f451e9-f24d-44d3-ac4f-4dd87f6c8b73}REG_BINARY Binary Data
 
{433a55a3-6b34-4571-80f1-0e78f9439bfc}REG_BINARY Binary Data
 
{fe34caa0-6609-4049-823c-aef42b5926b6}REG_BINARY Binary Data
 
{fcdaa80a-2eb3-4580-96e3-c457d6569353}REG_BINARY Binary Data
 
{26603b93-61b2-48e0-813f-16bb4b6e7919}REG_BINARY Binary Data
 
{e33eca6c-5bd8-48cb-a75e-5c11565d666b}REG_BINARY Binary Data
 
{16c69bf2-1c65-401b-8e5e-4c5a7863ac59}REG_BINARY Binary Data
 
{7ef35c08-55fa-48ea-8b7b-b257e22165b8}REG_BINARY Binary Data
 
{17714efc-f70e-40ae-8666-8004293db74c}REG_BINARY Binary Data
 
{ae8895d8-cb8e-400c-beba-8f94331835f5}REG_BINARY Binary Data
 
{bb6831b3-e550-4f7f-92e6-80969dfdc1ac}REG_BINARY Binary Data
 
{3bec21dd-286b-4450-881c-4b164401ee30}REG_BINARY Binary Data
 
{bcb25e1f-a0a5-404f-9bbc-6b3497bb9f6c}REG_BINARY Binary Data
 
{2e98643d-9607-481b-a1e3-f70092d62e01}REG_BINARY Binary Data
 
{16c396f4-1095-4204-8201-3e891b3f40d7}REG_BINARY Binary Data
 
{318c0af7-2846-427d-a2d3-f97aee88cf67}REG_BINARY Binary Data
 
{78b8fdef-8af4-4ff9-bb41-ebddd778d750}REG_BINARY Binary Data
 
{cb0ad953-193b-4b66-87f5-e5733cca6466}REG_BINARY Binary Data
 
{9e252396-c38b-4c8a-a22c-e7ce595bd1ab}REG_BINARY Binary Data
 
{16a17ec0-8a0e-42b0-95fb-3fca59012088}REG_BINARY Binary Data
 
{f3b2edd5-8183-40f1-ba58-7ca8f696bcce}REG_BINARY Binary Data
 
{38cfb09a-8b92-4975-876c-940ac2bf9798}REG_BINARY Binary Data
 
{ac6e0546-d1a0-4572-83cb-0c87eaf63460}REG_BINARY Binary Data
 
{62117ce7-69fe-4f17-86f1-a5883183648f}REG_BINARY Binary Data
 
{5945b46c-5bcb-469a-93e6-1b98e112eb12}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
{2122d168-a15c-41ff-b341-01ecb959daef}REG_BINARY Binary Data
 
{3490656f-1c11-4e41-af94-0fa7cf768698}REG_BINARY Binary Data
 
{268935f9-1587-4a82-8326-d4ed24f26900}REG_BINARY Binary Data
 
{e4de833f-db5d-4e6a-a00e-ba1c7a98ddb5}REG_BINARY Binary Data
 
{9dc84421-38a7-4908-a24b-8d7b9e311b86}REG_BINARY Binary Data
 
{3a303dd3-b707-4355-bbd0-82445b590d4c}REG_BINARY Binary Data
 
{a9d5b0d8-57c7-4ca8-8d34-167fdb6b063a}REG_BINARY Binary Data
 
{2cc4c16d-cc4b-4985-9ace-0eba6ed94b11}REG_BINARY Binary Data
 
{0287181c-aec0-4a08-8783-e5e1ff982e9d}REG_BINARY Binary Data
 
{d96700b2-6220-4bef-8891-25fb63bb7580}REG_BINARY Binary Data
 
{2d68d870-e37d-4c4c-bf43-a3bf08b923ff}REG_BINARY Binary Data
 
{3d4f7571-e96c-4909-9a0f-da48db9e8aa6}REG_BINARY Binary Data
 
{7ddc363a-0b40-43cf-b48e-7e038fe0c656}REG_BINARY Binary Data
 
{7850862f-bfc5-4723-ac79-2d8b12f9780d}REG_BINARY Binary Data
 
{4be5d415-f1ab-4e56-8b2a-3ab4a1130a88}REG_BINARY Binary Data
 
{fe2cdb52-0fcc-42a8-80b8-901913a9cfdd}REG_BINARY Binary Data
 
{33c6072e-e55e-4a53-aa3f-eb3badc984b2}REG_BINARY Binary Data
 
{43d3b64f-0dbd-43e6-a393-9b91506113a5}REG_BINARY Binary Data
 
{9ae54d4a-6ff0-4e18-980b-764a2451370b}REG_BINARY Binary Data
 
{7f4f6de8-530d-4c84-a9a6-c6dbe00ddeb6}REG_BINARY Binary Data
 
{f6379953-9196-43ed-aba6-26a8e7e3f220}REG_BINARY Binary Data
 
{05890570-bc77-4356-8124-061bc510250d}REG_BINARY Binary Data
 
{ac59acb3-50de-43e5-9d6f-ec74ef73de2d}REG_BINARY Binary Data
 
{6c3dea77-e0be-48a7-b0ac-35750e9cf125}REG_BINARY Binary Data
 
{d9d2db37-3dd6-4757-9b42-3eb28f95f9bd}REG_BINARY Binary Data
 
{2518e56b-9a5d-45d7-8852-35b739e6527f}REG_BINARY Binary Data
 
{e6100bdf-9c7f-421c-89e7-1b1fe30ff1d7}REG_BINARY Binary Data
 
{63c65456-a361-4925-854a-4cb31adb269d}REG_BINARY Binary Data
 
{cfa2f064-e996-41e9-b148-29bc91946a52}REG_BINARY Binary Data
 
{b040bbb8-153d-4fdd-93d6-38cf64673f19}REG_BINARY Binary Data
 
{6105765a-a0f1-4333-8b04-d4cc1f57e349}REG_BINARY Binary Data
 
{e0e95aca-d08c-4112-9788-650bc4545a67}REG_BINARY Binary Data
 
{100d4821-b356-492c-8459-8967c6f63576}REG_BINARY Binary Data
 
{ac80e135-e620-4287-964e-1c284513f065}REG_BINARY Binary Data
 
{b4aace26-a003-4d0a-a57a-eab1259368a2}REG_BINARY Binary Data
 
{811ff98e-6995-4dd5-b286-716d6c152cb1}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
{1e0b2398-0c3a-4677-b7dd-3fdc0ed3ed4c}REG_BINARY Binary Data
 
{faeb78d3-5395-4bf6-b191-a840ace1bbbc}REG_BINARY Binary Data
 
{df81b2c9-9863-4124-a898-f6b03a49056d}REG_BINARY Binary Data
 
{ea79b4ee-698a-47f3-a484-2ee6f46c3ce4}REG_BINARY Binary Data
 
{1c6a2268-f772-45f9-90c5-fb901483d77e}REG_BINARY Binary Data
 
{aba6a510-4395-4bc3-9b65-2d7a0c1d49e5}REG_BINARY Binary Data
 
{de6a511e-d23d-4d38-900e-062aa3682461}REG_BINARY Binary Data
 
{011da7a6-942e-470c-a6f2-09dd48c1cd73}REG_BINARY Binary Data
 
{622c993a-2216-483a-9357-8ac5a60403f2}REG_BINARY Binary Data
 
{99e39278-1739-4a08-9791-3341c6a8d8df}REG_BINARY Binary Data
 
{d2e75fa7-b64b-4efd-86cf-a651de5cef4c}REG_BINARY Binary Data
 
{bcdbe4db-8e00-456a-8555-a3033a99e816}REG_BINARY Binary Data
 
{8554f322-5cc9-4bc8-9252-9f5efac9d861}REG_BINARY Binary Data
 
{4b0e938f-3674-4e1f-a5e3-f16b222eb73d}REG_BINARY Binary Data
 
{76f24438-f4ff-411f-a726-baa497221005}REG_BINARY Binary Data
 
{adaf5489-be3c-46db-a822-5c2516f585fd}REG_BINARY Binary Data
 
{403e1a47-bce5-4fc0-9ff8-7571fb192e95}REG_BINARY Binary Data
 
{25454128-aba1-43cb-8ba0-646dc9ba4b21}REG_BINARY Binary Data
 
{dfad28aa-1257-4947-8610-c6de43064f71}REG_BINARY Binary Data
 
{49f451e9-f24d-44d3-ac4f-4dd87f6c8b73}REG_BINARY Binary Data
 
{3bd97a92-cfd0-4406-b87e-c23e07c72b1c}REG_BINARY Binary Data
 
{433a55a3-6b34-4571-80f1-0e78f9439bfc}REG_BINARY Binary Data
 
{ba3b846d-b9dc-4b0d-94f3-2b88111e5eb7}REG_BINARY Binary Data
 
{fe34caa0-6609-4049-823c-aef42b5926b6}REG_BINARY Binary Data
 
{57d2a4b9-3926-4c4f-9fe3-41a407882718}REG_BINARY Binary Data
 
{fcdaa80a-2eb3-4580-96e3-c457d6569353}REG_BINARY Binary Data
 
{95a589eb-93c1-49d8-a791-f9e444b9c99a}REG_BINARY Binary Data
 
{26603b93-61b2-48e0-813f-16bb4b6e7919}REG_BINARY Binary Data
 
{efb5c2cd-9d8b-4020-8a72-ea13d36aee72}REG_BINARY Binary Data
 
{e33eca6c-5bd8-48cb-a75e-5c11565d666b}REG_BINARY Binary Data
 
{2a519cf2-009f-446e-907d-1c7be02c5be4}REG_BINARY Binary Data
 
{16c69bf2-1c65-401b-8e5e-4c5a7863ac59}REG_BINARY Binary Data
 
{5e5a5cb9-f072-4860-b563-3e9e7935a125}REG_BINARY Binary Data
 
{7ef35c08-55fa-48ea-8b7b-b257e22165b8}REG_BINARY Binary Data
 
{c1dc6269-852c-4ed9-a43a-48cc9ea76e5e}REG_BINARY Binary Data
 
{17714efc-f70e-40ae-8666-8004293db74c}REG_BINARY Binary Data
 
{08197f71-89f4-4a06-883d-9c2f424d0789}REG_BINARY Binary Data
 
{ae8895d8-cb8e-400c-beba-8f94331835f5}REG_BINARY Binary Data
 
{4ba77cfc-4fee-4fa7-856e-697430c49aa5}REG_BINARY Binary Data
 
{bb6831b3-e550-4f7f-92e6-80969dfdc1ac}REG_BINARY Binary Data
 
{65d84ef3-b7c8-4934-9169-1cceba5adcee}REG_BINARY Binary Data
 
{3bec21dd-286b-4450-881c-4b164401ee30}REG_BINARY Binary Data
 
{0d113dc0-4674-41c1-b265-e26c4e4bea6a}REG_BINARY Binary Data
 
{bcb25e1f-a0a5-404f-9bbc-6b3497bb9f6c}REG_BINARY Binary Data
 
{6d28ae77-02af-4ce2-bc81-4eeac2d4a3c0}REG_BINARY Binary Data
 
{2e98643d-9607-481b-a1e3-f70092d62e01}REG_BINARY Binary Data
 
{e36c7f89-f32e-4c2a-84f8-a80edf553991}REG_BINARY Binary Data
 
{16c396f4-1095-4204-8201-3e891b3f40d7}REG_BINARY Binary Data
 
{729aabf5-33fe-44fe-9880-2a1e1d4cd395}REG_BINARY Binary Data
 
{318c0af7-2846-427d-a2d3-f97aee88cf67}REG_BINARY Binary Data
 
{28a8b014-1e32-4740-90b2-9b77f380f0a4}REG_BINARY Binary Data
 
{78b8fdef-8af4-4ff9-bb41-ebddd778d750}REG_BINARY Binary Data
 
{c22f871b-024a-49cc-a7bd-d02e309bc71a}REG_BINARY Binary Data
 
{cb0ad953-193b-4b66-87f5-e5733cca6466}REG_BINARY Binary Data
 
{3441b96f-af74-4453-a0e6-d9f32538ba7d}REG_BINARY Binary Data
 
{9e252396-c38b-4c8a-a22c-e7ce595bd1ab}REG_BINARY Binary Data
 
{d2d08bc7-44cc-427d-a8db-8cf1d0911540}REG_BINARY Binary Data
 
{16a17ec0-8a0e-42b0-95fb-3fca59012088}REG_BINARY Binary Data
 
{ebc32b4a-7c21-4303-aba7-f56065d6284f}REG_BINARY Binary Data
 
{f3b2edd5-8183-40f1-ba58-7ca8f696bcce}REG_BINARY Binary Data
 
{354d75ae-57e0-4d5a-9d07-c88f8e25ab6f}REG_BINARY Binary Data
 
{38cfb09a-8b92-4975-876c-940ac2bf9798}REG_BINARY Binary Data
 
{324bbfea-2609-4d14-98e4-3b889c0e3445}REG_BINARY Binary Data
 
{ac6e0546-d1a0-4572-83cb-0c87eaf63460}REG_BINARY Binary Data
 
{978ab2a9-ff06-49ec-986e-3d2572c80303}REG_BINARY Binary Data
 
{62117ce7-69fe-4f17-86f1-a5883183648f}REG_BINARY Binary Data
 
{31e9835f-88c1-4d35-8bf9-5c7f839dbc09}REG_BINARY Binary Data
 
{5945b46c-5bcb-469a-93e6-1b98e112eb12}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
 
{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
 
{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
 
{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
 
{8dfb7ab4-65f2-4889-a54b-e4a929173158}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
 
{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
 
{606d21e2-abd6-4045-a066-ed60a885a44d}REG_BINARY Binary Data
 
{6b7830bc-393b-4714-9e1a-b520984124ca}REG_BINARY Binary Data
 
{c09b302a-384c-4a80-896d-3833a7836e7f}REG_BINARY Binary Data
 
{bc5444b0-9d1e-4f4f-8cba-e9a847789c71}REG_BINARY Binary Data
 
{436a4032-cb23-4d0e-879a-34807bf2b0f9}REG_BINARY Binary Data
 
{1719f513-d55d-4dd5-b797-369555c61538}REG_BINARY Binary Data
 
{e6137d14-fc58-46df-9955-a3b92c6f41c5}REG_BINARY Binary Data
 
{4f261cc9-74d0-4525-817a-9c22b31a85e2}REG_BINARY Binary Data
 
{96457392-86af-4c1d-801a-d6a9687c6d07}REG_BINARY Binary Data
 
{dfde9054-d1de-4d45-a32e-b216b308ce1e}REG_BINARY Binary Data
 
{e986b842-c6d8-404b-a088-db3f01cbeab1}REG_BINARY Binary Data
 
{7efeba7c-0080-493c-8073-a6a0d078d146}REG_BINARY Binary Data
 
{255d26ec-e6af-43a7-a2f9-9aa462d637e7}REG_BINARY Binary Data
 
{6568a2f1-7fb0-4fe0-8fa3-c017b26d3315}REG_BINARY Binary Data
 
{0815fbe9-f46e-47b0-9720-868039cdf247}REG_BINARY Binary Data
 
{c2bd28c3-0d3e-4a41-ae85-b420db446ebb}REG_BINARY Binary Data
 
{c66e083c-ba83-4555-9dcf-85fe1334d851}REG_BINARY Binary Data
 
{bc32649d-454d-4645-9bcb-fd652197dcac}REG_BINARY Binary Data
 
{fe37a6b8-c4a1-4a59-bae1-3fc4938c5bef}REG_BINARY Binary Data
 
{4b5b50e0-12ae-4c3a-bf3e-601dcc7e8d25}REG_BINARY Binary Data
 
{585adae8-d0fa-4416-931e-64e2769b7a4d}REG_BINARY Binary Data
 
{f42f2ce9-00b2-43c5-8d9d-c0aaa28dc69c}REG_BINARY Binary Data
 
{27c75264-4877-4cb1-a6f5-ec7ba98fd03a}REG_BINARY Binary Data
 
{ff84b144-ab5e-49df-a1bd-c259cc6551d1}REG_BINARY Binary Data
 
{a09bed3a-f4d9-4f7a-b660-d416d7f6add5}REG_BINARY Binary Data
 
{a1d543ed-57b2-4e98-b870-70cd825e71c4}REG_BINARY Binary Data
 
{bc4fa49b-ffae-40a6-bb3e-14caf96dcf66}REG_BINARY Binary Data
 
{b7693536-10ff-47df-a94b-2f20ed6fead1}REG_BINARY Binary Data
 
{b8ca805e-ae21-41bf-b25c-e821916466ec}REG_BINARY Binary Data
 
{fdd7048a-426f-4250-b98f-d02a8cb4f3cd}REG_BINARY Binary Data
 
{ff085613-834a-45c1-b5e8-f202fb1d5c8e}REG_BINARY Binary Data
 
{31efaa67-8767-4add-8cc4-976a7447d81a}REG_BINARY Binary Data
 
{44734966-6b38-4dc8-922f-4ad747c6a144}REG_BINARY Binary Data
 
{2888ca45-582c-4869-a0a3-27cdce9f648e}REG_BINARY Binary Data
 
{b179e2ae-1d67-48a0-b238-d6f42d5596ed}REG_BINARY Binary Data
 
{295707f9-9ab9-486e-8c09-38822eff5302}REG_BINARY Binary Data
 
--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded              REG_DWORD 1
DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group                         REG_SZ FSFilter Infrastructure
ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl                  REG_DWORD 3
Start                         REG_DWORD 0
Tag                           REG_DWORD 1
Type                          REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0                             REG_SZ Root\LEGACY_FLTMGR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
 
 
C:\Windows\system32\drivers\fltmgr.sys
File Size: 289664    BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]
C:\Windows\SysWOW64\olepro32.dll
File Size: 90112     BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]
 
 
MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced: 
    AutomaticQuarantine:                                       true 
    AutostartProtection:                                       true 
    LimitedMode:                                               false 
    SelfProtection:                                            false 
    StartSilentMode:                                           false 
    StartupDelay:                                              0 
ApplicationState: 
    First-Run-After-Installation:                              false 
General: 
    DaysUntilNotifyExpiration:                                 5 
    Language:                                                  en 
    RightClickAccess:                                          true 
    SilentErrors:                                              false 
Logging: 
    ExportLog:                                                 true 
Notification: 
ProtectionTray: 
    DisplayMilliseconds:                                       7000 
ScanHistory: 
    Duration_Complete:                                         34000 
    Duration_Driver:                                           0 
    Duration_Filesystem:                                       0 
    Duration_Heuristics:                                       307000 
    Duration_Loading:                                          0 
    Duration_MasterBootRecord:                                 0 
    Duration_Memory:                                           40000 
    Duration_PreScan:                                          14000 
    Duration_Registry:                                         30000 
    Duration_Sector:                                           0 
    Duration_Startup:                                          15000 
    ItemCount_Complete:                                        219683 
    ItemCount_Driver:                                          0 
    ItemCount_Filesystem:                                      41484 
    ItemCount_Heuristics:                                      9499 
    ItemCount_Loading:                                         0 
    ItemCount_MasterBootRecord:                                0 
    ItemCount_Memory:                                          2797 
    ItemCount_PreScan:                                         0 
    ItemCount_Registry:                                        609 
    ItemCount_Sector:                                          0 
    ItemCount_Startup:                                         1567 
    LastScanDateEpoch:                                         1403973430859 
    LastScanType:                                              1 (Threat Scan)
Update: 
    LastUpdate:                                                2014-06-28T16:36:50 
    NotifyInstallReady:                                        true 
    NotifyOutdatedDatabase:                                    1 
    ProxyPassword:                                              
    ProxyPort:                                                 0 
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false 
    UseProxyAuthentication:                                    false 
--------------Account:--------------
  Account Status:                                              Free 
  Expiration Time:                                             2014/06/05 06:33:49 
  Activation Time:                                             2014/05/22 06:33:49 
  Trial Used:                                                  true 
--------------Access Policies:--------------
 
Scheduler Queue:
================
 
tasks: 
    766b1492-fa77-4538-8ffa-d0ca5532cc08:                       
      parameters:                                               
        NotifyWhenUpdateCompletes:                             true 
        TaskType:                                              3 
      triggers:                                                 
        dc2813c2-4cc8-4cf0-ad58-304ae7cfe177:                   
          dateinterval:                                        0:0:0 
          lastscheduled:                                       Sat, 28 Jun 2014 09:49:24.924122 -0700 
          lasttriggered:                                       Wed, 04 Jun 2014 22:59:21.924122 -0700 
          nextscheduled:                                       Sat, 28 Jun 2014 10:49:24.924122 -0700 
          recovery:                                            00:00:00 
          start:                                               Wed, 21 May 2014 23:39:23.567375 -0700 
          timeinterval:                                        01:00:00 
          type:                                                3 
          uuid:                                                dc2813c2-4cc8-4cf0-ad58-304ae7cfe177 
      type:                                                    update 
      uuid:                                                    766b1492-fa77-4538-8ffa-d0ca5532cc08 
    f738a4f0-7897-444c-a86a-2c7c8e2b4993:                       
      parameters:                                               
        CheckForUpdatesBeforeScanStart:                        true 
        ScanConfig:                                             
          ExitWhenNoMalwareDetected:                           false 
          ExportLog:                                           true 
          FileSystemOption:                                    true 
          RebootSystemWhenMalwareDetected:                     false 
          RemoveMalwareAutomaticallyWhenScanEnds:              false 
          ScanArchives:                                        true 
          ScanExtra:                                           true 
          ScanHeuristic:                                       true 
          ScanMemoryObjects:                                   true 
          ScanPUM:                                             2 
          ScanPUP:                                             2 
          ScanRegistry:                                        true 
          ScanRootkits:                                        false 
          ScanStartup:                                         true 
          ScanTargets:                                          
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true 
          TerminateExplorerWhenMalwareIsRemoved:               false 
        StartTaskFromSystemAccount:                            false 
        TaskType:                                              0 
      triggers:                                                 
        01622944-704b-44ff-94bc-6ca27eef41ce:                   
          dateinterval:                                        1:0:0 
          lastscheduled:                                       Fri, 27 Jun 2014 18:32:24.708049 -0700 
          lasttriggered:                                       Wed, 04 Jun 2014 18:42:47.708049 -0700 
          nextscheduled:                                       Sat, 28 Jun 2014 18:32:24.708049 -0700 
          recovery:                                            23:00:00 
          start:                                               Thu, 22 May 2014 03:06:14 -0700 
          timeinterval:                                        00:00:00 
          type:                                                4 
          uuid:                                                01622944-704b-44ff-94bc-6ca27eef41ce 
      type:                                                    scan 
      uuid:                                                    f738a4f0-7897-444c-a86a-2c7c8e2b4993 
 
Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
 
MBAMProtector Registry Values:
==============================
 
 
 
MBAMService Registry Values:
============================
 
 
 
MBAMScheduler Registry Values:
==============================
 
 
 
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
 
--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
TermService Start is set to: 3 (Manual Startup)
 
Proxy Status: No proxy is Set
 
Proxy Override: 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
ProxyOverride REG_SZ <local>
 
LAN Settings:
=============
 
only 'Automatically detect settings' is selected
 
SystemPartition:
================
 
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume2
 
Balloon Tips Status:
====================
 
Enabled
 
Time Format Settings:
=====================
 
Should be:
h:mm:ss tt
AM 
PM 
:
 
Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :
 
Language and Regional Settings:
===============================
 
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: Language is English (United States)
 
Startup Folders for Error_Expanding_Variables Check:
====================================================
 
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
 
 
Context Menu Entries:
=====================
 
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
(Default):                    REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
 
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
(Default):                    REG_SZ IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
ThreadingModel                REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
(Default):                    REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
(Default):                    REG_SZ MBAMExt.MBAMShlExt
 
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default):                    REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default):                    REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
 
 
List of MBAM Related Directories:
=================================
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [9f522b2708cab181c0f137abbcd1de2e]
changes.txt                             File Size: 2261      BYTES FileVersion:  N/A            MD5: [af70267bdf9a37a96f1a79a5c3720ae6]
license.rtf                             File Size: 39478     BYTES FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                 File Size: 579896    BYTES FileVersion:  1.0.7.0        MD5: [d32c2a98859cb22d57a665f15f351e7d]
mbam.exe                                 File Size: 6970168   BYTES FileVersion:  1.0.0.532      MD5: [4fbc630768570e6ac35c3de8f6ec79f5]
mbamcore.dll                             File Size: 1680696   BYTES FileVersion:  1.0.11.0       MD5: [f722fa26739eafcbd8d5f3829b632cd7]
mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [4da2f2da54a92850f56c0db712058188]
mbamext.dll                             File Size: 184632    BYTES FileVersion:  3.0.4.0        MD5: [945bb364b09f3a8e998dbff02a0a5a58]
mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [9acd7583584c93ee542c273df8e91dc1]
mbamscheduler.exe                       File Size: 1809720   BYTES FileVersion:  3.0.2.0        MD5: [d84aea3f3329d622dfc1297dddf6163b]
mbamservice.exe                         File Size: 860472    BYTES FileVersion:  3.0.2.0        MD5: [4f45ed469906494f9bf754e476390dbd]
mbamsrv.dll                             File Size: 4437816   BYTES FileVersion:  1.1.0.0        MD5: [9b48e38c35f08fa831b387a0b27c40aa]
msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [e4b829081e639e42985853bae754a53d]
msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [80fcedbe920e9cbe30d9d3665bd6efed]
QtCore4.dll                             File Size: 2732856   BYTES FileVersion:  4.8.4.0        MD5: [30490eed6a1e20e8259c0b9c58f488fe]
QtGui4.dll                               File Size: 8575288   BYTES FileVersion:  4.8.4.0        MD5: [15e21aa7d0c0c994cd565eeb96d13c20]
QtNetwork4.dll                           File Size: 909112    BYTES FileVersion:  4.8.4.0        MD5: [d7588d42e29080c32a003bee465160d8]
unins000.dat                             File Size: 23315     BYTES FileVersion:  N/A            MD5: [04f6844857044e933d2cae97d0b2ac45]
unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.pif                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.scr                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
iexplore.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.com                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.exe                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.pif                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.scr                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-killer.exe                         File Size: 1181496   BYTES FileVersion:  N/A            MD5: [c6927fd8f7e9105b64db5d5a08b53731]
rundll32.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
svchost.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
windows.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
winlogon.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                               File Size: 32568     BYTES FileVersion:  4.8.4.0        MD5: [e59f533c26c8375cd120b4791482217e]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_bg.qm                               File Size: 144048    BYTES FileVersion:  N/A            MD5: [9ccb79999432d56b9843a3e2b2c90325]
lang_bs.qm                               File Size: 145523    BYTES FileVersion:  N/A            MD5: [6ab7a6274d4f9f7553c944f5c66201ba]
lang_ca.qm                               File Size: 132254    BYTES FileVersion:  N/A            MD5: [68a83ec63b6e7bc5dbdd412bcc49c6ce]
lang_cs.qm                               File Size: 141243    BYTES FileVersion:  N/A            MD5: [6b8acee7f461fa69b83d2c45c3725427]
lang_da.qm                               File Size: 130101    BYTES FileVersion:  N/A            MD5: [8539796784746218b229419e99ab308d]
lang_de.qm                               File Size: 149462    BYTES FileVersion:  N/A            MD5: [fcd3bc376ad219396e8c7d3c87cd8864]
lang_el.qm                               File Size: 149912    BYTES FileVersion:  N/A            MD5: [74f13f95f63fe96c08e571598df052d6]
lang_en.qm                               File Size: 115961    BYTES FileVersion:  N/A            MD5: [8c9da1c0ce06b89f8d323bf948bfba4e]
lang_es.qm                               File Size: 130487    BYTES FileVersion:  N/A            MD5: [33e1c6d40b841cc2e783ec8d8102e66f]
lang_et.qm                               File Size: 138126    BYTES FileVersion:  N/A            MD5: [aa215b5f37a72a69854c9163ac543b51]
lang_fi.qm                               File Size: 144256    BYTES FileVersion:  N/A            MD5: [18912c339939c3a6629004ec900f4fe4]
lang_fr.qm                               File Size: 149253    BYTES FileVersion:  N/A            MD5: [ec2bf2f431c4273f151b8c8a7b84c387]
lang_he.qm                               File Size: 116101    BYTES FileVersion:  N/A            MD5: [9e692744e77051c6ce14df32f9b71920]
lang_hr.qm                               File Size: 139841    BYTES FileVersion:  N/A            MD5: [3e3737fe86eb595c5f6817eebf731aa7]
lang_hu.qm                               File Size: 145621    BYTES FileVersion:  N/A            MD5: [52d3d7fcf8c8db071ef0573a1357c2fd]
lang_id.qm                               File Size: 143102    BYTES FileVersion:  N/A            MD5: [80473d2c73d2f54f2b23c9316f2d0ceb]
lang_it.qm                               File Size: 146851    BYTES FileVersion:  N/A            MD5: [7e7aea7d0b433d7e912ed9f0887684a7]
lang_ja.qm                               File Size: 121282    BYTES FileVersion:  N/A            MD5: [19ac79b7a5e05d665e417c2dd75afc94]
lang_ko.qm                               File Size: 118033    BYTES FileVersion:  N/A            MD5: [de213178c14490bf452ea45278d3442d]
lang_nl.qm                               File Size: 146325    BYTES FileVersion:  N/A            MD5: [5aec6f6bdc5e6c28744e6ef374709eeb]
lang_no.qm                               File Size: 142918    BYTES FileVersion:  N/A            MD5: [4388c08217618af2e24173af6f5d3f97]
lang_pl.qm                               File Size: 145434    BYTES FileVersion:  N/A            MD5: [699700c889447d1f9b607c04f07fff67]
lang_pt_BR.qm                           File Size: 131739    BYTES FileVersion:  N/A            MD5: [a3430222223d59da8ec6ea1edae5ee2f]
lang_pt_PT.qm                           File Size: 149128    BYTES FileVersion:  N/A            MD5: [afdf1907af4c95f9af510d5fc1bb9067]
lang_ro.qm                               File Size: 121166    BYTES FileVersion:  N/A            MD5: [1672a2b3a9807a1497fe43824c0026c0]
lang_ru.qm                               File Size: 122186    BYTES FileVersion:  N/A            MD5: [d4dd1eea2b0f52aba2fca4d159c387f7]
lang_sk.qm                               File Size: 119827    BYTES FileVersion:  N/A            MD5: [8b200d162e8028843e41aa1a927cfd84]
lang_sl.qm                               File Size: 143191    BYTES FileVersion:  N/A            MD5: [1760a6aa6990b2f0c4c71ec04b25ac9c]
lang_sr.qm                               File Size: 143261    BYTES FileVersion:  N/A            MD5: [377d15c0da0249f4a7a58978b6307d81]
lang_sv.qm                               File Size: 142525    BYTES FileVersion:  N/A            MD5: [2587ead21967296fefdd0ee0684fe8b4]
lang_tr.qm                               File Size: 142194    BYTES FileVersion:  N/A            MD5: [880fcbe97ec6f13ec094f7371b5b295f]
lang_vi.qm                               File Size: 126874    BYTES FileVersion:  N/A            MD5: [c61281786b5bfec68afc742a19f6abd9]
lang_zh_tr.qm                           File Size: 110870    BYTES FileVersion:  N/A            MD5: [f223d83580b1ee35edea13293cb2c80d]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [3a4dcd021d9f3a5305a22e5e309da305]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                             File Size: 314       BYTES FileVersion:  N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]
domains.ref                             File Size: 38        BYTES FileVersion:  N/A            MD5: [8c30b536b67543eb68e68b9640d4d498]
exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                 File Size: 33        BYTES FileVersion:  N/A            MD5: [8a1c580788ea8de3f32862c2c1cf373c]
rules.ref                               File Size: 8643084   BYTES FileVersion:  N/A            MD5: [083ae4b8ca28265b0c0c8ccbeca57a6f]
swissarmy.ref                           File Size: 21701     BYTES FileVersion:  N/A            MD5: [dcc5fb8f29159d8d0654651afcdfd3e1]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                               File Size: 4500      BYTES FileVersion:  N/A            MD5: [0d95668c6e8cece8e3ea376e8a6a6f7c]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 475       BYTES FileVersion:  N/A            MD5: [4ecc4bae47470e0f42a14845d02c6f3e]
manifest.conf                           File Size: 2126      BYTES FileVersion:  N/A            MD5: [c5501e17c41c88125ae8657d3eb52862]
marketing.conf                           File Size: 1434      BYTES FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                 File Size: 6110      BYTES FileVersion:  N/A            MD5: [482e028f3208db74a573ba9a5fd66c1c]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 2200      BYTES FileVersion:  N/A            MD5: [159548ae95926b7f5158606ae2787392]
settings.conf                           File Size: 2013      BYTES FileVersion:  N/A            MD5: [d7b94ce2dac72dd30da666e6ae029495]
statistics.conf                         File Size: 597       BYTES FileVersion:  N/A            MD5: [bf7ac7bbe6de111631e9d59b492e626d]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2014-05-21 (23-47-17).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [fe791053cb3a91e3fe75b757002758e1]
mbam-log-2014-05-22 (05-30-57).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [aeac3a0c498ea61af058ac8dbb8aab74]
mbam-log-2014-05-23 (05-32-04).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [e57f8db38cff0f48552911a1e0fdcf90]
mbam-log-2014-05-24 (11-05-26).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [a0954310c5ca0c954ff5fff7a500309f]
mbam-log-2014-05-25 (10-51-38).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [fe89ca44c745df159789290ca2dfa97a]
mbam-log-2014-05-26 (10-57-30).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [1d33fa625722c5d3c447b068dbf460e8]
mbam-log-2014-05-27 (17-49-12).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [06881b78b5542770a5f999f717910c61]
mbam-log-2014-05-28 (17-50-08).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [651b8fc5924f222e14b8451567fbdbc1]
mbam-log-2014-05-29 (17-58-49).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [2d1384f117b1302c0c0a7a60fbaf3336]
mbam-log-2014-05-30 (18-12-47).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [b64fec50a9e9eda098bbab8f37ec0426]
mbam-log-2014-05-31 (18-20-47).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [4a45e0a42fca8f338e872a38c5e8597e]
mbam-log-2014-06-01 (18-12-29).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [dda8d94fd653f8345dd81bfec1c638f9]
mbam-log-2014-06-02 (18-27-12).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [72892f7ba478e27a7d0729327ab087cb]
mbam-log-2014-06-03 (18-35-19).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [4a19b893dbd767ceb46da6869f3e3d2a]
mbam-log-2014-06-04 (18-42-47).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [2eabcc59833bdcf225c3b3dc72a88807]
mbam-log-2014-06-15 (22-52-23).xml       File Size: 2512      BYTES FileVersion:  N/A            MD5: [4ff15fe6988af72700bbe8139647c258]
mbam-log-2014-06-27 (20-08-13).xml       File Size: 2512      BYTES FileVersion:  N/A            MD5: [26bd97921efbd8e1a8b944777167815e]
mbam-log-2014-06-28 (09-37-08).xml       File Size: 2512      BYTES FileVersion:  N/A            MD5: [a2f74db9f62aa8a96d3a743525cf732f]
protection-log-2014-05-21.xml           File Size: 3632      BYTES FileVersion:  N/A            MD5: [075e3aa2d129826a5506d7567fe4b4f5]
protection-log-2014-05-22.xml           File Size: 10463     BYTES FileVersion:  N/A            MD5: [da71bd62f70023bc9a3f3df4a0410ade]
protection-log-2014-05-23.xml           File Size: 6303      BYTES FileVersion:  N/A            MD5: [5dc50e9e5c424c41b8776b1302ccaab2]
protection-log-2014-05-24.xml           File Size: 10463     BYTES FileVersion:  N/A            MD5: [c0f8dc459793a74bfa4347ca6b969dce]
protection-log-2014-05-25.xml           File Size: 8382      BYTES FileVersion:  N/A            MD5: [0c49d2427378f1af531045767deebf57]
protection-log-2014-05-26.xml           File Size: 13730     BYTES FileVersion:  N/A            MD5: [14e98b4820c866b81349dbe8d07aedd6]
protection-log-2014-05-27.xml           File Size: 10465     BYTES FileVersion:  N/A            MD5: [12c3ef36122eb3b9b0c9f3491becea97]
protection-log-2014-05-28.xml           File Size: 16706     BYTES FileVersion:  N/A            MD5: [e5db3030fd82bbbaa525ff663e466bc5]
protection-log-2014-05-29.xml           File Size: 12544     BYTES FileVersion:  N/A            MD5: [3cfc1e22bf5721eaf47962fe09633b5b]
protection-log-2014-05-30.xml           File Size: 7489      BYTES FileVersion:  N/A            MD5: [af997e6e7d5d7f9d4d39d51e54d01fe7]
protection-log-2014-05-31.xml           File Size: 16705     BYTES FileVersion:  N/A            MD5: [2c2fd35590ea7106a46adae14d414640]
protection-log-2014-06-01.xml           File Size: 16692     BYTES FileVersion:  N/A            MD5: [6dd40ecbdf540635f81a98ffcc48cca9]
protection-log-2014-06-02.xml           File Size: 15798     BYTES FileVersion:  N/A            MD5: [6c0f1b47d6f7f8af5f69403a0c5abecc]
protection-log-2014-06-03.xml           File Size: 8374      BYTES FileVersion:  N/A            MD5: [5d7cbe10301f87c4ebfd28c68923638c]
protection-log-2014-06-04.xml           File Size: 19961     BYTES FileVersion:  N/A            MD5: [5535b3622f0b6c2cf5e6db69193a03f2]
protection-log-2014-06-15.xml           File Size: 368       BYTES FileVersion:  N/A            MD5: [7a5b309ee2b1c4122d4bec0a12e8aa95]
protection-log-2014-06-27.xml           File Size: 679       BYTES FileVersion:  N/A            MD5: [bf287217a625181ec1ed7ed59173f138]
protection-log-2014-06-28.xml           File Size: 679       BYTES FileVersion:  N/A            MD5: [e2631a9eb3e6f14047926531c84e8cf2]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
 
Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
===============================================================
END OF FILE
 

Edited by Melisae21, 28 June 2014 - 11:52 AM.


#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,804 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:45 PM

Posted 28 June 2014 - 12:20 PM

Nada.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users