Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help on how to remove GoSaVe 2.0


  • Please log in to reply
4 replies to this topic

#1 HelpPlease_

HelpPlease_

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 05 October 2014 - 07:12 PM

I try to remove the extension on Google Chrome, but when I restart the program, it reappears in my extensions. I have tried using Norton and wouldn't remove it and I've also tried using this topic:  http://www.bleepingcomputer.com/forums/t/550235/need-assistance-in-removing-gosave-20-please/ and doesn't work

Edit: Moved topic from Windows 8 to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:09 PM

Posted 06 October 2014 - 03:31 AM

Hello HelpPlease_

 

There can be problems following another "similar" topic, unless you are directed to use those methods ..........

 

Step 1 -

Please try to remove the extension or entry if you can find it in your browser(s) and then Reset your Home page to what you normally use.

I normally use http://www.google.com as my first home page, since it is "safe and neutral" (at most times).

 

Try these steps directly after you remove the extension.

 

Step 2 -

If you still have problems, here are directions for the use of Revo Uninstaller

Please download and install Revo Uninstaller Free

  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall this program, click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers....(be patient here ! ) click Next.
  • Check / tick the bolded items Only, then click  DELETE
  • When prompted click on Yes and then on next.   
  • Put a check on any folders that are found and select delete
  • When prompted select yes then on next
  • Once done click Finish.

Also please read How to use Revo Uninstaller

 

 

Now be sure to Reset your Home page(s) ...........

 

 

Also be sure to follow the advice from dc3 below, and Copy and Paste the logs back.

 

 

Thanks -


Edited by noknojon, 06 October 2014 - 03:47 PM.


#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,407 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:09 PM

Posted 06 October 2014 - 09:34 AM

Please download AdwCleaner and install it.
 
When AdwCleaner opens you will see an image like the one below.
 
adwcleaner11_zps48314883.png
 
Click on Scan to start the scan.
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.  The computer will be restarted to complete the cleaning process.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.
 
To remove extensions from Google Chrome
 
Press Alt+F and point to Tools.
Click Extensions.
Remove unwanted extensions.
Click Settings.
Under On startup, select the last option and click Set pages.
Set a new startup page.
Under Search, click Manage search engines and click enter the URL of your new default search provider. Click Ok.
 
 

Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.

Edited by dc3, 06 October 2014 - 09:35 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 HelpPlease_

HelpPlease_
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 06 October 2014 - 05:14 PM

mbam-check result log version:     2.1.1.1001
========================================
 
User Account type:                 Administrator
OS:                                Windows 8.1  64 bit Operating System
Current Version and Build:         6.3.9200.0 
Malwarebytes Anti-Malware:         2.0.2.1012
Installed On:                      2014/10/06
Malware Database:                  2014.10.06.09
Rootkit Database:                  2014.09.19.01
Remediation Database:              2013.10.16.01
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Trial
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      4 (The service is running.)
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2014/10/06 15:06:26
Compatibility Flag Settings:
=================================
 
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Program Files (x86)\PlayOnline\SquareEnix\FINAL FANTASY XI\Ableepa\Ableepa.exeREG_SZ ~ RUNASADMIN
 
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
NCPluginUpdater               REG_SZ "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
 
Malwarebytes Anti-Malware Service and Driver Status:
=======================================================
 
--------------Driver File Info:--------------
C:\WINDOWS\system32\drivers\mbam.sys
File Size: 25816     BYTES FileVersion: 0.1.13.0 MD5: [f92b0e478c0faa6d6661e6e977247e60]
C:\WINDOWS\system32\drivers\mwac.sys
File Size: 64216     BYTES FileVersion: 1.0.1.0 MD5: [0664f6335f108f38fe08c3ca747311ee]
C:\WINDOWS\system32\drivers\mbamswissarmy.sys
File Size: 122584    BYTES FileVersion: 0.1.7.0 MD5: [8a50d5304e6ae48664cf5838ec32f647]
C:\WINDOWS\system32\drivers\mbamchameleon.sys
File Size: 91352     BYTES FileVersion: 1.0.4.0 MD5: [9d9ed48f841ea37aa5310d54b9e5d3c7]
 
--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMScheduler:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMWebAccessControl:--------------
Type:                   1
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
Required Dependencies:
======================
 
--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
ErrorControl                  REG_DWORD 1
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Start                         REG_DWORD 2
Type                          REG_DWORD 32
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
DependOnService               REG_MULTI_SZ RpcSs
WfpLwfs
 
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
{89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
 
{84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
 
{8c300c03-7d30-1b44-8a83-dcc8c09cfa85}REG_BINARY Binary Data
 
{e88282c2-f90f-ef54-1a60-13cbe22eceaa}REG_BINARY Binary Data
 
{e1739739-ee27-4492-b61b-b1fd907d9e88}REG_BINARY Binary Data
 
{0f14dd31-cf58-4fab-9127-e085c7547d7a}REG_BINARY Binary Data
 
{034c737b-f629-a1b4-6afb-1a2f44a1a1d7}REG_BINARY Binary Data
 
{cfb4c757-0bff-94e4-7801-a2b2f62f35ce}REG_BINARY Binary Data
 
{47a3a498-021c-7304-b85a-6bb5e43ade96}REG_BINARY Binary Data
 
{5bb9675e-0064-2cb4-d89d-bcd4e20e11c8}REG_BINARY Binary Data
 
{ca70ae30-59e8-46ef-b483-c22ee366ab29}REG_BINARY Binary Data
 
{b18f04c9-f2e9-4d39-9510-b9265a6b071d}REG_BINARY Binary Data
 
{430f2767-3528-2784-289e-b0860d99a608}REG_BINARY Binary Data
 
{a06ae492-b0c1-1f94-caa4-bb9b226ca22d}REG_BINARY Binary Data
 
{c540d974-3c6c-be64-5bff-3db65b322a1d}REG_BINARY Binary Data
 
{3e3f092e-1288-a8c4-28bf-2b4ef96df312}REG_BINARY Binary Data
 
{e20f0605-5735-38d4-6aea-19d1b15c7868}REG_BINARY Binary Data
 
{2dc4271a-246e-a1a4-3a70-4c8f14fd7ba0}REG_BINARY Binary Data
 
{638ffdf7-a3ff-66c4-7b65-4f406b0da651}REG_BINARY Binary Data
 
{f9bc3444-96d0-0ca4-8920-5425ed611a9e}REG_BINARY Binary Data
 
{0ff1f959-c0d4-3ca4-a8a5-cb469d318b39}REG_BINARY Binary Data
 
{1dd94704-a218-0d34-18d3-1ba50d201728}REG_BINARY Binary Data
 
{39f29298-8fa5-0144-fab3-bcd9ad227c3b}REG_BINARY Binary Data
 
{f154d790-c121-3a84-7824-f7ff97bea29e}REG_BINARY Binary Data
 
{a708428d-50f4-9d44-aa15-fd48988b7d66}REG_BINARY Binary Data
 
{98b0b712-aa06-f734-0bec-c14f445161c4}REG_BINARY Binary Data
 
{70e10304-e806-1af4-4a65-791688215398}REG_BINARY Binary Data
 
{fb588d62-f991-4044-bba6-5e96cf3939df}REG_BINARY Binary Data
 
{64f39050-d77f-7a74-8a07-2a7c2dd7802d}REG_BINARY Binary Data
 
{e69be8e1-869d-0e34-99f6-f82ea91df33d}REG_BINARY Binary Data
 
{dcae098a-dff1-ffe4-9b22-0bb2738885db}REG_BINARY Binary Data
 
{113ba551-0a01-aa84-1944-25df351f74ab}REG_BINARY Binary Data
 
{ef11fc1e-9d20-ff14-3b74-55b7e55eeb97}REG_BINARY Binary Data
 
{b457115e-0fc4-89f4-2b7d-85e7d94efcaa}REG_BINARY Binary Data
 
{2265f512-4d6b-8484-fbf8-7d6ec7579b67}REG_BINARY Binary Data
 
{1b0fa1a4-5e46-8cc4-18c0-f5ff3dd69546}REG_BINARY Binary Data
 
{d663476c-94a3-c5e4-db44-7aa6c8fabd83}REG_BINARY Binary Data
 
{d4de1868-54d9-b4e4-ab30-b9c378cb4b18}REG_BINARY Binary Data
 
{c8e26ddd-a426-73e4-b848-a5c31a087eca}REG_BINARY Binary Data
 
{f67c8b29-2d24-0a74-fbd7-a5cbbe16f710}REG_BINARY Binary Data
 
{fbe3d017-fb99-8c14-aad9-631321b22614}REG_BINARY Binary Data
 
{b47f0b6a-3185-6434-c8b0-e1e69c18eb94}REG_BINARY Binary Data
 
{68487fdc-3301-cef4-ea7a-583c54b3069c}REG_BINARY Binary Data
 
{21e3a753-0ccf-f284-abd6-7221adbd9311}REG_BINARY Binary Data
 
{ffb717c4-ecc7-8b14-3978-dca6602db705}REG_BINARY Binary Data
 
{c40bc20f-87a8-8e24-e824-38f14fb83d7e}REG_BINARY Binary Data
 
{9cd26f24-b76d-2e14-ca19-d17d552bb424}REG_BINARY Binary Data
 
{3bbaa68c-b062-66a4-8a85-648680f757ca}REG_BINARY Binary Data
 
{cd1b16b0-cc00-0be4-79f2-7b4ae69a2037}REG_BINARY Binary Data
 
{511094b4-6ffd-e2e4-0bcf-9794e77d95ae}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Options
EnablePacketQueue             REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
{288d1fdb-0317-7e44-cb75-83debf2aebf5}REG_BINARY Binary Data
 
{43ebc567-3739-d724-e89c-cd57f7f662be}REG_BINARY Binary Data
 
{e07dc617-78d7-4317-8d98-1de4a06a7447}REG_BINARY Binary Data
 
{fa50a7a7-58aa-48cc-b795-039f0519e05d}REG_BINARY Binary Data
 
{83b672f1-37df-f3d4-c8be-2d0ed09451ed}REG_BINARY Binary Data
 
{1938590a-37c1-4754-e9ee-c9198f101b57}REG_BINARY Binary Data
 
{63ceb950-c8c2-62c4-197a-70815d052de9}REG_BINARY Binary Data
 
{7f44d536-a1d5-04b4-5821-f9d3f05e7b77}REG_BINARY Binary Data
 
{0c1ac9f9-08e1-4a93-b969-f2cc78ab71da}REG_BINARY Binary Data
 
{ba7a59eb-6441-4b0a-8867-5e8b896c2786}REG_BINARY Binary Data
 
{822c8b33-e507-cad4-ab50-e06d74102386}REG_BINARY Binary Data
 
{ce939e38-be51-53f4-d98e-c7905ea7af84}REG_BINARY Binary Data
 
{b787f560-894f-8db4-1bd5-ea38d2f4006a}REG_BINARY Binary Data
 
{5040b65d-0ecd-5fc4-99ee-7bccd3941b13}REG_BINARY Binary Data
 
{e53d1460-4afc-e1e4-8a2e-e210cc564688}REG_BINARY Binary Data
 
{2e971130-3bf4-ea64-9ab5-cb9c3a0cad57}REG_BINARY Binary Data
 
{bff0c14d-5646-7644-3a01-f0344e4cb231}REG_BINARY Binary Data
 
{3ce1de5f-d7ef-e064-1991-abe3beefda33}REG_BINARY Binary Data
 
{d384de9c-320b-7564-788b-7e17bd4f3e06}REG_BINARY Binary Data
 
{b6fe0628-75e9-41d4-c85b-106b79a9605c}REG_BINARY Binary Data
 
{6db2047b-4844-4a34-c9f7-612acd816b15}REG_BINARY Binary Data
 
{7dbcb70a-fa99-76c4-2bb7-44e9545c290b}REG_BINARY Binary Data
 
{f0888ff5-e13d-e844-1b13-64f885451c9e}REG_BINARY Binary Data
 
{1e6f2082-dc1c-e774-9889-d77bc276de17}REG_BINARY Binary Data
 
{34392ca1-05dd-d324-d886-a1db63fd0a1c}REG_BINARY Binary Data
 
{2c8aea04-7f81-44e4-380a-4f1f1fd3ec8b}REG_BINARY Binary Data
 
{4d6ff4f5-33fc-04a4-5a43-580d83238c1f}REG_BINARY Binary Data
 
{056d0c54-b875-6b54-3b6b-85fb20ef945b}REG_BINARY Binary Data
 
{d9bf7a23-80e2-16f4-4916-10b6881da7f4}REG_BINARY Binary Data
 
{3b15de27-387f-0b04-b8fd-9cfec1fc2b53}REG_BINARY Binary Data
 
{ff60487c-9b38-8b74-eaad-a723fe2920f3}REG_BINARY Binary Data
 
{e113abe3-c2c2-e7d4-981a-1d81cef728cd}REG_BINARY Binary Data
 
{f9c69fee-fab9-4d14-7bf0-4150924172c3}REG_BINARY Binary Data
 
{013bfb29-c999-4f74-e91a-163592356489}REG_BINARY Binary Data
 
{a1f52b10-d3a0-5584-db3f-4fbff5ee691e}REG_BINARY Binary Data
 
{a66e372d-6ad2-32b4-fa7a-9e5406a06efb}REG_BINARY Binary Data
 
{25452abe-22c4-46e4-4b43-4e63c44ff052}REG_BINARY Binary Data
 
{d2186677-8f09-80c4-9a3c-fb95a7cafe47}REG_BINARY Binary Data
 
{13d22885-8869-6194-8a68-eabf78dc7b1d}REG_BINARY Binary Data
 
{85d443eb-d02f-35b4-09b6-17a55933e9a9}REG_BINARY Binary Data
 
{468aa82e-7c0b-3484-f976-c96cac54f548}REG_BINARY Binary Data
 
{d7167dab-073c-70f4-eaa7-27a7f9058100}REG_BINARY Binary Data
 
{aa75c41d-0567-9754-fbb4-98314d2e1025}REG_BINARY Binary Data
 
{72d8a0b2-f9e8-3a14-5947-53b26053e2cc}REG_BINARY Binary Data
 
{1e83b45d-73c2-3c74-69ca-ca49a21a9471}REG_BINARY Binary Data
 
{124cd831-d190-26d4-1912-9d66a2f87850}REG_BINARY Binary Data
 
{f4965f1d-9b1d-c1b4-a9bf-7f14d9558673}REG_BINARY Binary Data
 
{d9fbf698-6e04-4044-e834-05a80e2c7216}REG_BINARY Binary Data
 
{3c565f9a-e9d1-52d4-280a-204519ae9b74}REG_BINARY Binary Data
 
{cae4853d-d48a-5094-9998-a654d8a1f201}REG_BINARY Binary Data
 
{c195d6cb-28ba-0244-f9ea-d52c30774a2f}REG_BINARY Binary Data
 
{945df99a-f3cd-63b4-1925-816ce9429e3b}REG_BINARY Binary Data
 
{323a84ef-da67-4c44-3940-200827d6c044}REG_BINARY Binary Data
 
{379a9aa8-6286-9274-6a9a-1b9f9fef5ea2}REG_BINARY Binary Data
 
{3162ae5d-fd53-7894-badc-9910318def3f}REG_BINARY Binary Data
 
{83ad9a09-ff8f-4a54-d99a-cec7b98984ff}REG_BINARY Binary Data
 
{2de5159c-7a8e-f814-58c2-236f884dbb18}REG_BINARY Binary Data
 
{539b7c6d-8ad7-ea54-cbba-f028c6a88719}REG_BINARY Binary Data
 
{6329feaf-fae0-51e4-aba7-9107bc00d060}REG_BINARY Binary Data
 
{b99aa75f-8721-98a4-e952-f03e1e644994}REG_BINARY Binary Data
 
{a49c4ab8-c054-9914-2b9c-7d0ae48d8505}REG_BINARY Binary Data
 
{7df4b338-f782-f0f4-9bed-e9b45deb580e}REG_BINARY Binary Data
 
{f319fd16-192f-13a4-ea06-180e16c755f9}REG_BINARY Binary Data
 
{3cc23cb2-30bd-6674-3bf9-81d622fde73d}REG_BINARY Binary Data
 
{4053bd41-f27e-8bc4-39d8-4420fc25b014}REG_BINARY Binary Data
 
{92517201-7702-8bf4-dbea-9fdfe8a32410}REG_BINARY Binary Data
 
{1d0f6316-1e62-7cb4-b908-aebc52d7af48}REG_BINARY Binary Data
 
{c28099d7-7ef3-3f64-785c-9e82ff2678a9}REG_BINARY Binary Data
 
{9a81b08a-d239-9f14-ea63-fa043703c04b}REG_BINARY Binary Data
 
{a739d627-00a3-9634-ebf2-0b0c7977fea1}REG_BINARY Binary Data
 
{bd54f486-7316-ae84-bad6-efec4ca12d63}REG_BINARY Binary Data
 
{9d16cb2a-7eb4-db64-5980-d989275b5c6a}REG_BINARY Binary Data
 
{b95281e9-0df5-3664-289a-2cda6a45f97d}REG_BINARY Binary Data
 
{ca4cad28-4dd9-6034-69c5-d5362f3cc1cb}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
{89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
 
{84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
 
{e72646bc-7d3f-4c5c-a679-b3716f8c6cc8}REG_BINARY Binary Data
 
{b98b75dc-17c0-4e84-bd4e-2080527ca6a6}REG_BINARY Binary Data
 
{8c300c03-7d30-1b44-8a83-dcc8c09cfa85}REG_BINARY Binary Data
 
{e311ae9f-e0fb-7f04-7b55-8a257506650f}REG_BINARY Binary Data
 
{e88282c2-f90f-ef54-1a60-13cbe22eceaa}REG_BINARY Binary Data
 
{4ef2b2de-4b97-0234-3bbf-eaa6719814d6}REG_BINARY Binary Data
 
{e1739739-ee27-4492-b61b-b1fd907d9e88}REG_BINARY Binary Data
 
{e7609227-f261-4b39-a7f5-64e338ade472}REG_BINARY Binary Data
 
{0f14dd31-cf58-4fab-9127-e085c7547d7a}REG_BINARY Binary Data
 
{f3009b7d-992b-4cce-b65a-2792465c6ea4}REG_BINARY Binary Data
 
{034c737b-f629-a1b4-6afb-1a2f44a1a1d7}REG_BINARY Binary Data
 
{dcbbcd6b-37fe-0914-2b3e-a5a15ed83c24}REG_BINARY Binary Data
 
{cfb4c757-0bff-94e4-7801-a2b2f62f35ce}REG_BINARY Binary Data
 
{a5f90f38-2ba6-0c84-3a97-906cc41a4860}REG_BINARY Binary Data
 
{47a3a498-021c-7304-b85a-6bb5e43ade96}REG_BINARY Binary Data
 
{3bb6a48a-db01-da24-6b94-b0890b8da96f}REG_BINARY Binary Data
 
{5bb9675e-0064-2cb4-d89d-bcd4e20e11c8}REG_BINARY Binary Data
 
{642969df-6023-55a4-384d-a00571e7a98a}REG_BINARY Binary Data
 
{ca70ae30-59e8-46ef-b483-c22ee366ab29}REG_BINARY Binary Data
 
{c91d1d66-421c-4b87-ac5b-a18193abbd64}REG_BINARY Binary Data
 
{b18f04c9-f2e9-4d39-9510-b9265a6b071d}REG_BINARY Binary Data
 
{bb623a72-5252-4284-a365-1cd0f83e55ce}REG_BINARY Binary Data
 
{430f2767-3528-2784-289e-b0860d99a608}REG_BINARY Binary Data
 
{3ba7deb2-a886-ae74-f87a-72194738a423}REG_BINARY Binary Data
 
{a06ae492-b0c1-1f94-caa4-bb9b226ca22d}REG_BINARY Binary Data
 
{11cc978e-2782-1724-79bf-9a7edca87fae}REG_BINARY Binary Data
 
{c540d974-3c6c-be64-5bff-3db65b322a1d}REG_BINARY Binary Data
 
{9de53702-392d-8044-2953-fc2bc7af47ad}REG_BINARY Binary Data
 
{3e3f092e-1288-a8c4-28bf-2b4ef96df312}REG_BINARY Binary Data
 
{d96b0bca-4c17-2b34-48b1-60566dd3e999}REG_BINARY Binary Data
 
{e20f0605-5735-38d4-6aea-19d1b15c7868}REG_BINARY Binary Data
 
{e448f4a4-8392-a954-699a-41c712f4a5d3}REG_BINARY Binary Data
 
{2dc4271a-246e-a1a4-3a70-4c8f14fd7ba0}REG_BINARY Binary Data
 
{e1de2d9d-2a11-f554-0acf-db826b0f4bd6}REG_BINARY Binary Data
 
{638ffdf7-a3ff-66c4-7b65-4f406b0da651}REG_BINARY Binary Data
 
{5342d19f-180e-3124-b95c-cc8d73fef5b1}REG_BINARY Binary Data
 
{f9bc3444-96d0-0ca4-8920-5425ed611a9e}REG_BINARY Binary Data
 
{1c5aab44-1a9b-9c04-9a1d-f9f85ec51e98}REG_BINARY Binary Data
 
{0ff1f959-c0d4-3ca4-a8a5-cb469d318b39}REG_BINARY Binary Data
 
{b5db1d35-04c6-07f4-3912-a48d9266dc36}REG_BINARY Binary Data
 
{1dd94704-a218-0d34-18d3-1ba50d201728}REG_BINARY Binary Data
 
{a95b3da7-c453-a294-cacb-b5065e5a9dd0}REG_BINARY Binary Data
 
{39f29298-8fa5-0144-fab3-bcd9ad227c3b}REG_BINARY Binary Data
 
{4dbfdcf1-8cd6-79a4-1b57-d3ce0245e8ed}REG_BINARY Binary Data
 
{f154d790-c121-3a84-7824-f7ff97bea29e}REG_BINARY Binary Data
 
{b00673e4-f4be-01d4-cab1-cab8f7f217a8}REG_BINARY Binary Data
 
{a708428d-50f4-9d44-aa15-fd48988b7d66}REG_BINARY Binary Data
 
{ad3611e0-f9e2-ebf4-49e1-59361a5ffbea}REG_BINARY Binary Data
 
{98b0b712-aa06-f734-0bec-c14f445161c4}REG_BINARY Binary Data
 
{605a11a1-39e0-8eb4-2850-e2b24f317d76}REG_BINARY Binary Data
 
{70e10304-e806-1af4-4a65-791688215398}REG_BINARY Binary Data
 
{883a9337-5ef5-f4c4-5b87-239da3ee190f}REG_BINARY Binary Data
 
{fb588d62-f991-4044-bba6-5e96cf3939df}REG_BINARY Binary Data
 
{b14c171c-cba7-ebd4-fbb8-ce1071abca6d}REG_BINARY Binary Data
 
{64f39050-d77f-7a74-8a07-2a7c2dd7802d}REG_BINARY Binary Data
 
{24c60015-9c25-3f34-cacf-92da9840e906}REG_BINARY Binary Data
 
{e69be8e1-869d-0e34-99f6-f82ea91df33d}REG_BINARY Binary Data
 
{6d7c050d-a47a-9914-9b9c-3ec20b9d7698}REG_BINARY Binary Data
 
{dcae098a-dff1-ffe4-9b22-0bb2738885db}REG_BINARY Binary Data
 
{2efb3fad-ff4c-e684-5b3c-af1df1bf1ca9}REG_BINARY Binary Data
 
{113ba551-0a01-aa84-1944-25df351f74ab}REG_BINARY Binary Data
 
{125c4673-2cbe-b8d4-8aee-faf905c18997}REG_BINARY Binary Data
 
{ef11fc1e-9d20-ff14-3b74-55b7e55eeb97}REG_BINARY Binary Data
 
{49339bce-1676-b564-79f0-9dedba6ac5a0}REG_BINARY Binary Data
 
{b457115e-0fc4-89f4-2b7d-85e7d94efcaa}REG_BINARY Binary Data
 
{d167b2f1-e18b-4644-2b1f-c8c84095db6b}REG_BINARY Binary Data
 
{2265f512-4d6b-8484-fbf8-7d6ec7579b67}REG_BINARY Binary Data
 
{65bd1b95-7c25-1cb4-e8cf-5f77cf66fc7e}REG_BINARY Binary Data
 
{1b0fa1a4-5e46-8cc4-18c0-f5ff3dd69546}REG_BINARY Binary Data
 
{aea589d8-0f00-bc04-0a41-f96b266d758d}REG_BINARY Binary Data
 
{d663476c-94a3-c5e4-db44-7aa6c8fabd83}REG_BINARY Binary Data
 
{db7b7458-6817-ce44-0abe-440eae0c2b57}REG_BINARY Binary Data
 
{d4de1868-54d9-b4e4-ab30-b9c378cb4b18}REG_BINARY Binary Data
 
{60268e51-b7fd-c1e4-6b82-638aa19227bd}REG_BINARY Binary Data
 
{c8e26ddd-a426-73e4-b848-a5c31a087eca}REG_BINARY Binary Data
 
{1ad00215-eb30-eda4-69bd-346d8371787a}REG_BINARY Binary Data
 
{f67c8b29-2d24-0a74-fbd7-a5cbbe16f710}REG_BINARY Binary Data
 
{60286bb2-acca-67d4-58d8-3610a6618e15}REG_BINARY Binary Data
 
{fbe3d017-fb99-8c14-aad9-631321b22614}REG_BINARY Binary Data
 
{169d6be1-b993-6af4-c9f7-74f6946781e4}REG_BINARY Binary Data
 
{b47f0b6a-3185-6434-c8b0-e1e69c18eb94}REG_BINARY Binary Data
 
{30146aff-3c2c-0aa4-3905-894aa433e953}REG_BINARY Binary Data
 
{7587f941-cafe-99d4-fb05-f470e11db9d0}REG_BINARY Binary Data
 
{a3d09149-cc40-6854-f9b2-5a83e63b5aa9}REG_BINARY Binary Data
 
{08851390-28f1-d024-0a30-96424e7f2a8c}REG_BINARY Binary Data
 
{e00fb75c-bfb8-a0b4-ea1a-aad548b5cb38}REG_BINARY Binary Data
 
{d1d8fe07-0f6f-3bb4-8b2d-ac54185b9ea4}REG_BINARY Binary Data
 
{07a51945-f0a0-a984-19dd-a2fa6df50ca1}REG_BINARY Binary Data
 
{aa959992-13eb-eab4-c8c3-344b164dedc0}REG_BINARY Binary Data
 
{e124c736-1dd5-f034-181e-202a6f0d45e3}REG_BINARY Binary Data
 
{45b3b6b8-08a0-0eb4-2b3f-7cba6fcff68a}REG_BINARY Binary Data
 
{63f3d0c3-b230-3384-a9a0-05fe70c051a9}REG_BINARY Binary Data
 
{7d972967-373f-53c4-c822-6d9b98040aac}REG_BINARY Binary Data
 
{8b0216d4-8c51-5674-d977-0d4c5873c41f}REG_BINARY Binary Data
 
{68487fdc-3301-cef4-ea7a-583c54b3069c}REG_BINARY Binary Data
 
{63421a09-1e6b-1724-88be-ac3012cda100}REG_BINARY Binary Data
 
{21e3a753-0ccf-f284-abd6-7221adbd9311}REG_BINARY Binary Data
 
{d0bbb240-772e-3144-4bcd-ef6b426e90ba}REG_BINARY Binary Data
 
{0259c1da-7cce-f914-7a21-487e1e084a28}REG_BINARY Binary Data
 
{1dd6069a-5a11-49c4-ba9a-67c6a44f5b4c}REG_BINARY Binary Data
 
{104e67d6-ec8f-28b4-bb61-00fde33ab1eb}REG_BINARY Binary Data
 
{b4251f4a-2d5a-b014-0a4a-ed36b5e10ea0}REG_BINARY Binary Data
 
{ffb717c4-ecc7-8b14-3978-dca6602db705}REG_BINARY Binary Data
 
{4f8e204e-5624-9234-8a78-8f16aae3ef20}REG_BINARY Binary Data
 
{c40bc20f-87a8-8e24-e824-38f14fb83d7e}REG_BINARY Binary Data
 
{c55f646a-7d0e-5ff4-9b56-abc231ba1bef}REG_BINARY Binary Data
 
{4776b92a-fed9-d8e4-9a0e-f85cf5865d35}REG_BINARY Binary Data
 
{9f3078ed-3bb3-2e24-ab4a-71722a21fd64}REG_BINARY Binary Data
 
{92ac1647-5cd5-a1d4-0bc1-5fd3213c8c4b}REG_BINARY Binary Data
 
{02cca994-9a30-25a4-3b7c-bd328cba6209}REG_BINARY Binary Data
 
{a64e2fd7-fb02-4674-8819-10780570e8b7}REG_BINARY Binary Data
 
{8daa920a-dfd9-7844-5bf9-ab95051685aa}REG_BINARY Binary Data
 
{9cd26f24-b76d-2e14-ca19-d17d552bb424}REG_BINARY Binary Data
 
{9c8380e5-0d81-eef4-a88b-21dd395c25fa}REG_BINARY Binary Data
 
{3bbaa68c-b062-66a4-8a85-648680f757ca}REG_BINARY Binary Data
 
{22482d59-35d6-1f44-3b51-19ad61d3114c}REG_BINARY Binary Data
 
{cd1b16b0-cc00-0be4-79f2-7b4ae69a2037}REG_BINARY Binary Data
 
{87dc86f5-72ee-2fc4-8a83-0363327f1b96}REG_BINARY Binary Data
 
{511094b4-6ffd-e2e4-0bcf-9794e77d95ae}REG_BINARY Binary Data
 
{d7429422-150f-0c74-3bba-dc048e9baf3d}REG_BINARY Binary Data
 
{bf1b654b-5339-2a44-1923-64119b05b796}REG_BINARY Binary Data
 
{36ed884e-2b1f-e2d4-5b52-d7b9371a4b93}REG_BINARY Binary Data
 
{f0b80ade-0944-73b4-09cc-ba867baba6d6}REG_BINARY Binary Data
 
{3627ecb2-b18b-74a4-7b8a-4dc864cfe05e}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
 
{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
 
{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
 
{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
 
{06e9d64c-15e9-4615-a862-1f0dc2674c6a}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
 
{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
 
{138d8cf9-63ce-0264-2a6a-82012a3041e9}REG_BINARY Binary Data
 
{e104491e-e3ff-5884-297d-4a606059202a}REG_BINARY Binary Data
 
{944c7c85-2d3e-3ca4-b96c-45f1fbacf534}REG_BINARY Binary Data
 
{7ad177f7-b8b6-f044-982b-02fba7bb5a4b}REG_BINARY Binary Data
 
{982a8b99-8fda-5af4-394e-b3a86eeae3a2}REG_BINARY Binary Data
 
{716551c6-d81c-c314-8b60-8e802d17af65}REG_BINARY Binary Data
 
{fa440e9d-3210-9e34-0941-9e24589c14a7}REG_BINARY Binary Data
 
{3659e00e-8c62-9174-8be9-e4e562795f04}REG_BINARY Binary Data
 
{a98edafe-8f64-8144-fa1b-ba21cc1c77dd}REG_BINARY Binary Data
 
{7e0920ad-bcec-bb94-f850-b022eac09779}REG_BINARY Binary Data
 
--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded              REG_DWORD 1
DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
ErrorControl                  REG_DWORD 3
Group                         REG_SZ FSFilter Infrastructure
ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
Start                         REG_DWORD 0
Tag                           REG_DWORD 1
Type                          REG_DWORD 2
Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
 
 
C:\WINDOWS\system32\drivers\fltmgr.sys
File Size: 360792    BYTES FileVersion: 6.3.9600.17090 MD5: [6592d192e2823c043edbc010e7774053]
C:\WINDOWS\SysWOW64\mscomctl.ocx
File Size: 1070232   BYTES FileVersion: 6.1.98.39 MD5: [766f501b61c22723536af696a74133d4]
C:\WINDOWS\SysWOW64\olepro32.dll
File Size: 80384     BYTES FileVersion: 6.3.9600.16384 MD5: [0fc9b04c7f729498b41a19fa55c33573]
 
 
MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced: 
    AutomaticQuarantine:                                       true 
    AutostartProtection:                                       true 
    LimitedMode:                                               false 
    StartSilentMode:                                           false 
    StartupDelay:                                              0 
ApplicationState: 
    First-Run-After-Installation:                              false 
General: 
    DaysUntilNotifyExpiration:                                 5 
    Language:                                                  en 
    RightClickAccess:                                          false 
    SilentErrors:                                              false 
Logging: 
    ExportLog:                                                 true 
Notification: 
ProtectionTray: 
    DisplayMilliseconds:                                       7000 
ScanHistory: 
    Duration_Complete:                                         983000 
    Duration_Driver:                                           0 
    Duration_Filesystem:                                       1000 
    Duration_Heuristics:                                       994000 
    Duration_Loading:                                          0 
    Duration_MasterBootRecord:                                 0 
    Duration_Memory:                                           40000 
    Duration_PreScan:                                          34000 
    Duration_Registry:                                         31000 
    Duration_Sector:                                           0 
    Duration_Startup:                                          29000 
    ItemCount_Complete:                                        376900 
    ItemCount_Driver:                                          0 
    ItemCount_Filesystem:                                      48931 
    ItemCount_Heuristics:                                      18570 
    ItemCount_Loading:                                         0 
    ItemCount_MasterBootRecord:                                0 
    ItemCount_Memory:                                          2797 
    ItemCount_PreScan:                                         0 
    ItemCount_Registry:                                        673 
    ItemCount_Sector:                                          0 
    ItemCount_Startup:                                         1540 
    LastScanDateEpoch:                                         1412627483629 
    LastScanType:                                              1 (Threat Scan)
Update: 
    LastUpdate:                                                2014-10-06T20:29:38 
    NotifyInstallReady:                                        true 
    NotifyOutdatedDatabase:                                    1 
    ProxyPassword:                                              
    ProxyPort:                                                 0 
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false 
    UseProxyAuthentication:                                    false 
--------------Account:--------------
  Account Status:                                              Trial 
  Expiration Time:                                             2014/10/20 20:29:14 
  Activation Time:                                             2014/10/06 20:29:14 
  Trial Used:                                                  true 
--------------Access Policies:--------------
 
Scheduler Queue:
================
 
tasks: 
    1d19da01-1b67-4626-8c9a-43900b822069:                       
      parameters:                                               
        CheckForUpdatesBeforeScanStart:                        true 
        ScanConfig:                                             
          ExitWhenNoMalwareDetected:                           false 
          ExportLog:                                           true 
          FileSystemOption:                                    true 
          RebootSystemWhenMalwareDetected:                     false 
          RemoveMalwareAutomaticallyWhenScanEnds:              false 
          ScanArchives:                                        true 
          ScanExtra:                                           true 
          ScanHeuristic:                                       true 
          ScanMemoryObjects:                                   true 
          ScanPUM:                                             2 
          ScanPUP:                                             2 
          ScanRegistry:                                        true 
          ScanRootkits:                                        false 
          ScanStartup:                                         true 
          ScanTargets:                                          
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true 
          TerminateExplorerWhenMalwareIsRemoved:               false 
        StartTaskFromSystemAccount:                            false 
        TaskType:                                              0 
      triggers:                                                 
        2b435f34-11eb-45a4-a56b-810c4e21d5dd:                   
          dateinterval:                                        1:0:0 
          lastscheduled:                                        
          lasttriggered:                                        
          nextscheduled:                                       Tue, 07 Oct 2014 03:57:13 -0700 
          recovery:                                            23:00:00 
          start:                                               Tue, 07 Oct 2014 03:51:46 -0700 
          timeinterval:                                        00:00:00 
          type:                                                4 
          uuid:                                                2b435f34-11eb-45a4-a56b-810c4e21d5dd 
      type:                                                    scan 
      uuid:                                                    1d19da01-1b67-4626-8c9a-43900b822069 
    96930a0f-ea1c-4f7c-89ed-42217bb03bb9:                       
      parameters:                                               
        NotifyWhenUpdateCompletes:                             true 
        TaskType:                                              3 
      triggers:                                                 
        f724c73b-1cbd-49fc-8f4a-91b54097243b:                   
          dateinterval:                                        0:0:0 
          lastscheduled:                                       Mon, 06 Oct 2014 14:58:44.850365 -0700 
          lasttriggered:                                       Mon, 06 Oct 2014 13:47:22.850365 -0700 
          nextscheduled:                                       Mon, 06 Oct 2014 15:58:44.850365 -0700 
          recovery:                                            00:00:00 
          start:                                               Mon, 06 Oct 2014 13:36:27.816688 -0700 
          timeinterval:                                        01:00:00 
          type:                                                3 
          uuid:                                                f724c73b-1cbd-49fc-8f4a-91b54097243b 
      type:                                                    update 
      uuid:                                                    96930a0f-ea1c-4f7c-89ed-42217bb03bb9 
 
Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
 
MBAMProtector Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type                          REG_DWORD 2
Start                         REG_DWORD 3
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ \??\C:\WINDOWS\system32\drivers\mbam.sys
Group                         REG_SZ FSFilter Anti-Virus
DependOnService               REG_MULTI_SZ FltMgr
 
WOW64                         REG_DWORD 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance               REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude                      REG_SZ 328800
Flags                         REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
PassThruFile                  REG_SZ mbampt.exe
ProductPath                   REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
 
MBAMService Registry Values:
============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
DependOnService               REG_MULTI_SZ MBAMProtector
 
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware service
DelayedAutostart              REG_DWORD 0
 
MBAMScheduler Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware scheduler
 
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
 
--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
TermService Start is set to: 3 (Manual Startup)
 
Proxy Status: No proxy is Set
 
LAN Settings:
=============
 
only 'Automatically detect settings' is selected
 
SystemPartition:
================
 
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume2
 
Balloon Tips Status:
====================
 
Enabled
 
Time Format Settings:
=====================
 
Should be:
h:mm:ss tt
AM 
PM 
:
 
Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :
 
Language and Regional Settings:
===============================
 
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: Language is English (United States)
 
Startup Folders for Error_Expanding_Variables Check:
====================================================
 
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
 
 
Context Menu Entries:
=====================
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
List of MBAM Related Directories:
=================================
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [9f522b2708cab181c0f137abbcd1de2e]
changes.txt                             File Size: 2261      BYTES FileVersion:  N/A            MD5: [af70267bdf9a37a96f1a79a5c3720ae6]
license.rtf                             File Size: 39478     BYTES FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                 File Size: 579896    BYTES FileVersion:  1.0.7.0        MD5: [d32c2a98859cb22d57a665f15f351e7d]
mbam.exe                                 File Size: 6970168   BYTES FileVersion:  1.0.0.532      MD5: [4fbc630768570e6ac35c3de8f6ec79f5]
mbamcore.dll                             File Size: 1680696   BYTES FileVersion:  1.0.11.0       MD5: [f722fa26739eafcbd8d5f3829b632cd7]
mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [4da2f2da54a92850f56c0db712058188]
mbamext.dll                             File Size: 184632    BYTES FileVersion:  3.0.4.0        MD5: [945bb364b09f3a8e998dbff02a0a5a58]
mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [9acd7583584c93ee542c273df8e91dc1]
mbamscheduler.exe                       File Size: 1809720   BYTES FileVersion:  3.0.2.0        MD5: [d84aea3f3329d622dfc1297dddf6163b]
mbamservice.exe                         File Size: 860472    BYTES FileVersion:  3.0.2.0        MD5: [4f45ed469906494f9bf754e476390dbd]
mbamsrv.dll                             File Size: 4437816   BYTES FileVersion:  1.1.0.0        MD5: [9b48e38c35f08fa831b387a0b27c40aa]
mbamtoast.dll                           File Size: 96568     BYTES FileVersion:  1.70.0.0       MD5: [cb3f6732c7027a65f56bcb4cc7c481d3]
msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [e4b829081e639e42985853bae754a53d]
msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [80fcedbe920e9cbe30d9d3665bd6efed]
QtCore4.dll                             File Size: 2732856   BYTES FileVersion:  4.8.4.0        MD5: [30490eed6a1e20e8259c0b9c58f488fe]
QtGui4.dll                               File Size: 8575288   BYTES FileVersion:  4.8.4.0        MD5: [15e21aa7d0c0c994cd565eeb96d13c20]
QtNetwork4.dll                           File Size: 909112    BYTES FileVersion:  4.8.4.0        MD5: [d7588d42e29080c32a003bee465160d8]
unins000.dat                             File Size: 23819     BYTES FileVersion:  N/A            MD5: [5b51a6f1e34a9f7b78219dc9b33ee1d9]
unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.pif                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.scr                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
iexplore.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.com                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.exe                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.pif                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.scr                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-killer.exe                         File Size: 1181496   BYTES FileVersion:  N/A            MD5: [c6927fd8f7e9105b64db5d5a08b53731]
rundll32.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
svchost.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
windows.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
winlogon.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                               File Size: 32568     BYTES FileVersion:  4.8.4.0        MD5: [e59f533c26c8375cd120b4791482217e]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_bg.qm                               File Size: 144048    BYTES FileVersion:  N/A            MD5: [9ccb79999432d56b9843a3e2b2c90325]
lang_bs.qm                               File Size: 145523    BYTES FileVersion:  N/A            MD5: [6ab7a6274d4f9f7553c944f5c66201ba]
lang_ca.qm                               File Size: 132254    BYTES FileVersion:  N/A            MD5: [68a83ec63b6e7bc5dbdd412bcc49c6ce]
lang_cs.qm                               File Size: 141243    BYTES FileVersion:  N/A            MD5: [6b8acee7f461fa69b83d2c45c3725427]
lang_da.qm                               File Size: 130101    BYTES FileVersion:  N/A            MD5: [8539796784746218b229419e99ab308d]
lang_de.qm                               File Size: 149462    BYTES FileVersion:  N/A            MD5: [fcd3bc376ad219396e8c7d3c87cd8864]
lang_el.qm                               File Size: 149912    BYTES FileVersion:  N/A            MD5: [74f13f95f63fe96c08e571598df052d6]
lang_en.qm                               File Size: 115961    BYTES FileVersion:  N/A            MD5: [8c9da1c0ce06b89f8d323bf948bfba4e]
lang_es.qm                               File Size: 130487    BYTES FileVersion:  N/A            MD5: [33e1c6d40b841cc2e783ec8d8102e66f]
lang_et.qm                               File Size: 138126    BYTES FileVersion:  N/A            MD5: [aa215b5f37a72a69854c9163ac543b51]
lang_fi.qm                               File Size: 144256    BYTES FileVersion:  N/A            MD5: [18912c339939c3a6629004ec900f4fe4]
lang_fr.qm                               File Size: 149253    BYTES FileVersion:  N/A            MD5: [ec2bf2f431c4273f151b8c8a7b84c387]
lang_he.qm                               File Size: 116101    BYTES FileVersion:  N/A            MD5: [9e692744e77051c6ce14df32f9b71920]
lang_hr.qm                               File Size: 139841    BYTES FileVersion:  N/A            MD5: [3e3737fe86eb595c5f6817eebf731aa7]
lang_hu.qm                               File Size: 145621    BYTES FileVersion:  N/A            MD5: [52d3d7fcf8c8db071ef0573a1357c2fd]
lang_id.qm                               File Size: 143102    BYTES FileVersion:  N/A            MD5: [80473d2c73d2f54f2b23c9316f2d0ceb]
lang_it.qm                               File Size: 146851    BYTES FileVersion:  N/A            MD5: [7e7aea7d0b433d7e912ed9f0887684a7]
lang_ja.qm                               File Size: 121282    BYTES FileVersion:  N/A            MD5: [19ac79b7a5e05d665e417c2dd75afc94]
lang_ko.qm                               File Size: 118033    BYTES FileVersion:  N/A            MD5: [de213178c14490bf452ea45278d3442d]
lang_nl.qm                               File Size: 146325    BYTES FileVersion:  N/A            MD5: [5aec6f6bdc5e6c28744e6ef374709eeb]
lang_no.qm                               File Size: 142918    BYTES FileVersion:  N/A            MD5: [4388c08217618af2e24173af6f5d3f97]
lang_pl.qm                               File Size: 145434    BYTES FileVersion:  N/A            MD5: [699700c889447d1f9b607c04f07fff67]
lang_pt_BR.qm                           File Size: 131739    BYTES FileVersion:  N/A            MD5: [a3430222223d59da8ec6ea1edae5ee2f]
lang_pt_PT.qm                           File Size: 149128    BYTES FileVersion:  N/A            MD5: [afdf1907af4c95f9af510d5fc1bb9067]
lang_ro.qm                               File Size: 121166    BYTES FileVersion:  N/A            MD5: [1672a2b3a9807a1497fe43824c0026c0]
lang_ru.qm                               File Size: 122186    BYTES FileVersion:  N/A            MD5: [d4dd1eea2b0f52aba2fca4d159c387f7]
lang_sk.qm                               File Size: 119827    BYTES FileVersion:  N/A            MD5: [8b200d162e8028843e41aa1a927cfd84]
lang_sl.qm                               File Size: 143191    BYTES FileVersion:  N/A            MD5: [1760a6aa6990b2f0c4c71ec04b25ac9c]
lang_sr.qm                               File Size: 143261    BYTES FileVersion:  N/A            MD5: [377d15c0da0249f4a7a58978b6307d81]
lang_sv.qm                               File Size: 142525    BYTES FileVersion:  N/A            MD5: [2587ead21967296fefdd0ee0684fe8b4]
lang_tr.qm                               File Size: 142194    BYTES FileVersion:  N/A            MD5: [880fcbe97ec6f13ec094f7371b5b295f]
lang_vi.qm                               File Size: 126874    BYTES FileVersion:  N/A            MD5: [c61281786b5bfec68afc742a19f6abd9]
lang_zh_tr.qm                           File Size: 110870    BYTES FileVersion:  N/A            MD5: [f223d83580b1ee35edea13293cb2c80d]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [3a4dcd021d9f3a5305a22e5e309da305]
 
C:\Users\kevin_000\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                             File Size: 314       BYTES FileVersion:  N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]
domains.ref                             File Size: 38        BYTES FileVersion:  N/A            MD5: [8c30b536b67543eb68e68b9640d4d498]
exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                 File Size: 33        BYTES FileVersion:  N/A            MD5: [8a1c580788ea8de3f32862c2c1cf373c]
rules.ref                               File Size: 9752932   BYTES FileVersion:  N/A            MD5: [aa05389ca3df7606e5e7ae7fbe488ba4]
swissarmy.ref                           File Size: 22346     BYTES FileVersion:  N/A            MD5: [4c8434c6e21d4279920e4fefc807eaab]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                               File Size: 4497      BYTES FileVersion:  N/A            MD5: [447a8dc66952045acf5c74fdedcf6bca]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 460       BYTES FileVersion:  N/A            MD5: [8f0a51a78e2599652311a3f744363525]
manifest.conf                           File Size: 2126      BYTES FileVersion:  N/A            MD5: [54de54ac61ed449a466ff1c49f3a97d7]
marketing.conf                           File Size: 1434      BYTES FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                 File Size: 6107      BYTES FileVersion:  N/A            MD5: [b72383d3d5beb61c078f6e19575cc4a4]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 2121      BYTES FileVersion:  N/A            MD5: [c92e26928c374bce554718cb9e1bcec8]
settings.conf                           File Size: 1995      BYTES FileVersion:  N/A            MD5: [41dfa1b84271706555066dfbe37b0e82]
statistics.conf                         File Size: 597       BYTES FileVersion:  N/A            MD5: [eba80193ff6b4695ca751740f8a1d4fd]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2014-10-06 (13-31-07).xml       File Size: 17802     BYTES FileVersion:  N/A            MD5: [1bbf58a5ff4c3ef7216c76cf9b6048c7]
protection-log-2014-10-06.xml           File Size: 5844      BYTES FileVersion:  N/A            MD5: [0f4c18117f5f541151c41976d80d1b6f]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
0711126201.data                         File Size: 927       BYTES FileVersion:  N/A            MD5: [9a2ea3dd1bfc53b200ae34b953a678db]
1127957804.data                         File Size: 772       BYTES FileVersion:  N/A            MD5: [d02564c766e16c0989492270de3960ad]
1127957804.quar                         File Size: 874       BYTES FileVersion:  N/A            MD5: [b431792104eb485fcfe49967e0373557]
1253021371.data                         File Size: 730       BYTES FileVersion:  N/A            MD5: [92905dbefdca537a168b64129fb6cb14]
1253021371.quar                         File Size: 823152    BYTES FileVersion:  N/A            MD5: [772f2138f5f5173ce461490789027829]
1255375706.data                         File Size: 768       BYTES FileVersion:  N/A            MD5: [92bdaad2e6823049fac7d3cb7d9863c5]
1255375706.quar                         File Size: 1140      BYTES FileVersion:  N/A            MD5: [a5363f3cbd3a540f1a0526f19a9c0ea0]
1592429329.data                         File Size: 1635      BYTES FileVersion:  N/A            MD5: [d507cc699dacc20a1c8e367a88352a23]
1946222215.data                         File Size: 716       BYTES FileVersion:  N/A            MD5: [8d6a0fc76fd8de955ded399c239b880c]
1946222215.quar                         File Size: 229664    BYTES FileVersion:  N/A            MD5: [339cc0402612d7a11c0126053983820a]
2463405556.data                         File Size: 784       BYTES FileVersion:  N/A            MD5: [3aa8505bedb5e21dd6d127f969ca1c48]
2463405556.quar                         File Size: 550       BYTES FileVersion:  N/A            MD5: [23a33b1221fe6049c9ce40deb5d91818]
2576203693.data                         File Size: 778       BYTES FileVersion:  N/A            MD5: [6338f3c538c29224a37800e0c5079cef]
2576203693.quar                         File Size: 4396      BYTES FileVersion:  N/A            MD5: [d6ed4b752e2386008fdb1c009b7ff04d]
3134835321.data                         File Size: 743       BYTES FileVersion:  N/A            MD5: [fb294b7358bfbd1856eea6c4fa05940d]
3134835321.quar                         File Size: 1628      BYTES FileVersion:  N/A            MD5: [b605da2794dc1b8c126c1defff85f000]
3527351477.data                         File Size: 740       BYTES FileVersion:  N/A            MD5: [f340e50cb2c97ea61ddb5c7d927c6aa8]
3527351477.quar                         File Size: 823152    BYTES FileVersion:  N/A            MD5: [3bf05b9316d373c39b7687d4ebdff5e0]
3752025123.data                         File Size: 713       BYTES FileVersion:  N/A            MD5: [10d6f03b0b9468f173bab4d59515341c]
3752025123.quar                         File Size: 3316      BYTES FileVersion:  N/A            MD5: [2bb873183b18b76a643dc365960f291c]
6495870464.data                         File Size: 731       BYTES FileVersion:  N/A            MD5: [7d3a304ebdadbc3652c4da857df4d94b]
6495870464.quar                         File Size: 1484      BYTES FileVersion:  N/A            MD5: [9b5b44f05e48226bb7390bd43f1fe1db]
6501112383.data                         File Size: 724       BYTES FileVersion:  N/A            MD5: [2dc5a1da2fb50cd079072d2513eb7780]
6501112383.quar                         File Size: 3930624   BYTES FileVersion:  N/A            MD5: [944199212c363908c79bfd2d07f4fdb7]
7329146237.data                         File Size: 720       BYTES FileVersion:  N/A            MD5: [c3fa13899501a0b19d6fbed56c6a4182]
7329146237.quar                         File Size: 229664    BYTES FileVersion:  N/A            MD5: [ec84adbd22f8fcdc79a01afbbdc5a9d3]
7436778519.data                         File Size: 720       BYTES FileVersion:  N/A            MD5: [8c752fe126f6a17a0513301941200cd1]
7436778519.quar                         File Size: 891248    BYTES FileVersion:  N/A            MD5: [941093608a66be63f9eb81d8c8ae8b48]
7839360302.data                         File Size: 1561      BYTES FileVersion:  N/A            MD5: [eefaed7ff7ba007ed853768ed6a3728e]
8165573050.data                         File Size: 841       BYTES FileVersion:  N/A            MD5: [2fd2ca7e57577a512f214e1074ce5607]
8297996051.data                         File Size: 733       BYTES FileVersion:  N/A            MD5: [d5cbb59cbf806eb450e6301ec5ad32e2]
8297996051.quar                         File Size: 624872    BYTES FileVersion:  N/A            MD5: [dc0b06193664a6a6e07d037d72cacceb]
8678952380.data                         File Size: 722       BYTES FileVersion:  N/A            MD5: [589be80e52598776fc5d10e3f410404c]
8678952380.quar                         File Size: 3852800   BYTES FileVersion:  N/A            MD5: [ae05a7b35f8353ee1fdfaf965f549520]
9239872081.data                         File Size: 730       BYTES FileVersion:  N/A            MD5: [14c01e75f8c1147c988839968115ee73]
9239872081.quar                         File Size: 870768    BYTES FileVersion:  N/A            MD5: [8b0a4ae8133a13681e7dbea7b4bb7015]
9652004031.data                         File Size: 1549      BYTES FileVersion:  N/A            MD5: [8a2efbae486367074a61640fd08fa6d1]
9680675526.data                         File Size: 787       BYTES FileVersion:  N/A            MD5: [9cfd01a18b486e43d8c7e7314dff1e55]
9680675526.quar                         File Size: 454       BYTES FileVersion:  N/A            MD5: [e09aa235af67037348e7b0771cd02514]
 
Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
Vendor: PUP.Optional.PriceMeter.A, Date: 2014/10/06 20:31:22, Type: Registry Value, Location: HKU\S-1-5-21-2242603510-1644450515-378314998-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PriceMeterW
Vendor: PUP.Optional.Speedial.A, Date: 2014/10/06 20:31:22, Type: Registry Key, Location: HKU\S-1-5-21-2242603510-1644450515-378314998-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\speedial
Vendor: PUP.Optional.Multiplug, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Users\Marleny\Downloads\Nicki Minaj - Anaconda (Lyric) _.mp3.exe
Vendor: PUP.Optional.Webget.A, Date: 2014/10/06 20:31:22, Type: Registry Key, Location: HKU\S-1-5-21-2242603510-1644450515-378314998-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\webget
Vendor: PUP.Optional.Speedial.A, Date: 2014/10/06 20:31:22, Type: Registry Value, Location: HKU\S-1-5-21-2242603510-1644450515-378314998-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page
Vendor: PUP.Optional.OptimumInstaller.A, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Users\Marleny\Downloads\Player-Chrome.exe
Vendor: PUP.Optional.Speedial.A, Date: 2014/10/06 20:31:22, Type: Registry Key, Location: HKU\S-1-5-21-2242603510-1644450515-378314998-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\Speedial
Vendor: PUP.Optional.InstallCore.A, Date: 2014/10/06 20:31:22, Type: Registry Key, Location: HKU\S-1-5-21-2242603510-1644450515-378314998-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE
Vendor: PUP.Optional.Multiplug, Date: 2014/10/06 20:31:22, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Vendor: PUP.Optional.Multiplug, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Users\Marleny\Downloads\Vena - -Sangre De Mis Venas- (Music Video).mp3.exe
Vendor: PUP.Optional.PriceMeter.A, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Windows\System32\Tasks\pricemeterdownloader2
Vendor: PUP.Optional.Multiplug, Date: 2014/10/06 20:31:22, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}
Vendor: PUP.Optional.MultiPlug, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Users\Marleny\AppData\Local\Temp\40338c\temp\setupespl.exe
Vendor: PUP.Optional.OptimumInstaller.A, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Users\Marleny\Downloads\Player-Chrome (1).exe
Vendor: PUP.Optional.Multiplug, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Users\Marleny\Downloads\Romeo Santos - Eres Ma.mp3.exe
Vendor: PUP.Optional.Speedial.A, Date: 2014/10/06 20:31:22, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page
Vendor: PUP.Optional.InstallCore.A, Date: 2014/10/06 20:31:22, Type: Registry Value, Location: HKU\S-1-5-21-2242603510-1644450515-378314998-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb
Vendor: PUP.Optional.InstallCore, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Users\Marleny\Downloads\CR_Downloader_para_visual-boy-advance.exe
Vendor: PUP.Optional.MultiPlug, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Users\Marleny\AppData\Local\Temp\40338c\temp\BITCBAF.tmp
Vendor: PUP.Optional.Multiplug, Date: 2014/10/06 20:31:22, Type: File, Location: C:\Users\Marleny\Downloads\Dgale - David Bisbal - CON LETRA.mp3.exe
Vendor: PUP.Optional.Speedial.A, Date: 2014/10/06 20:31:22, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page
Vendor: PUP.Optional.InstallCore.A, Date: 2014/10/06 20:31:22, Type: Registry Key, Location: HKU\S-1-5-21-2242603510-1644450515-378314998-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S
===============================================================
END OF FILE
 
# AdwCleaner v3.311 - Report created 06/10/2014 at 09:57:52
# Updated 30/09/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : keven_000 - FAMILY
# Running from : C:\Users\keven_000\Downloads\adwcleaner_3.311.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\374311380 
Folder Deleted : C:\ProgramData\GoSaVe
Folder Deleted : C:\ProgramData\LuckeyCooupoon
Folder Deleted : C:\ProgramData\wieBusaveri
Folder Deleted : C:\Program Files (x86)\GoSaVe
Folder Deleted : C:\Program Files (x86)\LuckeyCooupoon
Folder Deleted : C:\Program Files (x86)\wieBusaveri
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\keven_000\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\keven_000\AppData\Local\torch
Folder Deleted : C:\Users\Marleny\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Marleny\AppData\Local\PriceMeter
Folder Deleted : C:\Users\Marleny\AppData\Local\torch
Folder Deleted : C:\Users\Marleny\Documents\Optimizer Pro
Folder Deleted : C:\Users\Marleny\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgaofoblihpmholkpioedjelemgjpafl
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
Folder Deleted : C:\Users\keven_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\keven_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\keven_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
[!] Folder Deleted : C:\Users\keven_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbfimnooegoemedgcgnofedaojkohdd
Folder Deleted : C:\Users\Marleny\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
File Deleted : C:\Users\Public\Desktop\eBay.lnk
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : pricemeterdownloader
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilwebget_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\websavEr.websavEr
Key Deleted : HKLM\SOFTWARE\Classes\websavEr.websavEr.6.2
Key Deleted : HKLM\SOFTWARE\Classes\LUuckyCouupon.LUuckyCouupon
Key Deleted : HKLM\SOFTWARE\Classes\LUuckyCouupon.LUuckyCouupon.1.0
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56168619-0F1B-9757-1533-B6EDCC6D5F04}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C24045E-5F50-323A-861C-C965170FE84E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56168619-0F1B-9757-1533-B6EDCC6D5F04}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{56168619-0F1B-9757-1533-B6EDCC6D5F04}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{56168619-0F1B-9757-1533-B6EDCC6D5F04}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C24045E-5F50-323A-861C-C965170FE84E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56168619-0F1B-9757-1533-B6EDCC6D5F04}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C24045E-5F50-323A-861C-C965170FE84E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\DealPlyLive
Key Deleted : HKLM\SOFTWARE\PriceMeterLiveUpdate
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17278
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\keven_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : agbfimnooegoemedgcgnofedaojkohdd
Deleted [Extension] : bakijjialdiiboeaknfpmflphhmljfkd
Deleted [Extension] : cjabmdjcfcfdmffimndhafhblfmpjdpe
Deleted [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk
 
[ File : C:\Users\Marleny\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : bakijjialdiiboeaknfpmflphhmljfkd
Deleted [Extension] : cjabmdjcfcfdmffimndhafhblfmpjdpe
Deleted [Extension] : hgaofoblihpmholkpioedjelemgjpafl
Deleted [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk
 
*************************
 
AdwCleaner[R0].txt - [7287 octets] - [05/10/2014 16:28:17]
AdwCleaner[R1].txt - [7900 octets] - [06/10/2014 09:52:01]
AdwCleaner[S0].txt - [7936 octets] - [06/10/2014 09:57:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7996 octets] ##########
 
Everything worked out fine. Thank you very much! 
 


#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,407 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:10:09 PM

Posted 07 October 2014 - 08:16 AM

How is the computer running now?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users