Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adclicker, Powerlik, fffSee.com popup


  • Please log in to reply
No replies to this topic

#1 dolcecanto

dolcecanto

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 28 October 2014 - 07:19 PM

I have the same problem - Trojan.Adclicker and Trojan.Powerlik Trojan (Also have a constant popup fffSee.com happening).  I followed your instructions and here are my logs:
 Malwarebyte log:
mbam-check result log version:     2.1.1.1001
========================================
User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Version and Build:         6.1.7601.0
Malwarebytes Anti-Malware:         2.0.3.1025
Installed On:                      2014/10/28
Malware Database:                  2014.10.28.04
Rootkit Database:                  2014.10.22.01
Remediation Database:              2013.10.16.01
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Trial
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      4 (The service is running.)
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2014/10/28 10:18:59
Compatibility Flag Settings:
=================================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
 C:\Program Files (x86)\Perk Prize Panel\perkda.exeREG_SZ  RunAsInvoker
 C:\Users\JA\AppData\Local\Temp\PerkDaU.exeREG_SZ  RunAsInvoker
 C:\Program Files (x86)\Perk Prize Panel\pdr.exeREG_SZ  RunAsInvoker
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
 C:\Program Files (x86)\Perk Prize Panel\perkda.exeREG_SZ  RunAsInvoker
 C:\Users\JA\AppData\Local\Temp\PerkDaU.exeREG_SZ  RunAsInvoker
 C:\Program Files (x86)\Perk Prize Panel\pdr.exeREG_SZ  RunAsInvoker
HKEY_CURRENT_USER\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
 C:\Program Files (x86)\Perk Prize Panel\perkda.exeREG_SZ  RunAsInvoker
 C:\Users\JA\AppData\Local\Temp\PerkDaU.exeREG_SZ  RunAsInvoker
 C:\Program Files (x86)\Perk Prize Panel\pdr.exeREG_SZ  RunAsInvoker
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
Malwarebytes Anti-Malware Service and Driver Status:
=======================================================
--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size: 25816     BYTES FileVersion: 0.1.15.0 MD5: [5c3669b71657f22e67a1d4bd49d2cbe7]
C:\Windows\system32\drivers\mwac.sys
File Size: 63704     BYTES FileVersion: 1.0.6.0 MD5: [95ef63a7827d4e3a229cbbcb42619e93]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size: 129752    BYTES FileVersion: 0.2.13.0 MD5: [26c43960c99ee861a5d0edc4dcf3b1c3]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size: 93400     BYTES FileVersion: 1.1.4.0 MD5: [d3311b31c470e7681b14d9b014cbf9ed]
--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
--------------MBAMScheduler:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
--------------MBAMWebAccessControl:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
Required Dependencies:
======================
--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
 DisplayName                   REG_SZ  @%SystemRoot%\system32\bfe.dll,-1001
 Group                         REG_SZ  NetworkProvider
 ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
 Description                   REG_SZ  @%SystemRoot%\system32\bfe.dll,-1002
 ObjectName                    REG_SZ  NT AUTHORITY\LocalService
 ErrorControl                  REG_DWORD  1
 Start                         REG_DWORD  2
 Type                          REG_DWORD  32
 DependOnService               REG_MULTI_SZ RpcSs
 ServiceSidType                REG_DWORD  3
 RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 FailureActions                REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
 ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
 ServiceDllUnloadOnStop        REG_DWORD  1
 ServiceMain                   REG_SZ  BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
 {8c300c03-7d30-1b44-8a83-dcc8c09cfa85}REG_BINARY Binary Data
 {e88282c2-f90f-ef54-1a60-13cbe22eceaa}REG_BINARY Binary Data
 {e1739739-ee27-4492-b61b-b1fd907d9e88}REG_BINARY Binary Data
 {0f14dd31-cf58-4fab-9127-e085c7547d7a}REG_BINARY Binary Data
 {034c737b-f629-a1b4-6afb-1a2f44a1a1d7}REG_BINARY Binary Data
 {cfb4c757-0bff-94e4-7801-a2b2f62f35ce}REG_BINARY Binary Data
 {47a3a498-021c-7304-b85a-6bb5e43ade96}REG_BINARY Binary Data
 {5bb9675e-0064-2cb4-d89d-bcd4e20e11c8}REG_BINARY Binary Data
 {ca70ae30-59e8-46ef-b483-c22ee366ab29}REG_BINARY Binary Data
 {b18f04c9-f2e9-4d39-9510-b9265a6b071d}REG_BINARY Binary Data
 {430f2767-3528-2784-289e-b0860d99a608}REG_BINARY Binary Data
 {a06ae492-b0c1-1f94-caa4-bb9b226ca22d}REG_BINARY Binary Data
 {c540d974-3c6c-be64-5bff-3db65b322a1d}REG_BINARY Binary Data
 {3e3f092e-1288-a8c4-28bf-2b4ef96df312}REG_BINARY Binary Data
 {e20f0605-5735-38d4-6aea-19d1b15c7868}REG_BINARY Binary Data
 {2dc4271a-246e-a1a4-3a70-4c8f14fd7ba0}REG_BINARY Binary Data
 {638ffdf7-a3ff-66c4-7b65-4f406b0da651}REG_BINARY Binary Data
 {f9bc3444-96d0-0ca4-8920-5425ed611a9e}REG_BINARY Binary Data
 {0ff1f959-c0d4-3ca4-a8a5-cb469d318b39}REG_BINARY Binary Data
 {1dd94704-a218-0d34-18d3-1ba50d201728}REG_BINARY Binary Data
 {39f29298-8fa5-0144-fab3-bcd9ad227c3b}REG_BINARY Binary Data
 {f154d790-c121-3a84-7824-f7ff97bea29e}REG_BINARY Binary Data
 {a708428d-50f4-9d44-aa15-fd48988b7d66}REG_BINARY Binary Data
 {98b0b712-aa06-f734-0bec-c14f445161c4}REG_BINARY Binary Data
 {70e10304-e806-1af4-4a65-791688215398}REG_BINARY Binary Data
 {fb588d62-f991-4044-bba6-5e96cf3939df}REG_BINARY Binary Data
 {64f39050-d77f-7a74-8a07-2a7c2dd7802d}REG_BINARY Binary Data
 {e69be8e1-869d-0e34-99f6-f82ea91df33d}REG_BINARY Binary Data
 {dcae098a-dff1-ffe4-9b22-0bb2738885db}REG_BINARY Binary Data
 {113ba551-0a01-aa84-1944-25df351f74ab}REG_BINARY Binary Data
 {ef11fc1e-9d20-ff14-3b74-55b7e55eeb97}REG_BINARY Binary Data
 {b457115e-0fc4-89f4-2b7d-85e7d94efcaa}REG_BINARY Binary Data
 {2265f512-4d6b-8484-fbf8-7d6ec7579b67}REG_BINARY Binary Data
 {1b0fa1a4-5e46-8cc4-18c0-f5ff3dd69546}REG_BINARY Binary Data
 {d663476c-94a3-c5e4-db44-7aa6c8fabd83}REG_BINARY Binary Data
 {d4de1868-54d9-b4e4-ab30-b9c378cb4b18}REG_BINARY Binary Data
 {c8e26ddd-a426-73e4-b848-a5c31a087eca}REG_BINARY Binary Data
 {f67c8b29-2d24-0a74-fbd7-a5cbbe16f710}REG_BINARY Binary Data
 {fbe3d017-fb99-8c14-aad9-631321b22614}REG_BINARY Binary Data
 {b47f0b6a-3185-6434-c8b0-e1e69c18eb94}REG_BINARY Binary Data
 {68487fdc-3301-cef4-ea7a-583c54b3069c}REG_BINARY Binary Data
 {21e3a753-0ccf-f284-abd6-7221adbd9311}REG_BINARY Binary Data
 {ffb717c4-ecc7-8b14-3978-dca6602db705}REG_BINARY Binary Data
 {c40bc20f-87a8-8e24-e824-38f14fb83d7e}REG_BINARY Binary Data
 {9cd26f24-b76d-2e14-ca19-d17d552bb424}REG_BINARY Binary Data
 {3bbaa68c-b062-66a4-8a85-648680f757ca}REG_BINARY Binary Data
 {cd1b16b0-cc00-0be4-79f2-7b4ae69a2037}REG_BINARY Binary Data
 {511094b4-6ffd-e2e4-0bcf-9794e77d95ae}REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
 {288d1fdb-0317-7e44-cb75-83debf2aebf5}REG_BINARY Binary Data
 {43ebc567-3739-d724-e89c-cd57f7f662be}REG_BINARY Binary Data
 {e07dc617-78d7-4317-8d98-1de4a06a7447}REG_BINARY Binary Data
 {fa50a7a7-58aa-48cc-b795-039f0519e05d}REG_BINARY Binary Data
 {83b672f1-37df-f3d4-c8be-2d0ed09451ed}REG_BINARY Binary Data
 {1938590a-37c1-4754-e9ee-c9198f101b57}REG_BINARY Binary Data
 {63ceb950-c8c2-62c4-197a-70815d052de9}REG_BINARY Binary Data
 {7f44d536-a1d5-04b4-5821-f9d3f05e7b77}REG_BINARY Binary Data
 {0c1ac9f9-08e1-4a93-b969-f2cc78ab71da}REG_BINARY Binary Data
 {ba7a59eb-6441-4b0a-8867-5e8b896c2786}REG_BINARY Binary Data
 {822c8b33-e507-cad4-ab50-e06d74102386}REG_BINARY Binary Data
 {ce939e38-be51-53f4-d98e-c7905ea7af84}REG_BINARY Binary Data
 {b787f560-894f-8db4-1bd5-ea38d2f4006a}REG_BINARY Binary Data
 {5040b65d-0ecd-5fc4-99ee-7bccd3941b13}REG_BINARY Binary Data
 {e53d1460-4afc-e1e4-8a2e-e210cc564688}REG_BINARY Binary Data
 {2e971130-3bf4-ea64-9ab5-cb9c3a0cad57}REG_BINARY Binary Data
 {bff0c14d-5646-7644-3a01-f0344e4cb231}REG_BINARY Binary Data
 {3ce1de5f-d7ef-e064-1991-abe3beefda33}REG_BINARY Binary Data
 {d384de9c-320b-7564-788b-7e17bd4f3e06}REG_BINARY Binary Data
 {b6fe0628-75e9-41d4-c85b-106b79a9605c}REG_BINARY Binary Data
 {6db2047b-4844-4a34-c9f7-612acd816b15}REG_BINARY Binary Data
 {7dbcb70a-fa99-76c4-2bb7-44e9545c290b}REG_BINARY Binary Data
 {f0888ff5-e13d-e844-1b13-64f885451c9e}REG_BINARY Binary Data
 {1e6f2082-dc1c-e774-9889-d77bc276de17}REG_BINARY Binary Data
 {34392ca1-05dd-d324-d886-a1db63fd0a1c}REG_BINARY Binary Data
 {2c8aea04-7f81-44e4-380a-4f1f1fd3ec8b}REG_BINARY Binary Data
 {4d6ff4f5-33fc-04a4-5a43-580d83238c1f}REG_BINARY Binary Data
 {056d0c54-b875-6b54-3b6b-85fb20ef945b}REG_BINARY Binary Data
 {d9bf7a23-80e2-16f4-4916-10b6881da7f4}REG_BINARY Binary Data
 {3b15de27-387f-0b04-b8fd-9cfec1fc2b53}REG_BINARY Binary Data
 {ff60487c-9b38-8b74-eaad-a723fe2920f3}REG_BINARY Binary Data
 {e113abe3-c2c2-e7d4-981a-1d81cef728cd}REG_BINARY Binary Data
 {f9c69fee-fab9-4d14-7bf0-4150924172c3}REG_BINARY Binary Data
 {013bfb29-c999-4f74-e91a-163592356489}REG_BINARY Binary Data
 {a1f52b10-d3a0-5584-db3f-4fbff5ee691e}REG_BINARY Binary Data
 {a66e372d-6ad2-32b4-fa7a-9e5406a06efb}REG_BINARY Binary Data
 {25452abe-22c4-46e4-4b43-4e63c44ff052}REG_BINARY Binary Data
 {d2186677-8f09-80c4-9a3c-fb95a7cafe47}REG_BINARY Binary Data
 {13d22885-8869-6194-8a68-eabf78dc7b1d}REG_BINARY Binary Data
 {85d443eb-d02f-35b4-09b6-17a55933e9a9}REG_BINARY Binary Data
 {468aa82e-7c0b-3484-f976-c96cac54f548}REG_BINARY Binary Data
 {d7167dab-073c-70f4-eaa7-27a7f9058100}REG_BINARY Binary Data
 {aa75c41d-0567-9754-fbb4-98314d2e1025}REG_BINARY Binary Data
 {72d8a0b2-f9e8-3a14-5947-53b26053e2cc}REG_BINARY Binary Data
 {1e83b45d-73c2-3c74-69ca-ca49a21a9471}REG_BINARY Binary Data
 {124cd831-d190-26d4-1912-9d66a2f87850}REG_BINARY Binary Data
 {f4965f1d-9b1d-c1b4-a9bf-7f14d9558673}REG_BINARY Binary Data
 {d9fbf698-6e04-4044-e834-05a80e2c7216}REG_BINARY Binary Data
 {3c565f9a-e9d1-52d4-280a-204519ae9b74}REG_BINARY Binary Data
 {cae4853d-d48a-5094-9998-a654d8a1f201}REG_BINARY Binary Data
 {c195d6cb-28ba-0244-f9ea-d52c30774a2f}REG_BINARY Binary Data
 {945df99a-f3cd-63b4-1925-816ce9429e3b}REG_BINARY Binary Data
 {323a84ef-da67-4c44-3940-200827d6c044}REG_BINARY Binary Data
 {379a9aa8-6286-9274-6a9a-1b9f9fef5ea2}REG_BINARY Binary Data
 {3162ae5d-fd53-7894-badc-9910318def3f}REG_BINARY Binary Data
 {83ad9a09-ff8f-4a54-d99a-cec7b98984ff}REG_BINARY Binary Data
 {2de5159c-7a8e-f814-58c2-236f884dbb18}REG_BINARY Binary Data
 {539b7c6d-8ad7-ea54-cbba-f028c6a88719}REG_BINARY Binary Data
 {6329feaf-fae0-51e4-aba7-9107bc00d060}REG_BINARY Binary Data
 {b99aa75f-8721-98a4-e952-f03e1e644994}REG_BINARY Binary Data
 {a49c4ab8-c054-9914-2b9c-7d0ae48d8505}REG_BINARY Binary Data
 {7df4b338-f782-f0f4-9bed-e9b45deb580e}REG_BINARY Binary Data
 {f319fd16-192f-13a4-ea06-180e16c755f9}REG_BINARY Binary Data
 {3cc23cb2-30bd-6674-3bf9-81d622fde73d}REG_BINARY Binary Data
 {4053bd41-f27e-8bc4-39d8-4420fc25b014}REG_BINARY Binary Data
 {92517201-7702-8bf4-dbea-9fdfe8a32410}REG_BINARY Binary Data
 {1d0f6316-1e62-7cb4-b908-aebc52d7af48}REG_BINARY Binary Data
 {c28099d7-7ef3-3f64-785c-9e82ff2678a9}REG_BINARY Binary Data
 {9a81b08a-d239-9f14-ea63-fa043703c04b}REG_BINARY Binary Data
 {a739d627-00a3-9634-ebf2-0b0c7977fea1}REG_BINARY Binary Data
 {bd54f486-7316-ae84-bad6-efec4ca12d63}REG_BINARY Binary Data
 {9d16cb2a-7eb4-db64-5980-d989275b5c6a}REG_BINARY Binary Data
 {b95281e9-0df5-3664-289a-2cda6a45f97d}REG_BINARY Binary Data
 {ca4cad28-4dd9-6034-69c5-d5362f3cc1cb}REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
 {8c300c03-7d30-1b44-8a83-dcc8c09cfa85}REG_BINARY Binary Data
 {e311ae9f-e0fb-7f04-7b55-8a257506650f}REG_BINARY Binary Data
 {e88282c2-f90f-ef54-1a60-13cbe22eceaa}REG_BINARY Binary Data
 {4ef2b2de-4b97-0234-3bbf-eaa6719814d6}REG_BINARY Binary Data
 {e1739739-ee27-4492-b61b-b1fd907d9e88}REG_BINARY Binary Data
 {e7609227-f261-4b39-a7f5-64e338ade472}REG_BINARY Binary Data
 {0f14dd31-cf58-4fab-9127-e085c7547d7a}REG_BINARY Binary Data
 {f3009b7d-992b-4cce-b65a-2792465c6ea4}REG_BINARY Binary Data
 {034c737b-f629-a1b4-6afb-1a2f44a1a1d7}REG_BINARY Binary Data
 {dcbbcd6b-37fe-0914-2b3e-a5a15ed83c24}REG_BINARY Binary Data
 {cfb4c757-0bff-94e4-7801-a2b2f62f35ce}REG_BINARY Binary Data
 {a5f90f38-2ba6-0c84-3a97-906cc41a4860}REG_BINARY Binary Data
 {47a3a498-021c-7304-b85a-6bb5e43ade96}REG_BINARY Binary Data
 {3bb6a48a-db01-da24-6b94-b0890b8da96f}REG_BINARY Binary Data
 {5bb9675e-0064-2cb4-d89d-bcd4e20e11c8}REG_BINARY Binary Data
 {642969df-6023-55a4-384d-a00571e7a98a}REG_BINARY Binary Data
 {ca70ae30-59e8-46ef-b483-c22ee366ab29}REG_BINARY Binary Data
 {c91d1d66-421c-4b87-ac5b-a18193abbd64}REG_BINARY Binary Data
 {b18f04c9-f2e9-4d39-9510-b9265a6b071d}REG_BINARY Binary Data
 {bb623a72-5252-4284-a365-1cd0f83e55ce}REG_BINARY Binary Data
 {430f2767-3528-2784-289e-b0860d99a608}REG_BINARY Binary Data
 {3ba7deb2-a886-ae74-f87a-72194738a423}REG_BINARY Binary Data
 {a06ae492-b0c1-1f94-caa4-bb9b226ca22d}REG_BINARY Binary Data
 {11cc978e-2782-1724-79bf-9a7edca87fae}REG_BINARY Binary Data
 {c540d974-3c6c-be64-5bff-3db65b322a1d}REG_BINARY Binary Data
 {9de53702-392d-8044-2953-fc2bc7af47ad}REG_BINARY Binary Data
 {3e3f092e-1288-a8c4-28bf-2b4ef96df312}REG_BINARY Binary Data
 {d96b0bca-4c17-2b34-48b1-60566dd3e999}REG_BINARY Binary Data
 {e20f0605-5735-38d4-6aea-19d1b15c7868}REG_BINARY Binary Data
 {e448f4a4-8392-a954-699a-41c712f4a5d3}REG_BINARY Binary Data
 {2dc4271a-246e-a1a4-3a70-4c8f14fd7ba0}REG_BINARY Binary Data
 {e1de2d9d-2a11-f554-0acf-db826b0f4bd6}REG_BINARY Binary Data
 {638ffdf7-a3ff-66c4-7b65-4f406b0da651}REG_BINARY Binary Data
 {5342d19f-180e-3124-b95c-cc8d73fef5b1}REG_BINARY Binary Data
 {f9bc3444-96d0-0ca4-8920-5425ed611a9e}REG_BINARY Binary Data
 {1c5aab44-1a9b-9c04-9a1d-f9f85ec51e98}REG_BINARY Binary Data
 {0ff1f959-c0d4-3ca4-a8a5-cb469d318b39}REG_BINARY Binary Data
 {b5db1d35-04c6-07f4-3912-a48d9266dc36}REG_BINARY Binary Data
 {1dd94704-a218-0d34-18d3-1ba50d201728}REG_BINARY Binary Data
 {a95b3da7-c453-a294-cacb-b5065e5a9dd0}REG_BINARY Binary Data
 {39f29298-8fa5-0144-fab3-bcd9ad227c3b}REG_BINARY Binary Data
 {4dbfdcf1-8cd6-79a4-1b57-d3ce0245e8ed}REG_BINARY Binary Data
 {f154d790-c121-3a84-7824-f7ff97bea29e}REG_BINARY Binary Data
 {b00673e4-f4be-01d4-cab1-cab8f7f217a8}REG_BINARY Binary Data
 {a708428d-50f4-9d44-aa15-fd48988b7d66}REG_BINARY Binary Data
 {ad3611e0-f9e2-ebf4-49e1-59361a5ffbea}REG_BINARY Binary Data
 {98b0b712-aa06-f734-0bec-c14f445161c4}REG_BINARY Binary Data
 {605a11a1-39e0-8eb4-2850-e2b24f317d76}REG_BINARY Binary Data
 {70e10304-e806-1af4-4a65-791688215398}REG_BINARY Binary Data
 {883a9337-5ef5-f4c4-5b87-239da3ee190f}REG_BINARY Binary Data
 {fb588d62-f991-4044-bba6-5e96cf3939df}REG_BINARY Binary Data
 {b14c171c-cba7-ebd4-fbb8-ce1071abca6d}REG_BINARY Binary Data
 {64f39050-d77f-7a74-8a07-2a7c2dd7802d}REG_BINARY Binary Data
 {24c60015-9c25-3f34-cacf-92da9840e906}REG_BINARY Binary Data
 {e69be8e1-869d-0e34-99f6-f82ea91df33d}REG_BINARY Binary Data
 {6d7c050d-a47a-9914-9b9c-3ec20b9d7698}REG_BINARY Binary Data
 {dcae098a-dff1-ffe4-9b22-0bb2738885db}REG_BINARY Binary Data
 {2efb3fad-ff4c-e684-5b3c-af1df1bf1ca9}REG_BINARY Binary Data
 {113ba551-0a01-aa84-1944-25df351f74ab}REG_BINARY Binary Data
 {125c4673-2cbe-b8d4-8aee-faf905c18997}REG_BINARY Binary Data
 {ef11fc1e-9d20-ff14-3b74-55b7e55eeb97}REG_BINARY Binary Data
 {49339bce-1676-b564-79f0-9dedba6ac5a0}REG_BINARY Binary Data
 {b457115e-0fc4-89f4-2b7d-85e7d94efcaa}REG_BINARY Binary Data
 {d167b2f1-e18b-4644-2b1f-c8c84095db6b}REG_BINARY Binary Data
 {2265f512-4d6b-8484-fbf8-7d6ec7579b67}REG_BINARY Binary Data
 {65bd1b95-7c25-1cb4-e8cf-5f77cf66fc7e}REG_BINARY Binary Data
 {1b0fa1a4-5e46-8cc4-18c0-f5ff3dd69546}REG_BINARY Binary Data
 {aea589d8-0f00-bc04-0a41-f96b266d758d}REG_BINARY Binary Data
 {d663476c-94a3-c5e4-db44-7aa6c8fabd83}REG_BINARY Binary Data
 {db7b7458-6817-ce44-0abe-440eae0c2b57}REG_BINARY Binary Data
 {d4de1868-54d9-b4e4-ab30-b9c378cb4b18}REG_BINARY Binary Data
 {60268e51-b7fd-c1e4-6b82-638aa19227bd}REG_BINARY Binary Data
 {c8e26ddd-a426-73e4-b848-a5c31a087eca}REG_BINARY Binary Data
 {1ad00215-eb30-eda4-69bd-346d8371787a}REG_BINARY Binary Data
 {f67c8b29-2d24-0a74-fbd7-a5cbbe16f710}REG_BINARY Binary Data
 {60286bb2-acca-67d4-58d8-3610a6618e15}REG_BINARY Binary Data
 {fbe3d017-fb99-8c14-aad9-631321b22614}REG_BINARY Binary Data
 {169d6be1-b993-6af4-c9f7-74f6946781e4}REG_BINARY Binary Data
 {b47f0b6a-3185-6434-c8b0-e1e69c18eb94}REG_BINARY Binary Data
 {30146aff-3c2c-0aa4-3905-894aa433e953}REG_BINARY Binary Data
 {7587f941-cafe-99d4-fb05-f470e11db9d0}REG_BINARY Binary Data
 {a3d09149-cc40-6854-f9b2-5a83e63b5aa9}REG_BINARY Binary Data
 {08851390-28f1-d024-0a30-96424e7f2a8c}REG_BINARY Binary Data
 {e00fb75c-bfb8-a0b4-ea1a-aad548b5cb38}REG_BINARY Binary Data
 {d1d8fe07-0f6f-3bb4-8b2d-ac54185b9ea4}REG_BINARY Binary Data
 {07a51945-f0a0-a984-19dd-a2fa6df50ca1}REG_BINARY Binary Data
 {aa959992-13eb-eab4-c8c3-344b164dedc0}REG_BINARY Binary Data
 {e124c736-1dd5-f034-181e-202a6f0d45e3}REG_BINARY Binary Data
 {45b3b6b8-08a0-0eb4-2b3f-7cba6fcff68a}REG_BINARY Binary Data
 {63f3d0c3-b230-3384-a9a0-05fe70c051a9}REG_BINARY Binary Data
 {7d972967-373f-53c4-c822-6d9b98040aac}REG_BINARY Binary Data
 {8b0216d4-8c51-5674-d977-0d4c5873c41f}REG_BINARY Binary Data
 {68487fdc-3301-cef4-ea7a-583c54b3069c}REG_BINARY Binary Data
 {63421a09-1e6b-1724-88be-ac3012cda100}REG_BINARY Binary Data
 {21e3a753-0ccf-f284-abd6-7221adbd9311}REG_BINARY Binary Data
 {d0bbb240-772e-3144-4bcd-ef6b426e90ba}REG_BINARY Binary Data
 {0259c1da-7cce-f914-7a21-487e1e084a28}REG_BINARY Binary Data
 {1dd6069a-5a11-49c4-ba9a-67c6a44f5b4c}REG_BINARY Binary Data
 {104e67d6-ec8f-28b4-bb61-00fde33ab1eb}REG_BINARY Binary Data
 {b4251f4a-2d5a-b014-0a4a-ed36b5e10ea0}REG_BINARY Binary Data
 {ffb717c4-ecc7-8b14-3978-dca6602db705}REG_BINARY Binary Data
 {4f8e204e-5624-9234-8a78-8f16aae3ef20}REG_BINARY Binary Data
 {c40bc20f-87a8-8e24-e824-38f14fb83d7e}REG_BINARY Binary Data
 {c55f646a-7d0e-5ff4-9b56-abc231ba1bef}REG_BINARY Binary Data
 {4776b92a-fed9-d8e4-9a0e-f85cf5865d35}REG_BINARY Binary Data
 {9f3078ed-3bb3-2e24-ab4a-71722a21fd64}REG_BINARY Binary Data
 {92ac1647-5cd5-a1d4-0bc1-5fd3213c8c4b}REG_BINARY Binary Data
 {02cca994-9a30-25a4-3b7c-bd328cba6209}REG_BINARY Binary Data
 {a64e2fd7-fb02-4674-8819-10780570e8b7}REG_BINARY Binary Data
 {8daa920a-dfd9-7844-5bf9-ab95051685aa}REG_BINARY Binary Data
 {9cd26f24-b76d-2e14-ca19-d17d552bb424}REG_BINARY Binary Data
 {9c8380e5-0d81-eef4-a88b-21dd395c25fa}REG_BINARY Binary Data
 {3bbaa68c-b062-66a4-8a85-648680f757ca}REG_BINARY Binary Data
 {22482d59-35d6-1f44-3b51-19ad61d3114c}REG_BINARY Binary Data
 {cd1b16b0-cc00-0be4-79f2-7b4ae69a2037}REG_BINARY Binary Data
 {87dc86f5-72ee-2fc4-8a83-0363327f1b96}REG_BINARY Binary Data
 {511094b4-6ffd-e2e4-0bcf-9794e77d95ae}REG_BINARY Binary Data
 {d7429422-150f-0c74-3bba-dc048e9baf3d}REG_BINARY Binary Data
 {bf1b654b-5339-2a44-1923-64119b05b796}REG_BINARY Binary Data
 {36ed884e-2b1f-e2d4-5b52-d7b9371a4b93}REG_BINARY Binary Data
 {f0b80ade-0944-73b4-09cc-ba867baba6d6}REG_BINARY Binary Data
 {3627ecb2-b18b-74a4-7b8a-4dc864cfe05e}REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
 {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
 {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
 {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
 {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
 {06e9d64c-15e9-4615-a862-1f0dc2674c6a}REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
 {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
 {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
 {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
 {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
 {138d8cf9-63ce-0264-2a6a-82012a3041e9}REG_BINARY Binary Data
 {e104491e-e3ff-5884-297d-4a606059202a}REG_BINARY Binary Data
 {944c7c85-2d3e-3ca4-b96c-45f1fbacf534}REG_BINARY Binary Data
 {7ad177f7-b8b6-f044-982b-02fba7bb5a4b}REG_BINARY Binary Data
 {982a8b99-8fda-5af4-394e-b3a86eeae3a2}REG_BINARY Binary Data
 {716551c6-d81c-c314-8b60-8e802d17af65}REG_BINARY Binary Data
 {fa440e9d-3210-9e34-0941-9e24589c14a7}REG_BINARY Binary Data
 {3659e00e-8c62-9174-8be9-e4e562795f04}REG_BINARY Binary Data
 {a98edafe-8f64-8144-fa1b-ba21cc1c77dd}REG_BINARY Binary Data
 {7e0920ad-bcec-bb94-f850-b022eac09779}REG_BINARY Binary Data
--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
 AttachWhenLoaded              REG_DWORD  1
 DisplayName                   REG_SZ  @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
 Group                         REG_SZ  FSFilter Infrastructure
 ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
 Description                   REG_SZ  @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
 ErrorControl                  REG_DWORD  3
 Start                         REG_DWORD  0
 Tag                           REG_DWORD  1
 Type                          REG_DWORD  2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
 0                             REG_SZ  Root\LEGACY_FLTMGR\0000
 Count                         REG_DWORD  1
 NextInstance                  REG_DWORD  1
C:\Windows\system32\drivers\fltmgr.sys
File Size: 289664    BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]
C:\Windows\SysWOW64\mscomctl.ocx
File Size: 1070232   BYTES FileVersion: 6.1.98.39 MD5: [766f501b61c22723536af696a74133d4]
C:\Windows\SysWOW64\olepro32.dll
File Size: 90112     BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]
MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced:
    AutomaticQuarantine:                                       true
    AutostartProtection:                                       true
    LimitedMode:                                               false
    StartSilentMode:                                           false
    StartupDelay:                                              0
ApplicationState:
    First-Run-After-Installation:                              false
General:
    DaysUntilNotifyExpiration:                                 5
    Language:                                                  en
    RightClickAccess:                                          false
    SilentErrors:                                              false
Logging:
    ExportLog:                                                 true
Notification:
ProtectionTray:
    DisplayMilliseconds:                                       7000
ScanHistory:
    Duration_Complete:                                         397729
    Duration_Driver:                                           0
    Duration_Filesystem:                                       619
    Duration_Heuristics:                                       410946
    Duration_Loading:                                          0
    Duration_MasterBootRecord:                                 0
    Duration_Memory:                                           40000
    Duration_PreScan:                                          16160
    Duration_Registry:                                         15641
    Duration_Sector:                                           0
    Duration_Startup:                                          22919
    ItemCount_Complete:                                        335247
    ItemCount_Driver:                                          0
    ItemCount_Filesystem:                                      56053
    ItemCount_Heuristics:                                      11054
    ItemCount_Loading:                                         0
    ItemCount_MasterBootRecord:                                0
    ItemCount_Memory:                                          2797
    ItemCount_PreScan:                                         0
    ItemCount_Registry:                                        651
    ItemCount_Sector:                                          0
    ItemCount_Startup:                                         3192
    LastScanDateEpoch:                                         1414514670832
    LastScanType:                                              1 (Threat Scan)
Update:
    LastUpdate:                                                2014-10-28T16:44:21
    NotifyInstallReady:                                        true
    NotifyOutdatedDatabase:                                    7
    ProxyPassword:                                             
    ProxyPort:                                                 0
    ProxyServer:                                               
    ProxyUsername:                                             
    UseProxy:                                                  false
    UseProxyAuthentication:                                    false
--------------Account:--------------
  Account Status:                                              Trial
  Expiration Time:                                             2014/11/11 16:43:56
  Activation Time:                                             2014/10/28 16:43:56
  Trial Used:                                                  true
--------------Access Policies:--------------
Scheduler Queue:
================
tasks:
    e475decb-1bc5-4ec8-b0e0-e8df7d94855f:                      
      parameters:                                              
        AutoDelete:                                            false
        CheckForUpdatesBeforeScanStart:                        true
        ScanConfig:                                            
          ExitWhenQuarantineCompletes:                         false
          ExportLog:                                           true
          FileSystemOption:                                    true
          Quarantine:                                          Prompt
          RebootSystemWhenMalwareDetected:                     false
          ScanArchives:                                        true
          ScanExtra:                                           true
          ScanHeuristic:                                       true
          ScanMemoryObjects:                                   true
          ScanPUM:                                             2
          ScanPUP:                                             2
          ScanRegistry:                                        true
          ScanRootkits:                                        false
          ScanStartup:                                         true
          ScanTargets:                                         
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true
        StartTaskFromSystemAccount:                            false
        TaskType:                                              0
      triggers:                                                
        0ca05479-e18d-47f6-966a-b9b40a50c835:                  
          dateinterval:                                        1:0:0
          lastscheduled:                                       
          lasttriggered:                                       
          nextscheduled:                                       Wed, 29 Oct 2014 02:43:46 -0700
          recovery:                                            23:00:00
          start:                                               Wed, 29 Oct 2014 02:48:41 -0700
          timeinterval:                                        00:00:00
          type:                                                4
          uuid:                                                0ca05479-e18d-47f6-966a-b9b40a50c835
      type:                                                    scan
      uuid:                                                    e475decb-1bc5-4ec8-b0e0-e8df7d94855f
    e6153003-f871-4321-8e4c-8380d056a9ad:                      
      parameters:                                              
        NotifyWhenUpdateCompletes:                             true
        TaskType:                                              3
      triggers:                                                
        f998a33b-eb1c-4cd0-866f-b957cf26150a:                  
          dateinterval:                                        0:0:0
          lastscheduled:                                       Tue, 28 Oct 2014 10:05:32.687169 -0700
          lasttriggered:                                       Tue, 28 Oct 2014 10:05:32.687169 -0700
          nextscheduled:                                       Tue, 28 Oct 2014 11:01:18.672330 -0700
          recovery:                                            00:00:00
          start:                                               Tue, 28 Oct 2014 09:52:23.672330 -0700
          timeinterval:                                        01:00:00
          type:                                                3
          uuid:                                                f998a33b-eb1c-4cd0-866f-b957cf26150a
      type:                                                    update
      uuid:                                                    e6153003-f871-4321-8e4c-8380d056a9ad
Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
Pending File Rename Operations:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
 PendingFileRenameOperations REG_MULTI_SZ \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cleanup.old
 
MBAMProtector Registry Values:
==============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
 Type                          REG_DWORD  2
 Start                         REG_DWORD  3
 ErrorControl                  REG_DWORD  1
 ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
 Group                         REG_SZ  FSFilter Anti-Virus
 DependOnService               REG_MULTI_SZ FltMgr
 WOW64                         REG_DWORD  1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
 DefaultInstance               REG_SZ  MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
 Altitude                      REG_SZ  328800
 Flags                         REG_DWORD  0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
 PassThruFile                  REG_SZ  mbampt.exe
 ProductPath                   REG_SZ  C:\Program Files (x86)\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
 0                             REG_SZ  Root\LEGACY_MBAMPROTECTOR\0000
 Count                         REG_DWORD  1
 NextInstance                  REG_DWORD  1
MBAMService Registry Values:
============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
 Type                          REG_DWORD  16
 Start                         REG_DWORD  2
 ErrorControl                  REG_DWORD  1
 ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
 DependOnService               REG_MULTI_SZ MBAMProtector
 WOW64                         REG_DWORD  1
 ObjectName                    REG_SZ  LocalSystem
 Description                   REG_SZ  Malwarebytes Anti-Malware service
 DelayedAutostart              REG_DWORD  0
MBAMScheduler Registry Values:
==============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
 Type                          REG_DWORD  16
 Start                         REG_DWORD  2
 ErrorControl                  REG_DWORD  1
 ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
 WOW64                         REG_DWORD  1
 ObjectName                    REG_SZ  LocalSystem
 Description                   REG_SZ  Malwarebytes Anti-Malware scheduler
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
TermService Start is set to: 3 (Manual Startup)
Proxy Status: No proxy is Set
Proxy Override:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
 ProxyOverride REG_SZ  *.local
LAN Settings:
=============
only 'Automatically detect settings' is selected
SystemPartition:
================
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
 SystemPartition REG_SZ  \Device\HarddiskVolume1
Balloon Tips Status:
====================
Enabled
Time Format Settings:
=====================
Should be:
  h:mm:ss tt
  AM
  PM
  :
Currently:
REG_SZ  h:mm:ss tt
REG_SZ  AM
REG_SZ  PM
REG_SZ  :
Language and Regional Settings:
===============================
ACP:  Language is English (United States)
MACCP:  Language is English (United States)
OEMCP:  Language is English (United States)
Startup Folders for Error_Expanding_Variables Check:
====================================================
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
Context Menu Entries:
=====================
 
 
 
 
 
 
 
List of MBAM Related Directories:
=================================
C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [ce5bab535bfa98530ddac4661a751dfe]
changes.txt                              File Size: 3104      BYTES FileVersion:  N/A            MD5: [3ac874d1e1bfd50e4ceb220f5dd73f67]
license.rtf                              File Size: 39478     BYTES FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                              File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                 File Size: 579896    BYTES FileVersion:  1.0.16.0       MD5: [59569d4be0d79a2b8c3241c6dcea0034]
mbam.exe                                 File Size: 7229752   BYTES FileVersion:  1.0.1.711      MD5: [f89773dfa9b8c95a3ac2af1e7d99e483]
mbamcore.dll                             File Size: 1829176   BYTES FileVersion:  1.1.20.0       MD5: [a8d4b1d04a5fcd862321ce106da7ce4e]
mbamdor.exe                              File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [842c198bb5fb3a051c34d493f3a7dff4]
mbamext.dll                              File Size: 310584    BYTES FileVersion:  3.0.6.0        MD5: [c49fe57cfa679dc1427fd6737bdce551]
mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [03cfd2a07ddf755aafac6e459d2d855a]
mbamscheduler.exe                        File Size: 1871160   BYTES FileVersion:  3.1.1.0        MD5: [6d8a2ee4244630b290a837e79c0f37a1]
mbamservice.exe                          File Size: 968504    BYTES FileVersion:  3.0.8.0        MD5: [09d4503cbb6adb3a54e7c7a75090b728]
mbamsrv.dll                              File Size: 4463928   BYTES FileVersion:  1.2.0.0        MD5: [a422816a15cfac50567fd0f6582fd2cf]
msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [ca55500e2e0515fcc888c4a5e01e64b7]
msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [4c539e592e50633b21ab1e1fda40a32a]
QtCore4.dll                              File Size: 2732856   BYTES FileVersion:  4.8.4.0        MD5: [61af7614418ba5b9e8b4eb82e459be53]
QtGui4.dll                               File Size: 8575288   BYTES FileVersion:  4.8.4.0        MD5: [2954dc080087cf73818f959cb3ed9c13]
QtNetwork4.dll                           File Size: 909112    BYTES FileVersion:  4.8.4.0        MD5: [d36b759179ddd214743dcfb8ed791fa2]
unins000.dat                             File Size: 25992     BYTES FileVersion:  N/A            MD5: [22a87a0cc871d3e15e772a74916296cd]
unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
C:\Program Files (x86)\Malwarebytes Anti-Malware\\accessible
qtaccessiblewidgets4.dll                 File Size: 198968    BYTES FileVersion:  4.8.4.0        MD5: [ac1481e30e75034928f50923c42a530d]
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                            File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                              File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
firefox.exe                              File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
firefox.pif                              File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
firefox.scr                              File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
iexplore.exe                             File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-chameleon.com                       File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-chameleon.exe                       File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-chameleon.pif                       File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-chameleon.scr                       File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
mbam-killer.exe                          File Size: 1188664   BYTES FileVersion:  3.0.2.0        MD5: [311251e69b0db0562be1a2d6b556e552]
rundll32.exe                             File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
svchost.exe                              File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
windows.exe                              File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
winlogon.exe                             File Size: 761656    BYTES FileVersion:  3.1.7.0        MD5: [c0afb3c7e6c7ca3f6e42ff242bbbcb1f]
C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                                File Size: 32568     BYTES FileVersion:  4.8.4.0        MD5: [ff014ac49ac32e5f1c7d6e271b320893]
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_ar.qm                               File Size: 139423    BYTES FileVersion:  N/A            MD5: [9771d098e918204a99fa0068f431e6ba]
lang_bg.qm                               File Size: 147865    BYTES FileVersion:  N/A            MD5: [d250b37179f313e58267f7946e0522d4]
lang_ca.qm                               File Size: 149256    BYTES FileVersion:  N/A            MD5: [0cc2735ee2f231ea5d964c323ca73e08]
lang_cs.qm                               File Size: 142601    BYTES FileVersion:  N/A            MD5: [8426f7126d2851a1e6ca1f1f7e45d2ec]
lang_da.qm                               File Size: 143131    BYTES FileVersion:  N/A            MD5: [6fe13d4a5a44a3390bf9940404eeb6c7]
lang_de.qm                               File Size: 151959    BYTES FileVersion:  N/A            MD5: [9517c7c9865b5641c5c250c84b51a6d1]
lang_el.qm                               File Size: 152327    BYTES FileVersion:  N/A            MD5: [4cd483236d99cf40e9d8cf534bac05e7]
lang_en.qm                               File Size: 137689    BYTES FileVersion:  N/A            MD5: [d34a8afc30bb472c443f7f088513ff04]
lang_es.qm                               File Size: 149211    BYTES FileVersion:  N/A            MD5: [1ee5f6535d02c94812e54e3ed65de6ac]
lang_et.qm                               File Size: 141939    BYTES FileVersion:  N/A            MD5: [f6faee4a33654bb27dcf2f9d4cf955ef]
lang_fi.qm                               File Size: 145730    BYTES FileVersion:  N/A            MD5: [9f4ff431ec70747591ef0e0eaf3ed2cb]
lang_fr.qm                               File Size: 153965    BYTES FileVersion:  N/A            MD5: [8dd69dd62ee617dc3ca4f25ab2c70af8]
lang_he.qm                               File Size: 134117    BYTES FileVersion:  N/A            MD5: [3ad149f1778e6e8f8f89ecfe67a1e62e]
lang_hu.qm                               File Size: 147806    BYTES FileVersion:  N/A            MD5: [7c3ae4dde80fa8759968b218a03a7a73]
lang_id.qm                               File Size: 145710    BYTES FileVersion:  N/A            MD5: [c2a0325d9dfb5c5fce7a4832837896e7]
lang_it.qm                               File Size: 148249    BYTES FileVersion:  N/A            MD5: [4766a519a653d8e6f6ad32094a2a059b]
lang_ja.qm                               File Size: 122782    BYTES FileVersion:  N/A            MD5: [339134f906b770b833653682264bdc23]
lang_ko.qm                               File Size: 119240    BYTES FileVersion:  N/A            MD5: [5042df441910dfe9f6a55d3c005b00c7]
lang_lt.qm                               File Size: 146950    BYTES FileVersion:  N/A            MD5: [5c0fca31ff0a6d2b3f6d1722940a2dc6]
lang_lv.qm                               File Size: 146072    BYTES FileVersion:  N/A            MD5: [8623ed6977cd81c0d520f5fd84788d93]
lang_nl.qm                               File Size: 147725    BYTES FileVersion:  N/A            MD5: [1b391d5599be4724018624a27014eb75]
lang_no.qm                               File Size: 144153    BYTES FileVersion:  N/A            MD5: [2d53348f8e74f26f065e0c83e8fff7fe]
lang_pl.qm                               File Size: 147483    BYTES FileVersion:  N/A            MD5: [ce39bae20f8a2b42f93f2f5a5c6dd63e]
lang_pt_BR.qm                            File Size: 146906    BYTES FileVersion:  N/A            MD5: [b337c75fa23ba36176719d54c0269560]
lang_pt_PT.qm                            File Size: 144956    BYTES FileVersion:  N/A            MD5: [b41016907930a96a11aadb348fd9a1b6]
lang_ro.qm                               File Size: 146821    BYTES FileVersion:  N/A            MD5: [69c447559268a873808d5ae48b425ad9]
lang_ru.qm                               File Size: 148179    BYTES FileVersion:  N/A            MD5: [51d4d0c155de54f24b09be7040a7ff15]
lang_sk.qm                               File Size: 144330    BYTES FileVersion:  N/A            MD5: [3a00a97315c24e6820f8939920ef14b4]
lang_sl.qm                               File Size: 144582    BYTES FileVersion:  N/A            MD5: [47db99ccdd98936e6a38957321c71317]
lang_sv.qm                               File Size: 145435    BYTES FileVersion:  N/A            MD5: [a2b33c0364aad3e9d7daafdd4f286ee1]
lang_th.qm                               File Size: 137957    BYTES FileVersion:  N/A            MD5: [6a24ece552172d805cd428853255d294]
lang_tr.qm                               File Size: 144262    BYTES FileVersion:  N/A            MD5: [18b7fec7611c038780ee77044e523f70]
lang_vi.qm                               File Size: 144480    BYTES FileVersion:  N/A            MD5: [708062759498e791186bbe64b7246d0c]
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                            File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [0d7dd0e7f98a4f414fed44af0b50128b]
C:\Users\JA\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                              File Size: 314       BYTES FileVersion:  N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]
cleanup.old                              File Size: 1829176   BYTES FileVersion:  1.1.20.0       MD5: [a8d4b1d04a5fcd862321ce106da7ce4e]
domains.ref                              File Size: 38        BYTES FileVersion:  N/A            MD5: [8c30b536b67543eb68e68b9640d4d498]
exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                  File Size: 33        BYTES FileVersion:  N/A            MD5: [8a1c580788ea8de3f32862c2c1cf373c]
mbamdor.old                              File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [842c198bb5fb3a051c34d493f3a7dff4]
rules.ref                                File Size: 9976656   BYTES FileVersion:  N/A            MD5: [fd232c7424bd8aa73d66fe2cb53124d8]
swissarmy.ref                            File Size: 23014     BYTES FileVersion:  N/A            MD5: [f2ab0b4219d81b2b4b7102e062c39503]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                               File Size: 4568      BYTES FileVersion:  N/A            MD5: [471fc713097bc5cbe659b7640d7227cf]
database.conf                            File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                          File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 462       BYTES FileVersion:  N/A            MD5: [3a68d78348456e71cd2a3365f850e106]
manifest.conf                            File Size: 1707      BYTES FileVersion:  N/A            MD5: [43dbbaaa734eff61b5d9bf161f107555]
marketing.conf                           File Size: 1434      BYTES FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                 File Size: 6065      BYTES FileVersion:  N/A            MD5: [2e326a9a723deea169e7410bf3276a46]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 2067      BYTES FileVersion:  N/A            MD5: [ee7b84d15b1a6cbf5edba6a63e8fb884]
settings.conf                            File Size: 1994      BYTES FileVersion:  N/A            MD5: [479a014c47cb9e28d215e6a2d07a8ecb]
statistics.conf                          File Size: 513       BYTES FileVersion:  N/A            MD5: [7a57af0bc56c17e3a79d69da9f5aa0be]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
build.conf                               File Size: 4155      BYTES FileVersion:  N/A            MD5: [287475cbeda24d01fe8d34660bc35e1c]
database.conf                            File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                          File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
manifest.conf                            File Size: 1566      BYTES FileVersion:  N/A            MD5: [29b928c33aec22293649d003ea4ef224]
marketing.conf                           File Size: 1434      BYTES FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                 File Size: 5344      BYTES FileVersion:  N/A            MD5: [973e9c5714cc0c56a7b9c83d876754dd]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                            File Size: 1725      BYTES FileVersion:  N/A            MD5: [06c52d7137dac16e1661f7cf004f2e4d]
statistics.conf                          File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2014-10-28 (09-44-29).xml       File Size: 30332     BYTES FileVersion:  N/A            MD5: [a4cf0d1c7d1776898673a15fb0a6ce9c]
protection-log-2014-10-28.xml            File Size: 36042     BYTES FileVersion:  N/A            MD5: [d771a064af2ab70b9d2cf266d18d95eb]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
0219390726.data                          File Size: 728       BYTES FileVersion:  N/A            MD5: [77bef7cdff40a91dffa194bf860dc739]
0219390726.quar                          File Size: 120       BYTES FileVersion:  N/A            MD5: [0d6cd09492ddeee8972999fbb8561063]
0597283602.data                          File Size: 1058      BYTES FileVersion:  N/A            MD5: [7facc533071f26dff066574e50270fd6]
0678495802.data                          File Size: 723       BYTES FileVersion:  N/A            MD5: [206ce0e48ab8d445fb3733f9cd364c41]
0678495802.quar                          File Size: 251768    BYTES FileVersion:  N/A            MD5: [ca11965e870eaa7d1245751bc44552e6]
0789699988.data                          File Size: 845       BYTES FileVersion:  N/A            MD5: [f9f75770ae6d9f6f73609e492e270583]
0789699988.quar                          File Size: 816       BYTES FileVersion:  N/A            MD5: [8cee3acbc93918850d8cf3943ac6a2b7]
0849604278.data                          File Size: 777       BYTES FileVersion:  N/A            MD5: [c6baed8f4b86596c5e13b2e97b9b586d]
0849604278.quar                          File Size: 458       BYTES FileVersion:  N/A            MD5: [bedf7453daf8b8a0753f1fef590efd96]
1508502701.data                          File Size: 788       BYTES FileVersion:  N/A            MD5: [6b776450c74eb2ec972ab6a7f78f760b]
1508502701.quar                          File Size: 318       BYTES FileVersion:  N/A            MD5: [f3550b6d9d02e82c7e7028eea7522282]
1777165083.data                          File Size: 783       BYTES FileVersion:  N/A            MD5: [33021752e3d250c99a799b845fefcd78]
1777165083.quar                          File Size: 5901      BYTES FileVersion:  N/A            MD5: [671bf5280e9c8941f5594728279fd8a5]
2093924918.data                          File Size: 695       BYTES FileVersion:  N/A            MD5: [80ba740966fe131139b3336cb4f28dd9]
2093924918.quar                          File Size: 228       BYTES FileVersion:  N/A            MD5: [981de9cd6c8c51fa8444f08652ac51fb]
2137380785.data                          File Size: 781       BYTES FileVersion:  N/A            MD5: [3c9a1336122d56c4337beb156e49f42e]
2137380785.quar                          File Size: 605       BYTES FileVersion:  N/A            MD5: [c5ecc98d0c13e311a8bf8a451bb74a82]
2293424248.data                          File Size: 697       BYTES FileVersion:  N/A            MD5: [97d392f11219c491cab512964734f2db]
2520147692.data                          File Size: 701       BYTES FileVersion:  N/A            MD5: [729c4becdf7cc165c6487eecf8aad5e9]
2978549421.data                          File Size: 774       BYTES FileVersion:  N/A            MD5: [ce0888f02de83a3e7a9be363926398dd]
3409276943.data                          File Size: 742       BYTES FileVersion:  N/A            MD5: [70144c2b21ef16a638b3595a21948c8f]
3409276943.quar                          File Size: 360       BYTES FileVersion:  N/A            MD5: [fd62a2f9afbb9b34edd0b46531af67cc]
3472741208.data                          File Size: 767       BYTES FileVersion:  N/A            MD5: [58ee8d663fc6831110a235c433740eea]
3500070253.data                          File Size: 783       BYTES FileVersion:  N/A            MD5: [3dc29166cf70b2681fbd86a191ac57e4]
3500070253.quar                          File Size: 383       BYTES FileVersion:  N/A            MD5: [de8f1a5209dbf91b076c4738bd56a465]
4075544300.data                          File Size: 722       BYTES FileVersion:  N/A            MD5: [f74624ef772bc9b5b34fee9c146a0547]
4075544300.quar                          File Size: 1646      BYTES FileVersion:  N/A            MD5: [1200d0f4d1aee104820f52b09619c194]
4304521481.data                          File Size: 725       BYTES FileVersion:  N/A            MD5: [02c9e11b491f73f1894a9b149d467de1]
4304521481.quar                          File Size: 251768    BYTES FileVersion:  N/A            MD5: [ca11965e870eaa7d1245751bc44552e6]
4337445985.data                          File Size: 782       BYTES FileVersion:  N/A            MD5: [26450c2d1973e5ce4e18af9d64cabc0d]
4337445985.quar                          File Size: 1289      BYTES FileVersion:  N/A            MD5: [bee25d8ff582f6c518cff13d291cd6dd]
4356385578.data                          File Size: 771       BYTES FileVersion:  N/A            MD5: [394a6ca49b8b4df45c8d09812f8f1239]
4553523852.data                          File Size: 704       BYTES FileVersion:  N/A            MD5: [21dc455f74e98cadbc1334754c9aab4a]
4553523852.quar                          File Size: 382       BYTES FileVersion:  N/A            MD5: [d80a9c03e03d031c9cbe6823e20105f8]
4633561109.data                          File Size: 788       BYTES FileVersion:  N/A            MD5: [5e2a0049ec92a42a9c3144038674a265]
4633561109.quar                          File Size: 703       BYTES FileVersion:  N/A            MD5: [132f01b83b7dc012f32b2016aa828303]
4676607141.data                          File Size: 1027      BYTES FileVersion:  N/A            MD5: [1b6d18df0cf5240a918063ae4fcd6309]
4676607141.quar                          File Size: 42188     BYTES FileVersion:  N/A            MD5: [5b029441baf2bba0a792115029765fca]
4881753412.data                          File Size: 717       BYTES FileVersion:  N/A            MD5: [b1179d7378c17acd62fb9eeb6e00d512]
5357185955.data                          File Size: 702       BYTES FileVersion:  N/A            MD5: [1f04491820e37cdead8269fe3bae41e4]
5357185955.quar                          File Size: 404       BYTES FileVersion:  N/A            MD5: [8804aa4e1399363e0745284d6a52d942]
5398843335.data                          File Size: 791       BYTES FileVersion:  N/A            MD5: [7f038de7e9dfec04644d1bf5734fe6b1]
5398843335.quar                          File Size: 640       BYTES FileVersion:  N/A            MD5: [d5bec560b3b4b4b8cf37a8e079e59dfc]
5457527528.data                          File Size: 849       BYTES FileVersion:  N/A            MD5: [89ae1fa659b451ed9cf878981e6217e1]
5457527528.quar                          File Size: 1630      BYTES FileVersion:  N/A            MD5: [8fb2f3ec1a25531a87816135a4231d4b]
5632970056.data                          File Size: 842       BYTES FileVersion:  N/A            MD5: [2c0fea9922b6741f213ac37fb2b3ef7c]
5729164388.data                          File Size: 788       BYTES FileVersion:  N/A            MD5: [d3c2f671dab8e3e037e04095af0922cf]
5729164388.quar                          File Size: 12768     BYTES FileVersion:  N/A            MD5: [d0c5ab5a8332eebb5c5b0441ed264513]
5851316751.data                          File Size: 802       BYTES FileVersion:  N/A            MD5: [9197cff9fa1cb0010783ab7867adefbf]
5851316751.quar                          File Size: 336       BYTES FileVersion:  N/A            MD5: [956aa6a1737d0d86172c9548ef2c5a21]
5852919435.data                          File Size: 781       BYTES FileVersion:  N/A            MD5: [307a03e6213118ba1431d05d3ec65b48]
5852919435.quar                          File Size: 25501     BYTES FileVersion:  N/A            MD5: [5c9f182da28602d75b9c4598a7c0bd19]
5901418069.data                          File Size: 771       BYTES FileVersion:  N/A            MD5: [c61e4059576316741924f6b067e7fc87]
6015588390.data                          File Size: 782       BYTES FileVersion:  N/A            MD5: [8e8c1ebbfeaebb4389a7a013bc575f7b]
6015588390.quar                          File Size: 913       BYTES FileVersion:  N/A            MD5: [ad3d48983d599db6fe22a24ab8d4d1f0]
6066924634.data                          File Size: 702       BYTES FileVersion:  N/A            MD5: [8ec1ff3e168b56e044409105981f16b0]
6072544901.data                          File Size: 794       BYTES FileVersion:  N/A            MD5: [8e6fda1a10580c4bfe6f20631466bb00]
6072544901.quar                          File Size: 2904      BYTES FileVersion:  N/A            MD5: [7ebd31fe823d2a5bc900447d039a1586]
6153171552.data                          File Size: 730       BYTES FileVersion:  N/A            MD5: [4f8c531a9e7b6d912571ce345f32e857]
6153171552.quar                          File Size: 336       BYTES FileVersion:  N/A            MD5: [39e5c2441e8ca2610bc9c2b6557c8874]
6283081781.data                          File Size: 782       BYTES FileVersion:  N/A            MD5: [feb1b9d93c11faf8f008254ce68049f0]
6283081781.quar                          File Size: 2146      BYTES FileVersion:  N/A            MD5: [12b11fb5f392f01a84e8d8a79cef0942]
6494001705.data                          File Size: 698       BYTES FileVersion:  N/A            MD5: [ee120406aa1eed8460ceff182b941994]
6494001705.quar                          File Size: 295080    BYTES FileVersion:  N/A            MD5: [d7e866de2fd48e48c753da383786e3a2]
6690857864.data                          File Size: 768       BYTES FileVersion:  N/A            MD5: [feb1520f8f267c7cd03f8b68157e2677]
6754334764.data                          File Size: 785       BYTES FileVersion:  N/A            MD5: [e30bb7d9260daab3f0e5cf9cb9f5e8ac]
6754334764.quar                          File Size: 349       BYTES FileVersion:  N/A            MD5: [e00dc8b20b1c281e9c12c622fdb5468e]
6777552035.data                          File Size: 785       BYTES FileVersion:  N/A            MD5: [b4a801483eb7b6814f4a64bb2dd3732e]
6777552035.quar                          File Size: 1148      BYTES FileVersion:  N/A            MD5: [a3b7d469332c72d86fa3d76d7db40437]
6848949794.data                          File Size: 701       BYTES FileVersion:  N/A            MD5: [db2a024be2981f826d35929ef2b36695]
7015915441.data                          File Size: 692       BYTES FileVersion:  N/A            MD5: [3ee3c122e6741853032be3a7aac46216]
7015915441.quar                          File Size: 266       BYTES FileVersion:  N/A            MD5: [932fcdc434c324a11aabe68bb7001193]
7505830759.data                          File Size: 994       BYTES FileVersion:  N/A            MD5: [d3fde24df0cc1e96b1414f51231bbabd]
7505830759.quar                          File Size: 42188     BYTES FileVersion:  N/A            MD5: [5b029441baf2bba0a792115029765fca]
7975908916.data                          File Size: 688       BYTES FileVersion:  N/A            MD5: [76620aef3ac5c4dbde431b9e4e737f48]
8245936513.data                          File Size: 796       BYTES FileVersion:  N/A            MD5: [b1884334eb1b3941d063753dade09ce8]
8245936513.quar                          File Size: 536       BYTES FileVersion:  N/A            MD5: [58ef8dc14ff4f72f0b7abfec81524777]
8377825395.data                          File Size: 762       BYTES FileVersion:  N/A            MD5: [5caf60ab8eb1f5aa73fba2a90a014275]
8546713119.data                          File Size: 715       BYTES FileVersion:  N/A            MD5: [5adf459b8401eca695ff73ba66abfa89]
8546713119.quar                          File Size: 251768    BYTES FileVersion:  N/A            MD5: [ca11965e870eaa7d1245751bc44552e6]
8688843753.data                          File Size: 726       BYTES FileVersion:  N/A            MD5: [41ccf56d824f0a83b17f5a32cb37bbd8]
8688843753.quar                          File Size: 26        BYTES FileVersion:  N/A            MD5: [4ece141d95aeb6b963d5fa30b0226685]
8846123211.data                          File Size: 799       BYTES FileVersion:  N/A            MD5: [51ea37635681b03fc7fedfdc2b8071ed]
8846123211.quar                          File Size: 632       BYTES FileVersion:  N/A            MD5: [eff7d8870f4baa751912720fb15a05c2]
8885357470.data                          File Size: 779       BYTES FileVersion:  N/A            MD5: [cfbf76be0037f9783789743c1685afdd]
8885357470.quar                          File Size: 2050      BYTES FileVersion:  N/A            MD5: [f706cf82087b04ae987c48b7ca69f0df]
8961803685.data                          File Size: 697       BYTES FileVersion:  N/A            MD5: [4ff88e023e4fcfb20f3da12fe827575e]
9174461435.data                          File Size: 787       BYTES FileVersion:  N/A            MD5: [599539162c10ab47542b941e9d43862d]
9174461435.quar                          File Size: 102       BYTES FileVersion:  N/A            MD5: [4d09921eb314d5011be6f1a3c47143e9]
9248342905.data                          File Size: 828       BYTES FileVersion:  N/A            MD5: [f8eaa5c24b5f3f4b4ad992e94d2413a8]
9839012581.data                          File Size: 792       BYTES FileVersion:  N/A            MD5: [1167fc4ecaf56459156354e2f12fc749]
9839012581.quar                          File Size: 330       BYTES FileVersion:  N/A            MD5: [1c9a5241cb5a1dbdd0727b472073ce80]
9930797930.data                          File Size: 708       BYTES FileVersion:  N/A            MD5: [8e96acdf254591595d4511073f17f5b8]
9930797930.quar                          File Size: 490360    BYTES FileVersion:  N/A            MD5: [f732d583d630268eae295fccccc45192]
Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
Vendor: PUP.Optional.DigitalSite.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Roaming\DigitalSite\UpdateProc\config.dat
Vendor: PUP.Optional.FindWide, Date: 2014/10/28 16:44:30, Type: Registry Value, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL
Vendor: PUP.Optional.MultiExtension.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
Vendor: PUP.Optional.SweetIM.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}
Vendor: PUP.Optional.MyWordTool.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MyWordTool
Vendor: PUP.Optional.InstallCore.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\icon128.png
Vendor: PUP.Optional.AdPeak.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKLM\SOFTWARE\LevelQualityWatcher
Vendor: PUP.Optional.MyWordTool.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn\1_0\script.js
Vendor: PUP.Optional.SupraSavings.A, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\Program Files\SupraSavings
Vendor: PUP.Optional.Searchagent, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\ProgramData\RHelpers\ChromeHelper
Vendor: PUP.Optional.SocialPrivacy, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0
Vendor: PUP.Optional.DynConIE.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Vendor: PUP.Optional.MyWordTool.A, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\announce.js
Vendor: PUP.Optional.Sizlsearch.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update sizlsearch
Vendor: PUP.Optional.MultiExtension.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe
Vendor: PUP.Optional.MyWordTool.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn\1_0\build.json
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0
Vendor: PUP.Optional.SupraSavings, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\SupraSavings
Vendor: PUP.Optional.SocialPrivacy, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\manifest.json
Vendor: PUP.Optional.Conduit.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vendor: PUP.Optional.DigitalSite.A, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\Users\JA\AppData\Roaming\DigitalSite\UpdateProc
Vendor: PUP.Optional.MyWordTool.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MyWordTool
Vendor: PUP.Optional.SocialPrivacy, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn\1.0_0\contentscript.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Vendor: PUP.Optional.FindWide, Date: 2014/10/28 16:44:30, Type: Registry Value, Location: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\contentscript.js
Vendor: PUP.Optional.SupraSavings.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\common.js
Vendor: PUP.Optional.MyWordTool.A, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn\1_0
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\icon16.png
Vendor: PUP.Optional.Searchagent, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\ProgramData\RHelpers\FirefoxHelper
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\iframecontentscript.js
Vendor: PUP.Optional.DynConIE.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\icon48.png
Vendor: PUP.Optional.AdPeak.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Windows\SysWOW64\SecureAssist.dll
Vendor: PUP.Optional.SocialPrivacy, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfaifkapfifnanhhiidacmhldddojchn
Vendor: PUP.Optional.MyWordTool.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\djgojpphcoccgjoafgdhiomafpcopmfn\1_0\manifest.json
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\manifest.json
Vendor: PUP.Optional.SupraSavings.A, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\Program Files\SupraSavings\SSL
Vendor: PUP.Optional.SupraSavings, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKLM\SOFTWARE\suprasavings
Vendor: PUP.Optional.Conduit.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vendor: PUP.Optional.Searchagent, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\ProgramData\RHelpers
Vendor: PUP.Optional.RRSavings.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Rr Savings
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
Vendor: PUP.Optional.MultiExtension.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\ProgramData\RHelpers\IeHelper\IeHelper.exe
Vendor: PUP.Optional.DigitalSite.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Roaming\DigitalSite\UpdateProc\prod.dat
Vendor: PUP.Optional.TidyNetwork.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TidyNetwork
Vendor: PUP.Optional.InstallCore.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE
Vendor: PUP.Optional.Searchagent, Date: 2014/10/28 16:44:30, Type: Folder, Location: C:\ProgramData\RHelpers\IeHelper
Vendor: PUP.Optional.MultiIE, Date: 2014/10/28 16:44:30, Type: File, Location: C:\Users\JA\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb\2.6.43_0\background.html
Vendor: PUP.Optional.InstallCore.A, Date: 2014/10/28 16:44:30, Type: Registry Value, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb
Vendor: PUP.Optional.MultiIE.A, Date: 2014/10/28 16:44:30, Type: Registry Key, Location: HKU\S-1-5-21-4034817025-4221853160-1817864627-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE
Vendor: PUP.Optional.Updater.A, Date: 2014/10/28 16:44:30, Type: File, Location: C:\ProgramData\Updater\updater.exeupdater.exe
===============================================================
END OF FILE
 
Now here is

Edited by Queen-Evie, 29 October 2014 - 09:04 AM.
split from http://www.bleepingcomputer.com/forums/t/552767/help-with-a-few-viruses/


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users