Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Virus ?


  • Please log in to reply
8 replies to this topic

#1 weplayjams

weplayjams

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:09 AM

Posted 29 September 2015 - 06:43 AM

Hi All,thanks for having me.
I'm no tech expert so please be gentle ;)
I have Windows 8.
When i use Google or Firefox i get these continual pop ups.
I've scanned using Panda free,also with Adwcleaner and get the following report see below.
 
 
 
C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstoC:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journa
C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
C:\Users\Ian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
 
Can you please help.
Regards.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,460 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:09 PM

Posted 29 September 2015 - 08:19 AM

Have you made downloads and installed them recently?

 

Please run Malwarebytes AntiMalware
 
Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
malwarerun_zps9abd4ef1.png
 
4)  When the scan is complete the results will be displayed.  Click on Delete All.
 
malwarenew_zps34b58fdc.png
 
5)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  Copy and paste the log in your topic.
 
================
 

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
    ================
     

    Please do the following to clean your Extensions.
     
    Internet Explorer
     
    Press Alt+T and click Internet Options.
    Open the General tab.
    Change the home page and click OK.
    Press Alt+T and click Manage Add-ons.
    Click Toolbars and Extensions and remove unwanted extension.
    Click Search Providers and set a new default search engine.
     
    Google Chrome
     
    Press Alt+F and point to Tools.
    Click Extensions.
    Remove unwanted extensions.
    Click Settings.
    Under On startup, select the last option and click Set pages.
    Set a new startup page.
    Under Search, click Manage search engines and click enter the URL of your new default search provider. Click Ok.
     
    Mozilla Firefox
     
    Press Alt+T and click Options.
    Open the General tab and change the home page.
    Click OK.
    Press Ctrl+Shift+A and click Extensions.
    Remove unwanted extensions.
    Close the tab.
    Click the search engine icon next to the search box and select a new search provider.
     
    ================
     
    Open the Control Panel and click on Programs and Features.
     
    Look through you installed programs to see if you find any programs or toolbars you don't recognize and uninstall any that you know don't belong.

    Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

     

     

     

     


    #3 weplayjams

    weplayjams
    • Topic Starter

    • Members
    • 3 posts
    • OFFLINE
    •  
    • Local time:12:09 AM

    Posted 29 September 2015 - 09:42 AM

    :bounce: Here's the log,and a big thank you,going to try Google out now

     

    mbam-check result log version:     2.1.1.1001
    ========================================
     
    User Account type:                 Administrator
    OS:                                Windows 8.1  64 bit Operating System
    Current Version and Build:         6.3.9200.0 
    Malwarebytes Anti-Malware:         2.1.8.1057
    Installed On:                      2015/09/29
    Malware Database:                  2015.09.29.04
    Rootkit Database:                  2015.09.22.01
    Remediation Database:              2015.09.28.03
    IP Database:                       2015.09.28.01
    Domain Database:                   2015.09.29.02
    License:                           Trial
    Malware Protection:                4 (The service is running.)
    Malicious Website Protection:      4 (The service is running.)
    Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
    Log Created:                       2015/09/29 16:33:13
    Compatibility Flag Settings:
    =================================
     
     
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exeREG_SZ ^ WIN8RTM
     
     
    Malwarebytes Anti-Malware Shell Extension Block Check:
    ======================================================
     
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
     
    MBAM Startup Entries: 
    =====================
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
     
    Malwarebytes Anti-Malware Service and Driver Status:
    =======================================================
     
    --------------Driver File Info:--------------
    C:\Windows\system32\drivers\mbam.sys
    File Size: 25816     BYTES FileVersion: 0.1.15.0 MD5: [a8d28d5b3e2a528d1ef0e338e44f2820]
    C:\Windows\system32\drivers\mwac.sys
    File Size: 64216     BYTES FileVersion: 1.0.6.0 MD5: [85cfe7ab85b43b6b7ac7961aa3983a9f]
    C:\Windows\system32\drivers\mbamswissarmy.sys
    File Size: 113880    BYTES FileVersion: 0.2.22.0 MD5: [8f22037d3f5a6bb676525d825a1388b9]
    C:\Windows\system32\drivers\mbamchameleon.sys
    File Size: 109272    BYTES FileVersion: 1.1.20.0 MD5: [e681ce4ae5c09651d53cb4387ca3560e]
     
    --------------MBAMProtector:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMService:--------------
    Type:                   16
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMScheduler:--------------
    Type:                   16
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMChameleon:--------------
    Type:                   N/A
    State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
    WIN32_EXIT_CODE:        N/A
    SERVICE_EXIT_CODE:      N/A
    CHECKPOINT:             N/A
    WAIT_HINT:              N/A
     
     
    --------------MBAMWebAccessControl:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    Required Dependencies:
    ======================
     
    --------------BFE:--------------
    Type:                   32
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
    DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
    ErrorControl                  REG_DWORD 1
    Group                         REG_SZ NetworkProvider
    ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
    Start                         REG_DWORD 2
    Type                          REG_DWORD 32
    Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
    DependOnService               REG_MULTI_SZ RpcSs
    WfpLwfs
     
    ObjectName                    REG_SZ NT AUTHORITY\LocalService
    ServiceSidType                REG_DWORD 3
    RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
     
    FailureActions                REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
    ServiceDllUnloadOnStop        REG_DWORD 1
    ServiceMain                   REG_SZ BfeServiceMain
    ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
    {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
     
    {84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
     
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
     
    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
     
    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
     
    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
     
    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
     
    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
     
    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
     
    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
     
    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
     
    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
     
    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
     
    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
     
    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
     
    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Options
    EnablePacketQueue             REG_DWORD 0
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
    {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
     
    {84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
     
    {e72646bc-7d3f-4c5c-a679-b3716f8c6cc8}REG_BINARY Binary Data
     
    {b98b75dc-17c0-4e84-bd4e-2080527ca6a6}REG_BINARY Binary Data
     
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
     
    {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data
     
    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
     
    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
     
    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
     
    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
     
    {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data
     
    {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data
     
    {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data
     
    {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data
     
    {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data
     
    {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data
     
    {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data
     
    {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data
     
    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
     
    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
     
    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
     
    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
     
    {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data
     
    {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data
     
    {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data
     
    {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data
     
    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
     
    {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data
     
    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
     
    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
     
    {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data
     
    {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data
     
    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
     
    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
     
    {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data
     
    {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data
     
    {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data
     
    {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data
     
    {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data
     
    {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data
     
    {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data
     
    {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data
     
    {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data
     
    {70694559-714a-4a38-a0cd-51439e06f1d8}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
    {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
     
    {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
     
    {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
     
    {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
    {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
     
    {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
     
    {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
     
    {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
     
    --------------fltmgr:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
    AttachWhenLoaded              REG_DWORD 1
    DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
    ErrorControl                  REG_DWORD 3
    Group                         REG_SZ FSFilter Infrastructure
    ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
    Start                         REG_DWORD 0
    Tag                           REG_DWORD 1
    Type                          REG_DWORD 2
    Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
     
     
    C:\Windows\system32\drivers\fltmgr.sys
    File Size: 354112    BYTES FileVersion: 6.3.9600.17326 MD5: [c1fb505a73fa2e9019d32444ab33b75a]
    C:\Windows\SysWOW64\mscomctl.ocx
    File Size: 1070152   BYTES FileVersion: 6.1.98.34 MD5: [e52859fcb7a827cacfce7963184c7d24]
    C:\Windows\SysWOW64\olepro32.dll
    File Size: 86016     BYTES FileVersion: 6.3.9600.17415 MD5: [afe3ca77ff01edcb79ab3f9e87b7a50b]
    C:\Windows\system32\comctl32.ocx
    File Size: 1351392   BYTES FileVersion: 6.0.81.6 MD5: [2640ad05ab39321e6c9d3c71236ca0df]
     
     
    MBAM Registry Settings and License Info:
    ========================================
    --------------Settings:--------------
    Advanced: 
        AutomaticQuarantine:                                       true 
        AutostartProtection:                                       true 
        LimitedMode:                                               false 
        StartSilentMode:                                           false 
        StartupDelay:                                              -15 
    ApplicationState: 
        First-Run-After-Installation:                              false 
    General: 
        DaysUntilNotifyExpiration:                                 5 
        Language:                                                  en 
        RightClickAccess:                                          false 
        SilentErrors:                                              false 
    Logging: 
        ExportLog:                                                 true 
    Marketing: 
        LastPostScanMarketingIndex:                                1 
    Notification: 
    ProtectionTray: 
        DisplayMilliseconds:                                       3000 
    ScanHistory: 
        Duration_Complete:                                         386999 
        Duration_Driver:                                           0 
        Duration_Filesystem:                                       47 
        Duration_Heuristics:                                       532398 
        Duration_Loading:                                          0 
        Duration_MasterBootRecord:                                 0 
        Duration_Memory:                                           40000 
        Duration_PreScan:                                          14388 
        Duration_Registry:                                         24041 
        Duration_Sector:                                           0 
        Duration_Startup:                                          21317 
        ItemCount_Complete:                                        288701 
        ItemCount_Driver:                                          0 
        ItemCount_Filesystem:                                      51798 
        ItemCount_Heuristics:                                      13720 
        ItemCount_Loading:                                         0 
        ItemCount_MasterBootRecord:                                0 
        ItemCount_Memory:                                          2797 
        ItemCount_PreScan:                                         0 
        ItemCount_Registry:                                        686 
        ItemCount_Sector:                                          0 
        ItemCount_Startup:                                         1652 
        LastScanDateEpoch:                                         1443535812286 
        LastScanType:                                              1 (Threat Scan)
    Update: 
        LastUpdate:                                                2015-09-29T14:09:46 
        NotifyInstallReady:                                        true 
        NotifyOutdatedDatabase:                                    7 
        ProxyPassword:                                              
        ProxyPort:                                                 0 
        ProxyServer:                                                
        ProxyUsername:                                              
        UseProxy:                                                  false 
        UseProxyAuthentication:                                    false 
    --------------Account:--------------
      Account Status:                                              Trial 
      Expiration Time:                                             2015/10/13 14:08:53 
      Activation Time:                                             2015/09/29 16:08:51 
      Trial Used:                                                  true 
    --------------Access Policies:--------------
     
    Scheduler Queue:
    ================
     
    tasks: 
        53f8715c-0363-4531-82d2-21410993ed50:                       
          parameters:                                               
            AutoDelete:                                            false 
            CheckForUpdatesBeforeScanStart:                        true 
            ScanConfig:                                             
              ExportLog:                                           true 
              FileSystemOption:                                    true 
              Quarantine:                                          Prompt 
              RebootSystemWhenMalwareDetected:                     false 
              ScanArchives:                                        true 
              ScanExtra:                                           true 
              ScanHeuristic:                                       true 
              ScanMemoryObjects:                                   true 
              ScanPUM:                                             2 
              ScanPUP:                                             2 
              ScanRegistry:                                        true 
              ScanRootkits:                                        false 
              ScanSource:                                          1 
              ScanStartup:                                         true 
              ScanTargets:                                          
              ScanType:                                            1 (Threat Scan)
              Silent:                                              true 
            StartTaskFromSystemAccount:                            false 
            TaskType:                                              0 
          triggers:                                                 
            58ef813b-f895-4a97-bb7b-97abc49c35c4:                   
              dateinterval:                                        1:0:0 
              lastscheduled:                                        
              lasttriggered:                                        
              nextscheduled:                                       Wed, 30 Sep 2015 02:30:07 +0200 
              recovery:                                            23:00:00 
              start:                                               Wed, 30 Sep 2015 02:31:51 +0200 
              timeinterval:                                        00:00:00 
              type:                                                4 
              uuid:                                                58ef813b-f895-4a97-bb7b-97abc49c35c4 
          type:                                                    scan 
          uuid:                                                    53f8715c-0363-4531-82d2-21410993ed50 
        5cf53484-67a8-4d09-a215-e3c1a4ab57da:                       
          parameters:                                               
            NotifyWhenUpdateCompletes:                             false 
            TaskType:                                              3 
          triggers:                                                 
            57d8c885-58d3-4d20-97e0-ac57fa0f3942:                   
              dateinterval:                                        0:0:0 
              lastscheduled:                                       Tue, 29 Sep 2015 16:26:23.234960 +0200 
              lasttriggered:                                       Tue, 29 Sep 2015 16:26:23.234960 +0200 
              nextscheduled:                                       Tue, 29 Sep 2015 17:22:05.234410 +0200 
              recovery:                                            00:00:00 
              start:                                               Tue, 29 Sep 2015 16:17:50.234410 +0200 
              timeinterval:                                        01:00:00 
              type:                                                3 
              uuid:                                                57d8c885-58d3-4d20-97e0-ac57fa0f3942 
          type:                                                    update 
          uuid:                                                    5cf53484-67a8-4d09-a215-e3c1a4ab57da 
     
    Pending File Rename Operations: 
    ================================
    If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
    Pending File Rename Operations: 
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
    PendingFileRenameOperations REG_MULTI_SZ \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cleanup.old
     
     
     
    MBAMProtector Registry Values:
    ==============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
    Type                          REG_DWORD 2
    Start                         REG_DWORD 3
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
    Group                         REG_SZ FSFilter Anti-Virus
    DependOnService               REG_MULTI_SZ FltMgr
     
    WOW64                         REG_DWORD 1
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
    DefaultInstance               REG_SZ MBAMProtector Instance
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
    Altitude                      REG_SZ 328800
    Flags                         REG_DWORD 0
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
    PassThruFile                  REG_SZ mbampt.exe
    ProductPath                   REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
     
    MBAMService Registry Values:
    ============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
    Type                          REG_DWORD 16
    Start                         REG_DWORD 2
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
    DependOnService               REG_MULTI_SZ MBAMProtector
     
    WOW64                         REG_DWORD 1
    ObjectName                    REG_SZ LocalSystem
    Description                   REG_SZ Malwarebytes Anti-Malware service
    DelayedAutostart              REG_DWORD 0
     
    MBAMScheduler Registry Values:
    ==============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
    Type                          REG_DWORD 16
    Start                         REG_DWORD 2
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
    WOW64                         REG_DWORD 1
    ObjectName                    REG_SZ LocalSystem
    Description                   REG_SZ Malwarebytes Anti-Malware scheduler
     
    Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
    ===============================================================================
     
    --------------TERMService:--------------
    Type:                   32
    State:                  1 (The service is not running.) (State is stopped)
    WIN32_EXIT_CODE:        1077
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    TermService Start is set to: 3 (Manual Startup)
     
    Proxy Status: No proxy is Set
     
    LAN Settings:
    =============
     
    only 'Automatically detect settings' is selected
     
    SystemPartition:
    ================
     
    HKEY_LOCAL_MACHINE\SYSTEM\Setup\
    SystemPartition REG_SZ \Device\HarddiskVolume2
     
    Balloon Tips Status:
    ====================
     
    Enabled
     
    Time Format Settings:
    =====================
     
    Should be:
    h:mm:ss tt
    AM 
    PM 
    :
     
    Currently:
    REG_SZ HH:mm:ss
    REG_SZ AM
    REG_SZ PM
    REG_SZ :
     
    Language and Regional Settings:
    ===============================
     
    ACP: Language is English (United States)
    MACCP: Language is English (United States)
    OEMCP: 850 Please refer to this link for details: Here
     
    Startup Folders for Error_Expanding_Variables Check:
    ====================================================
     
    All Users Startup Folder Exists.
    Current User's Startup Folder Exists.
     
     
    Context Menu Entries:
    =====================
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
    List of MBAM Related Directories:
    =================================
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\
    7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [90cc5c5c5347eee0909d5bbbe4ea4321]
    changes.txt                             File Size: 3003      BYTES FileVersion:  N/A            MD5: [17b6dc5b45f9558ea11ee7b95da9b684]
    cloud-enumeration.dll                   File Size: 286008    BYTES FileVersion:  1.0.0.0        MD5: [932c98b79d8dc1409d6c74efd715135e]
    cloud.dll                               File Size: 351544    BYTES FileVersion:  1.0.0.0        MD5: [5d383e601d77e4e82b64c6c3e4b823b3]
    license.rtf                             File Size: 235316    BYTES FileVersion:  N/A            MD5: [5980b191ffe5d53bfef600b97ad533b5]
    master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
    mbam.dll                                 File Size: 602936    BYTES FileVersion:  1.0.37.0       MD5: [a3043182dcef5612c928517985bd545a]
    mbam.exe                                 File Size: 6554424   BYTES FileVersion:  2.3.55.0       MD5: [abff2b3a80aa5348be5e43efd6b415d1]
    mbamcore.dll                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
    mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
    mbamext.dll                             File Size: 310584    BYTES FileVersion:  3.0.6.0        MD5: [7a4c3c98cc41d06e26cc4cc5d9d06200]
    mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [f872caff0cc1fe69d55cbb10c087a00a]
    mbamresearch.exe                         File Size: 1947960   BYTES FileVersion:  1.1.0.0        MD5: [7fb4e7cfabfdc99b88165ecfc0c532c5]
    mbamscheduler.exe                       File Size: 1871160   BYTES FileVersion:  3.1.3.0        MD5: [301e3fdfcf33640bb8763ba444bc5093]
    mbamservice.exe                         File Size: 1133880   BYTES FileVersion:  3.2.13.0       MD5: [83c982a395d00baff6515fb38424ea76]
    mbamsrv.dll                             File Size: 3841336   BYTES FileVersion:  2.1.2.0        MD5: [b3273340603058e7e89964abeea0aa4b]
    mbamtoast.dll                           File Size: 96568     BYTES FileVersion:  1.70.0.0       MD5: [595eaba9462f8fdfbe6246bbaaa40f4e]
    msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [650f2286252c8854ac5846940d181d3a]
    msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [005f96c221719c03671c0262a4a93521]
    Qt5Core.dll                             File Size: 4645688   BYTES FileVersion:  5.4.1.0        MD5: [a8fceb6261751b709a84ce4a3726439f]
    Qt5Gui.dll                               File Size: 4639032   BYTES FileVersion:  5.4.1.0        MD5: [cdfa353db0a56a394b1fd8346c905069]
    Qt5Network.dll                           File Size: 672056    BYTES FileVersion:  5.4.1.0        MD5: [e4fd655cc85eb6063a8cef66f4e5ed55]
    Qt5Widgets.dll                           File Size: 4473656   BYTES FileVersion:  5.4.1.0        MD5: [5a48fe8fc8b20960713e172a83cca0f5]
    Third-party-notices.txt                 File Size: 70041     BYTES FileVersion:  N/A            MD5: [915ab4fe416654fbc412019a0a1002ac]
    unins000.dat                             File Size: 30958     BYTES FileVersion:  N/A            MD5: [ffcddf5b347aa37cf0fbd74a286295cb]
    unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
    chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
    firefox.com                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.pif                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.scr                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    iexplore.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.com                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.exe                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.pif                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.scr                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-killer.exe                         File Size: 1496888   BYTES FileVersion:  3.0.13.0       MD5: [10ddd12d628a5388865f2ae25019dd76]
    rundll32.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    svchost.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    windows.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    winlogon.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
    qgif.dll                                 File Size: 28472     BYTES FileVersion:  5.4.1.0        MD5: [8858629a544c7c0536c35561040a2d78]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
    lang_ar.qm                               File Size: 87320     BYTES FileVersion:  N/A            MD5: [7a7c7e14fcf3f14d6b269295e877750c]
    lang_bg.qm                               File Size: 109563    BYTES FileVersion:  N/A            MD5: [654b95c228a72131aca7cb26e964dcf9]
    lang_ca.qm                               File Size: 92640     BYTES FileVersion:  N/A            MD5: [533208d2306e5ad1e5972650f69d8c22]
    lang_cs.qm                               File Size: 105006    BYTES FileVersion:  N/A            MD5: [508844d9e9aa364aa53bc77adf4f42a8]
    lang_da.qm                               File Size: 88045     BYTES FileVersion:  N/A            MD5: [e3bc3cdfcf360d319319299d8cd66506]
    lang_de.qm                               File Size: 133736    BYTES FileVersion:  N/A            MD5: [9b6c6a0d6bc188c1d86ea9342b8035da]
    lang_el.qm                               File Size: 126414    BYTES FileVersion:  N/A            MD5: [3d112a79eca581d1775fd96b3c5870bb]
    lang_en.qm                               File Size: 2849      BYTES FileVersion:  N/A            MD5: [d495fecf1db29d41317196416d5ea6c2]
    lang_es.qm                               File Size: 132948    BYTES FileVersion:  N/A            MD5: [455f47414f13f8942ee6652dd194c46a]
    lang_et.qm                               File Size: 107454    BYTES FileVersion:  N/A            MD5: [ef9d8fcc151759a2cf100afe2889d5e5]
    lang_fi.qm                               File Size: 89336     BYTES FileVersion:  N/A            MD5: [09f12751811f8c1a46f6308ab1968ff7]
    lang_fr.qm                               File Size: 136774    BYTES FileVersion:  N/A            MD5: [581b5833e2fa89003ff8349390323790]
    lang_he.qm                               File Size: 98616     BYTES FileVersion:  N/A            MD5: [a9cb152f93da040fb9451d750f359c3e]
    lang_hu.qm                               File Size: 108619    BYTES FileVersion:  N/A            MD5: [042e132aa420bb7807dc6ea150d21c84]
    lang_id.qm                               File Size: 105573    BYTES FileVersion:  N/A            MD5: [1352510fd6296523d239363d90d493ad]
    lang_it.qm                               File Size: 129004    BYTES FileVersion:  N/A            MD5: [993c14184487084aedf79471b337606b]
    lang_ja.qm                               File Size: 73730     BYTES FileVersion:  N/A            MD5: [e1ae65ac342628156abb2cdc36508929]
    lang_ko.qm                               File Size: 85538     BYTES FileVersion:  N/A            MD5: [e495736a22b566cd27cef405507c0b55]
    lang_lt.qm                               File Size: 90775     BYTES FileVersion:  N/A            MD5: [2605701cc94ca4ee2ef0be3aaa617d64]
    lang_lv.qm                               File Size: 90647     BYTES FileVersion:  N/A            MD5: [c9dda1e18b4869c60b8df14907dd5e46]
    lang_nl.qm                               File Size: 128186    BYTES FileVersion:  N/A            MD5: [193e199cefe0429da41d564af35786e7]
    lang_no.qm                               File Size: 118156    BYTES FileVersion:  N/A            MD5: [a7a243c9ac9e1efc71f8cdeb8c6ed4bf]
    lang_pl.qm                               File Size: 128623    BYTES FileVersion:  N/A            MD5: [9e4c6ca1532843c77ddb07b8a1bcac08]
    lang_pt_BR.qm                           File Size: 131550    BYTES FileVersion:  N/A            MD5: [418b8766d7e7a2a4806ed4d97d18e80f]
    lang_pt_PT.qm                           File Size: 131702    BYTES FileVersion:  N/A            MD5: [34f70f2a89733552373fa935200c2a0a]
    lang_ro.qm                               File Size: 90440     BYTES FileVersion:  N/A            MD5: [24bf3ee283cf5a3fd4c93bba6c9fc12b]
    lang_ru.qm                               File Size: 132186    BYTES FileVersion:  N/A            MD5: [08e1303dba20e8e1957ae1de2ccb4550]
    lang_sk.qm                               File Size: 89139     BYTES FileVersion:  N/A            MD5: [82ddef8ec6d13b1d4601e7104243ecc9]
    lang_sl.qm                               File Size: 107472    BYTES FileVersion:  N/A            MD5: [c8e3fae6ae3980aec292baa6cb8eac89]
    lang_sv.qm                               File Size: 105939    BYTES FileVersion:  N/A            MD5: [646ad8e20658650d4d1daa63b5abb9b6]
    lang_tr.qm                               File Size: 88788     BYTES FileVersion:  N/A            MD5: [6c4e9b16e496ab46d4a1d3333d972762]
    lang_vi.qm                               File Size: 105393    BYTES FileVersion:  N/A            MD5: [d1b2c9264ef72792b53255d4dfeb3098]
    lang_zh_TW.qm                           File Size: 87358     BYTES FileVersion:  N/A            MD5: [1ebfe79770cf695df897750b3c2d5a08]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\platforms
    qwindows.dll                             File Size: 928568    BYTES FileVersion:  5.4.1.0        MD5: [15d93b1f5171eacf7724b2f728a064c4]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
    fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [57da74e5d020877f0aa23133081a1d5c]
     
    C:\Users\Ian\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
    actions.ref                             File Size: 2092      BYTES FileVersion:  N/A            MD5: [685a0ee18eec57bf5f9c53c995e8705a]
    akadomains.ref                           File Size: 92        BYTES FileVersion:  N/A            MD5: [73d5774cbd8df165274a0691ae264808]
    akaips.ref                               File Size: 92        BYTES FileVersion:  N/A            MD5: [2a6869d1f91f0a0b87b1d27bd30ccc5c]
    cleanup.old                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
    domains.ref                             File Size: 272859    BYTES FileVersion:  N/A            MD5: [5a6b79872e8fe1a7508d328b6dc6e4ee]
    exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    ips.ref                                 File Size: 14414     BYTES FileVersion:  N/A            MD5: [f32630e3f0fd1736e09f4ae4c305fe97]
    mbamdor.old                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
    rules.ref                               File Size: 10353652  BYTES FileVersion:  N/A            MD5: [75e5767dae662e738898b9515eacc7f3]
    swissarmy.ref                           File Size: 26039     BYTES FileVersion:  N/A            MD5: [4f3270821b3bd82592310a00477f9526]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
    build.conf                               File Size: 4607      BYTES FileVersion:  N/A            MD5: [420cbbaeb39aaf47d6e24d57a8d27cfd]
    database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    license.conf                             File Size: 1484      BYTES FileVersion:  N/A            MD5: [c330024cb47dc9cdaa369fca873e029e]
    manifest.conf                           File Size: 3372      BYTES FileVersion:  N/A            MD5: [14319559c6bd1d9640397fcbff2996ae]
    marketing.conf                           File Size: 10950     BYTES FileVersion:  N/A            MD5: [14a6cf9d45ac419482fe1d53ce786434]
    net.conf                                 File Size: 6903      BYTES FileVersion:  N/A            MD5: [190bc1e1ee09fb172aac9861c28a7120]
    notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    scheduler.conf                           File Size: 2047      BYTES FileVersion:  N/A            MD5: [41aa7e0f8975e7d15ba7d45ba774fbfd]
    settings.conf                           File Size: 2059      BYTES FileVersion:  N/A            MD5: [cd3464a38949cec3a9993e74dc3a2f46]
    statistics.conf                         File Size: 513       BYTES FileVersion:  N/A            MD5: [080ac50f5331ee61396a858ab4f42e22]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
    build.conf                               File Size: 4194      BYTES FileVersion:  N/A            MD5: [402aa68f7a914337069a7a826a856503]
    database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
    manifest.conf                           File Size: 2836      BYTES FileVersion:  N/A            MD5: [12da8707e6aa5c2dfafca55395a8bdbd]
    marketing.conf                           File Size: 11105     BYTES FileVersion:  N/A            MD5: [4bbcad9dd8e558eb9996d32f37cd25e2]
    net.conf                                 File Size: 6133      BYTES FileVersion:  N/A            MD5: [78d9d986b84b11f36330303a86a2be82]
    notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    settings.conf                           File Size: 1725      BYTES FileVersion:  N/A            MD5: [5454026126dac24f6e96eeb0c64123d3]
    statistics.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
    mbam-log-2015-09-29 (16-10-09).xml       File Size: 12382     BYTES FileVersion:  N/A            MD5: [d8cbd060f0bb055620960c4de9bff10b]
    protection-log-2015-09-29.xml           File Size: 8401      BYTES FileVersion:  N/A            MD5: [abfca95779e0ed02e768be5de51848b6]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
    1244618722.data                         File Size: 727       BYTES FileVersion:  N/A            MD5: [130b97e7dbfa6c48655f0cdb008948ee]
    1244618722.quar                         File Size: 612       BYTES FileVersion:  N/A            MD5: [ab7ef6506af7dff5e665fa24d27dbd7f]
    2125102669.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    2468205678.data                         File Size: 758       BYTES FileVersion:  N/A            MD5: [ab2972d9840376bf5aeff1d874220c1d]
    2468205678.quar                         File Size: 434       BYTES FileVersion:  N/A            MD5: [38d779cb9f2d781e7e4e4adc722eac33]
    3527457289.data                         File Size: 904       BYTES FileVersion:  N/A            MD5: [fd163c00c4344c0501bb2c8c21b60d44]
    4038159469.data                         File Size: 809       BYTES FileVersion:  N/A            MD5: [c9280ed64cc850a0472e71816a67aae7]
    4135817329.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    4210840461.data                         File Size: 735       BYTES FileVersion:  N/A            MD5: [f70b4a6687099e12067d0d21002f77f4]
    4210840461.quar                         File Size: 550784    BYTES FileVersion:  N/A            MD5: [b9ef816f4851fd545cfc86a0f80869c0]
    5406734376.data                         File Size: 906       BYTES FileVersion:  N/A            MD5: [617179569871007dc7ecda2f882c9176]
    5920036566.data                         File Size: 906       BYTES FileVersion:  N/A            MD5: [1c44bff5899f2f54ba9820b38c43e9e0]
    6474615761.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    6827526453.data                         File Size: 721       BYTES FileVersion:  N/A            MD5: [bd9befb73d26dc742b7b708edb5085ce]
    6827526453.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    6948879030.data                         File Size: 715       BYTES FileVersion:  N/A            MD5: [ea12832e356a6dc79001e698111dde51]
    6948879030.quar                         File Size: 588       BYTES FileVersion:  N/A            MD5: [8c139bb5119f85455bafaa594a995dd0]
    7083067966.data                         File Size: 797       BYTES FileVersion:  N/A            MD5: [93358472b4ea3766fca73c72f6f1f5d9]
    7107675040.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    7328822470.data                         File Size: 873       BYTES FileVersion:  N/A            MD5: [7f0d79fa454c928b6673a151b2801cd4]
    7486177866.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    8358523254.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [7092dfc385719b7365b5291844515dec]
    8358523254.quar                         File Size: 432       BYTES FileVersion:  N/A            MD5: [9e5e839fc48dc2067513443b9dd2d997]
    8850230913.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
     
    Malware Exclusions:
    ===================
    Web Exclusions:
    ================
    Quarantined Items:
    ===================
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE
    Vendor: PUP.Optional.DNSUnlocker.BrwsrFlsh, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSNEWVILLE
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{C001DFBA-386D-409D-B849-A33FE6715974}|NameServer
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue
    Vendor: PUP.Optional.Amonetize, Date: 2015/09/29 14:10:12, Type: File, Location: C:\$Recycle.Bin\S-1-5-21-2865461670-3733210873-137151838-1001\$R8Q75GD.rar
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{15860623-9094-470D-B7C3-3E711CBC2414}|NameServer
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{FBB6B720-0343-4409-96F4-CA87E41B02B7}|NameServer
    Vendor: PUP.Optional.WebInstr, Date: 2015/09/29 14:10:12, Type: File, Location: C:\Windows\System32\drivers\Msft_Kernel_webinstrNew_01009.Wdf
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue
    Vendor: PUP.Optional.MarkIt, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKU\S-1-5-21-2865461670-3733210873-137151838-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{DF220B80-4ED5-C6B6-F9D5-EC3B90C85E24}
    Vendor: PUP.Optional.CloudScout, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
    ===============================================================
    END OF FILE
     


    #4 weplayjams

    weplayjams
    • Topic Starter

    • Members
    • 3 posts
    • OFFLINE
    •  
    • Local time:12:09 AM

    Posted 29 September 2015 - 09:42 AM

    :bounce: Here's the log,and a big thank you,going to try Google out now

     

    mbam-check result log version:     2.1.1.1001
    ========================================
     
    User Account type:                 Administrator
    OS:                                Windows 8.1  64 bit Operating System
    Current Version and Build:         6.3.9200.0 
    Malwarebytes Anti-Malware:         2.1.8.1057
    Installed On:                      2015/09/29
    Malware Database:                  2015.09.29.04
    Rootkit Database:                  2015.09.22.01
    Remediation Database:              2015.09.28.03
    IP Database:                       2015.09.28.01
    Domain Database:                   2015.09.29.02
    License:                           Trial
    Malware Protection:                4 (The service is running.)
    Malicious Website Protection:      4 (The service is running.)
    Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
    Log Created:                       2015/09/29 16:33:13
    Compatibility Flag Settings:
    =================================
     
     
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exeREG_SZ ^ WIN8RTM
     
     
    Malwarebytes Anti-Malware Shell Extension Block Check:
    ======================================================
     
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
     
    MBAM Startup Entries: 
    =====================
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
     
    Malwarebytes Anti-Malware Service and Driver Status:
    =======================================================
     
    --------------Driver File Info:--------------
    C:\Windows\system32\drivers\mbam.sys
    File Size: 25816     BYTES FileVersion: 0.1.15.0 MD5: [a8d28d5b3e2a528d1ef0e338e44f2820]
    C:\Windows\system32\drivers\mwac.sys
    File Size: 64216     BYTES FileVersion: 1.0.6.0 MD5: [85cfe7ab85b43b6b7ac7961aa3983a9f]
    C:\Windows\system32\drivers\mbamswissarmy.sys
    File Size: 113880    BYTES FileVersion: 0.2.22.0 MD5: [8f22037d3f5a6bb676525d825a1388b9]
    C:\Windows\system32\drivers\mbamchameleon.sys
    File Size: 109272    BYTES FileVersion: 1.1.20.0 MD5: [e681ce4ae5c09651d53cb4387ca3560e]
     
    --------------MBAMProtector:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMService:--------------
    Type:                   16
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMScheduler:--------------
    Type:                   16
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMChameleon:--------------
    Type:                   N/A
    State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
    WIN32_EXIT_CODE:        N/A
    SERVICE_EXIT_CODE:      N/A
    CHECKPOINT:             N/A
    WAIT_HINT:              N/A
     
     
    --------------MBAMWebAccessControl:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    Required Dependencies:
    ======================
     
    --------------BFE:--------------
    Type:                   32
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
    DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
    ErrorControl                  REG_DWORD 1
    Group                         REG_SZ NetworkProvider
    ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
    Start                         REG_DWORD 2
    Type                          REG_DWORD 32
    Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
    DependOnService               REG_MULTI_SZ RpcSs
    WfpLwfs
     
    ObjectName                    REG_SZ NT AUTHORITY\LocalService
    ServiceSidType                REG_DWORD 3
    RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
     
    FailureActions                REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
    ServiceDllUnloadOnStop        REG_DWORD 1
    ServiceMain                   REG_SZ BfeServiceMain
    ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
    {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
     
    {84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
     
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
     
    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
     
    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
     
    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
     
    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
     
    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
     
    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
     
    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
     
    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
     
    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
     
    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
     
    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
     
    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
     
    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Options
    EnablePacketQueue             REG_DWORD 0
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
    {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
     
    {84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
     
    {e72646bc-7d3f-4c5c-a679-b3716f8c6cc8}REG_BINARY Binary Data
     
    {b98b75dc-17c0-4e84-bd4e-2080527ca6a6}REG_BINARY Binary Data
     
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
     
    {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data
     
    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
     
    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
     
    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
     
    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
     
    {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data
     
    {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data
     
    {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data
     
    {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data
     
    {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data
     
    {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data
     
    {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data
     
    {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data
     
    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
     
    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
     
    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
     
    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
     
    {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data
     
    {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data
     
    {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data
     
    {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data
     
    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
     
    {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data
     
    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
     
    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
     
    {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data
     
    {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data
     
    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
     
    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
     
    {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data
     
    {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data
     
    {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data
     
    {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data
     
    {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data
     
    {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data
     
    {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data
     
    {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data
     
    {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data
     
    {70694559-714a-4a38-a0cd-51439e06f1d8}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
    {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
     
    {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
     
    {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
     
    {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
    {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
     
    {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
     
    {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
     
    {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
     
    --------------fltmgr:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
    AttachWhenLoaded              REG_DWORD 1
    DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
    ErrorControl                  REG_DWORD 3
    Group                         REG_SZ FSFilter Infrastructure
    ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
    Start                         REG_DWORD 0
    Tag                           REG_DWORD 1
    Type                          REG_DWORD 2
    Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
     
     
    C:\Windows\system32\drivers\fltmgr.sys
    File Size: 354112    BYTES FileVersion: 6.3.9600.17326 MD5: [c1fb505a73fa2e9019d32444ab33b75a]
    C:\Windows\SysWOW64\mscomctl.ocx
    File Size: 1070152   BYTES FileVersion: 6.1.98.34 MD5: [e52859fcb7a827cacfce7963184c7d24]
    C:\Windows\SysWOW64\olepro32.dll
    File Size: 86016     BYTES FileVersion: 6.3.9600.17415 MD5: [afe3ca77ff01edcb79ab3f9e87b7a50b]
    C:\Windows\system32\comctl32.ocx
    File Size: 1351392   BYTES FileVersion: 6.0.81.6 MD5: [2640ad05ab39321e6c9d3c71236ca0df]
     
     
    MBAM Registry Settings and License Info:
    ========================================
    --------------Settings:--------------
    Advanced: 
        AutomaticQuarantine:                                       true 
        AutostartProtection:                                       true 
        LimitedMode:                                               false 
        StartSilentMode:                                           false 
        StartupDelay:                                              -15 
    ApplicationState: 
        First-Run-After-Installation:                              false 
    General: 
        DaysUntilNotifyExpiration:                                 5 
        Language:                                                  en 
        RightClickAccess:                                          false 
        SilentErrors:                                              false 
    Logging: 
        ExportLog:                                                 true 
    Marketing: 
        LastPostScanMarketingIndex:                                1 
    Notification: 
    ProtectionTray: 
        DisplayMilliseconds:                                       3000 
    ScanHistory: 
        Duration_Complete:                                         386999 
        Duration_Driver:                                           0 
        Duration_Filesystem:                                       47 
        Duration_Heuristics:                                       532398 
        Duration_Loading:                                          0 
        Duration_MasterBootRecord:                                 0 
        Duration_Memory:                                           40000 
        Duration_PreScan:                                          14388 
        Duration_Registry:                                         24041 
        Duration_Sector:                                           0 
        Duration_Startup:                                          21317 
        ItemCount_Complete:                                        288701 
        ItemCount_Driver:                                          0 
        ItemCount_Filesystem:                                      51798 
        ItemCount_Heuristics:                                      13720 
        ItemCount_Loading:                                         0 
        ItemCount_MasterBootRecord:                                0 
        ItemCount_Memory:                                          2797 
        ItemCount_PreScan:                                         0 
        ItemCount_Registry:                                        686 
        ItemCount_Sector:                                          0 
        ItemCount_Startup:                                         1652 
        LastScanDateEpoch:                                         1443535812286 
        LastScanType:                                              1 (Threat Scan)
    Update: 
        LastUpdate:                                                2015-09-29T14:09:46 
        NotifyInstallReady:                                        true 
        NotifyOutdatedDatabase:                                    7 
        ProxyPassword:                                              
        ProxyPort:                                                 0 
        ProxyServer:                                                
        ProxyUsername:                                              
        UseProxy:                                                  false 
        UseProxyAuthentication:                                    false 
    --------------Account:--------------
      Account Status:                                              Trial 
      Expiration Time:                                             2015/10/13 14:08:53 
      Activation Time:                                             2015/09/29 16:08:51 
      Trial Used:                                                  true 
    --------------Access Policies:--------------
     
    Scheduler Queue:
    ================
     
    tasks: 
        53f8715c-0363-4531-82d2-21410993ed50:                       
          parameters:                                               
            AutoDelete:                                            false 
            CheckForUpdatesBeforeScanStart:                        true 
            ScanConfig:                                             
              ExportLog:                                           true 
              FileSystemOption:                                    true 
              Quarantine:                                          Prompt 
              RebootSystemWhenMalwareDetected:                     false 
              ScanArchives:                                        true 
              ScanExtra:                                           true 
              ScanHeuristic:                                       true 
              ScanMemoryObjects:                                   true 
              ScanPUM:                                             2 
              ScanPUP:                                             2 
              ScanRegistry:                                        true 
              ScanRootkits:                                        false 
              ScanSource:                                          1 
              ScanStartup:                                         true 
              ScanTargets:                                          
              ScanType:                                            1 (Threat Scan)
              Silent:                                              true 
            StartTaskFromSystemAccount:                            false 
            TaskType:                                              0 
          triggers:                                                 
            58ef813b-f895-4a97-bb7b-97abc49c35c4:                   
              dateinterval:                                        1:0:0 
              lastscheduled:                                        
              lasttriggered:                                        
              nextscheduled:                                       Wed, 30 Sep 2015 02:30:07 +0200 
              recovery:                                            23:00:00 
              start:                                               Wed, 30 Sep 2015 02:31:51 +0200 
              timeinterval:                                        00:00:00 
              type:                                                4 
              uuid:                                                58ef813b-f895-4a97-bb7b-97abc49c35c4 
          type:                                                    scan 
          uuid:                                                    53f8715c-0363-4531-82d2-21410993ed50 
        5cf53484-67a8-4d09-a215-e3c1a4ab57da:                       
          parameters:                                               
            NotifyWhenUpdateCompletes:                             false 
            TaskType:                                              3 
          triggers:                                                 
            57d8c885-58d3-4d20-97e0-ac57fa0f3942:                   
              dateinterval:                                        0:0:0 
              lastscheduled:                                       Tue, 29 Sep 2015 16:26:23.234960 +0200 
              lasttriggered:                                       Tue, 29 Sep 2015 16:26:23.234960 +0200 
              nextscheduled:                                       Tue, 29 Sep 2015 17:22:05.234410 +0200 
              recovery:                                            00:00:00 
              start:                                               Tue, 29 Sep 2015 16:17:50.234410 +0200 
              timeinterval:                                        01:00:00 
              type:                                                3 
              uuid:                                                57d8c885-58d3-4d20-97e0-ac57fa0f3942 
          type:                                                    update 
          uuid:                                                    5cf53484-67a8-4d09-a215-e3c1a4ab57da 
     
    Pending File Rename Operations: 
    ================================
    If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
    Pending File Rename Operations: 
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
    PendingFileRenameOperations REG_MULTI_SZ \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cleanup.old
     
     
     
    MBAMProtector Registry Values:
    ==============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
    Type                          REG_DWORD 2
    Start                         REG_DWORD 3
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
    Group                         REG_SZ FSFilter Anti-Virus
    DependOnService               REG_MULTI_SZ FltMgr
     
    WOW64                         REG_DWORD 1
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
    DefaultInstance               REG_SZ MBAMProtector Instance
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
    Altitude                      REG_SZ 328800
    Flags                         REG_DWORD 0
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
    PassThruFile                  REG_SZ mbampt.exe
    ProductPath                   REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
     
    MBAMService Registry Values:
    ============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
    Type                          REG_DWORD 16
    Start                         REG_DWORD 2
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
    DependOnService               REG_MULTI_SZ MBAMProtector
     
    WOW64                         REG_DWORD 1
    ObjectName                    REG_SZ LocalSystem
    Description                   REG_SZ Malwarebytes Anti-Malware service
    DelayedAutostart              REG_DWORD 0
     
    MBAMScheduler Registry Values:
    ==============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
    Type                          REG_DWORD 16
    Start                         REG_DWORD 2
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
    WOW64                         REG_DWORD 1
    ObjectName                    REG_SZ LocalSystem
    Description                   REG_SZ Malwarebytes Anti-Malware scheduler
     
    Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
    ===============================================================================
     
    --------------TERMService:--------------
    Type:                   32
    State:                  1 (The service is not running.) (State is stopped)
    WIN32_EXIT_CODE:        1077
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    TermService Start is set to: 3 (Manual Startup)
     
    Proxy Status: No proxy is Set
     
    LAN Settings:
    =============
     
    only 'Automatically detect settings' is selected
     
    SystemPartition:
    ================
     
    HKEY_LOCAL_MACHINE\SYSTEM\Setup\
    SystemPartition REG_SZ \Device\HarddiskVolume2
     
    Balloon Tips Status:
    ====================
     
    Enabled
     
    Time Format Settings:
    =====================
     
    Should be:
    h:mm:ss tt
    AM 
    PM 
    :
     
    Currently:
    REG_SZ HH:mm:ss
    REG_SZ AM
    REG_SZ PM
    REG_SZ :
     
    Language and Regional Settings:
    ===============================
     
    ACP: Language is English (United States)
    MACCP: Language is English (United States)
    OEMCP: 850 Please refer to this link for details: Here
     
    Startup Folders for Error_Expanding_Variables Check:
    ====================================================
     
    All Users Startup Folder Exists.
    Current User's Startup Folder Exists.
     
     
    Context Menu Entries:
    =====================
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
    List of MBAM Related Directories:
    =================================
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\
    7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [90cc5c5c5347eee0909d5bbbe4ea4321]
    changes.txt                             File Size: 3003      BYTES FileVersion:  N/A            MD5: [17b6dc5b45f9558ea11ee7b95da9b684]
    cloud-enumeration.dll                   File Size: 286008    BYTES FileVersion:  1.0.0.0        MD5: [932c98b79d8dc1409d6c74efd715135e]
    cloud.dll                               File Size: 351544    BYTES FileVersion:  1.0.0.0        MD5: [5d383e601d77e4e82b64c6c3e4b823b3]
    license.rtf                             File Size: 235316    BYTES FileVersion:  N/A            MD5: [5980b191ffe5d53bfef600b97ad533b5]
    master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
    mbam.dll                                 File Size: 602936    BYTES FileVersion:  1.0.37.0       MD5: [a3043182dcef5612c928517985bd545a]
    mbam.exe                                 File Size: 6554424   BYTES FileVersion:  2.3.55.0       MD5: [abff2b3a80aa5348be5e43efd6b415d1]
    mbamcore.dll                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
    mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
    mbamext.dll                             File Size: 310584    BYTES FileVersion:  3.0.6.0        MD5: [7a4c3c98cc41d06e26cc4cc5d9d06200]
    mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [f872caff0cc1fe69d55cbb10c087a00a]
    mbamresearch.exe                         File Size: 1947960   BYTES FileVersion:  1.1.0.0        MD5: [7fb4e7cfabfdc99b88165ecfc0c532c5]
    mbamscheduler.exe                       File Size: 1871160   BYTES FileVersion:  3.1.3.0        MD5: [301e3fdfcf33640bb8763ba444bc5093]
    mbamservice.exe                         File Size: 1133880   BYTES FileVersion:  3.2.13.0       MD5: [83c982a395d00baff6515fb38424ea76]
    mbamsrv.dll                             File Size: 3841336   BYTES FileVersion:  2.1.2.0        MD5: [b3273340603058e7e89964abeea0aa4b]
    mbamtoast.dll                           File Size: 96568     BYTES FileVersion:  1.70.0.0       MD5: [595eaba9462f8fdfbe6246bbaaa40f4e]
    msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [650f2286252c8854ac5846940d181d3a]
    msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [005f96c221719c03671c0262a4a93521]
    Qt5Core.dll                             File Size: 4645688   BYTES FileVersion:  5.4.1.0        MD5: [a8fceb6261751b709a84ce4a3726439f]
    Qt5Gui.dll                               File Size: 4639032   BYTES FileVersion:  5.4.1.0        MD5: [cdfa353db0a56a394b1fd8346c905069]
    Qt5Network.dll                           File Size: 672056    BYTES FileVersion:  5.4.1.0        MD5: [e4fd655cc85eb6063a8cef66f4e5ed55]
    Qt5Widgets.dll                           File Size: 4473656   BYTES FileVersion:  5.4.1.0        MD5: [5a48fe8fc8b20960713e172a83cca0f5]
    Third-party-notices.txt                 File Size: 70041     BYTES FileVersion:  N/A            MD5: [915ab4fe416654fbc412019a0a1002ac]
    unins000.dat                             File Size: 30958     BYTES FileVersion:  N/A            MD5: [ffcddf5b347aa37cf0fbd74a286295cb]
    unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
    chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
    firefox.com                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.pif                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.scr                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    iexplore.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.com                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.exe                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.pif                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.scr                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-killer.exe                         File Size: 1496888   BYTES FileVersion:  3.0.13.0       MD5: [10ddd12d628a5388865f2ae25019dd76]
    rundll32.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    svchost.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    windows.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    winlogon.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
    qgif.dll                                 File Size: 28472     BYTES FileVersion:  5.4.1.0        MD5: [8858629a544c7c0536c35561040a2d78]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
    lang_ar.qm                               File Size: 87320     BYTES FileVersion:  N/A            MD5: [7a7c7e14fcf3f14d6b269295e877750c]
    lang_bg.qm                               File Size: 109563    BYTES FileVersion:  N/A            MD5: [654b95c228a72131aca7cb26e964dcf9]
    lang_ca.qm                               File Size: 92640     BYTES FileVersion:  N/A            MD5: [533208d2306e5ad1e5972650f69d8c22]
    lang_cs.qm                               File Size: 105006    BYTES FileVersion:  N/A            MD5: [508844d9e9aa364aa53bc77adf4f42a8]
    lang_da.qm                               File Size: 88045     BYTES FileVersion:  N/A            MD5: [e3bc3cdfcf360d319319299d8cd66506]
    lang_de.qm                               File Size: 133736    BYTES FileVersion:  N/A            MD5: [9b6c6a0d6bc188c1d86ea9342b8035da]
    lang_el.qm                               File Size: 126414    BYTES FileVersion:  N/A            MD5: [3d112a79eca581d1775fd96b3c5870bb]
    lang_en.qm                               File Size: 2849      BYTES FileVersion:  N/A            MD5: [d495fecf1db29d41317196416d5ea6c2]
    lang_es.qm                               File Size: 132948    BYTES FileVersion:  N/A            MD5: [455f47414f13f8942ee6652dd194c46a]
    lang_et.qm                               File Size: 107454    BYTES FileVersion:  N/A            MD5: [ef9d8fcc151759a2cf100afe2889d5e5]
    lang_fi.qm                               File Size: 89336     BYTES FileVersion:  N/A            MD5: [09f12751811f8c1a46f6308ab1968ff7]
    lang_fr.qm                               File Size: 136774    BYTES FileVersion:  N/A            MD5: [581b5833e2fa89003ff8349390323790]
    lang_he.qm                               File Size: 98616     BYTES FileVersion:  N/A            MD5: [a9cb152f93da040fb9451d750f359c3e]
    lang_hu.qm                               File Size: 108619    BYTES FileVersion:  N/A            MD5: [042e132aa420bb7807dc6ea150d21c84]
    lang_id.qm                               File Size: 105573    BYTES FileVersion:  N/A            MD5: [1352510fd6296523d239363d90d493ad]
    lang_it.qm                               File Size: 129004    BYTES FileVersion:  N/A            MD5: [993c14184487084aedf79471b337606b]
    lang_ja.qm                               File Size: 73730     BYTES FileVersion:  N/A            MD5: [e1ae65ac342628156abb2cdc36508929]
    lang_ko.qm                               File Size: 85538     BYTES FileVersion:  N/A            MD5: [e495736a22b566cd27cef405507c0b55]
    lang_lt.qm                               File Size: 90775     BYTES FileVersion:  N/A            MD5: [2605701cc94ca4ee2ef0be3aaa617d64]
    lang_lv.qm                               File Size: 90647     BYTES FileVersion:  N/A            MD5: [c9dda1e18b4869c60b8df14907dd5e46]
    lang_nl.qm                               File Size: 128186    BYTES FileVersion:  N/A            MD5: [193e199cefe0429da41d564af35786e7]
    lang_no.qm                               File Size: 118156    BYTES FileVersion:  N/A            MD5: [a7a243c9ac9e1efc71f8cdeb8c6ed4bf]
    lang_pl.qm                               File Size: 128623    BYTES FileVersion:  N/A            MD5: [9e4c6ca1532843c77ddb07b8a1bcac08]
    lang_pt_BR.qm                           File Size: 131550    BYTES FileVersion:  N/A            MD5: [418b8766d7e7a2a4806ed4d97d18e80f]
    lang_pt_PT.qm                           File Size: 131702    BYTES FileVersion:  N/A            MD5: [34f70f2a89733552373fa935200c2a0a]
    lang_ro.qm                               File Size: 90440     BYTES FileVersion:  N/A            MD5: [24bf3ee283cf5a3fd4c93bba6c9fc12b]
    lang_ru.qm                               File Size: 132186    BYTES FileVersion:  N/A            MD5: [08e1303dba20e8e1957ae1de2ccb4550]
    lang_sk.qm                               File Size: 89139     BYTES FileVersion:  N/A            MD5: [82ddef8ec6d13b1d4601e7104243ecc9]
    lang_sl.qm                               File Size: 107472    BYTES FileVersion:  N/A            MD5: [c8e3fae6ae3980aec292baa6cb8eac89]
    lang_sv.qm                               File Size: 105939    BYTES FileVersion:  N/A            MD5: [646ad8e20658650d4d1daa63b5abb9b6]
    lang_tr.qm                               File Size: 88788     BYTES FileVersion:  N/A            MD5: [6c4e9b16e496ab46d4a1d3333d972762]
    lang_vi.qm                               File Size: 105393    BYTES FileVersion:  N/A            MD5: [d1b2c9264ef72792b53255d4dfeb3098]
    lang_zh_TW.qm                           File Size: 87358     BYTES FileVersion:  N/A            MD5: [1ebfe79770cf695df897750b3c2d5a08]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\platforms
    qwindows.dll                             File Size: 928568    BYTES FileVersion:  5.4.1.0        MD5: [15d93b1f5171eacf7724b2f728a064c4]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
    fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [57da74e5d020877f0aa23133081a1d5c]
     
    C:\Users\Ian\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
    actions.ref                             File Size: 2092      BYTES FileVersion:  N/A            MD5: [685a0ee18eec57bf5f9c53c995e8705a]
    akadomains.ref                           File Size: 92        BYTES FileVersion:  N/A            MD5: [73d5774cbd8df165274a0691ae264808]
    akaips.ref                               File Size: 92        BYTES FileVersion:  N/A            MD5: [2a6869d1f91f0a0b87b1d27bd30ccc5c]
    cleanup.old                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
    domains.ref                             File Size: 272859    BYTES FileVersion:  N/A            MD5: [5a6b79872e8fe1a7508d328b6dc6e4ee]
    exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    ips.ref                                 File Size: 14414     BYTES FileVersion:  N/A            MD5: [f32630e3f0fd1736e09f4ae4c305fe97]
    mbamdor.old                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
    rules.ref                               File Size: 10353652  BYTES FileVersion:  N/A            MD5: [75e5767dae662e738898b9515eacc7f3]
    swissarmy.ref                           File Size: 26039     BYTES FileVersion:  N/A            MD5: [4f3270821b3bd82592310a00477f9526]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
    build.conf                               File Size: 4607      BYTES FileVersion:  N/A            MD5: [420cbbaeb39aaf47d6e24d57a8d27cfd]
    database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    license.conf                             File Size: 1484      BYTES FileVersion:  N/A            MD5: [c330024cb47dc9cdaa369fca873e029e]
    manifest.conf                           File Size: 3372      BYTES FileVersion:  N/A            MD5: [14319559c6bd1d9640397fcbff2996ae]
    marketing.conf                           File Size: 10950     BYTES FileVersion:  N/A            MD5: [14a6cf9d45ac419482fe1d53ce786434]
    net.conf                                 File Size: 6903      BYTES FileVersion:  N/A            MD5: [190bc1e1ee09fb172aac9861c28a7120]
    notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    scheduler.conf                           File Size: 2047      BYTES FileVersion:  N/A            MD5: [41aa7e0f8975e7d15ba7d45ba774fbfd]
    settings.conf                           File Size: 2059      BYTES FileVersion:  N/A            MD5: [cd3464a38949cec3a9993e74dc3a2f46]
    statistics.conf                         File Size: 513       BYTES FileVersion:  N/A            MD5: [080ac50f5331ee61396a858ab4f42e22]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
    build.conf                               File Size: 4194      BYTES FileVersion:  N/A            MD5: [402aa68f7a914337069a7a826a856503]
    database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
    manifest.conf                           File Size: 2836      BYTES FileVersion:  N/A            MD5: [12da8707e6aa5c2dfafca55395a8bdbd]
    marketing.conf                           File Size: 11105     BYTES FileVersion:  N/A            MD5: [4bbcad9dd8e558eb9996d32f37cd25e2]
    net.conf                                 File Size: 6133      BYTES FileVersion:  N/A            MD5: [78d9d986b84b11f36330303a86a2be82]
    notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    settings.conf                           File Size: 1725      BYTES FileVersion:  N/A            MD5: [5454026126dac24f6e96eeb0c64123d3]
    statistics.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
    mbam-log-2015-09-29 (16-10-09).xml       File Size: 12382     BYTES FileVersion:  N/A            MD5: [d8cbd060f0bb055620960c4de9bff10b]
    protection-log-2015-09-29.xml           File Size: 8401      BYTES FileVersion:  N/A            MD5: [abfca95779e0ed02e768be5de51848b6]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
    1244618722.data                         File Size: 727       BYTES FileVersion:  N/A            MD5: [130b97e7dbfa6c48655f0cdb008948ee]
    1244618722.quar                         File Size: 612       BYTES FileVersion:  N/A            MD5: [ab7ef6506af7dff5e665fa24d27dbd7f]
    2125102669.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    2468205678.data                         File Size: 758       BYTES FileVersion:  N/A            MD5: [ab2972d9840376bf5aeff1d874220c1d]
    2468205678.quar                         File Size: 434       BYTES FileVersion:  N/A            MD5: [38d779cb9f2d781e7e4e4adc722eac33]
    3527457289.data                         File Size: 904       BYTES FileVersion:  N/A            MD5: [fd163c00c4344c0501bb2c8c21b60d44]
    4038159469.data                         File Size: 809       BYTES FileVersion:  N/A            MD5: [c9280ed64cc850a0472e71816a67aae7]
    4135817329.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    4210840461.data                         File Size: 735       BYTES FileVersion:  N/A            MD5: [f70b4a6687099e12067d0d21002f77f4]
    4210840461.quar                         File Size: 550784    BYTES FileVersion:  N/A            MD5: [b9ef816f4851fd545cfc86a0f80869c0]
    5406734376.data                         File Size: 906       BYTES FileVersion:  N/A            MD5: [617179569871007dc7ecda2f882c9176]
    5920036566.data                         File Size: 906       BYTES FileVersion:  N/A            MD5: [1c44bff5899f2f54ba9820b38c43e9e0]
    6474615761.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    6827526453.data                         File Size: 721       BYTES FileVersion:  N/A            MD5: [bd9befb73d26dc742b7b708edb5085ce]
    6827526453.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    6948879030.data                         File Size: 715       BYTES FileVersion:  N/A            MD5: [ea12832e356a6dc79001e698111dde51]
    6948879030.quar                         File Size: 588       BYTES FileVersion:  N/A            MD5: [8c139bb5119f85455bafaa594a995dd0]
    7083067966.data                         File Size: 797       BYTES FileVersion:  N/A            MD5: [93358472b4ea3766fca73c72f6f1f5d9]
    7107675040.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    7328822470.data                         File Size: 873       BYTES FileVersion:  N/A            MD5: [7f0d79fa454c928b6673a151b2801cd4]
    7486177866.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    8358523254.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [7092dfc385719b7365b5291844515dec]
    8358523254.quar                         File Size: 432       BYTES FileVersion:  N/A            MD5: [9e5e839fc48dc2067513443b9dd2d997]
    8850230913.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
     
    Malware Exclusions:
    ===================
    Web Exclusions:
    ================
    Quarantined Items:
    ===================
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE
    Vendor: PUP.Optional.DNSUnlocker.BrwsrFlsh, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSNEWVILLE
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{C001DFBA-386D-409D-B849-A33FE6715974}|NameServer
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue
    Vendor: PUP.Optional.Amonetize, Date: 2015/09/29 14:10:12, Type: File, Location: C:\$Recycle.Bin\S-1-5-21-2865461670-3733210873-137151838-1001\$R8Q75GD.rar
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{15860623-9094-470D-B7C3-3E711CBC2414}|NameServer
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{FBB6B720-0343-4409-96F4-CA87E41B02B7}|NameServer
    Vendor: PUP.Optional.WebInstr, Date: 2015/09/29 14:10:12, Type: File, Location: C:\Windows\System32\drivers\Msft_Kernel_webinstrNew_01009.Wdf
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue
    Vendor: PUP.Optional.MarkIt, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKU\S-1-5-21-2865461670-3733210873-137151838-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{DF220B80-4ED5-C6B6-F9D5-EC3B90C85E24}
    Vendor: PUP.Optional.CloudScout, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
    ===============================================================
    END OF FILE
     


    #5 weplayjams

    weplayjams
    • Topic Starter

    • Members
    • 3 posts
    • OFFLINE
    •  
    • Local time:12:09 AM

    Posted 29 September 2015 - 09:42 AM

    :bounce: Here's the log,and a big thank you,going to try Google out now

     

    mbam-check result log version:     2.1.1.1001
    ========================================
     
    User Account type:                 Administrator
    OS:                                Windows 8.1  64 bit Operating System
    Current Version and Build:         6.3.9200.0 
    Malwarebytes Anti-Malware:         2.1.8.1057
    Installed On:                      2015/09/29
    Malware Database:                  2015.09.29.04
    Rootkit Database:                  2015.09.22.01
    Remediation Database:              2015.09.28.03
    IP Database:                       2015.09.28.01
    Domain Database:                   2015.09.29.02
    License:                           Trial
    Malware Protection:                4 (The service is running.)
    Malicious Website Protection:      4 (The service is running.)
    Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
    Log Created:                       2015/09/29 16:33:13
    Compatibility Flag Settings:
    =================================
     
     
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exeREG_SZ ^ WIN8RTM
     
     
    Malwarebytes Anti-Malware Shell Extension Block Check:
    ======================================================
     
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
     
    MBAM Startup Entries: 
    =====================
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
     
    Malwarebytes Anti-Malware Service and Driver Status:
    =======================================================
     
    --------------Driver File Info:--------------
    C:\Windows\system32\drivers\mbam.sys
    File Size: 25816     BYTES FileVersion: 0.1.15.0 MD5: [a8d28d5b3e2a528d1ef0e338e44f2820]
    C:\Windows\system32\drivers\mwac.sys
    File Size: 64216     BYTES FileVersion: 1.0.6.0 MD5: [85cfe7ab85b43b6b7ac7961aa3983a9f]
    C:\Windows\system32\drivers\mbamswissarmy.sys
    File Size: 113880    BYTES FileVersion: 0.2.22.0 MD5: [8f22037d3f5a6bb676525d825a1388b9]
    C:\Windows\system32\drivers\mbamchameleon.sys
    File Size: 109272    BYTES FileVersion: 1.1.20.0 MD5: [e681ce4ae5c09651d53cb4387ca3560e]
     
    --------------MBAMProtector:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMService:--------------
    Type:                   16
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMScheduler:--------------
    Type:                   16
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMChameleon:--------------
    Type:                   N/A
    State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
    WIN32_EXIT_CODE:        N/A
    SERVICE_EXIT_CODE:      N/A
    CHECKPOINT:             N/A
    WAIT_HINT:              N/A
     
     
    --------------MBAMWebAccessControl:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    Required Dependencies:
    ======================
     
    --------------BFE:--------------
    Type:                   32
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
    DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
    ErrorControl                  REG_DWORD 1
    Group                         REG_SZ NetworkProvider
    ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
    Start                         REG_DWORD 2
    Type                          REG_DWORD 32
    Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
    DependOnService               REG_MULTI_SZ RpcSs
    WfpLwfs
     
    ObjectName                    REG_SZ NT AUTHORITY\LocalService
    ServiceSidType                REG_DWORD 3
    RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
     
    FailureActions                REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
    ServiceDllUnloadOnStop        REG_DWORD 1
    ServiceMain                   REG_SZ BfeServiceMain
    ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
    {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
     
    {84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
     
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
     
    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
     
    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
     
    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
     
    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
     
    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
     
    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
     
    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
     
    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
     
    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
     
    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
     
    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
     
    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
     
    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Options
    EnablePacketQueue             REG_DWORD 0
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
    {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
     
    {84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
     
    {e72646bc-7d3f-4c5c-a679-b3716f8c6cc8}REG_BINARY Binary Data
     
    {b98b75dc-17c0-4e84-bd4e-2080527ca6a6}REG_BINARY Binary Data
     
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
     
    {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data
     
    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
     
    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
     
    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
     
    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
     
    {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data
     
    {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data
     
    {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data
     
    {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data
     
    {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data
     
    {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data
     
    {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data
     
    {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data
     
    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
     
    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
     
    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
     
    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
     
    {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data
     
    {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data
     
    {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data
     
    {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data
     
    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
     
    {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data
     
    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
     
    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
     
    {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data
     
    {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data
     
    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
     
    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
     
    {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data
     
    {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data
     
    {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data
     
    {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data
     
    {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data
     
    {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data
     
    {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data
     
    {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data
     
    {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data
     
    {70694559-714a-4a38-a0cd-51439e06f1d8}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
    {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
     
    {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
     
    {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
     
    {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
    {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
     
    {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
     
    {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
     
    {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
     
    --------------fltmgr:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
    AttachWhenLoaded              REG_DWORD 1
    DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
    ErrorControl                  REG_DWORD 3
    Group                         REG_SZ FSFilter Infrastructure
    ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
    Start                         REG_DWORD 0
    Tag                           REG_DWORD 1
    Type                          REG_DWORD 2
    Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
     
     
    C:\Windows\system32\drivers\fltmgr.sys
    File Size: 354112    BYTES FileVersion: 6.3.9600.17326 MD5: [c1fb505a73fa2e9019d32444ab33b75a]
    C:\Windows\SysWOW64\mscomctl.ocx
    File Size: 1070152   BYTES FileVersion: 6.1.98.34 MD5: [e52859fcb7a827cacfce7963184c7d24]
    C:\Windows\SysWOW64\olepro32.dll
    File Size: 86016     BYTES FileVersion: 6.3.9600.17415 MD5: [afe3ca77ff01edcb79ab3f9e87b7a50b]
    C:\Windows\system32\comctl32.ocx
    File Size: 1351392   BYTES FileVersion: 6.0.81.6 MD5: [2640ad05ab39321e6c9d3c71236ca0df]
     
     
    MBAM Registry Settings and License Info:
    ========================================
    --------------Settings:--------------
    Advanced: 
        AutomaticQuarantine:                                       true 
        AutostartProtection:                                       true 
        LimitedMode:                                               false 
        StartSilentMode:                                           false 
        StartupDelay:                                              -15 
    ApplicationState: 
        First-Run-After-Installation:                              false 
    General: 
        DaysUntilNotifyExpiration:                                 5 
        Language:                                                  en 
        RightClickAccess:                                          false 
        SilentErrors:                                              false 
    Logging: 
        ExportLog:                                                 true 
    Marketing: 
        LastPostScanMarketingIndex:                                1 
    Notification: 
    ProtectionTray: 
        DisplayMilliseconds:                                       3000 
    ScanHistory: 
        Duration_Complete:                                         386999 
        Duration_Driver:                                           0 
        Duration_Filesystem:                                       47 
        Duration_Heuristics:                                       532398 
        Duration_Loading:                                          0 
        Duration_MasterBootRecord:                                 0 
        Duration_Memory:                                           40000 
        Duration_PreScan:                                          14388 
        Duration_Registry:                                         24041 
        Duration_Sector:                                           0 
        Duration_Startup:                                          21317 
        ItemCount_Complete:                                        288701 
        ItemCount_Driver:                                          0 
        ItemCount_Filesystem:                                      51798 
        ItemCount_Heuristics:                                      13720 
        ItemCount_Loading:                                         0 
        ItemCount_MasterBootRecord:                                0 
        ItemCount_Memory:                                          2797 
        ItemCount_PreScan:                                         0 
        ItemCount_Registry:                                        686 
        ItemCount_Sector:                                          0 
        ItemCount_Startup:                                         1652 
        LastScanDateEpoch:                                         1443535812286 
        LastScanType:                                              1 (Threat Scan)
    Update: 
        LastUpdate:                                                2015-09-29T14:09:46 
        NotifyInstallReady:                                        true 
        NotifyOutdatedDatabase:                                    7 
        ProxyPassword:                                              
        ProxyPort:                                                 0 
        ProxyServer:                                                
        ProxyUsername:                                              
        UseProxy:                                                  false 
        UseProxyAuthentication:                                    false 
    --------------Account:--------------
      Account Status:                                              Trial 
      Expiration Time:                                             2015/10/13 14:08:53 
      Activation Time:                                             2015/09/29 16:08:51 
      Trial Used:                                                  true 
    --------------Access Policies:--------------
     
    Scheduler Queue:
    ================
     
    tasks: 
        53f8715c-0363-4531-82d2-21410993ed50:                       
          parameters:                                               
            AutoDelete:                                            false 
            CheckForUpdatesBeforeScanStart:                        true 
            ScanConfig:                                             
              ExportLog:                                           true 
              FileSystemOption:                                    true 
              Quarantine:                                          Prompt 
              RebootSystemWhenMalwareDetected:                     false 
              ScanArchives:                                        true 
              ScanExtra:                                           true 
              ScanHeuristic:                                       true 
              ScanMemoryObjects:                                   true 
              ScanPUM:                                             2 
              ScanPUP:                                             2 
              ScanRegistry:                                        true 
              ScanRootkits:                                        false 
              ScanSource:                                          1 
              ScanStartup:                                         true 
              ScanTargets:                                          
              ScanType:                                            1 (Threat Scan)
              Silent:                                              true 
            StartTaskFromSystemAccount:                            false 
            TaskType:                                              0 
          triggers:                                                 
            58ef813b-f895-4a97-bb7b-97abc49c35c4:                   
              dateinterval:                                        1:0:0 
              lastscheduled:                                        
              lasttriggered:                                        
              nextscheduled:                                       Wed, 30 Sep 2015 02:30:07 +0200 
              recovery:                                            23:00:00 
              start:                                               Wed, 30 Sep 2015 02:31:51 +0200 
              timeinterval:                                        00:00:00 
              type:                                                4 
              uuid:                                                58ef813b-f895-4a97-bb7b-97abc49c35c4 
          type:                                                    scan 
          uuid:                                                    53f8715c-0363-4531-82d2-21410993ed50 
        5cf53484-67a8-4d09-a215-e3c1a4ab57da:                       
          parameters:                                               
            NotifyWhenUpdateCompletes:                             false 
            TaskType:                                              3 
          triggers:                                                 
            57d8c885-58d3-4d20-97e0-ac57fa0f3942:                   
              dateinterval:                                        0:0:0 
              lastscheduled:                                       Tue, 29 Sep 2015 16:26:23.234960 +0200 
              lasttriggered:                                       Tue, 29 Sep 2015 16:26:23.234960 +0200 
              nextscheduled:                                       Tue, 29 Sep 2015 17:22:05.234410 +0200 
              recovery:                                            00:00:00 
              start:                                               Tue, 29 Sep 2015 16:17:50.234410 +0200 
              timeinterval:                                        01:00:00 
              type:                                                3 
              uuid:                                                57d8c885-58d3-4d20-97e0-ac57fa0f3942 
          type:                                                    update 
          uuid:                                                    5cf53484-67a8-4d09-a215-e3c1a4ab57da 
     
    Pending File Rename Operations: 
    ================================
    If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
    Pending File Rename Operations: 
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
    PendingFileRenameOperations REG_MULTI_SZ \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cleanup.old
     
     
     
    MBAMProtector Registry Values:
    ==============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
    Type                          REG_DWORD 2
    Start                         REG_DWORD 3
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
    Group                         REG_SZ FSFilter Anti-Virus
    DependOnService               REG_MULTI_SZ FltMgr
     
    WOW64                         REG_DWORD 1
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
    DefaultInstance               REG_SZ MBAMProtector Instance
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
    Altitude                      REG_SZ 328800
    Flags                         REG_DWORD 0
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
    PassThruFile                  REG_SZ mbampt.exe
    ProductPath                   REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
     
    MBAMService Registry Values:
    ============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
    Type                          REG_DWORD 16
    Start                         REG_DWORD 2
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
    DependOnService               REG_MULTI_SZ MBAMProtector
     
    WOW64                         REG_DWORD 1
    ObjectName                    REG_SZ LocalSystem
    Description                   REG_SZ Malwarebytes Anti-Malware service
    DelayedAutostart              REG_DWORD 0
     
    MBAMScheduler Registry Values:
    ==============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
    Type                          REG_DWORD 16
    Start                         REG_DWORD 2
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
    WOW64                         REG_DWORD 1
    ObjectName                    REG_SZ LocalSystem
    Description                   REG_SZ Malwarebytes Anti-Malware scheduler
     
    Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
    ===============================================================================
     
    --------------TERMService:--------------
    Type:                   32
    State:                  1 (The service is not running.) (State is stopped)
    WIN32_EXIT_CODE:        1077
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    TermService Start is set to: 3 (Manual Startup)
     
    Proxy Status: No proxy is Set
     
    LAN Settings:
    =============
     
    only 'Automatically detect settings' is selected
     
    SystemPartition:
    ================
     
    HKEY_LOCAL_MACHINE\SYSTEM\Setup\
    SystemPartition REG_SZ \Device\HarddiskVolume2
     
    Balloon Tips Status:
    ====================
     
    Enabled
     
    Time Format Settings:
    =====================
     
    Should be:
    h:mm:ss tt
    AM 
    PM 
    :
     
    Currently:
    REG_SZ HH:mm:ss
    REG_SZ AM
    REG_SZ PM
    REG_SZ :
     
    Language and Regional Settings:
    ===============================
     
    ACP: Language is English (United States)
    MACCP: Language is English (United States)
    OEMCP: 850 Please refer to this link for details: Here
     
    Startup Folders for Error_Expanding_Variables Check:
    ====================================================
     
    All Users Startup Folder Exists.
    Current User's Startup Folder Exists.
     
     
    Context Menu Entries:
    =====================
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
    List of MBAM Related Directories:
    =================================
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\
    7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [90cc5c5c5347eee0909d5bbbe4ea4321]
    changes.txt                             File Size: 3003      BYTES FileVersion:  N/A            MD5: [17b6dc5b45f9558ea11ee7b95da9b684]
    cloud-enumeration.dll                   File Size: 286008    BYTES FileVersion:  1.0.0.0        MD5: [932c98b79d8dc1409d6c74efd715135e]
    cloud.dll                               File Size: 351544    BYTES FileVersion:  1.0.0.0        MD5: [5d383e601d77e4e82b64c6c3e4b823b3]
    license.rtf                             File Size: 235316    BYTES FileVersion:  N/A            MD5: [5980b191ffe5d53bfef600b97ad533b5]
    master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
    mbam.dll                                 File Size: 602936    BYTES FileVersion:  1.0.37.0       MD5: [a3043182dcef5612c928517985bd545a]
    mbam.exe                                 File Size: 6554424   BYTES FileVersion:  2.3.55.0       MD5: [abff2b3a80aa5348be5e43efd6b415d1]
    mbamcore.dll                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
    mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
    mbamext.dll                             File Size: 310584    BYTES FileVersion:  3.0.6.0        MD5: [7a4c3c98cc41d06e26cc4cc5d9d06200]
    mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [f872caff0cc1fe69d55cbb10c087a00a]
    mbamresearch.exe                         File Size: 1947960   BYTES FileVersion:  1.1.0.0        MD5: [7fb4e7cfabfdc99b88165ecfc0c532c5]
    mbamscheduler.exe                       File Size: 1871160   BYTES FileVersion:  3.1.3.0        MD5: [301e3fdfcf33640bb8763ba444bc5093]
    mbamservice.exe                         File Size: 1133880   BYTES FileVersion:  3.2.13.0       MD5: [83c982a395d00baff6515fb38424ea76]
    mbamsrv.dll                             File Size: 3841336   BYTES FileVersion:  2.1.2.0        MD5: [b3273340603058e7e89964abeea0aa4b]
    mbamtoast.dll                           File Size: 96568     BYTES FileVersion:  1.70.0.0       MD5: [595eaba9462f8fdfbe6246bbaaa40f4e]
    msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [650f2286252c8854ac5846940d181d3a]
    msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [005f96c221719c03671c0262a4a93521]
    Qt5Core.dll                             File Size: 4645688   BYTES FileVersion:  5.4.1.0        MD5: [a8fceb6261751b709a84ce4a3726439f]
    Qt5Gui.dll                               File Size: 4639032   BYTES FileVersion:  5.4.1.0        MD5: [cdfa353db0a56a394b1fd8346c905069]
    Qt5Network.dll                           File Size: 672056    BYTES FileVersion:  5.4.1.0        MD5: [e4fd655cc85eb6063a8cef66f4e5ed55]
    Qt5Widgets.dll                           File Size: 4473656   BYTES FileVersion:  5.4.1.0        MD5: [5a48fe8fc8b20960713e172a83cca0f5]
    Third-party-notices.txt                 File Size: 70041     BYTES FileVersion:  N/A            MD5: [915ab4fe416654fbc412019a0a1002ac]
    unins000.dat                             File Size: 30958     BYTES FileVersion:  N/A            MD5: [ffcddf5b347aa37cf0fbd74a286295cb]
    unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
    chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
    firefox.com                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.pif                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.scr                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    iexplore.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.com                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.exe                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.pif                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.scr                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-killer.exe                         File Size: 1496888   BYTES FileVersion:  3.0.13.0       MD5: [10ddd12d628a5388865f2ae25019dd76]
    rundll32.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    svchost.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    windows.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    winlogon.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
    qgif.dll                                 File Size: 28472     BYTES FileVersion:  5.4.1.0        MD5: [8858629a544c7c0536c35561040a2d78]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
    lang_ar.qm                               File Size: 87320     BYTES FileVersion:  N/A            MD5: [7a7c7e14fcf3f14d6b269295e877750c]
    lang_bg.qm                               File Size: 109563    BYTES FileVersion:  N/A            MD5: [654b95c228a72131aca7cb26e964dcf9]
    lang_ca.qm                               File Size: 92640     BYTES FileVersion:  N/A            MD5: [533208d2306e5ad1e5972650f69d8c22]
    lang_cs.qm                               File Size: 105006    BYTES FileVersion:  N/A            MD5: [508844d9e9aa364aa53bc77adf4f42a8]
    lang_da.qm                               File Size: 88045     BYTES FileVersion:  N/A            MD5: [e3bc3cdfcf360d319319299d8cd66506]
    lang_de.qm                               File Size: 133736    BYTES FileVersion:  N/A            MD5: [9b6c6a0d6bc188c1d86ea9342b8035da]
    lang_el.qm                               File Size: 126414    BYTES FileVersion:  N/A            MD5: [3d112a79eca581d1775fd96b3c5870bb]
    lang_en.qm                               File Size: 2849      BYTES FileVersion:  N/A            MD5: [d495fecf1db29d41317196416d5ea6c2]
    lang_es.qm                               File Size: 132948    BYTES FileVersion:  N/A            MD5: [455f47414f13f8942ee6652dd194c46a]
    lang_et.qm                               File Size: 107454    BYTES FileVersion:  N/A            MD5: [ef9d8fcc151759a2cf100afe2889d5e5]
    lang_fi.qm                               File Size: 89336     BYTES FileVersion:  N/A            MD5: [09f12751811f8c1a46f6308ab1968ff7]
    lang_fr.qm                               File Size: 136774    BYTES FileVersion:  N/A            MD5: [581b5833e2fa89003ff8349390323790]
    lang_he.qm                               File Size: 98616     BYTES FileVersion:  N/A            MD5: [a9cb152f93da040fb9451d750f359c3e]
    lang_hu.qm                               File Size: 108619    BYTES FileVersion:  N/A            MD5: [042e132aa420bb7807dc6ea150d21c84]
    lang_id.qm                               File Size: 105573    BYTES FileVersion:  N/A            MD5: [1352510fd6296523d239363d90d493ad]
    lang_it.qm                               File Size: 129004    BYTES FileVersion:  N/A            MD5: [993c14184487084aedf79471b337606b]
    lang_ja.qm                               File Size: 73730     BYTES FileVersion:  N/A            MD5: [e1ae65ac342628156abb2cdc36508929]
    lang_ko.qm                               File Size: 85538     BYTES FileVersion:  N/A            MD5: [e495736a22b566cd27cef405507c0b55]
    lang_lt.qm                               File Size: 90775     BYTES FileVersion:  N/A            MD5: [2605701cc94ca4ee2ef0be3aaa617d64]
    lang_lv.qm                               File Size: 90647     BYTES FileVersion:  N/A            MD5: [c9dda1e18b4869c60b8df14907dd5e46]
    lang_nl.qm                               File Size: 128186    BYTES FileVersion:  N/A            MD5: [193e199cefe0429da41d564af35786e7]
    lang_no.qm                               File Size: 118156    BYTES FileVersion:  N/A            MD5: [a7a243c9ac9e1efc71f8cdeb8c6ed4bf]
    lang_pl.qm                               File Size: 128623    BYTES FileVersion:  N/A            MD5: [9e4c6ca1532843c77ddb07b8a1bcac08]
    lang_pt_BR.qm                           File Size: 131550    BYTES FileVersion:  N/A            MD5: [418b8766d7e7a2a4806ed4d97d18e80f]
    lang_pt_PT.qm                           File Size: 131702    BYTES FileVersion:  N/A            MD5: [34f70f2a89733552373fa935200c2a0a]
    lang_ro.qm                               File Size: 90440     BYTES FileVersion:  N/A            MD5: [24bf3ee283cf5a3fd4c93bba6c9fc12b]
    lang_ru.qm                               File Size: 132186    BYTES FileVersion:  N/A            MD5: [08e1303dba20e8e1957ae1de2ccb4550]
    lang_sk.qm                               File Size: 89139     BYTES FileVersion:  N/A            MD5: [82ddef8ec6d13b1d4601e7104243ecc9]
    lang_sl.qm                               File Size: 107472    BYTES FileVersion:  N/A            MD5: [c8e3fae6ae3980aec292baa6cb8eac89]
    lang_sv.qm                               File Size: 105939    BYTES FileVersion:  N/A            MD5: [646ad8e20658650d4d1daa63b5abb9b6]
    lang_tr.qm                               File Size: 88788     BYTES FileVersion:  N/A            MD5: [6c4e9b16e496ab46d4a1d3333d972762]
    lang_vi.qm                               File Size: 105393    BYTES FileVersion:  N/A            MD5: [d1b2c9264ef72792b53255d4dfeb3098]
    lang_zh_TW.qm                           File Size: 87358     BYTES FileVersion:  N/A            MD5: [1ebfe79770cf695df897750b3c2d5a08]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\platforms
    qwindows.dll                             File Size: 928568    BYTES FileVersion:  5.4.1.0        MD5: [15d93b1f5171eacf7724b2f728a064c4]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
    fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [57da74e5d020877f0aa23133081a1d5c]
     
    C:\Users\Ian\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
    actions.ref                             File Size: 2092      BYTES FileVersion:  N/A            MD5: [685a0ee18eec57bf5f9c53c995e8705a]
    akadomains.ref                           File Size: 92        BYTES FileVersion:  N/A            MD5: [73d5774cbd8df165274a0691ae264808]
    akaips.ref                               File Size: 92        BYTES FileVersion:  N/A            MD5: [2a6869d1f91f0a0b87b1d27bd30ccc5c]
    cleanup.old                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
    domains.ref                             File Size: 272859    BYTES FileVersion:  N/A            MD5: [5a6b79872e8fe1a7508d328b6dc6e4ee]
    exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    ips.ref                                 File Size: 14414     BYTES FileVersion:  N/A            MD5: [f32630e3f0fd1736e09f4ae4c305fe97]
    mbamdor.old                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
    rules.ref                               File Size: 10353652  BYTES FileVersion:  N/A            MD5: [75e5767dae662e738898b9515eacc7f3]
    swissarmy.ref                           File Size: 26039     BYTES FileVersion:  N/A            MD5: [4f3270821b3bd82592310a00477f9526]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
    build.conf                               File Size: 4607      BYTES FileVersion:  N/A            MD5: [420cbbaeb39aaf47d6e24d57a8d27cfd]
    database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    license.conf                             File Size: 1484      BYTES FileVersion:  N/A            MD5: [c330024cb47dc9cdaa369fca873e029e]
    manifest.conf                           File Size: 3372      BYTES FileVersion:  N/A            MD5: [14319559c6bd1d9640397fcbff2996ae]
    marketing.conf                           File Size: 10950     BYTES FileVersion:  N/A            MD5: [14a6cf9d45ac419482fe1d53ce786434]
    net.conf                                 File Size: 6903      BYTES FileVersion:  N/A            MD5: [190bc1e1ee09fb172aac9861c28a7120]
    notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    scheduler.conf                           File Size: 2047      BYTES FileVersion:  N/A            MD5: [41aa7e0f8975e7d15ba7d45ba774fbfd]
    settings.conf                           File Size: 2059      BYTES FileVersion:  N/A            MD5: [cd3464a38949cec3a9993e74dc3a2f46]
    statistics.conf                         File Size: 513       BYTES FileVersion:  N/A            MD5: [080ac50f5331ee61396a858ab4f42e22]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
    build.conf                               File Size: 4194      BYTES FileVersion:  N/A            MD5: [402aa68f7a914337069a7a826a856503]
    database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
    manifest.conf                           File Size: 2836      BYTES FileVersion:  N/A            MD5: [12da8707e6aa5c2dfafca55395a8bdbd]
    marketing.conf                           File Size: 11105     BYTES FileVersion:  N/A            MD5: [4bbcad9dd8e558eb9996d32f37cd25e2]
    net.conf                                 File Size: 6133      BYTES FileVersion:  N/A            MD5: [78d9d986b84b11f36330303a86a2be82]
    notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    settings.conf                           File Size: 1725      BYTES FileVersion:  N/A            MD5: [5454026126dac24f6e96eeb0c64123d3]
    statistics.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
    mbam-log-2015-09-29 (16-10-09).xml       File Size: 12382     BYTES FileVersion:  N/A            MD5: [d8cbd060f0bb055620960c4de9bff10b]
    protection-log-2015-09-29.xml           File Size: 8401      BYTES FileVersion:  N/A            MD5: [abfca95779e0ed02e768be5de51848b6]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
    1244618722.data                         File Size: 727       BYTES FileVersion:  N/A            MD5: [130b97e7dbfa6c48655f0cdb008948ee]
    1244618722.quar                         File Size: 612       BYTES FileVersion:  N/A            MD5: [ab7ef6506af7dff5e665fa24d27dbd7f]
    2125102669.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    2468205678.data                         File Size: 758       BYTES FileVersion:  N/A            MD5: [ab2972d9840376bf5aeff1d874220c1d]
    2468205678.quar                         File Size: 434       BYTES FileVersion:  N/A            MD5: [38d779cb9f2d781e7e4e4adc722eac33]
    3527457289.data                         File Size: 904       BYTES FileVersion:  N/A            MD5: [fd163c00c4344c0501bb2c8c21b60d44]
    4038159469.data                         File Size: 809       BYTES FileVersion:  N/A            MD5: [c9280ed64cc850a0472e71816a67aae7]
    4135817329.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    4210840461.data                         File Size: 735       BYTES FileVersion:  N/A            MD5: [f70b4a6687099e12067d0d21002f77f4]
    4210840461.quar                         File Size: 550784    BYTES FileVersion:  N/A            MD5: [b9ef816f4851fd545cfc86a0f80869c0]
    5406734376.data                         File Size: 906       BYTES FileVersion:  N/A            MD5: [617179569871007dc7ecda2f882c9176]
    5920036566.data                         File Size: 906       BYTES FileVersion:  N/A            MD5: [1c44bff5899f2f54ba9820b38c43e9e0]
    6474615761.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    6827526453.data                         File Size: 721       BYTES FileVersion:  N/A            MD5: [bd9befb73d26dc742b7b708edb5085ce]
    6827526453.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    6948879030.data                         File Size: 715       BYTES FileVersion:  N/A            MD5: [ea12832e356a6dc79001e698111dde51]
    6948879030.quar                         File Size: 588       BYTES FileVersion:  N/A            MD5: [8c139bb5119f85455bafaa594a995dd0]
    7083067966.data                         File Size: 797       BYTES FileVersion:  N/A            MD5: [93358472b4ea3766fca73c72f6f1f5d9]
    7107675040.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    7328822470.data                         File Size: 873       BYTES FileVersion:  N/A            MD5: [7f0d79fa454c928b6673a151b2801cd4]
    7486177866.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    8358523254.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [7092dfc385719b7365b5291844515dec]
    8358523254.quar                         File Size: 432       BYTES FileVersion:  N/A            MD5: [9e5e839fc48dc2067513443b9dd2d997]
    8850230913.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
     
    Malware Exclusions:
    ===================
    Web Exclusions:
    ================
    Quarantined Items:
    ===================
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE
    Vendor: PUP.Optional.DNSUnlocker.BrwsrFlsh, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSNEWVILLE
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{C001DFBA-386D-409D-B849-A33FE6715974}|NameServer
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue
    Vendor: PUP.Optional.Amonetize, Date: 2015/09/29 14:10:12, Type: File, Location: C:\$Recycle.Bin\S-1-5-21-2865461670-3733210873-137151838-1001\$R8Q75GD.rar
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{15860623-9094-470D-B7C3-3E711CBC2414}|NameServer
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{FBB6B720-0343-4409-96F4-CA87E41B02B7}|NameServer
    Vendor: PUP.Optional.WebInstr, Date: 2015/09/29 14:10:12, Type: File, Location: C:\Windows\System32\drivers\Msft_Kernel_webinstrNew_01009.Wdf
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue
    Vendor: PUP.Optional.MarkIt, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKU\S-1-5-21-2865461670-3733210873-137151838-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{DF220B80-4ED5-C6B6-F9D5-EC3B90C85E24}
    Vendor: PUP.Optional.CloudScout, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
    ===============================================================
    END OF FILE
     


    #6 weplayjams

    weplayjams
    • Topic Starter

    • Members
    • 3 posts
    • OFFLINE
    •  
    • Local time:12:09 AM

    Posted 29 September 2015 - 09:42 AM

    :bounce: Here's the log,and a big thank you,going to try Google out now

     

    mbam-check result log version:     2.1.1.1001
    ========================================
     
    User Account type:                 Administrator
    OS:                                Windows 8.1  64 bit Operating System
    Current Version and Build:         6.3.9200.0 
    Malwarebytes Anti-Malware:         2.1.8.1057
    Installed On:                      2015/09/29
    Malware Database:                  2015.09.29.04
    Rootkit Database:                  2015.09.22.01
    Remediation Database:              2015.09.28.03
    IP Database:                       2015.09.28.01
    Domain Database:                   2015.09.29.02
    License:                           Trial
    Malware Protection:                4 (The service is running.)
    Malicious Website Protection:      4 (The service is running.)
    Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
    Log Created:                       2015/09/29 16:33:13
    Compatibility Flag Settings:
    =================================
     
     
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Program Files (x86)\VirtualDJ\virtualdj_pro.exeREG_SZ ^ WIN8RTM
     
     
    Malwarebytes Anti-Malware Shell Extension Block Check:
    ======================================================
     
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
     
    MBAM Startup Entries: 
    =====================
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
     
    Malwarebytes Anti-Malware Service and Driver Status:
    =======================================================
     
    --------------Driver File Info:--------------
    C:\Windows\system32\drivers\mbam.sys
    File Size: 25816     BYTES FileVersion: 0.1.15.0 MD5: [a8d28d5b3e2a528d1ef0e338e44f2820]
    C:\Windows\system32\drivers\mwac.sys
    File Size: 64216     BYTES FileVersion: 1.0.6.0 MD5: [85cfe7ab85b43b6b7ac7961aa3983a9f]
    C:\Windows\system32\drivers\mbamswissarmy.sys
    File Size: 113880    BYTES FileVersion: 0.2.22.0 MD5: [8f22037d3f5a6bb676525d825a1388b9]
    C:\Windows\system32\drivers\mbamchameleon.sys
    File Size: 109272    BYTES FileVersion: 1.1.20.0 MD5: [e681ce4ae5c09651d53cb4387ca3560e]
     
    --------------MBAMProtector:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMService:--------------
    Type:                   16
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMScheduler:--------------
    Type:                   16
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    --------------MBAMChameleon:--------------
    Type:                   N/A
    State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
    WIN32_EXIT_CODE:        N/A
    SERVICE_EXIT_CODE:      N/A
    CHECKPOINT:             N/A
    WAIT_HINT:              N/A
     
     
    --------------MBAMWebAccessControl:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    Required Dependencies:
    ======================
     
    --------------BFE:--------------
    Type:                   32
    State:                  4 (The service is running.)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
    DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
    ErrorControl                  REG_DWORD 1
    Group                         REG_SZ NetworkProvider
    ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
    Start                         REG_DWORD 2
    Type                          REG_DWORD 32
    Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
    DependOnService               REG_MULTI_SZ RpcSs
    WfpLwfs
     
    ObjectName                    REG_SZ NT AUTHORITY\LocalService
    ServiceSidType                REG_DWORD 3
    RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
     
    FailureActions                REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
    ServiceDllUnloadOnStop        REG_DWORD 1
    ServiceMain                   REG_SZ BfeServiceMain
    ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
    {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
     
    {84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
     
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
     
    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
     
    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
     
    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
     
    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
     
    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
     
    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
     
    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
     
    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
     
    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
     
    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
     
    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
     
    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
     
    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Options
    EnablePacketQueue             REG_DWORD 0
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
    {89a89b7c-b5ab-4ed6-bf05-d3059281a5c5}REG_BINARY Binary Data
     
    {84750a0c-b836-48e3-ab80-104985c857db}REG_BINARY Binary Data
     
    {e72646bc-7d3f-4c5c-a679-b3716f8c6cc8}REG_BINARY Binary Data
     
    {b98b75dc-17c0-4e84-bd4e-2080527ca6a6}REG_BINARY Binary Data
     
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
     
    {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data
     
    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
     
    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
     
    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
     
    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
     
    {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data
     
    {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data
     
    {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data
     
    {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data
     
    {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data
     
    {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data
     
    {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data
     
    {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data
     
    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
     
    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
     
    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
     
    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
     
    {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data
     
    {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data
     
    {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data
     
    {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data
     
    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
     
    {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data
     
    {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
     
    {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
     
    {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data
     
    {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data
     
    {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
     
    {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
     
    {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data
     
    {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data
     
    {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data
     
    {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data
     
    {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data
     
    {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data
     
    {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data
     
    {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data
     
    {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data
     
    {70694559-714a-4a38-a0cd-51439e06f1d8}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
    {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
     
    {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
     
    {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
     
    {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
    {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
     
    {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
     
    {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
     
    {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
     
    --------------fltmgr:--------------
    Type:                   2
    State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE:        0
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
    AttachWhenLoaded              REG_DWORD 1
    DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
    ErrorControl                  REG_DWORD 3
    Group                         REG_SZ FSFilter Infrastructure
    ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
    Start                         REG_DWORD 0
    Tag                           REG_DWORD 1
    Type                          REG_DWORD 2
    Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
     
     
    C:\Windows\system32\drivers\fltmgr.sys
    File Size: 354112    BYTES FileVersion: 6.3.9600.17326 MD5: [c1fb505a73fa2e9019d32444ab33b75a]
    C:\Windows\SysWOW64\mscomctl.ocx
    File Size: 1070152   BYTES FileVersion: 6.1.98.34 MD5: [e52859fcb7a827cacfce7963184c7d24]
    C:\Windows\SysWOW64\olepro32.dll
    File Size: 86016     BYTES FileVersion: 6.3.9600.17415 MD5: [afe3ca77ff01edcb79ab3f9e87b7a50b]
    C:\Windows\system32\comctl32.ocx
    File Size: 1351392   BYTES FileVersion: 6.0.81.6 MD5: [2640ad05ab39321e6c9d3c71236ca0df]
     
     
    MBAM Registry Settings and License Info:
    ========================================
    --------------Settings:--------------
    Advanced: 
        AutomaticQuarantine:                                       true 
        AutostartProtection:                                       true 
        LimitedMode:                                               false 
        StartSilentMode:                                           false 
        StartupDelay:                                              -15 
    ApplicationState: 
        First-Run-After-Installation:                              false 
    General: 
        DaysUntilNotifyExpiration:                                 5 
        Language:                                                  en 
        RightClickAccess:                                          false 
        SilentErrors:                                              false 
    Logging: 
        ExportLog:                                                 true 
    Marketing: 
        LastPostScanMarketingIndex:                                1 
    Notification: 
    ProtectionTray: 
        DisplayMilliseconds:                                       3000 
    ScanHistory: 
        Duration_Complete:                                         386999 
        Duration_Driver:                                           0 
        Duration_Filesystem:                                       47 
        Duration_Heuristics:                                       532398 
        Duration_Loading:                                          0 
        Duration_MasterBootRecord:                                 0 
        Duration_Memory:                                           40000 
        Duration_PreScan:                                          14388 
        Duration_Registry:                                         24041 
        Duration_Sector:                                           0 
        Duration_Startup:                                          21317 
        ItemCount_Complete:                                        288701 
        ItemCount_Driver:                                          0 
        ItemCount_Filesystem:                                      51798 
        ItemCount_Heuristics:                                      13720 
        ItemCount_Loading:                                         0 
        ItemCount_MasterBootRecord:                                0 
        ItemCount_Memory:                                          2797 
        ItemCount_PreScan:                                         0 
        ItemCount_Registry:                                        686 
        ItemCount_Sector:                                          0 
        ItemCount_Startup:                                         1652 
        LastScanDateEpoch:                                         1443535812286 
        LastScanType:                                              1 (Threat Scan)
    Update: 
        LastUpdate:                                                2015-09-29T14:09:46 
        NotifyInstallReady:                                        true 
        NotifyOutdatedDatabase:                                    7 
        ProxyPassword:                                              
        ProxyPort:                                                 0 
        ProxyServer:                                                
        ProxyUsername:                                              
        UseProxy:                                                  false 
        UseProxyAuthentication:                                    false 
    --------------Account:--------------
      Account Status:                                              Trial 
      Expiration Time:                                             2015/10/13 14:08:53 
      Activation Time:                                             2015/09/29 16:08:51 
      Trial Used:                                                  true 
    --------------Access Policies:--------------
     
    Scheduler Queue:
    ================
     
    tasks: 
        53f8715c-0363-4531-82d2-21410993ed50:                       
          parameters:                                               
            AutoDelete:                                            false 
            CheckForUpdatesBeforeScanStart:                        true 
            ScanConfig:                                             
              ExportLog:                                           true 
              FileSystemOption:                                    true 
              Quarantine:                                          Prompt 
              RebootSystemWhenMalwareDetected:                     false 
              ScanArchives:                                        true 
              ScanExtra:                                           true 
              ScanHeuristic:                                       true 
              ScanMemoryObjects:                                   true 
              ScanPUM:                                             2 
              ScanPUP:                                             2 
              ScanRegistry:                                        true 
              ScanRootkits:                                        false 
              ScanSource:                                          1 
              ScanStartup:                                         true 
              ScanTargets:                                          
              ScanType:                                            1 (Threat Scan)
              Silent:                                              true 
            StartTaskFromSystemAccount:                            false 
            TaskType:                                              0 
          triggers:                                                 
            58ef813b-f895-4a97-bb7b-97abc49c35c4:                   
              dateinterval:                                        1:0:0 
              lastscheduled:                                        
              lasttriggered:                                        
              nextscheduled:                                       Wed, 30 Sep 2015 02:30:07 +0200 
              recovery:                                            23:00:00 
              start:                                               Wed, 30 Sep 2015 02:31:51 +0200 
              timeinterval:                                        00:00:00 
              type:                                                4 
              uuid:                                                58ef813b-f895-4a97-bb7b-97abc49c35c4 
          type:                                                    scan 
          uuid:                                                    53f8715c-0363-4531-82d2-21410993ed50 
        5cf53484-67a8-4d09-a215-e3c1a4ab57da:                       
          parameters:                                               
            NotifyWhenUpdateCompletes:                             false 
            TaskType:                                              3 
          triggers:                                                 
            57d8c885-58d3-4d20-97e0-ac57fa0f3942:                   
              dateinterval:                                        0:0:0 
              lastscheduled:                                       Tue, 29 Sep 2015 16:26:23.234960 +0200 
              lasttriggered:                                       Tue, 29 Sep 2015 16:26:23.234960 +0200 
              nextscheduled:                                       Tue, 29 Sep 2015 17:22:05.234410 +0200 
              recovery:                                            00:00:00 
              start:                                               Tue, 29 Sep 2015 16:17:50.234410 +0200 
              timeinterval:                                        01:00:00 
              type:                                                3 
              uuid:                                                57d8c885-58d3-4d20-97e0-ac57fa0f3942 
          type:                                                    update 
          uuid:                                                    5cf53484-67a8-4d09-a215-e3c1a4ab57da 
     
    Pending File Rename Operations: 
    ================================
    If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
    Pending File Rename Operations: 
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
    PendingFileRenameOperations REG_MULTI_SZ \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cleanup.old
     
     
     
    MBAMProtector Registry Values:
    ==============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
    Type                          REG_DWORD 2
    Start                         REG_DWORD 3
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
    Group                         REG_SZ FSFilter Anti-Virus
    DependOnService               REG_MULTI_SZ FltMgr
     
    WOW64                         REG_DWORD 1
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
    DefaultInstance               REG_SZ MBAMProtector Instance
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
    Altitude                      REG_SZ 328800
    Flags                         REG_DWORD 0
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
    PassThruFile                  REG_SZ mbampt.exe
    ProductPath                   REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
     
    MBAMService Registry Values:
    ============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
    Type                          REG_DWORD 16
    Start                         REG_DWORD 2
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
    DependOnService               REG_MULTI_SZ MBAMProtector
     
    WOW64                         REG_DWORD 1
    ObjectName                    REG_SZ LocalSystem
    Description                   REG_SZ Malwarebytes Anti-Malware service
    DelayedAutostart              REG_DWORD 0
     
    MBAMScheduler Registry Values:
    ==============================
     
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
    Type                          REG_DWORD 16
    Start                         REG_DWORD 2
    ErrorControl                  REG_DWORD 1
    ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
    WOW64                         REG_DWORD 1
    ObjectName                    REG_SZ LocalSystem
    Description                   REG_SZ Malwarebytes Anti-Malware scheduler
     
    Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
    ===============================================================================
     
    --------------TERMService:--------------
    Type:                   32
    State:                  1 (The service is not running.) (State is stopped)
    WIN32_EXIT_CODE:        1077
    SERVICE_EXIT_CODE:      0
    CHECKPOINT:             0
    WAIT_HINT:              0
     
     
    TermService Start is set to: 3 (Manual Startup)
     
    Proxy Status: No proxy is Set
     
    LAN Settings:
    =============
     
    only 'Automatically detect settings' is selected
     
    SystemPartition:
    ================
     
    HKEY_LOCAL_MACHINE\SYSTEM\Setup\
    SystemPartition REG_SZ \Device\HarddiskVolume2
     
    Balloon Tips Status:
    ====================
     
    Enabled
     
    Time Format Settings:
    =====================
     
    Should be:
    h:mm:ss tt
    AM 
    PM 
    :
     
    Currently:
    REG_SZ HH:mm:ss
    REG_SZ AM
    REG_SZ PM
    REG_SZ :
     
    Language and Regional Settings:
    ===============================
     
    ACP: Language is English (United States)
    MACCP: Language is English (United States)
    OEMCP: 850 Please refer to this link for details: Here
     
    Startup Folders for Error_Expanding_Variables Check:
    ====================================================
     
    All Users Startup Folder Exists.
    Current User's Startup Folder Exists.
     
     
    Context Menu Entries:
    =====================
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
    List of MBAM Related Directories:
    =================================
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\
    7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [90cc5c5c5347eee0909d5bbbe4ea4321]
    changes.txt                             File Size: 3003      BYTES FileVersion:  N/A            MD5: [17b6dc5b45f9558ea11ee7b95da9b684]
    cloud-enumeration.dll                   File Size: 286008    BYTES FileVersion:  1.0.0.0        MD5: [932c98b79d8dc1409d6c74efd715135e]
    cloud.dll                               File Size: 351544    BYTES FileVersion:  1.0.0.0        MD5: [5d383e601d77e4e82b64c6c3e4b823b3]
    license.rtf                             File Size: 235316    BYTES FileVersion:  N/A            MD5: [5980b191ffe5d53bfef600b97ad533b5]
    master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
    mbam.dll                                 File Size: 602936    BYTES FileVersion:  1.0.37.0       MD5: [a3043182dcef5612c928517985bd545a]
    mbam.exe                                 File Size: 6554424   BYTES FileVersion:  2.3.55.0       MD5: [abff2b3a80aa5348be5e43efd6b415d1]
    mbamcore.dll                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
    mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
    mbamext.dll                             File Size: 310584    BYTES FileVersion:  3.0.6.0        MD5: [7a4c3c98cc41d06e26cc4cc5d9d06200]
    mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [f872caff0cc1fe69d55cbb10c087a00a]
    mbamresearch.exe                         File Size: 1947960   BYTES FileVersion:  1.1.0.0        MD5: [7fb4e7cfabfdc99b88165ecfc0c532c5]
    mbamscheduler.exe                       File Size: 1871160   BYTES FileVersion:  3.1.3.0        MD5: [301e3fdfcf33640bb8763ba444bc5093]
    mbamservice.exe                         File Size: 1133880   BYTES FileVersion:  3.2.13.0       MD5: [83c982a395d00baff6515fb38424ea76]
    mbamsrv.dll                             File Size: 3841336   BYTES FileVersion:  2.1.2.0        MD5: [b3273340603058e7e89964abeea0aa4b]
    mbamtoast.dll                           File Size: 96568     BYTES FileVersion:  1.70.0.0       MD5: [595eaba9462f8fdfbe6246bbaaa40f4e]
    msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [650f2286252c8854ac5846940d181d3a]
    msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [005f96c221719c03671c0262a4a93521]
    Qt5Core.dll                             File Size: 4645688   BYTES FileVersion:  5.4.1.0        MD5: [a8fceb6261751b709a84ce4a3726439f]
    Qt5Gui.dll                               File Size: 4639032   BYTES FileVersion:  5.4.1.0        MD5: [cdfa353db0a56a394b1fd8346c905069]
    Qt5Network.dll                           File Size: 672056    BYTES FileVersion:  5.4.1.0        MD5: [e4fd655cc85eb6063a8cef66f4e5ed55]
    Qt5Widgets.dll                           File Size: 4473656   BYTES FileVersion:  5.4.1.0        MD5: [5a48fe8fc8b20960713e172a83cca0f5]
    Third-party-notices.txt                 File Size: 70041     BYTES FileVersion:  N/A            MD5: [915ab4fe416654fbc412019a0a1002ac]
    unins000.dat                             File Size: 30958     BYTES FileVersion:  N/A            MD5: [ffcddf5b347aa37cf0fbd74a286295cb]
    unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
    chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
    firefox.com                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.pif                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    firefox.scr                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    iexplore.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.com                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.exe                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.pif                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-chameleon.scr                       File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    mbam-killer.exe                         File Size: 1496888   BYTES FileVersion:  3.0.13.0       MD5: [10ddd12d628a5388865f2ae25019dd76]
    rundll32.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    svchost.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    windows.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
    winlogon.exe                             File Size: 893752    BYTES FileVersion:  3.1.25.0       MD5: [0692c8163852ab5674e2eb3b36131ef3]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
    qgif.dll                                 File Size: 28472     BYTES FileVersion:  5.4.1.0        MD5: [8858629a544c7c0536c35561040a2d78]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
    lang_ar.qm                               File Size: 87320     BYTES FileVersion:  N/A            MD5: [7a7c7e14fcf3f14d6b269295e877750c]
    lang_bg.qm                               File Size: 109563    BYTES FileVersion:  N/A            MD5: [654b95c228a72131aca7cb26e964dcf9]
    lang_ca.qm                               File Size: 92640     BYTES FileVersion:  N/A            MD5: [533208d2306e5ad1e5972650f69d8c22]
    lang_cs.qm                               File Size: 105006    BYTES FileVersion:  N/A            MD5: [508844d9e9aa364aa53bc77adf4f42a8]
    lang_da.qm                               File Size: 88045     BYTES FileVersion:  N/A            MD5: [e3bc3cdfcf360d319319299d8cd66506]
    lang_de.qm                               File Size: 133736    BYTES FileVersion:  N/A            MD5: [9b6c6a0d6bc188c1d86ea9342b8035da]
    lang_el.qm                               File Size: 126414    BYTES FileVersion:  N/A            MD5: [3d112a79eca581d1775fd96b3c5870bb]
    lang_en.qm                               File Size: 2849      BYTES FileVersion:  N/A            MD5: [d495fecf1db29d41317196416d5ea6c2]
    lang_es.qm                               File Size: 132948    BYTES FileVersion:  N/A            MD5: [455f47414f13f8942ee6652dd194c46a]
    lang_et.qm                               File Size: 107454    BYTES FileVersion:  N/A            MD5: [ef9d8fcc151759a2cf100afe2889d5e5]
    lang_fi.qm                               File Size: 89336     BYTES FileVersion:  N/A            MD5: [09f12751811f8c1a46f6308ab1968ff7]
    lang_fr.qm                               File Size: 136774    BYTES FileVersion:  N/A            MD5: [581b5833e2fa89003ff8349390323790]
    lang_he.qm                               File Size: 98616     BYTES FileVersion:  N/A            MD5: [a9cb152f93da040fb9451d750f359c3e]
    lang_hu.qm                               File Size: 108619    BYTES FileVersion:  N/A            MD5: [042e132aa420bb7807dc6ea150d21c84]
    lang_id.qm                               File Size: 105573    BYTES FileVersion:  N/A            MD5: [1352510fd6296523d239363d90d493ad]
    lang_it.qm                               File Size: 129004    BYTES FileVersion:  N/A            MD5: [993c14184487084aedf79471b337606b]
    lang_ja.qm                               File Size: 73730     BYTES FileVersion:  N/A            MD5: [e1ae65ac342628156abb2cdc36508929]
    lang_ko.qm                               File Size: 85538     BYTES FileVersion:  N/A            MD5: [e495736a22b566cd27cef405507c0b55]
    lang_lt.qm                               File Size: 90775     BYTES FileVersion:  N/A            MD5: [2605701cc94ca4ee2ef0be3aaa617d64]
    lang_lv.qm                               File Size: 90647     BYTES FileVersion:  N/A            MD5: [c9dda1e18b4869c60b8df14907dd5e46]
    lang_nl.qm                               File Size: 128186    BYTES FileVersion:  N/A            MD5: [193e199cefe0429da41d564af35786e7]
    lang_no.qm                               File Size: 118156    BYTES FileVersion:  N/A            MD5: [a7a243c9ac9e1efc71f8cdeb8c6ed4bf]
    lang_pl.qm                               File Size: 128623    BYTES FileVersion:  N/A            MD5: [9e4c6ca1532843c77ddb07b8a1bcac08]
    lang_pt_BR.qm                           File Size: 131550    BYTES FileVersion:  N/A            MD5: [418b8766d7e7a2a4806ed4d97d18e80f]
    lang_pt_PT.qm                           File Size: 131702    BYTES FileVersion:  N/A            MD5: [34f70f2a89733552373fa935200c2a0a]
    lang_ro.qm                               File Size: 90440     BYTES FileVersion:  N/A            MD5: [24bf3ee283cf5a3fd4c93bba6c9fc12b]
    lang_ru.qm                               File Size: 132186    BYTES FileVersion:  N/A            MD5: [08e1303dba20e8e1957ae1de2ccb4550]
    lang_sk.qm                               File Size: 89139     BYTES FileVersion:  N/A            MD5: [82ddef8ec6d13b1d4601e7104243ecc9]
    lang_sl.qm                               File Size: 107472    BYTES FileVersion:  N/A            MD5: [c8e3fae6ae3980aec292baa6cb8eac89]
    lang_sv.qm                               File Size: 105939    BYTES FileVersion:  N/A            MD5: [646ad8e20658650d4d1daa63b5abb9b6]
    lang_tr.qm                               File Size: 88788     BYTES FileVersion:  N/A            MD5: [6c4e9b16e496ab46d4a1d3333d972762]
    lang_vi.qm                               File Size: 105393    BYTES FileVersion:  N/A            MD5: [d1b2c9264ef72792b53255d4dfeb3098]
    lang_zh_TW.qm                           File Size: 87358     BYTES FileVersion:  N/A            MD5: [1ebfe79770cf695df897750b3c2d5a08]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\platforms
    qwindows.dll                             File Size: 928568    BYTES FileVersion:  5.4.1.0        MD5: [15d93b1f5171eacf7724b2f728a064c4]
     
    C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
    fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [57da74e5d020877f0aa23133081a1d5c]
     
    C:\Users\Ian\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
    actions.ref                             File Size: 2092      BYTES FileVersion:  N/A            MD5: [685a0ee18eec57bf5f9c53c995e8705a]
    akadomains.ref                           File Size: 92        BYTES FileVersion:  N/A            MD5: [73d5774cbd8df165274a0691ae264808]
    akaips.ref                               File Size: 92        BYTES FileVersion:  N/A            MD5: [2a6869d1f91f0a0b87b1d27bd30ccc5c]
    cleanup.old                             File Size: 1971512   BYTES FileVersion:  1.3.11.0       MD5: [51b5bea5015b2e37c4f4d496441f8369]
    domains.ref                             File Size: 272859    BYTES FileVersion:  N/A            MD5: [5a6b79872e8fe1a7508d328b6dc6e4ee]
    exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    ips.ref                                 File Size: 14414     BYTES FileVersion:  N/A            MD5: [f32630e3f0fd1736e09f4ae4c305fe97]
    mbamdor.old                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [a994a921e954ba55bea4cc8767f64e0f]
    rules.ref                               File Size: 10353652  BYTES FileVersion:  N/A            MD5: [75e5767dae662e738898b9515eacc7f3]
    swissarmy.ref                           File Size: 26039     BYTES FileVersion:  N/A            MD5: [4f3270821b3bd82592310a00477f9526]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
    build.conf                               File Size: 4607      BYTES FileVersion:  N/A            MD5: [420cbbaeb39aaf47d6e24d57a8d27cfd]
    database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    license.conf                             File Size: 1484      BYTES FileVersion:  N/A            MD5: [c330024cb47dc9cdaa369fca873e029e]
    manifest.conf                           File Size: 3372      BYTES FileVersion:  N/A            MD5: [14319559c6bd1d9640397fcbff2996ae]
    marketing.conf                           File Size: 10950     BYTES FileVersion:  N/A            MD5: [14a6cf9d45ac419482fe1d53ce786434]
    net.conf                                 File Size: 6903      BYTES FileVersion:  N/A            MD5: [190bc1e1ee09fb172aac9861c28a7120]
    notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    scheduler.conf                           File Size: 2047      BYTES FileVersion:  N/A            MD5: [41aa7e0f8975e7d15ba7d45ba774fbfd]
    settings.conf                           File Size: 2059      BYTES FileVersion:  N/A            MD5: [cd3464a38949cec3a9993e74dc3a2f46]
    statistics.conf                         File Size: 513       BYTES FileVersion:  N/A            MD5: [080ac50f5331ee61396a858ab4f42e22]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
    build.conf                               File Size: 4194      BYTES FileVersion:  N/A            MD5: [402aa68f7a914337069a7a826a856503]
    database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
    manifest.conf                           File Size: 2836      BYTES FileVersion:  N/A            MD5: [12da8707e6aa5c2dfafca55395a8bdbd]
    marketing.conf                           File Size: 11105     BYTES FileVersion:  N/A            MD5: [4bbcad9dd8e558eb9996d32f37cd25e2]
    net.conf                                 File Size: 6133      BYTES FileVersion:  N/A            MD5: [78d9d986b84b11f36330303a86a2be82]
    notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
    settings.conf                           File Size: 1725      BYTES FileVersion:  N/A            MD5: [5454026126dac24f6e96eeb0c64123d3]
    statistics.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
    mbam-log-2015-09-29 (16-10-09).xml       File Size: 12382     BYTES FileVersion:  N/A            MD5: [d8cbd060f0bb055620960c4de9bff10b]
    protection-log-2015-09-29.xml           File Size: 8401      BYTES FileVersion:  N/A            MD5: [abfca95779e0ed02e768be5de51848b6]
     
    C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
    1244618722.data                         File Size: 727       BYTES FileVersion:  N/A            MD5: [130b97e7dbfa6c48655f0cdb008948ee]
    1244618722.quar                         File Size: 612       BYTES FileVersion:  N/A            MD5: [ab7ef6506af7dff5e665fa24d27dbd7f]
    2125102669.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    2468205678.data                         File Size: 758       BYTES FileVersion:  N/A            MD5: [ab2972d9840376bf5aeff1d874220c1d]
    2468205678.quar                         File Size: 434       BYTES FileVersion:  N/A            MD5: [38d779cb9f2d781e7e4e4adc722eac33]
    3527457289.data                         File Size: 904       BYTES FileVersion:  N/A            MD5: [fd163c00c4344c0501bb2c8c21b60d44]
    4038159469.data                         File Size: 809       BYTES FileVersion:  N/A            MD5: [c9280ed64cc850a0472e71816a67aae7]
    4135817329.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    4210840461.data                         File Size: 735       BYTES FileVersion:  N/A            MD5: [f70b4a6687099e12067d0d21002f77f4]
    4210840461.quar                         File Size: 550784    BYTES FileVersion:  N/A            MD5: [b9ef816f4851fd545cfc86a0f80869c0]
    5406734376.data                         File Size: 906       BYTES FileVersion:  N/A            MD5: [617179569871007dc7ecda2f882c9176]
    5920036566.data                         File Size: 906       BYTES FileVersion:  N/A            MD5: [1c44bff5899f2f54ba9820b38c43e9e0]
    6474615761.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    6827526453.data                         File Size: 721       BYTES FileVersion:  N/A            MD5: [bd9befb73d26dc742b7b708edb5085ce]
    6827526453.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    6948879030.data                         File Size: 715       BYTES FileVersion:  N/A            MD5: [ea12832e356a6dc79001e698111dde51]
    6948879030.quar                         File Size: 588       BYTES FileVersion:  N/A            MD5: [8c139bb5119f85455bafaa594a995dd0]
    7083067966.data                         File Size: 797       BYTES FileVersion:  N/A            MD5: [93358472b4ea3766fca73c72f6f1f5d9]
    7107675040.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    7328822470.data                         File Size: 873       BYTES FileVersion:  N/A            MD5: [7f0d79fa454c928b6673a151b2801cd4]
    7486177866.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
    8358523254.data                         File Size: 708       BYTES FileVersion:  N/A            MD5: [7092dfc385719b7365b5291844515dec]
    8358523254.quar                         File Size: 432       BYTES FileVersion:  N/A            MD5: [9e5e839fc48dc2067513443b9dd2d997]
    8850230913.quar                         File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
     
    Malware Exclusions:
    ===================
    Web Exclusions:
    ================
    Quarantined Items:
    ===================
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE
    Vendor: PUP.Optional.DNSUnlocker.BrwsrFlsh, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSNEWVILLE
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{C001DFBA-386D-409D-B849-A33FE6715974}|NameServer
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue
    Vendor: PUP.Optional.Amonetize, Date: 2015/09/29 14:10:12, Type: File, Location: C:\$Recycle.Bin\S-1-5-21-2865461670-3733210873-137151838-1001\$R8Q75GD.rar
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{15860623-9094-470D-B7C3-3E711CBC2414}|NameServer
    Vendor: Trojan.DNSChanger, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{FBB6B720-0343-4409-96F4-CA87E41B02B7}|NameServer
    Vendor: PUP.Optional.WebInstr, Date: 2015/09/29 14:10:12, Type: File, Location: C:\Windows\System32\drivers\Msft_Kernel_webinstrNew_01009.Wdf
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE
    Vendor: PUM.Security.Hijack.DisableChromeUpdates, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue
    Vendor: PUP.Optional.MarkIt, Date: 2015/09/29 14:10:12, Type: Registry Value, Location: HKU\S-1-5-21-2865461670-3733210873-137151838-1001\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{DF220B80-4ED5-C6B6-F9D5-EC3B90C85E24}
    Vendor: PUP.Optional.CloudScout, Date: 2015/09/29 14:10:12, Type: Registry Key, Location: HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
    ===============================================================
    END OF FILE
     


    #7 weplayjams

    weplayjams
    • Topic Starter

    • Members
    • 3 posts
    • OFFLINE
    •  
    • Local time:12:09 AM

    Posted 29 September 2015 - 09:48 AM

    All seems fine in Google

    ,again many Thanks.



    #8 dc3

    dc3

      Bleeping Treehugger


    • Members
    • 30,460 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Sierra Foothills of Northern Ca.
    • Local time:03:09 PM

    Posted 29 September 2015 - 09:55 AM

    You need to restart your computer in order to remove what was found. 

     

    Restart your computer and then run it again and post that log.  Each log has the date and time the scan was run.

     

    To get the proper log click on Computer, then Windows, then Logs, then CBS.  Find the log with the date of the scan you are going to run.  Post it in your topic.

     

    You still need to run the Junkware Removal Tool and check your browser using the instructions I posted initially.


    Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

     

     

     

     


    #9 dc3

    dc3

      Bleeping Treehugger


    • Members
    • 30,460 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Sierra Foothills of Northern Ca.
    • Local time:03:09 PM

    Posted 29 September 2015 - 10:00 AM

    There is one other scan I want you to run.

     

    Please run TDSSKiller.
     
    Please download TDSSKiller from here and save it to your Desktop.
     
    The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
     
    1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
     
    tdss1_zps90132559.png
     
    2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
     
    If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
     
    tdsskillermultiple_zps472c18eb.png
     
    3.  Click Start Scan and allow the scan process to run.
     
    tdss4_zps6792a13c.png
     
    4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
     
    ***Do NOT select Delete!
     
    Click on Continue.
     
    tdss5_zps98fc5887.png
     
    5.  Click on Reboot computer.
     
    Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.
     
    Note:  The log may be very long.  You may need to break it into parts to post the whole log.

    Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

     

     

     

     





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users