Jump to content

Search the Community

Showing results for tags 'pup.optional.maxsecuresoftware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 3 results

  1. What is FolderSecure? FolderSecure is a filesystem protector that triggers our PUP detection rules. By doing so we offer users a choice to consider whether they want to use this software. More information can be found on our Malwarebytes Labs blog. How do I know if I am affected by FolderSecure? This is how the main screen of the filesystem protector looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see this type of windows during install: and this type of screens during operations: You may see this entry in your list of installed programs: How did FolderSecure get on my computer? These so-called filesystem protectors use different methods of getting installed. This particular one was downloaded from their website. How do I remove FolderSecure? Our program Malwarebytes can detect and remove this PUP. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of FolderSecure? No, Malwarebytes removes FolderSecure completely. What if I want to keep FolderSecure? Should users wish to keep this program and exclude it from being detected in future scans, they can add the program to the exclusions list. Here’s how to do it. Open Malwarebytes for Windows. Click the Detection History Click the Allow List To add an item to the Allow List, click Add. Select the exclusion type Allow a file or folder and use the Select a folder button to select the main folder for the software that you wish to keep. Repeat this for any secondary files or folder(s) that belong to the software. If you want to allow the program to connect to the Internet, for example to fetch updates, also add an exclusion of the type Allow an application to connect to the internet and use the Browse button to select the file you wish to grant access. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you in dealing with this filesystem protector. As you can see below the full version of Malwarebytes would have warned you against the FolderSecure installer. Technical details for experts You may see these entries in FRST logs: (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Program Files\Folder Secure\FSecure_GUI.exe (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Program Files\Folder Secure\FSecure_PD.exe (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Program Files\Folder Secure\MSVistaService.exe HKCU\...\Run: [MaxDownloadMgr] => C:\Users\{username}\Desktop\MaxfoldersecureDM.exe [577624 2021-05-11] (Max Secure Software India Pvt. Ltd. -> Max Secure Software) R2 MSVistaSvc; C:\Program Files\Folder Secure\MSVistaService.exe [430872 2019-08-01] (Max Secure Software India Private Ltd. -> Max Secure Software) S2 FolderSecure; C:\Windows\System32\drivers\FolderSecure.sys [36120 2019-08-01] (Max Secure Software India Private Ltd. -> ) C:\Users\Public\Desktop\FolderSecure.lnk C:\ProgramData\Desktop\FolderSecure.lnk C:\Windows\system32\FSecure C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Secure C:\ProgramData\Max Secure C:\Program Files\Folder Secure C:\Windows\system32\Drivers\FolderSecure.sys (Max Secure Software ) C:\Users\{username}\Desktop\foldersecurex64.exe C:\Users\{username}\AppData\Local\Max Secure Software (Max Secure Software) C:\Users\{username}\Desktop\MaxfoldersecureDM.exe FolderSecure (HKLM\...\{7D40F884-ACA2-4F81-974D-38EC1890A564}_is1) (Version: 2.4 - Max Secure Software) ContextMenuHandlers1: [ShellExt] -> {CB90FAC3-D165-4AFC-92F0-365D11D1EE9C} => C:\Program Files\Folder Secure\MFG_ShellExt.dll [2019-08-01] (Max Secure Software India Private Ltd. -> Max Secure Software) ContextMenuHandlers4: [ShellExt] -> {CB90FAC3-D165-4AFC-92F0-365D11D1EE9C} => C:\Program Files\Folder Secure\MFG_ShellExt.dll [2019-08-01] (Max Secure Software India Private Ltd. -> Max Secure Software) Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files\Folder Secure Adds the file CheckDll.dll"="8/1/2019 11:59 AM, 844056 bytes, A Adds the file FileGuardTips.dll"="8/1/2019 12:00 PM, 357656 bytes, A Adds the file FSecure_GUI.exe"="8/1/2019 12:00 PM, 1488152 bytes, A Adds the file FSecure_PD.exe"="8/1/2019 12:00 PM, 855320 bytes, A Adds the file FSecureHelp.chm"="5/23/2013 12:08 PM, 119517 bytes, A Adds the file HookNTQSI.dll"="8/1/2019 12:00 PM, 194840 bytes, A Adds the file logo.ico"="5/23/2013 12:08 PM, 7194 bytes, A Adds the file MFG_ShellExt.dll"="8/1/2019 12:00 PM, 323352 bytes, A Adds the file MSVistaService.exe"="8/1/2019 12:00 PM, 430872 bytes, A Adds the file Remove.dll"="8/1/2019 11:59 AM, 324376 bytes, A Adds the file unins000.dat"="5/11/2021 8:45 AM, 7328 bytes, A Adds the file unins000.exe"="5/11/2021 8:44 AM, 735000 bytes, A Adds the file unins000.msg"="5/11/2021 8:45 AM, 11401 bytes, A Adds the file VchRegX64.dll"="8/1/2019 10:54 AM, 1548056 bytes, A Adds the file VoucherLog.txt"="5/11/2021 8:46 AM, 4552 bytes, A Adds the folder C:\ProgramData\Max Secure\Max PC Secure Adds the file SysFS.dll"="5/11/2021 8:46 AM, 63 bytes, A Adds the folder C:\Users\{username}\AppData\Local\Max Secure Software\MaxDownloadTemp Adds the file maxdownloader.log"="5/11/2021 8:47 AM, 23792 bytes, A In the existing folder C:\Users\{username}\Desktop Adds the file foldersecurex64.exe"="5/11/2021 8:43 AM, 2998536 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file FolderSecure.lnk"="5/11/2021 8:45 AM, 862 bytes, A In the existing folder C:\Windows Adds the file isRS-000.tmp"="5/11/2021 8:45 AM, 735000 bytes, A Adds the file system32RegistryCleaner.txt"="5/11/2021 8:45 AM, 120 bytes, A In the existing folder C:\Windows\system Adds the file SysFS.dll"="5/23/2013 12:08 PM, 0 bytes, A In the existing folder C:\Windows\System32 Alters the file 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 5/11/2021 8:32 AM, 30880 bytes, HA ==> 5/11/2021 8:42 AM, 30880 bytes, HA Alters the file 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 5/11/2021 8:32 AM, 30880 bytes, HA ==> 5/11/2021 8:42 AM, 30880 bytes, HA Adds the file MFC71.dll"="5/23/2013 12:08 PM, 1060864 bytes, A Adds the file MSVCI70.DLL"="5/23/2013 12:08 PM, 54784 bytes, A Adds the file msvcp71.dll"="5/23/2013 12:08 PM, 499712 bytes, A Adds the file msvcr71.dll"="5/23/2013 12:08 PM, 348160 bytes, A In the existing folder C:\Windows\System32\drivers Adds the file FolderSecure.sys"="8/1/2019 12:06 PM, 36120 bytes, A Adds the folder C:\Windows\System32\FSecure Adds the file F_PD.ini"="5/23/2013 12:08 PM, 0 bytes, A Adds the file FiLeOCK.ini"="5/23/2013 12:08 PM, 0 bytes, A Adds the file FSecure_PD.ini"="5/23/2013 12:08 PM, 54 bytes, A Adds the file Tips.txt"="5/23/2013 12:08 PM, 582 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ShellExt] "(Default)"="REG_SZ", "{CB90FAC3-D165-4AFC-92F0-365D11D1EE9C}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{16C655EF-0B08-4789-8D3C-4FB15A79C5BA}] "(Default)"="REG_SZ", "MFG_ShellExt" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{18A66A06-1894-4813-8D35-587A185B0465}] "(Default)"="REG_SZ", "FileGuardTips" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\FileGuardTips.DLL] "AppID"="REG_SZ", "{18A66A06-1894-4813-8D35-587A185B0465}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\MFG_ShellExt.DLL] "AppID"="REG_SZ", "{16C655EF-0B08-4789-8D3C-4FB15A79C5BA}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4D50831-BAAC-49A4-8E2D-A558973405B3}] "(Default)"="REG_SZ", "FGTips Class" "AppID"="REG_SZ", "{18A66A06-1894-4813-8D35-587A185B0465}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4D50831-BAAC-49A4-8E2D-A558973405B3}\InprocServer32] "(Default)"="REG_SZ", "C:\Program Files\Folder Secure\FileGuardTips.dll" "ThreadingModel"="REG_SZ", "Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4D50831-BAAC-49A4-8E2D-A558973405B3}\ProgID] "(Default)"="REG_SZ", "FileGuardTips.FGTips.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CB90FAC3-D165-4AFC-92F0-365D11D1EE9C}] "(Default)"="REG_SZ", "ShellExt Class" "AppID"="REG_SZ", "{16C655EF-0B08-4789-8D3C-4FB15A79C5BA}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CB90FAC3-D165-4AFC-92F0-365D11D1EE9C}\InprocServer32] "(Default)"="REG_SZ", "C:\Program Files\Folder Secure\MFG_ShellExt.dll" "ThreadingModel"="REG_SZ", "Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B7238614-F8F8-49A2-A665-438F6DABCFB3}] "(Default)"="REG_SZ", "IFGTips" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BCAE9ADB-7D3B-4407-9F10-BE47FF0D438F}] "(Default)"="REG_SZ", "IShellExt" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{B7238614-F8F8-49A2-A665-438F6DABCFB3}\ProxyStubClsid32] "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{BCAE9ADB-7D3B-4407-9F10-BE47FF0D438F}] "(Default)"="REG_SZ", "IShellExt" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\FOLDERSECURE] "A"="REG_SZ", "0" "B"="REG_SZ", "" "Size"="REG_DWORD", 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D40F884-ACA2-4F81-974D-38EC1890A564}_is1] "DisplayIcon"="REG_SZ", "C:\Program Files\Folder Secure\logo.ico" "DisplayName"="REG_SZ", "FolderSecure" "DisplayVersion"="REG_SZ", "2.4" "EstimatedSize"="REG_DWORD", 9012 "HelpLink"="REG_SZ", "http://www.maxpcsecure.com" "Inno Setup: App Path"="REG_SZ", "C:\Program Files\Folder Secure" "Inno Setup: Deselected Tasks"="REG_SZ", "" "Inno Setup: Icon Group"="REG_SZ", "Folder Secure" "Inno Setup: Language"="REG_SZ", "default" "Inno Setup: Selected Tasks"="REG_SZ", "desktopicon" "Inno Setup: Setup Version"="REG_SZ", "5.6.1 (a)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20210511" "InstallLocation"="REG_SZ", "C:\Program Files\Folder Secure\" "MajorVersion"="REG_DWORD", 2 "MinorVersion"="REG_DWORD", 4 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Max Secure Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files\Folder Secure\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files\Folder Secure\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.maxpcsecure.com" "URLUpdateInfo"="REG_SZ", "http://www.maxpcsecure.com" "VersionMajor"="REG_DWORD", 2 "VersionMinor"="REG_DWORD", 4 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FolderSecure] "DependOnService"="REG_MULTI_SZ, "FltMgr " "DisplayName"="REG_SZ", "FolderSecure" "ErrorControl"="REG_DWORD", 1 "Group"="REG_SZ", "FSFilter Anti-Virus" "ImagePath"="REG_EXPAND_SZ, "System32\drivers\FolderSecure.sys" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 2 "WOW64"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FolderSecure\Instances] "DefaultInstance"="REG_SZ", "FolderSecure Instance" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FolderSecure\Instances\FolderSecure Instance] "Altitude"="REG_SZ", "328114" "Flags"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSVistaSvc] "DisplayName"="REG_SZ", "MSVistaSvc" "ErrorControl"="REG_DWORD", 1 "ImagePath"="REG_EXPAND_SZ, "C:\Program Files\Folder Secure\MSVistaService.exe" "ObjectName"="REG_SZ", "LocalSystem" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 16 "WOW64"="REG_DWORD", 1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MaxDownloadMgr"="REG_SZ", ""C:\Users\{username}\Desktop\MaxfoldersecureDM.exe"" Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/11/21 Scan Time: 10:04 AM Log File: 94114ee2-b22f-11eb-bd4e-080027235d76.json -Software Information- Version: 4.3.0.98 Components Version: 1.0.1292 Update Package Version: 1.0.40318 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {username}-PC\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 234128 Threats Detected: 56 Threats Quarantined: 56 Time Elapsed: 3 min, 3 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 2 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\MSVISTASERVICE.EXE, Quarantined, 765, 937530, , , , , DD63D190B2313D89BEBDB11CC3C04A86, FFB9C3D9D2D74D0B3ECA4589B9C6FCF21C49F000792E68BEDDD0B4601B49B713 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\FSECURE_PD.EXE, Quarantined, 765, 937530, , , , , 270661A6892FE042221CFE942F03CE6A, 03D2B6B111E483E586BC61B85C4350903DC065C0653F5A5CF0DC61501E67D71D Module: 10 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\MSVISTASERVICE.EXE, Quarantined, 765, 937530, , , , , DD63D190B2313D89BEBDB11CC3C04A86, FFB9C3D9D2D74D0B3ECA4589B9C6FCF21C49F000792E68BEDDD0B4601B49B713 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\HOOKNTQSI.DLL, Quarantined, 765, 937530, , , , , 7DB9EB0B3878FE2C2ABC9ECF598F49D3, 757D069ACDA375ED253701A6837805127D78E9666B007451C44EC968D19B3228 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\HOOKNTQSI.DLL, Quarantined, 765, 937530, , , , , 7DB9EB0B3878FE2C2ABC9ECF598F49D3, 757D069ACDA375ED253701A6837805127D78E9666B007451C44EC968D19B3228 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\HOOKNTQSI.DLL, Quarantined, 765, 937530, , , , , 7DB9EB0B3878FE2C2ABC9ECF598F49D3, 757D069ACDA375ED253701A6837805127D78E9666B007451C44EC968D19B3228 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\HOOKNTQSI.DLL, Quarantined, 765, 937530, , , , , 7DB9EB0B3878FE2C2ABC9ECF598F49D3, 757D069ACDA375ED253701A6837805127D78E9666B007451C44EC968D19B3228 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\HOOKNTQSI.DLL, Quarantined, 765, 937530, , , , , 7DB9EB0B3878FE2C2ABC9ECF598F49D3, 757D069ACDA375ED253701A6837805127D78E9666B007451C44EC968D19B3228 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\HOOKNTQSI.DLL, Quarantined, 765, 937530, , , , , 7DB9EB0B3878FE2C2ABC9ECF598F49D3, 757D069ACDA375ED253701A6837805127D78E9666B007451C44EC968D19B3228 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\HOOKNTQSI.DLL, Quarantined, 765, 937530, , , , , 7DB9EB0B3878FE2C2ABC9ECF598F49D3, 757D069ACDA375ED253701A6837805127D78E9666B007451C44EC968D19B3228 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\FSECURE_PD.EXE, Quarantined, 765, 937530, , , , , 270661A6892FE042221CFE942F03CE6A, 03D2B6B111E483E586BC61B85C4350903DC065C0653F5A5CF0DC61501E67D71D PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\MFG_SHELLEXT.DLL, Quarantined, 765, 937530, , , , , D0EAD64C7BEDED0D84CBBC620F5B86B3, E0FB1AE9523CE3629A3287BEDD667C2E5041A8C4650497029F473EFEFAAB53B5 Registry Key: 23 PUP.Optional.MaxSecureSoftware, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MSVistaSvc, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{CB90FAC3-D165-4AFC-92F0-365D11D1EE9C}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\MFG_ShellExt.ShellExt, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\MFG_ShellExt.ShellExt.1, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\TYPELIB\{3ABA7A9C-2040-4113-AA29-EB21339BE860}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\INTERFACE\{BCAE9ADB-7D3B-4407-9F10-BE47FF0D438F}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BCAE9ADB-7D3B-4407-9F10-BE47FF0D438F}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BCAE9ADB-7D3B-4407-9F10-BE47FF0D438F}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{3ABA7A9C-2040-4113-AA29-EB21339BE860}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{3ABA7A9C-2040-4113-AA29-EB21339BE860}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{CB90FAC3-D165-4AFC-92F0-365D11D1EE9C}\InprocServer32, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\FolderSecure, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{C4D50831-BAAC-49A4-8E2D-A558973405B3}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\FileGuardTips.FGTips, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\FileGuardTips.FGTips.1, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\TYPELIB\{761D3D39-F77F-4B91-A024-41EF7722B545}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\INTERFACE\{B7238614-F8F8-49A2-A665-438F6DABCFB3}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B7238614-F8F8-49A2-A665-438F6DABCFB3}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B7238614-F8F8-49A2-A665-438F6DABCFB3}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{761D3D39-F77F-4B91-A024-41EF7722B545}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{761D3D39-F77F-4B91-A024-41EF7722B545}, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{C4D50831-BAAC-49A4-8E2D-A558973405B3}\InprocServer32, Quarantined, 765, 937530, , , , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7D40F884-ACA2-4F81-974D-38EC1890A564}_is1, Quarantined, 765, 937530, , , , , , Registry Value: 1 PUP.Optional.MaxSecureSoftware, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MaxDownloadMgr, Quarantined, 765, 937531, , , , , , Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 3 PUP.Optional.MaxSecureSoftware, C:\Users\{username}\AppData\Local\Max Secure Software\MaxDownloadTemp, Quarantined, 765, 393078, , , , , , PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\APPDATA\LOCAL\MAX SECURE SOFTWARE, Quarantined, 765, 393078, 1.0.40318, , ame, , , PUP.Optional.MaxSecureSoftware, C:\PROGRAMDATA\MAX SECURE\MAX PC SECURE, Quarantined, 765, 393093, 1.0.40318, , ame, , , File: 17 PUP.Optional.MaxSecureSoftware, C:\Users\{username}\AppData\Local\Max Secure Software\MaxDownloadTemp\maxdownloader.log, Quarantined, 765, 393078, , , , , 709E49E7FCB892B8C9AC88C104E37198, 145A7FF8C57EEE40561E9D80E16F6A3E75965A76E892767F2CB131A437DAAEA3 PUP.Optional.MaxSecureSoftware, C:\ProgramData\Max Secure\Max PC Secure\SysFS.dll, Quarantined, 765, 393093, , , , , 8E28A146EC8758B6412BBF30763C81DB, B5F9942E6A9259A34DA8D8588C56CCA8BA9471B655FE805612E069D45639D969 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\MSVISTASERVICE.EXE, Quarantined, 765, 937530, 1.0.40318, , ame, , DD63D190B2313D89BEBDB11CC3C04A86, FFB9C3D9D2D74D0B3ECA4589B9C6FCF21C49F000792E68BEDDD0B4601B49B713 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\HOOKNTQSI.DLL, Quarantined, 765, 937530, 1.0.40318, , ame, , 7DB9EB0B3878FE2C2ABC9ECF598F49D3, 757D069ACDA375ED253701A6837805127D78E9666B007451C44EC968D19B3228 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\FSECURE_PD.EXE, Quarantined, 765, 937530, 1.0.40318, , ame, , 270661A6892FE042221CFE942F03CE6A, 03D2B6B111E483E586BC61B85C4350903DC065C0653F5A5CF0DC61501E67D71D PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\MFG_SHELLEXT.DLL, Quarantined, 765, 937530, 1.0.40318, , ame, , D0EAD64C7BEDED0D84CBBC620F5B86B3, E0FB1AE9523CE3629A3287BEDD667C2E5041A8C4650497029F473EFEFAAB53B5 PUP.Optional.MaxSecureSoftware, C:\WINDOWS\SYSTEM32\DRIVERS\FOLDERSECURE.SYS, Quarantined, 765, 937530, 1.0.40318, , ame, , 2550AD9B21030FFB07233252BD681693, B61E2433C7F9370EE9A79248260A24EEDE88CADA6A9E9D5D3FD8A61E5EA01976 PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\DESKTOP\MAXFOLDERSECUREDM.EXE, Quarantined, 765, 937531, 1.0.40318, , ame, , ABE3138C202B83350494AF2ECA725EBB, 1E23C5557FB5D96B60B9FDC8C2D7BC06E76ECB5B57DCFE7A8679292086BA2B5D PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\FILEGUARDTIPS.DLL, Quarantined, 765, 937530, 1.0.40318, , ame, , 33BEC57657F9A60911F7FE9FF88EAA2E, 90102E617D309D9D197F563EECCAE2836E3BDEF47A8546E1B98ECF91A102EBFE PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\UNINS000.EXE, Quarantined, 765, 937530, 1.0.40318, , ame, , 11C0B3CAF5B229333C2C510FFDEB6A33, 29807AFA729253567C50ED30B22899A9374765F378A7A1985AF4859B361AC2CA PUP.Optional.MaxSecureSoftware, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\FolderSecure.lnk, Quarantined, 765, 937530, , , , , 8AB5D979A373438B370F3A13A55A6BEB, 8A101296CBFCC7CD351323B8425705418DF4082B21F068C2795395FD5604F92D PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\FSECURE_GUI.EXE, Quarantined, 765, 937530, 1.0.40318, , ame, , 0DA761A1150C2EB88AE2E351FEA9F14E, C5447C44806FF9AD8FC262778B08FD09B16D377FC23010210B093E9AE584C777 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\CHECKDLL.DLL, Quarantined, 765, 937530, 1.0.40318, , ame, , 7B2B2F84284A0B17B476EB603DECDAE2, CED29643A7DCA7E88CC8F59504DEC7F1C69F85E5C44786A9D5B24F569107DECA PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\FOLDER SECURE\REMOVE.DLL, Quarantined, 765, 937530, 1.0.40318, , ame, , 76175031B7A65611DD79FCE76FADE51D, 81D11DB5314509465E03443A52C15ECDF1CF731D03B412C8E467FA9DCFDEDDDF PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\DOWNLOADS\FOLDERSECUREX64.EXE, Quarantined, 765, 937530, 1.0.40318, , ame, , 2FC36778984A19422887FA3AF045931E, 39BE70C3ED712B28310DBC8AC46C6CE90A9C918BF79C4BCB3458C29644209844 PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\DESKTOP\FOLDERSECUREX64.EXE, Quarantined, 765, 937530, 1.0.40318, , ame, , 2FC36778984A19422887FA3AF045931E, 39BE70C3ED712B28310DBC8AC46C6CE90A9C918BF79C4BCB3458C29644209844 PUP.Optional.MaxSecureSoftware, C:\WINDOWS\ISRS-000.TMP, Quarantined, 765, 937530, 1.0.40318, , ame, , 11C0B3CAF5B229333C2C510FFDEB6A33, 29807AFA729253567C50ED30B22899A9374765F378A7A1985AF4859B361AC2CA Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this potentially unwanted program. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  2. What is Max File Shredder? The Malwarebytes research team has determined that Max File Shredder is a potentially unwanted program (PUP). How do I know if I am infected with Max File Shredder? This is how the main screen of the PUP looks: You will find these icons in your taskbar, your startmenu, and on your desktop: and see these warnings during install: and this type of screen during "operations": You may see this entry in your list of installed programs: How did Max File Shredder get on my computer? These PUPs use different methods of getting installed. This particular one was downloaded from their website: How do I remove Max File Shredder? Our program Malwarebytes can detect and remove this potentially unwanted application. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Max File Shredder? No, Malwarebytes removes Max File Shredder completely. This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks. How would the full version of Malwarebytes help protect me? We hope our application and this guide have helped you eradicate this PUP. As you can see below the full version of Malwarebytes would have protected you against the Max File Shredder installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. and both Malwarebytes Premium and Browser Guard block access to their domain: Technical details for experts You may see these entries in FRST logs: (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Program Files\Max File Shredder\MaxFileShredder.exe (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Program Files\Max File Shredder\MFSSystemTray.exe (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Program Files\Max File Shredder\MFSVistaService.exe HKLM\...\Run: [MaxFileShredder] => C:\Program Files\Max File Shredder\MFSSystemTray.exe [521952 2019-08-01] (Max Secure Software India Private Ltd. -> Max Secure Software) HKLM\...\Run: [MFileShredderAutoScan] => C:\Program Files\Max File Shredder\MaxFileShredder.exe [4095768 2019-08-01] (Max Secure Software India Private Ltd. -> Max Secure Software) R2 MFSVistaSvc; C:\Program Files\Max File Shredder\MFSVistaService.exe [435480 2019-08-01] (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Users\Public\Desktop\Max File Shredder.lnk C:\ProgramData\Desktop\Max File Shredder.lnk C:\Windows\system32RegistryCleaner.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max File Shredder C:\ProgramData\Max Secure C:\Program Files\Max File Shredder (Max Secure Software ) C:\Users\{username}\Desktop\MaxFileShredderx64.exe C:\Users\{username}\AppData\Local\Max Secure Software Max File Shredder (HKLM\...\Max File Shredder_is1) (Version: 2.0.0.11 - Max Secure Software) Significant alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files\Max File Shredder Adds the file CheckDll.dll"="8/1/2019 11:57 AM, 835352 bytes, A Adds the file CloseAll.exe"="8/1/2019 11:59 AM, 272152 bytes, A Adds the file Eraser.dll"="8/1/2019 11:59 AM, 1292056 bytes, A Adds the file IPExVB.dll"="8/1/2019 11:59 AM, 2424088 bytes, A Adds the file MaxFileShredder.chm"="4/20/2015 2:11 PM, 563033 bytes, A Adds the file MaxFileShredder.exe"="8/1/2019 11:59 AM, 4095768 bytes, A Adds the file MFSPopup.exe"="8/1/2019 11:59 AM, 788760 bytes, A Adds the file MFSSystemTray.exe"="8/1/2019 11:59 AM, 521952 bytes, A Adds the file MFSVistaService.exe"="8/1/2019 11:59 AM, 435480 bytes, A Adds the file Setup.ini"="12/11/2013 11:57 PM, 932 bytes, A Adds the file unins000.dat"="3/18/2020 10:19 AM, 17579 bytes, A Adds the file unins000.exe"="3/18/2020 10:18 AM, 740632 bytes, A Adds the file unins000.msg"="3/18/2020 10:19 AM, 11401 bytes, A Adds the file VchRegX64.dll"="8/1/2019 11:54 AM, 1548056 bytes, A Adds the file VoucherLog.txt"="3/18/2020 10:23 AM, 16496 bytes, A Adds the folder C:\Program Files\Max File Shredder\Icons Adds the file FileShredder.ico"="12/11/2013 11:57 PM, 12918 bytes, A Adds the folder C:\Program Files\Max File Shredder\Log Adds the file Log.Log"="12/11/2013 11:57 PM, 0 bytes, A Adds the folder C:\Program Files\Max File Shredder\PlugIns Adds the file AbsoluteFTP.wp"="12/11/2013 11:57 PM, 373 bytes, A Adds the file ACDSEE Photo Viewer v3.wp"="12/11/2013 11:57 PM, 1052 bytes, A Adds the file Adaptec Easy CD Creator v4.wp"="12/11/2013 11:57 PM, 381 bytes, A Adds the file Adobe Acrobat Reader v3.0.wp"="12/11/2013 11:57 PM, 1152 bytes, A Adds the file Adobe Acrobat Reader v3.1.wp"="12/11/2013 11:57 PM, 1112 bytes, A Adds the file Adobe Acrobat Reader v4.0.wp"="12/11/2013 11:57 PM, 1192 bytes, A Adds the file Adobe Photoshop v5.0 LE.wp"="12/11/2013 11:57 PM, 1471 bytes, A Adds the file Adobe Photoshop v5.5.wp"="12/11/2013 11:57 PM, 1688 bytes, A Adds the file Adobe Photoshop v5.wp"="12/11/2013 11:57 PM, 1505 bytes, A Adds the file Adobe Photoshop v6.0.wp"="12/11/2013 11:57 PM, 499 bytes, A Adds the file ASPack.wp"="12/11/2013 11:57 PM, 1133 bytes, A Adds the file Cabinet Manager.wp"="12/11/2013 11:57 PM, 471 bytes, A Adds the file Copernic 2000 Pro.wp"="12/11/2013 11:57 PM, 371 bytes, A Adds the file Copernic 2000.wp"="12/11/2013 11:57 PM, 363 bytes, A Adds the file Cute FTP v3.0.wp"="12/11/2013 11:57 PM, 549 bytes, A Adds the file Cute FTP v4.0.wp"="12/11/2013 11:57 PM, 549 bytes, A Adds the file Delphi v3.wp"="12/11/2013 11:57 PM, 519 bytes, A Adds the file Delphi v4.wp"="12/11/2013 11:57 PM, 574 bytes, A Adds the file Delphi v5.wp"="12/11/2013 11:57 PM, 574 bytes, A Adds the file DiskKeeper v5.wp"="12/11/2013 11:57 PM, 354 bytes, A Adds the file Download Accelerator.wp"="12/11/2013 11:57 PM, 541 bytes, A Adds the file Eudora Mail.wp"="12/11/2013 11:57 PM, 675 bytes, A Adds the file FTP Explorer.wp"="12/11/2013 11:57 PM, 366 bytes, A Adds the file GetRight ExplorerBar.wp"="12/11/2013 11:57 PM, 390 bytes, A Adds the file GetRight v4.wp"="12/11/2013 11:57 PM, 626 bytes, A Adds the file GoZilla.wp"="12/11/2013 11:57 PM, 486 bytes, A Adds the file Helios TextPad v3.wp"="12/11/2013 11:57 PM, 5965 bytes, A Adds the file Helios TextPad v4.wp"="12/11/2013 11:57 PM, 5965 bytes, A Adds the file HelpWriter.wp"="12/11/2013 11:57 PM, 999 bytes, A Adds the file Icon Extractor.wp"="12/11/2013 11:57 PM, 398 bytes, A Adds the file ICQ 2000a.wp"="12/11/2013 11:57 PM, 1114 bytes, A Adds the file InstallShield Express.wp"="12/11/2013 11:57 PM, 448 bytes, A Adds the file JASC Paintshop Pro v5.wp"="12/11/2013 11:57 PM, 1919 bytes, A Adds the file JASC Paintshop Pro v6.wp"="12/11/2013 11:57 PM, 2159 bytes, A Adds the file JASC Paintshop Pro v7.wp"="12/11/2013 11:57 PM, 2157 bytes, A Adds the file Jet PhotoShell v1.2.wp"="12/11/2013 11:57 PM, 569 bytes, A Adds the file Macromedia Flash v4.0.wp"="12/11/2013 11:57 PM, 509 bytes, A Adds the file MasterSplitter v2.1.wp"="12/11/2013 11:57 PM, 374 bytes, A Adds the file McAfee Virus Scan v4.wp"="12/11/2013 11:57 PM, 804 bytes, A Adds the file Microangelo 98.wp"="12/11/2013 11:57 PM, 442 bytes, A Adds the file Micrografx Picture Publisher v7.wp"="12/11/2013 11:57 PM, 1238 bytes, A Adds the file Micrografx Picture Publisher v8.wp"="12/11/2013 11:57 PM, 1238 bytes, A Adds the file Microsoft FrontPage Express.wp"="12/11/2013 11:57 PM, 687 bytes, A Adds the file Microsoft FrontPage.wp"="12/11/2013 11:57 PM, 1694 bytes, A Adds the file Microsoft Help Workshop.wp"="12/11/2013 11:57 PM, 385 bytes, A Adds the file Microsoft HTML Help.wp"="12/11/2013 11:57 PM, 410 bytes, A Adds the file Microsoft Office- Word.wp"="12/11/2013 11:57 PM, 1515 bytes, A Adds the file Microsoft Office-Access.wp"="12/11/2013 11:57 PM, 2715 bytes, A Adds the file Microsoft Office-Excel.wp"="12/11/2013 11:57 PM, 1461 bytes, A Adds the file Microsoft Office-Photo Editor.wp"="12/11/2013 11:57 PM, 2680 bytes, A Adds the file Microsoft Office-Power Point.wp"="12/11/2013 11:57 PM, 1337 bytes, A Adds the file Microsoft Publisher 2000.wp"="12/11/2013 11:57 PM, 362 bytes, A Adds the file Microsoft Send-To Extensions.wp"="12/11/2013 11:57 PM, 406 bytes, A Adds the file Microsoft Windows Paint.wp"="12/11/2013 11:57 PM, 727 bytes, A Adds the file Microsoft Windows WordPad.wp"="12/11/2013 11:57 PM, 737 bytes, A Adds the file Napster Music Community.wp"="12/11/2013 11:57 PM, 699 bytes, A Adds the file NEATO Labels.wp"="12/11/2013 11:57 PM, 621 bytes, A Adds the file NeoPlanet v5.wp"="12/11/2013 11:57 PM, 611 bytes, A Adds the file Norton AntiVirus 2000 (v6).wp"="12/11/2013 11:57 PM, 460 bytes, A Adds the file Norton File Manager.wp"="12/11/2013 11:57 PM, 583 bytes, A Adds the file Norton Utilities 2000.wp"="12/11/2013 11:57 PM, 598 bytes, A Adds the file NoteTab Pro.wp"="12/11/2013 11:57 PM, 7491 bytes, A Adds the file Opera Browser v4.02 Final.wp"="12/11/2013 11:57 PM, 658 bytes, A Adds the file Opera Browser.wp"="12/11/2013 11:57 PM, 644 bytes, A Adds the file PackageForTheWeb.wp"="12/11/2013 11:57 PM, 1027 bytes, A Adds the file Personal Ancestral File.wp"="12/11/2013 11:57 PM, 399 bytes, A Adds the file Real Audio Player v6 v7 v8.wp"="12/11/2013 11:57 PM, 1541 bytes, A Adds the file Real Download v4.wp"="12/11/2013 11:57 PM, 636 bytes, A Adds the file SureThing CD Labeler.wp"="12/11/2013 11:57 PM, 361 bytes, A Adds the file Telnet.wp"="12/11/2013 11:57 PM, 540 bytes, A Adds the file Ulead Gif Animator v4.0.wp"="12/11/2013 11:57 PM, 392 bytes, A Adds the file Ulead Photo Explorer v4.2.wp"="12/11/2013 11:57 PM, 1310 bytes, A Adds the file Ulead Photo Viewer v4.0.wp"="12/11/2013 11:57 PM, 392 bytes, A Adds the file Ulead PhotoImpact v5.wp"="12/11/2013 11:57 PM, 388 bytes, A Adds the file Ulead PhotoImpact Viewer v4.wp"="12/11/2013 11:57 PM, 396 bytes, A Adds the file UltraEdit v4.wp"="12/11/2013 11:57 PM, 624 bytes, A Adds the file UltraEdit v7.wp"="12/11/2013 11:57 PM, 1057 bytes, A Adds the file Web Ferret v3.wp"="12/11/2013 11:57 PM, 394 bytes, A Adds the file WinOnCD.wp"="12/11/2013 11:57 PM, 604 bytes, A Adds the file WinRar v2.6.wp"="12/11/2013 11:57 PM, 407 bytes, A Adds the file WinRar v2.70.wp"="12/11/2013 11:57 PM, 434 bytes, A Adds the file WinZip v7.wp"="12/11/2013 11:57 PM, 607 bytes, A Adds the file WinZip v8.wp"="12/11/2013 11:57 PM, 607 bytes, A Adds the file Wise Installer.wp"="12/11/2013 11:57 PM, 685 bytes, A Adds the file Yahoo Player.wp"="12/11/2013 11:57 PM, 565 bytes, A Adds the file ZipMagic 2000.wp"="12/11/2013 11:57 PM, 1098 bytes, A Adds the file Zone Alarm.wp"="12/11/2013 11:57 PM, 328 bytes, A Adds the folder C:\ProgramData\Max Secure\Max PC Secure Adds the file SysMFS.dll"="3/18/2020 10:23 AM, 63 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max File Shredder Adds the file Max File Shredder.lnk"="3/18/2020 10:19 AM, 1832 bytes, A Adds the file Uninstall Max File Shredder.lnk"="3/18/2020 10:19 AM, 1797 bytes, A Adds the folder C:\Users\{username}\AppData\Local\Max Secure Software\MaxDownloadTemp Adds the file maxdownloader.log"="3/18/2020 10:18 AM, 295 bytes, A In the existing folder C:\Users\{username}\Desktop Adds the file MaxFileShredderx64.exe"="3/18/2020 10:18 AM, 3774536 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file Max File Shredder.lnk"="3/18/2020 10:19 AM, 1814 bytes, A In the existing folder C:\Windows Adds the file system32RegistryCleaner.txt"="3/18/2020 10:19 AM, 120 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CEKOpera.CEKOpera] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CEKOpera.CEKOpera.1\CLSID] "(Default)"="REG_SZ", "{8AC459C4-2872-442A-9B47-BA22DDC4960E}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F770852-A82B-4642-BA37-A856A605AF73}] "(Default)"="REG_SZ", "EKMail Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1039E24B-3B74-4AA6-BA0C-134E4250AC12}] "(Default)"="REG_SZ", "EKMode Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27208D3D-CFAA-4372-96A6-E5BC6C7F655D}] "(Default)"="REG_SZ", "EKChat Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DBAEC01-0BA2-4991-A1F4-FC0585227548}] "(Default)"="REG_SZ", "EKSecurity Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3DD6E37C-E209-4AD7-8699-1535F757DF5A}] "(Default)"="REG_SZ", "EKWindows Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AB344BC-3B5F-42E3-BEB6-89F615CC5008}] "(Default)"="REG_SZ", "EKRestriction Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6AE69E57-4E11-4685-BDE8-55B2F320B204}] "(Default)"="REG_SZ", "EKInternetExplorer Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71A5C497-E3E3-4D14-8C3A-2C33B961CDEA}] "(Default)"="REG_SZ", "PopUp Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{733A4CC7-C760-452D-816F-18B0611BC693}] "(Default)"="REG_SZ", "EKCustom Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{796E5560-17C0-4908-8E8A-7633B5AAF0EC}] "(Default)"="REG_SZ", "EKMisc Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AC459C4-2872-442A-9B47-BA22DDC4960E}] "(Default)"="REG_SZ", "CEKOpera Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94FE530A-C5C0-42DA-B306-9FF5C703E5C9}] "(Default)"="REG_SZ", "EkHideIEWIndows Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1E2AD8B-F7FE-4a59-B308-8032DC38D0DA}] "(Default)"="REG_SZ", "EKChrome Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7DC5B86-D4E9-4562-BF52-F26D699DD37A}] "(Default)"="REG_SZ", "EvidenceKiller Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EC99C277-DCBA-4C62-B5BC-9CA59C681F5D}] "(Default)"="REG_SZ", "EKDriveOps Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ECED6576-D3B1-4183-82B6-82A2D66EFC75}] "(Default)"="REG_SZ", "EKStart Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F899EDA8-B919-4b2e-9B78-004344888F1D}] "(Default)"="REG_SZ", "EKFirefox Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC537DA-947E-4F41-A1EF-12086966E25E}] "(Default)"="REG_SZ", "EKNetscape Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Max File Shredder] "CheckDaysLeft"="REG_SZ", "3/18/2020" "COMPANY"="REG_SZ", "Max Secure Software" "Default"="REG_SZ", "Max File Shredder" "INSTALLPATH"="REG_SZ", "C:\Program Files\Max File Shredder" "PRODUCT NAME"="REG_SZ", "Max File Shredder" "ProductVersionNo"="REG_SZ", "2.0.0.11" "SplashStatus"="REG_SZ", "0" [HKEY_LOCAL_MACHINE\SOFTWARE\Max File Shredder\Scheduler] "DailyWeeklyMonthly"="REG_DWORD", 2 "ScheduleDateTime"="REG_SZ", "3-18-2020 11:0 9" "ScheduleOtherTasks"="REG_DWORD", 0 "SchedulePrivacyTasks"="REG_DWORD", 66846719 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\IConfMFS] "A"="REG_SZ", "0" "B"="REG_SZ", "" "Size"="REG_DWORD", 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MaxFileShredder"="REG_SZ", "C:\Program Files\Max File Shredder\MFSSystemTray.exe" "MFileShredderAutoScan"="REG_SZ", "C:\Program Files\Max File Shredder\MaxFileShredder.exe -AUTOSCAN" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Max File Shredder_is1] "DisplayIcon"="REG_SZ", "C:\Program Files\Max File Shredder\Icons\FileShredder.ico" "DisplayName"="REG_SZ", "Max File Shredder" "DisplayVersion"="REG_SZ", "2.0.0.11" "EstimatedSize"="REG_DWORD", 13299 "HelpLink"="REG_SZ", "http://www.maxpcsecure.com" "Inno Setup: App Path"="REG_SZ", "C:\Program Files\Max File Shredder" "Inno Setup: Deselected Tasks"="REG_SZ", "" "Inno Setup: Icon Group"="REG_SZ", "Max File Shredder" "Inno Setup: Language"="REG_SZ", "default" "Inno Setup: Selected Tasks"="REG_SZ", "desktopicon" "Inno Setup: Setup Version"="REG_SZ", "5.6.1 (a)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20200318" "InstallLocation"="REG_SZ", "C:\Program Files\Max File Shredder\" "MajorVersion"="REG_DWORD", 2 "MinorVersion"="REG_DWORD", 0 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Max Secure Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files\Max File Shredder\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files\Max File Shredder\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.maxpcsecure.com" "URLUpdateInfo"="REG_SZ", "http://www.maxpcsecure.com" "VersionMajor"="REG_DWORD", 2 "VersionMinor"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MFSVistaSvc] "DisplayName"="REG_SZ", "MFSVistaSvc" "ErrorControl"="REG_DWORD", 1 "ImagePath"="REG_EXPAND_SZ, "C:\Program Files\Max File Shredder\MFSVistaService.exe" "ObjectName"="REG_SZ", "LocalSystem" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 16 "WOW64"="REG_DWORD", 1 [HKEY_CURRENT_USER\Software\Max File Shredder] "Default"="REG_SZ", "Max File Shredder" [HKEY_CURRENT_USER\Software\Max File Shredder\WindowPrivacy Pro 1.0\Chat] "ICQMSGRCLEARMESSAGEARCHIVE"="REG_SZ", "0" "YAHOOMSGRCLEARMESSAGEARCHIVE"="REG_SZ", "0" [HKEY_CURRENT_USER\Software\Max File Shredder\WindowPrivacy Pro 1.0\InternetExplorer] "FAVORITES"="REG_SZ", "0" "HomePageSetting"="REG_SZ", "0" "InternetOptions"="REG_SZ", "0" [HKEY_CURRENT_USER\Software\Max File Shredder\WindowPrivacy Pro 1.0\Windows] "ApplicationLog"="REG_SZ", "0" "AUTOCOMPLETE"="REG_SZ", "0" "CommanDialogLastVisited"="REG_SZ", "0" "CommanDialogOpenSave"="REG_SZ", "0" "RecycleBinHotKey"="REG_SZ", "0" "RegistryStreamAllStream"="REG_SZ", "0" "RegistryStreamMRU"="REG_SZ", "0" "SwapFile"="REG_SZ", "0" [HKEY_CURRENT_USER\Software\MaxFileShredderOptions] "COMPANY"="REG_SZ", "Max Secure Software" "PRODUCT NAME"="REG_SZ", "MaxFileShredder" [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\Chat] "ICQMSGRCLEARMESSAGEARCHIVE"="REG_DWORD", 0 "YAHOOMSGRCLEARMESSAGEARCHIVE"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\Custom\PlugIns] [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\DriveOps] "DirectoryStructures"="REG_DWORD", 0 "DriveScan"="REG_DWORD", 0 "FileStructures"="REG_DWORD", 0 "FreeSpace"="REG_DWORD", 0 "ScrambleDateAndTime"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\DriveOps\FreeSpace] "Size"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\DriveOps\HighPerformance] "NoOfMonthsToFuture"="REG_DWORD", 1 "NoOfMonthsToPast"="REG_DWORD", 1 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\DriveOps\List] "Size"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\DriveOps\Scan] "Size"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\InternetExplorer] "AUTOCOMPLETE"="REG_DWORD", 0 "AutoCompleteForms"="REG_DWORD", 0 "AutoCompletePasswords"="REG_DWORD", 0 "ClearOnExit"="REG_DWORD", 0 "Cookies"="REG_DWORD", 0 "DownloadComponent"="REG_DWORD", 0 "FAVORITES"="REG_DWORD", 0 "HomePageSetting"="REG_DWORD", 0 "InternetOptions"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\InternetExplorer\Cookies] "Size"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\Mail] "NETSCAPEMAIL"="REG_DWORD", 0 "OUTLOOKEXPRESSMAIL"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\Misc] "AUTOEXECUTE"="REG_DWORD", 0 "AutoRunTime"="REG_DWORD", 1 "DETAILLOGOFREGOPER"="REG_DWORD", 1626571668 "DISPLAYSPLASHSCREEN"="REG_DWORD", 1626571668 "NoOfLogRefreshLine"="REG_DWORD", 300000000 "STARTUPMESSAGEBOX"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\Netscape] [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\Start] [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\Windows] "ApplicationLog"="REG_DWORD", 0 "CommanDialogLastVisited"="REG_DWORD", 0 "CommanDialogOpenSave"="REG_DWORD", 0 "MYDOCUMENTS"="REG_DWORD", 0 "RecycleBinHotKey"="REG_DWORD", 0 "RegistryStreamAllStream"="REG_DWORD", 0 "RegistryStreamMRU"="REG_DWORD", 0 "SwapFile"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\MaxFileShredderOptions\Windows Version] Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 3/18/20 Scan Time: 10:30 AM Log File: 0c33758c-68fb-11ea-b57a-00ffdcc6fdfc.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.848 Update Package Version: 1.0.20930 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 234677 Threats Detected: 233 Threats Quarantined: 233 Time Elapsed: 15 min, 57 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 3 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER\MFSVISTASERVICE.EXE, Quarantined, 1304, 800839, , , , PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER\MFSSYSTEMTRAY.EXE, Quarantined, 1304, 800833, , , , PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER\MAXFILESHREDDER.EXE, Quarantined, 1304, 800833, , , , Module: 7 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER\MFSVISTASERVICE.EXE, Quarantined, 1304, 800839, , , , PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER\MFSSYSTEMTRAY.EXE, Quarantined, 1304, 800833, , , , PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER\MAXFILESHREDDER.EXE, Quarantined, 1304, 800833, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\Eraser.dll, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\IPExVB.dll, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\VchRegX64.dll, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\VchRegX64.dll, Quarantined, 1304, 800827, , , , Registry Key: 101 PUP.Optional.MaxSecureSoftware, HKCU\SOFTWARE\Max File Shredder, Quarantined, 1304, 800837, 1.0.20930, , ame, PUP.Optional.MaxSecureSoftware, HKCU\SOFTWARE\MaxFileShredderOptions, Quarantined, 1304, 800838, 1.0.20930, , ame, PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\Max File Shredder, Quarantined, 1304, 800832, 1.0.20930, , ame, PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Max File Shredder_is1, Quarantined, 1304, 800835, 1.0.20930, , ame, PUP.Optional.MaxSecureSoftware, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MFSVistaSvc, Quarantined, 1304, 800839, 1.0.20930, , ame, PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{0F770852-A82B-4642-BA37-A856A605AF73}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKMail.EKMail, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKMail.EKMail.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\TYPELIB\{799CD94E-B779-11D5-83D7-00400573A79A}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\INTERFACE\{32CC06D9-0A1F-410A-81A6-9AD7B2E78251}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\INTERFACE\{414C32C6-9576-4657-915A-97D8BD4BCAEB}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\INTERFACE\{4DE811B7-22C4-4329-8FC2-BC5DD8565C63}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\INTERFACE\{612B0562-C671-4857-880E-DB63D3DD59B1}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\INTERFACE\{7991C5C7-02B3-48AA-B59F-B008D4B2718C}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\INTERFACE\{8350351B-4348-4C6F-9CF0-4611058DC579}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\INTERFACE\{EE3514EE-76EB-4C99-B83A-9F0C0F3A5CD4}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{32CC06D9-0A1F-410A-81A6-9AD7B2E78251}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{414C32C6-9576-4657-915A-97D8BD4BCAEB}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4DE811B7-22C4-4329-8FC2-BC5DD8565C63}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{612B0562-C671-4857-880E-DB63D3DD59B1}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7991C5C7-02B3-48AA-B59F-B008D4B2718C}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{8350351B-4348-4C6F-9CF0-4611058DC579}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EE3514EE-76EB-4C99-B83A-9F0C0F3A5CD4}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{32CC06D9-0A1F-410A-81A6-9AD7B2E78251}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{414C32C6-9576-4657-915A-97D8BD4BCAEB}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4DE811B7-22C4-4329-8FC2-BC5DD8565C63}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{612B0562-C671-4857-880E-DB63D3DD59B1}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7991C5C7-02B3-48AA-B59F-B008D4B2718C}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{8350351B-4348-4C6F-9CF0-4611058DC579}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EE3514EE-76EB-4C99-B83A-9F0C0F3A5CD4}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{799CD94E-B779-11D5-83D7-00400573A79A}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{799CD94E-B779-11D5-83D7-00400573A79A}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{0F770852-A82B-4642-BA37-A856A605AF73}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{1039E24B-3B74-4AA6-BA0C-134E4250AC12}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKMode.EKMode, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKMode.EKMode.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{1039E24B-3B74-4AA6-BA0C-134E4250AC12}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{27208D3D-CFAA-4372-96A6-E5BC6C7F655D}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKChat.EKChat, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKChat.EKChat.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{27208D3D-CFAA-4372-96A6-E5BC6C7F655D}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{2DBAEC01-0BA2-4991-A1F4-FC0585227548}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKSecurity.EKSecurity, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKSecurity.EKSecurity.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{2DBAEC01-0BA2-4991-A1F4-FC0585227548}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{3DD6E37C-E209-4AD7-8699-1535F757DF5A}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKWindows.EKWindows, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKWindows.EKWindows.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{3DD6E37C-E209-4AD7-8699-1535F757DF5A}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{5AB344BC-3B5F-42E3-BEB6-89F615CC5008}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKRestriction.EKRestriction, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKRestriction.EKRestriction.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{5AB344BC-3B5F-42E3-BEB6-89F615CC5008}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{6AE69E57-4E11-4685-BDE8-55B2F320B204}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKInternetExplorer.EKInternetExplorer, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKInternetExplorer.EKInternetExplorer.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{6AE69E57-4E11-4685-BDE8-55B2F320B204}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{71A5C497-E3E3-4D14-8C3A-2C33B961CDEA}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\PopUp.PopUp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\PopUp.PopUp.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{71A5C497-E3E3-4D14-8C3A-2C33B961CDEA}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{733A4CC7-C760-452D-816F-18B0611BC693}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKCustom.EKCustom, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKCustom.EKCustom.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{733A4CC7-C760-452D-816F-18B0611BC693}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{796E5560-17C0-4908-8E8A-7633B5AAF0EC}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKMisc.EKMisc, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKMisc.EKMisc.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{796E5560-17C0-4908-8E8A-7633B5AAF0EC}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{8AC459C4-2872-442A-9B47-BA22DDC4960E}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CEKOpera.CEKOpera, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CEKOpera.CEKOpera.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{8AC459C4-2872-442A-9B47-BA22DDC4960E}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{94FE530A-C5C0-42DA-B306-9FF5C703E5C9}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EkHideIEWIndows.EkHideIEWIndows, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EkHideIEWIndows.EkHideIEWIndows.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{94FE530A-C5C0-42DA-B306-9FF5C703E5C9}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{B1E2AD8B-F7FE-4a59-B308-8032DC38D0DA}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKChrome.EKChrome, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKChrome.EKChrome.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{B1E2AD8B-F7FE-4a59-B308-8032DC38D0DA}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{B7DC5B86-D4E9-4562-BF52-F26D699DD37A}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EvidenceKiller.EvidenceKiller, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EvidenceKiller.EvidenceKiller.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{B7DC5B86-D4E9-4562-BF52-F26D699DD37A}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{EC99C277-DCBA-4C62-B5BC-9CA59C681F5D}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKDriveOps.EKDriveOps, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKDriveOps.EKDriveOps.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{EC99C277-DCBA-4C62-B5BC-9CA59C681F5D}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{ECED6576-D3B1-4183-82B6-82A2D66EFC75}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKStart.EKStart, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKStart.EKStart.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{ECED6576-D3B1-4183-82B6-82A2D66EFC75}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{F899EDA8-B919-4b2e-9B78-004344888F1D}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKFirefox.EKFirefox, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKFirefox.EKFirefox.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{F899EDA8-B919-4b2e-9B78-004344888F1D}\InprocServer32, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{FFC537DA-947E-4F41-A1EF-12086966E25E}, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKNetscape.EKNetscape, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\EKNetscape.EKNetscape.1, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\CLASSES\CLSID\{FFC537DA-947E-4F41-A1EF-12086966E25E}\InprocServer32, Quarantined, 1304, 800827, , , , Registry Value: 2 PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MAXFILESHREDDER, Quarantined, 1304, 800833, 1.0.20930, , ame, PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MFILESHREDDERAUTOSCAN, Quarantined, 1304, 800833, 1.0.20930, , ame, Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 8 PUP.Optional.MaxSecureSoftware, C:\Users\{username}\AppData\Local\Max Secure Software\MaxDownloadTemp, Quarantined, 1304, 393078, , , , PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\APPDATA\LOCAL\MAX SECURE SOFTWARE, Quarantined, 1304, 393078, 1.0.20930, , ame, PUP.Optional.MaxSecureSoftware, C:\PROGRAMDATA\MAX SECURE\MAX PC SECURE, Quarantined, 1304, 393093, 1.0.20930, , ame, PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\Icons, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\Log, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER, Quarantined, 1304, 800827, 1.0.20930, , ame, PUP.Optional.MaxSecureSoftware, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MAX FILE SHREDDER, Quarantined, 1304, 800830, 1.0.20930, , ame, File: 112 PUP.Optional.MaxSecureSoftware, C:\Users\{username}\AppData\Local\Max Secure Software\MaxDownloadTemp\maxdownloader.log, Quarantined, 1304, 393078, , , , PUP.Optional.MaxSecureSoftware, C:\ProgramData\Max Secure\Max PC Secure\SysMFS.dll, Quarantined, 1304, 393093, , , , PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER\MFSVISTASERVICE.EXE, Quarantined, 1304, 800839, , , , PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER\MFSSYSTEMTRAY.EXE, Quarantined, 1304, 800833, , , , PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX FILE SHREDDER\MAXFILESHREDDER.EXE, Quarantined, 1304, 800833, , , , PUP.Optional.MaxSecureSoftware, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Max File Shredder.lnk, Quarantined, 1304, 800833, , , , PUP.Optional.MaxSecureSoftware, C:\USERS\PUBLIC\Desktop\Max File Shredder.lnk, Quarantined, 1304, 800833, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\Icons\FileShredder.ico, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\Log\Log.Log, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\AbsoluteFTP.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\ACDSEE Photo Viewer v3.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Adaptec Easy CD Creator v4.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Adobe Acrobat Reader v3.0.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Adobe Acrobat Reader v3.1.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Adobe Acrobat Reader v4.0.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Adobe Photoshop v5.0 LE.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Adobe Photoshop v5.5.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Adobe Photoshop v5.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Adobe Photoshop v6.0.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\ASPack.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Cabinet Manager.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Copernic 2000 Pro.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Copernic 2000.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Cute FTP v3.0.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Cute FTP v4.0.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Delphi v3.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Delphi v4.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Delphi v5.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\DiskKeeper v5.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Download Accelerator.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Eudora Mail.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\FTP Explorer.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\GetRight ExplorerBar.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\GetRight v4.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\GoZilla.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Helios TextPad v3.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Helios TextPad v4.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\HelpWriter.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Icon Extractor.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\ICQ 2000a.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\InstallShield Express.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\JASC Paintshop Pro v5.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\JASC Paintshop Pro v6.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\JASC Paintshop Pro v7.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Jet PhotoShell v1.2.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Macromedia Flash v4.0.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\MasterSplitter v2.1.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\McAfee Virus Scan v4.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microangelo 98.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Micrografx Picture Publisher v7.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Micrografx Picture Publisher v8.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft FrontPage Express.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft FrontPage.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Help Workshop.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft HTML Help.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Office- Word.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Office-Access.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Office-Excel.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Office-Photo Editor.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Office-Power Point.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Publisher 2000.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Send-To Extensions.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Windows Paint.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Microsoft Windows WordPad.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Napster Music Community.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\NEATO Labels.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\NeoPlanet v5.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Norton AntiVirus 2000 (v6).wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Norton File Manager.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Norton Utilities 2000.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\NoteTab Pro.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Opera Browser v4.02 Final.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Opera Browser.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\PackageForTheWeb.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Personal Ancestral File.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Real Audio Player v6 v7 v8.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Real Download v4.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\SureThing CD Labeler.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Telnet.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Ulead Gif Animator v4.0.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Ulead Photo Explorer v4.2.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Ulead Photo Viewer v4.0.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Ulead PhotoImpact v5.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Ulead PhotoImpact Viewer v4.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\UltraEdit v4.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\UltraEdit v7.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Web Ferret v3.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\WinOnCD.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\WinRar v2.6.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\WinRar v2.70.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\WinZip v7.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\WinZip v8.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Wise Installer.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Yahoo Player.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\ZipMagic 2000.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\PlugIns\Zone Alarm.wp, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\CheckDll.dll, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\CloseAll.exe, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\Eraser.dll, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\IPExVB.dll, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\MaxFileShredder.chm, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\MFSPopup.exe, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\Setup.ini, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\unins000.dat, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\unins000.exe, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\unins000.msg, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\VchRegX64.dll, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\Program Files\Max File Shredder\VoucherLog.txt, Quarantined, 1304, 800827, , , , PUP.Optional.MaxSecureSoftware, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max File Shredder\Max File Shredder.lnk, Quarantined, 1304, 800830, , , , PUP.Optional.MaxSecureSoftware, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max File Shredder\Uninstall Max File Shredder.lnk, Quarantined, 1304, 800830, , , , PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\DESKTOP\MAXFILESHREDDERDM.EXE, Quarantined, 1304, 800826, 1.0.20930, 8BC0856F4D009490284855F3, dds, 00636917 PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\DESKTOP\MAXFILESHREDDERX64.EXE, Quarantined, 1304, 800828, 1.0.20930, , ame, Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat. We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  3. What is Max Registry Cleaner?The Malwarebytes research team has determined that Max Registry Cleaner is a fake registry cleaner. These so-called "registry cleaners" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.More information can be found on our Malwarebytes Labs blog.How do I know if I am infected with Max Registry Cleaner?This is how the main screen of the registry cleaning application looks:You will find these icons in your taskbar and on your desktop:And see this warning during install:and these screens during "operations":You may see this entry in your list of installed programs:How did Max Registry Cleaner get on my computer?These so-called registry cleaners use different methods of getting installed. This particular one was downloaded from their website.How do I remove Max Registry Cleaner?Our program Malwarebytes can detect and remove this potentially unwanted application. Please download Malwarebytes to your desktop. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program. Then click Finish. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure. When the scan is complete, make sure that all Threats are selected, and click Remove Selected. Restart your computer when prompted to do so. Is there anything else I need to do to get rid of Max Registry Cleaner? No, Malwarebytes removes Max Registry Cleaner completely. How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you eradicate this registry cleaner.As you can see below the full version of Malwarebytes would have protected you against the Max Registry Cleaner installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. and it would have blocked access to their website: Technical details for expertsYou may see these entries in FRST logs: (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Program Files\Max Registry Cleaner\MaxRegistryCleaner.exe (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Program Files\Max Registry Cleaner\RCVistaService.exe HKLM\...\Run: [RCSystemTray] => C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe [2767128 2019-04-02] (Max Secure Software India Private Ltd. -> Max Secure Software) HKLM\...\Run: [RCAutoLiveUpdate] => C:\Program Files\Max Registry Cleaner\MaxLURC.exe [1713112 2018-07-25] (Max Secure Software India Private Ltd. -> Max Secure Software) R2 RCVistaSvc; C:\Program Files\Max Registry Cleaner\RCVistaService.exe [2313688 2018-07-25] (Max Secure Software India Private Ltd. -> Max Secure Software) C:\Users\Public\Desktop\Max Registry Cleaner.lnk C:\Windows\MaxSecureBackup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Registry Cleaner C:\ProgramData\Max Secure C:\Program Files\Max Registry Cleaner C:\Users\{username}\AppData\Local\Max Secure Software Max Registry Cleaner (HKLM\...\{8D815D9B-4DD9-437E-BFE2-E7374D3E7025}_is1) (Version: 6.0.0.073 - Max Secure Software) Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files\Max Registry Cleaner Adds the file CheckDll.dll"="7/25/2018 4:00 PM, 829912 bytes, A Adds the file CloseAll.exe"="7/25/2018 4:01 PM, 506328 bytes, A Adds the file ExportMail.htm"="5/2/2013 4:49 PM, 5410 bytes, A Adds the file FileSignature.dll"="7/25/2018 4:02 PM, 674776 bytes, A Adds the file IgnoreKeys.ini"="2/2/2015 3:14 PM, 6125 bytes, A Adds the file IgnorePath.ini"="12/12/2014 2:44 PM, 1130 bytes, A Adds the file MaxLURC.exe"="7/25/2018 4:01 PM, 1713112 bytes, A Adds the file MaxRCPopUp.exe"="7/25/2018 4:01 PM, 1449944 bytes, A Adds the file MaxRCSystemTray.exe"="4/2/2019 4:36 PM, 2767128 bytes, A Adds the file MaxRegistryCleaner.chm"="7/25/2018 4:49 PM, 1135296 bytes, A Adds the file MaxRegistryCleaner.exe"="4/2/2019 3:57 PM, 9435928 bytes, A Adds the file MaxSDResourceDll.dll"="3/30/2019 12:21 PM, 22098200 bytes, A Adds the file MaxTeamVReset.exe"="2/8/2019 11:44 AM, 1802200 bytes, A Adds the file OptimizerDll.dll"="7/25/2018 4:07 PM, 581592 bytes, A Adds the file RC_Tips_EN.txt"="5/2/2013 4:49 PM, 5280 bytes, A Adds the file RC_Tips_GE.txt"="5/2/2013 4:49 PM, 6810 bytes, A Adds the file RCVistaService.exe"="7/25/2018 4:02 PM, 2313688 bytes, A Adds the file RegistryCleaner.ico"="2/24/2015 9:58 AM, 257418 bytes, A Adds the file SendReport.exe"="2/8/2019 11:40 AM, 1249752 bytes, A Adds the file SMTPDll.dll"="2/8/2019 11:40 AM, 808408 bytes, A Adds the file StartUpTipsDll.dll"="2/8/2019 11:40 AM, 411608 bytes, A Adds the file TeamViewerQS.exe"="2/8/2019 11:44 AM, 2868232 bytes, A Adds the file unins000.dat"="6/3/2019 9:11 AM, 15983 bytes, A Adds the file unins000.exe"="6/3/2019 9:10 AM, 986392 bytes, A Adds the file unins000.msg"="6/3/2019 9:11 AM, 11401 bytes, A Adds the file VchReg.dll"="3/30/2019 12:22 PM, 2769176 bytes, A Adds the folder C:\Program Files\Max Registry Cleaner\IgnoreData Adds the file RC1.DB"="5/2/2013 4:49 PM, 151 bytes, A Adds the file RC10.DB"="5/2/2013 4:49 PM, 2 bytes, A Adds the file RC11.DB"="5/2/2013 4:49 PM, 13900 bytes, A Adds the file RC12.DB"="5/2/2013 4:49 PM, 7070 bytes, A Adds the file RC13.DB"="5/2/2013 4:49 PM, 3188 bytes, A Adds the file RC2.DB"="5/2/2013 4:49 PM, 2 bytes, A Adds the file RC4.DB"="5/2/2013 4:49 PM, 236 bytes, A Adds the file RC5.DB"="5/2/2013 4:49 PM, 5189 bytes, A Adds the file RC7.DB"="5/2/2013 4:49 PM, 2780 bytes, A Adds the file RC9.DB"="5/2/2013 4:49 PM, 2 bytes, A Adds the folder C:\Program Files\Max Registry Cleaner\LiveUpdate Adds the folder C:\Program Files\Max Registry Cleaner\Log Adds the file ScanLog.txt"="6/3/2019 9:11 AM, 26272 bytes, A Adds the file VoucherLog.txt"="6/3/2019 9:11 AM, 2116 bytes, A Adds the folder C:\Program Files\Max Registry Cleaner\setting Adds the file CurrentSettings.ini"="6/8/2018 12:04 PM, 2543 bytes, A Adds the file English_Strings.ini"="4/2/2019 4:30 PM, 71208 bytes, A Adds the file Export.ini"="5/2/2013 4:49 PM, 400 bytes, A Adds the file German_Strings.ini"="4/2/2019 4:31 PM, 74252 bytes, A Adds the file Voucher_English_Strings.ini"="6/12/2018 4:40 PM, 32772 bytes, A Adds the file Voucher_German_Strings.ini"="6/12/2018 4:40 PM, 32772 bytes, A Adds the folder C:\ProgramData\Max Secure\Max Registry Cleaner Adds the file SYSRegC.mxs"="6/3/2019 9:11 AM, 63 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Registry Cleaner Adds the file Max Registry Cleaner Help.lnk"="6/3/2019 9:11 AM, 964 bytes, A Adds the file Max Registry Cleaner.lnk"="6/3/2019 9:11 AM, 964 bytes, A Adds the file Uninstall Max Registry Cleaner.lnk"="6/3/2019 9:11 AM, 914 bytes, A Adds the folder C:\Users\{username}\AppData\Local\Max Secure Software\MaxDownloadTemp Adds the file maxdownloader.log"="6/3/2019 9:10 AM, 717 bytes, A In the existing folder C:\Users\{username}\Desktop Adds the file MaxRegistrycleanerx64.exe"="6/3/2019 9:10 AM, 11155736 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file Max Registry Cleaner.lnk"="6/3/2019 9:11 AM, 946 bytes, A Adds the folder C:\Windows\MaxSecureBackup Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE] "RegistrationNo"="REG_SZ", "" [HKEY_LOCAL_MACHINE\SOFTWARE\Max Registry cleaner] "AppFolder"="REG_SZ", "C:\Program Files\Max Registry Cleaner\" "CheckDaysLeft"="REG_SZ", "6/3/2019" "InstalledProductPath"="REG_SZ", "C:\Users\{username}\Desktop\MaxRegistrycleanerx64.exe" "LastLiveUpdate"="REG_SZ", "3-Jun-2019" "NoOfScans"="REG_DWORD", 0 "ProductVersionNo"="REG_SZ", "6.0.0.073" "PurchaseURL"="REG_SZ", "https://www.bluesnap.com/jsp/buynow.jsp?contractId=2004108" "ScanType"="REG_DWORD", 1 "SetupLaunch"="REG_DWORD", 0 "VendorName"="REG_SZ", "RegistryCleaner" [HKEY_LOCAL_MACHINE\SOFTWARE\Max Registry cleaner\System_settings] "AutomaticLiveUpdate"="REG_DWORD", 1 "ScanWithWindowsStart"="REG_DWORD", 0 "SplashScreen"="REG_DWORD", 1 "StartTips"="REG_DWORD", 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RCAutoLiveUpdate"="REG_SZ", "C:\Program Files\Max Registry Cleaner\MaxLURC.exe -AUTO" "RCSystemTray"="REG_SZ", "C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D815D9B-4DD9-437E-BFE2-E7374D3E7025}_is1] "DisplayIcon"="REG_SZ", "C:\Program Files\Max Registry Cleaner\RegistryCleaner.ico" "DisplayName"="REG_SZ", "Max Registry Cleaner" "DisplayVersion"="REG_SZ", "6.0.0.073" "EstimatedSize"="REG_DWORD", 54444 "HelpLink"="REG_SZ", "http://www.maxpcsecure.com/" "Inno Setup: App Path"="REG_SZ", "C:\Program Files\Max Registry Cleaner" "Inno Setup: Deselected Tasks"="REG_SZ", "" "Inno Setup: Icon Group"="REG_SZ", "Max Registry Cleaner" "Inno Setup: Language"="REG_SZ", "english" "Inno Setup: Selected Tasks"="REG_SZ", "desktopicon" "Inno Setup: Setup Version"="REG_SZ", "5.6.1 (a)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20190603" "InstallLocation"="REG_SZ", "C:\Program Files\Max Registry Cleaner\" "MajorVersion"="REG_DWORD", 6 "MinorVersion"="REG_DWORD", 0 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "Max Secure Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files\Max Registry Cleaner\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files\Max Registry Cleaner\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.maxpcsecure.com/" "URLUpdateInfo"="REG_SZ", "http://www.maxpcsecure.com/" "VersionMajor"="REG_DWORD", 6 "VersionMinor"="REG_DWORD", 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RCVistaSvc] "DisplayName"="REG_SZ", "RCVistaSvc" "ErrorControl"="REG_DWORD", 1 "ImagePath"="REG_EXPAND_SZ, "C:\Program Files\Max Registry Cleaner\RCVistaService.exe" "ObjectName"="REG_SZ", "LocalSystem" "Start"="REG_DWORD", 2 "Type"="REG_DWORD", 16 "WOW64"="REG_DWORD", 1 Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/3/19 Scan Time: 9:22 AM Log File: 4d879bda-85d0-11e9-aec1-00ffdcc6fdfc.json -Software Information- Version: 3.7.1.2839 Components Version: 1.0.586 Update Package Version: 1.0.10878 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 236181 Threats Detected: 77 Threats Quarantined: 77 Time Elapsed: 7 min, 9 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 3 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxRegistryCleaner.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\RCVistaService.exe, Quarantined, [1220], [393095],1.0.10878 Module: 6 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX REGISTRY CLEANER\OPTIMIZERDLL.DLL, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxRegistryCleaner.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxSDResourceDll.dll, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\RCVistaService.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\VchReg.dll, Quarantined, [1220], [393095],1.0.10878 Registry Key: 3 PUP.Optional.MaxSecureSoftware, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RCVistaSvc, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8D815D9B-4DD9-437E-BFE2-E7374D3E7025}_is1, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxRegistryCleaner, HKLM\SOFTWARE\Max Registry cleaner, Quarantined, [7134], [393234],1.0.10878 Registry Value: 3 PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|RCAutoLiveUpdate, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|RCSystemTray, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RCVISTASVC|IMAGEPATH, Quarantined, [1220], [393080],1.0.10878 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 9 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\LiveUpdate, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\setting, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\Log, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX REGISTRY CLEANER, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Users\{username}\AppData\Local\Max Secure Software\MaxDownloadTemp, Quarantined, [1220], [393078],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\APPDATA\LOCAL\MAX SECURE SOFTWARE, Quarantined, [1220], [393078],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MAX REGISTRY CLEANER, Quarantined, [1220], [393091],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\PROGRAMDATA\MAX SECURE\MAX REGISTRY CLEANER, Quarantined, [1220], [393094],1.0.10878 File: 53 PUP.Optional.MaxSecureSoftware, C:\PROGRAM FILES\MAX REGISTRY CLEANER\OPTIMIZERDLL.DLL, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC1.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC10.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC11.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC12.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC13.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC2.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC4.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC5.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC7.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreData\RC9.DB, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\Log\ScanLog.txt, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\Log\VoucherLog.txt, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\setting\CurrentSettings.ini, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\setting\English_Strings.ini, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\setting\Export.ini, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\setting\German_Strings.ini, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\setting\Voucher_English_Strings.ini, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\setting\Voucher_German_Strings.ini, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxRegistryCleaner.chm, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\CheckDll.dll, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\CloseAll.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\ExportMail.htm, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\FileSignature.dll, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnoreKeys.ini, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\IgnorePath.ini, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxLURC.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxRCPopUp.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxRCSystemTray.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxRegistryCleaner.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxSDResourceDll.dll, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\MaxTeamVReset.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\RCVistaService.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\RC_Tips_EN.txt, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\RC_Tips_GE.txt, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\RegistryCleaner.ico, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\SendReport.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\SMTPDll.dll, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\StartUpTipsDll.dll, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\TeamViewerQS.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\unins000.dat, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\unins000.exe, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\unins000.msg, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Program Files\Max Registry Cleaner\VchReg.dll, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Max Registry Cleaner.lnk, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\USERS\PUBLIC\Desktop\Max Registry Cleaner.lnk, Quarantined, [1220], [393095],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\DESKTOP\MAXREGISTRYCLEANERX64.EXE, Quarantined, [1220], [393088],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\Users\{username}\AppData\Local\Max Secure Software\MaxDownloadTemp\maxdownloader.log, Quarantined, [1220], [393078],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Registry Cleaner\Max Registry Cleaner Help.lnk, Quarantined, [1220], [393091],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Registry Cleaner\Max Registry Cleaner.lnk, Quarantined, [1220], [393091],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Registry Cleaner\Uninstall Max Registry Cleaner.lnk, Quarantined, [1220], [393091],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\ProgramData\Max Secure\Max Registry Cleaner\SYSRegC.mxs, Quarantined, [1220], [393094],1.0.10878 PUP.Optional.MaxSecureSoftware, C:\USERS\{username}\DESKTOP\MAXRCDM.EXE, Quarantined, [1220], [690737],1.0.10878 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.