Jump to content

Removal instructions for AdBlaster

Metallica
 Share

Recommended Posts

  • Staff
Metallica

Metallica

Posted
  • Staff
Posted

What is AdBlaster?

The Malwarebytes research team has determined that AdBlaster is adware. These adware applications display advertisements not originating from the sites you are browsing.

This one installs a Chromium browser and makes that the default browser. It also hijacks file- and URL- associations.

How do I know if my computer is affected by AdBlaster?

You may see this entry in your list of installed programs:

warning4.png

and these warnings during install:

main.png

warning1.png

these icons on your desktop and in your taskbar:

icons.png

and this new Chromium based browser:

chromium.png

How did AdBlaster get on my computer?

Adware applications use different methods for distributing themselves. This particular one was bundled with other software.

How do I remove AdBlaster?

Our program Malwarebytes Anti-Malware can detect and remove this potentially unwanted program.

  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Is there anything else I need to do to get rid of AdBlaster?
  • The shortcut called insert name on the desktop can be deleted if it belonged to the rogue.
How would the full version of Malwarebytes Anti-Malware help protect me?

We hope our application and this guide have helped you eradicate this adware application.

As you can see below the full version of Malwarebytes Anti-Malware would have protected you against the AdBlaster adware. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.

protection1.png

and it stops the connections the installer tries to make:

protection2.png

Technical details for experts

You will see these signs in a HijackThis log:

O4 - HKCU\..\Run: [browser] C:\Program Files (x86)\AdBlaster\Application\browser.exe
You may see these signs in FRST logs:

 Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AdBlaster\Application\browser.exe" -- "%1") HKCU\...\Run: [browser] => C:\Program Files (x86)\AdBlaster\Application\browser.exe [1011200 2015-05-14] (Helpful Applications) C:\Program Files (x86)\AdBlaster C:\Users\Public\Desktop\AdBlaster.lnk C:\Users\{username}\AppData\Local\AdBlaster C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdBlasterAdBlaster (HKLM-x32\...\AdBlaster) (Version: 40.0.2214.45 - Helpful Applications)FirewallRules: [{5DF95998-423E-4144-A1B7-7AD5A9AB0B0C}] => (Allow) C:\Program Files (x86)\AdBlaster\Application\browser.exe
Alterations made by the installer:

File system details [View: All details] (Selection)---------------------------------------------------    Adds the folder C:\Program Files (x86)\AdBlaster\Application       Adds the file browser.exe"="14/05/2015 21:12, 1011200 bytes, A       Adds the file debug.log"="17/11/2015 07:21, 363 bytes, A       Adds the file old_chrome.exe"="14/05/2015 21:12, 1011200 bytes, A       Adds the file VisualElementsManifest.xml"="17/11/2015 07:22, 392 bytes, A    Adds the folder C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45       Adds the file 40.0.2214.45.manifest"="14/05/2015 21:12, 222 bytes, A       Adds the file chrome.dll"="14/05/2015 21:12, 39966208 bytes, A       Adds the file chrome_100_percent.pak"="14/05/2015 21:12, 1151053 bytes, A       Adds the file chrome_200_percent.pak"="14/05/2015 21:12, 1657859 bytes, A       Adds the file chrome_child.dll"="14/05/2015 21:12, 38059520 bytes, A       Adds the file chrome_elf.dll"="14/05/2015 21:12, 124928 bytes, A       Adds the file d3dcompiler_46.dll"="14/05/2015 21:12, 3231832 bytes, A       Adds the file delegate_execute.exe"="14/05/2015 21:12, 1170944 bytes, A       Adds the file ffmpegsumo.dll"="14/05/2015 21:12, 986112 bytes, A       Adds the file icudtl.dat"="14/05/2015 21:12, 10456832 bytes, A       Adds the file libegl.dll"="14/05/2015 21:12, 212992 bytes, A       Adds the file libexif.dll"="14/05/2015 21:12, 308224 bytes, A       Adds the file libglesv2.dll"="14/05/2015 21:12, 1402368 bytes, A       Adds the file metro_driver.dll"="14/05/2015 21:12, 496640 bytes, A       Adds the file pdf.dll"="14/05/2015 21:12, 9464320 bytes, A       Adds the file resources.pak"="14/05/2015 21:12, 17052871 bytes, A       Adds the file secondarytile.png"="14/05/2015 21:12, 637 bytes, A    Adds the folder C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\Extensions       Adds the file external_extensions.json"="14/05/2015 21:12, 99 bytes, A    Adds the folder C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\Installer       Adds the file chrmstp.exe"="17/11/2015 07:22, 1333760 bytes, A       Adds the file chrome.7z"="14/05/2015 21:12, 142862563 bytes, A       Adds the file setup.exe"="17/11/2015 07:22, 1333760 bytes, A    Adds the folder C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\Locales    Adds the folder C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\VisualElements       Adds the file logo.png"="14/05/2015 21:12, 3970 bytes, A       Adds the file smalllogo.png"="14/05/2015 21:12, 9285 bytes, A       Adds the file splash-620x300.png"="14/05/2015 21:12, 10185 bytes, A    Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdBlaster       Adds the file AdBlaster.lnk"="17/11/2015 07:22, 2187 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data       Adds the file chrome_shutdown_ms.txt"="17/11/2015 07:24, 5 bytes, A       Adds the file First Run"="17/11/2015 07:21, 0 bytes, A       Adds the file Local State"="17/11/2015 07:24, 16080 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default       Adds the file Bookmarks"="17/11/2015 07:21, 2980 bytes, A       Adds the file Cookies"="17/11/2015 07:23, 8192 bytes, A       Adds the file Cookies-journal"="17/11/2015 07:23, 4640 bytes, A       Adds the file Current Session"="17/11/2015 07:24, 48361 bytes, A       Adds the file Current Tabs"="17/11/2015 07:24, 32796 bytes, A       Adds the file Favicons"="17/11/2015 07:21, 24576 bytes, A       Adds the file Favicons-journal"="17/11/2015 07:21, 16384 bytes, A       Adds the file Google Profile.ico"="17/11/2015 07:21, 28134 bytes, A       Adds the file History"="17/11/2015 07:24, 94208 bytes, A       Adds the file History Provider Cache"="17/11/2015 07:24, 1514 bytes, A       Adds the file History-journal"="17/11/2015 07:24, 16384 bytes, A       Adds the file Login Data"="17/11/2015 07:21, 12288 bytes, A       Adds the file Login Data-journal"="17/11/2015 07:21, 512 bytes, A       Adds the file Network Action Predictor"="17/11/2015 07:23, 19456 bytes, A       Adds the file Network Action Predictor-journal"="17/11/2015 07:23, 3608 bytes, A       Adds the file Origin Bound Certs"="17/11/2015 07:21, 9216 bytes, A       Adds the file Origin Bound Certs-journal"="17/11/2015 07:21, 3608 bytes, A       Adds the file Preferences"="17/11/2015 07:24, 9988 bytes, A       Adds the file QuotaManager"="17/11/2015 07:21, 13312 bytes, A       Adds the file QuotaManager-journal"="17/11/2015 07:21, 8768 bytes, A       Adds the file README"="17/11/2015 07:22, 172 bytes, A       Adds the file Secure Preferences"="17/11/2015 07:24, 38778 bytes, A       Adds the file Shortcuts"="17/11/2015 07:23, 12288 bytes, A       Adds the file Shortcuts-journal"="17/11/2015 07:23, 8720 bytes, A       Adds the file Top Sites"="17/11/2015 07:21, 20480 bytes, A       Adds the file Top Sites-journal"="17/11/2015 07:21, 12824 bytes, A       Adds the file TransportSecurity"="17/11/2015 07:21, 323 bytes, A       Adds the file Visited Links"="17/11/2015 07:21, 131072 bytes, A       Adds the file Web Data"="17/11/2015 07:21, 55296 bytes, A       Adds the file Web Data-journal"="17/11/2015 07:21, 4624 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Cache    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\databases       Adds the file Databases.db"="17/11/2015 07:21, 7168 bytes, A       Adds the file Databases.db-journal"="17/11/2015 07:21, 512 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Extension State       Adds the file 000003.log"="17/11/2015 07:23, 4560 bytes, A       Adds the file CURRENT"="17/11/2015 07:21, 16 bytes, A       Adds the file LOCK"="17/11/2015 07:21, 0 bytes, A       Adds the file LOG"="17/11/2015 07:21, 47 bytes, A       Adds the file MANIFEST-000002"="17/11/2015 07:21, 50 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0       Adds the file craw_background.js"="22/07/2015 10:12, 189710 bytes, A       Adds the file craw_window.js"="22/07/2015 10:12, 219309 bytes, A       Adds the file manifest.json"="17/11/2015 07:21, 1275 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_locales    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\_metadata       Adds the file verified_contents.json"="22/07/2015 10:11, 11770 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\css       Adds the file craw_window.css"="07/10/2013 12:22, 1741 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\html       Adds the file craw_window.html"="07/08/2013 13:33, 810 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\images       Adds the file flapper.gif"="07/08/2013 13:33, 70364 bytes, A       Adds the file icon_128.png"="17/11/2015 07:21, 4363 bytes, A       Adds the file icon_16.png"="17/11/2015 07:21, 573 bytes, A       Adds the file topbar_floating_button.png"="07/08/2013 13:33, 160 bytes, A       Adds the file topbar_floating_button_close.png"="07/08/2013 13:33, 252 bytes, A       Adds the file topbar_floating_button_hover.png"="07/08/2013 13:33, 160 bytes, A       Adds the file topbar_floating_button_maximize.png"="07/08/2013 13:33, 166 bytes, A       Adds the file topbar_floating_button_pressed.png"="07/08/2013 13:33, 160 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\File System\000\p       Adds the file .usage"="17/11/2015 07:21, 24 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\File System\000\p\00       Adds the file 00000000"="17/11/2015 07:21, 2238226 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\File System\000\p\Paths       Adds the file 000003.log"="17/11/2015 07:21, 288 bytes, A       Adds the file CURRENT"="17/11/2015 07:21, 16 bytes, A       Adds the file LOCK"="17/11/2015 07:21, 0 bytes, A       Adds the file LOG"="17/11/2015 07:21, 47 bytes, A       Adds the file MANIFEST-000002"="17/11/2015 07:21, 50 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\File System\Origins       Adds the file 000003.log"="17/11/2015 07:21, 131 bytes, A       Adds the file CURRENT"="17/11/2015 07:21, 16 bytes, A       Adds the file LOCK"="17/11/2015 07:21, 0 bytes, A       Adds the file LOG"="17/11/2015 07:21, 47 bytes, A       Adds the file MANIFEST-000002"="17/11/2015 07:21, 50 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\JumpListIcons       Adds the file D8A3.tmp"="17/11/2015 07:23, 0 bytes, A       Adds the file D8A4.tmp"="17/11/2015 07:23, 0 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\JumpListIconsOld       Adds the file 6302.tmp"="17/11/2015 07:23, 0 bytes, A       Adds the file 6303.tmp"="17/11/2015 07:23, 0 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Local Extension Settings    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Local Storage    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\Default\Session Storage       Adds the file 000003.log"="17/11/2015 07:24, 476 bytes, A       Adds the file CURRENT"="17/11/2015 07:22, 16 bytes, A       Adds the file LOCK"="17/11/2015 07:22, 0 bytes, A       Adds the file LOG"="17/11/2015 07:22, 47 bytes, A       Adds the file MANIFEST-000002"="17/11/2015 07:22, 50 bytes, A    Adds the folder C:\Users\{username}\AppData\Local\AdBlaster\User Data\EVWhitelist    In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch       Adds the file AdBlaster.lnk"="17/11/2015 07:22, 2176 bytes, A    In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar       Adds the file AdBlaster.lnk"="17/11/2015 07:21, 2187 bytes, A    In the existing folder C:\Users\Public\Desktop       Adds the file AdBlaster.lnk"="17/11/2015 07:22, 2152 bytes, ARegistry details [View: All details] (Selection)------------------------------------------------    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm]       "(Default)        REG_SZ, "OperaStable" ==> REG_SZ, "BrowserHTM"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithProgIds       "BrowserHTM"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html]       "(Default)        REG_SZ, "OperaStable" ==> REG_SZ, "BrowserHTM"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithProgIds       "BrowserHTM"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml]       "(Default)        REG_SZ, "OperaStable" ==> REG_SZ, "BrowserHTM"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithProgIDs]       "BrowserHTM"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webp\OpenWithProgids]       "BrowserHTM"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht]       "(Default)        REG_SZ, "OperaStable" ==> REG_SZ, "BrowserHTM"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithProgIds]       "BrowserHTM"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml]       "(Default)        REG_SZ, "OperaStable" ==> REG_SZ, "BrowserHTM"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithProgIds]       "BrowserHTM"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BrowserHTM]       "(Default)"="REG_SZ", "Browser HTML Document"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BrowserHTM\DefaultIcon]       "(Default)"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BrowserHTM\shell\open\command]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" -- "%1""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}]       "id"="REG_SZ", "5f7f726f9d85487ca76141512a015ff7"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b02a2afe-e28c-49de-9b45-1799294d410e}]       "id"="REG_SZ", "5f7f726f9d85487ca76141512a015ff7"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}]       "ad"="REG_SZ", "adblasterapp.com"       "id"="REG_SZ", "5f7f726f9d85487ca76141512a015ff7"       "ip"="REG_SZ", "371"       "ns"="REG_SZ", "ADBL"       "p"="REG_SZ", "371"       "v"="REG_SZ", "3.0.61"       "vp"="REG_SZ", "3.0.61371"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp]       "URL Protocol"=REG_SZ, ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\DefaultIcon]       "(Default)"=REG_SZ, "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell]       "(Default)"="REG_SZ", "open"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\command]       "(Default)"=REG_SZ, ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" -- "%1""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ftp\shell\open\ddeexec]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http]       "URL Protocol        REG_SZ, "" ==> REG_SZ, ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\DefaultIcon]       "(Default)"=REG_SZ, "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell]       "(Default)"="REG_SZ", "open"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\command]       "(Default)"=REG_SZ, ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" -- "%1""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\http\shell\open\ddeexec]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https]       "URL Protocol        REG_SZ, "" ==> REG_SZ, ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\DefaultIcon]       "(Default)"=REG_SZ, "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell]       "(Default)"="REG_SZ", "open"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\command]       "(Default)"=REG_SZ, ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" -- "%1""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\https\shell\open\ddeexec]       "(Default)"="REG_SZ", ""    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}]       "id"="REG_SZ", "5f7f726f9d85487ca76141512a015ff7"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}]       "(Default)"="REG_SZ", "CommandExecuteImpl Class"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\LocalServer32]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\delegate_execute.exe""       "ServerExecutable"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\delegate_execute.exe"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\Programmable]    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{b02a2afe-e28c-49de-9b45-1799294d410e}]       "id"="REG_SZ", "5f7f726f9d85487ca76141512a015ff7"    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B33BD6CF-BF4C-4CF0-AC84-B2974BC14ABD}]       "ad"="REG_SZ", "adblasterapp.com"       "id"="REG_SZ", "5f7f726f9d85487ca76141512a015ff7"       "ip"="REG_SZ", "371"       "ns"="REG_SZ", "ADBL"       "p"="REG_SZ", "371"       "v"="REG_SZ", "3.0.61"       "vp"="REG_SZ", "3.0.61371"    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet]       "(Default)"=REG_SZ, "AdBlaster"    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\AdBlaster]       "(Default)"="REG_SZ", "AdBlaster"    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\AdBlaster\Capabilities]       "ApplicationDescription"="REG_SZ", "Browser is a web browser that runs webpages and applications with lightning speed. It's fast, stable, and easy to use. Browse the web more safely with malware and phishing protection built into Browser."       "ApplicationIcon"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"       "ApplicationName"="REG_SZ", "AdBlaster"    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\AdBlaster\Capabilities\FileAssociations]       ".htm"="REG_SZ", "BrowserHTM"       ".html"="REG_SZ", "BrowserHTM"       ".shtml"="REG_SZ", "BrowserHTM"       ".webp"="REG_SZ", "BrowserHTM"       ".xht"="REG_SZ", "BrowserHTM"       ".xhtml"="REG_SZ", "BrowserHTM"    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\AdBlaster\Capabilities\Startmenu]       "StartMenuInternet"="REG_SZ", "AdBlaster"    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\AdBlaster\Capabilities\URLAssociations]       "ftp"="REG_SZ", "BrowserHTM"       "http"="REG_SZ", "BrowserHTM"       "https"="REG_SZ", "BrowserHTM"       "irc"="REG_SZ", "BrowserHTM"       "mailto"="REG_SZ", "BrowserHTM"       "mms"="REG_SZ", "BrowserHTM"       "news"="REG_SZ", "BrowserHTM"       "nntp"="REG_SZ", "BrowserHTM"       "sms"="REG_SZ", "BrowserHTM"       "smsto"="REG_SZ", "BrowserHTM"       "tel"="REG_SZ", "BrowserHTM"       "urn"="REG_SZ", "BrowserHTM"       "webcal"="REG_SZ", "BrowserHTM"    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\AdBlaster\DefaultIcon]       "(Default)"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\AdBlaster\InstallInfo]       "HideIconsCommand"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" --hide-icons"       "IconsVisible"="REG_DWORD", 1       "ReinstallCommand"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" --make-default-browser"       "ShowIconsCommand"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" --show-icons"    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\AdBlaster\shell\open\command]       "(Default)"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\browser.exe""    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\browser.exe]       "(Default)"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application\browser.exe"       "Path"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application"    [HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications]       "AdBlaster"="REG_SZ", "Software\Clients\StartMenuInternet\AdBlaster\Capabilities"    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Chromium]       "InstallerError"="REG_DWORD", 1       "InstallerResult"="REG_DWORD", 0       "InstallerSuccessLaunchCmdLine"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\browser.exe""       "name"="REG_SZ", "AdBlaster"       "oopcrashes"="REG_DWORD", 1       "pv"="REG_SZ", "40.0.2214.45"       "UninstallArguments"="REG_SZ", " --uninstall --system-level"       "UninstallString"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\Installer\setup.exe"       "usagestats"="REG_DWORD", 0    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Chromium\_NumAccounts]       "aggregate"="REG_SZ", "sum()"       "S-1-5-21-612512518-1730918975-1677248042-1002"="REG_DWORD", 1    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Chromium\_NumSignedIn]       "aggregate"="REG_SZ", "sum()"       "S-1-5-21-612512518-1730918975-1677248042-1002"="REG_DWORD", 0    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Chromium\Commands\on-os-upgrade]       "AutoRunOnOSUpgrade"="REG_DWORD", 1       "CommandLine"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\Installer\setup.exe" --on-os-upgrade --system-level --verbose-logging"    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components\{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}]       "(Default)"="REG_SZ", "AdBlaster"       "IsInstalled"="REG_DWORD", 1       "Localized Name"="REG_SZ", "AdBlaster"       "StubPath"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level"       "Version"="REG_SZ", "24,0,0,0"    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\MediaPlayer\ShimInclusionList\browser.exe]    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AdBlaster]       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"       "DisplayName"="REG_SZ", "AdBlaster"       "DisplayVersion"="REG_SZ", "40.0.2214.45"       "InstallDate"="REG_SZ", "20151117"       "InstallLocation"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application"       "NoModify"="REG_DWORD", 1       "NoRepair"="REG_DWORD", 1       "Publisher"="REG_SZ", "Helpful Applications"       "UninstallString"="REG_SZ", ""C:\Program Files (x86)\AdBlaster\Application\40.0.2214.45\Installer\setup.exe" --uninstall --system-level"       "Version"="REG_SZ", "40.0.2214.45"       "VersionMajor"="REG_DWORD", 2214       "VersionMinor"="REG_DWORD", 45    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SpeedBrowser]       "abl"="REG_SZ", "1"       "ct"="REG_SZ", "ct3334275"       "domain"="REG_SZ", "adblasterapp.com"    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]       "{5DF95998-423E-4144-A1B7-7AD5A9AB0B0C}"="REG_SZ", "v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\AdBlaster\Application\browser.exe|Name=Browser (mDNS-In)|Desc=Inbound rule for Browser to allow mDNS traffic.|EmbedCtxt=AdBlaster|"    [HKEY_USERS\.DEFAULT\Software\Browser\Backup]       "ds"="REG_SZ", "_gh"       "os"="REG_SZ", "1"    [HKEY_CURRENT_USER\Software\Browser\Backup]       "ad"="REG_SZ", "adblasterapp.com"       "ds"="REG_SZ", "_gh"       "id"="REG_SZ", "5f7f726f9d85487ca76141512a015ff7"       "os"="REG_SZ", "1"       "p"="REG_SZ", "371"       "vp"="REG_SZ", "3.0.61371"    [HKEY_CURRENT_USER\Software\Browser\Import]       "from"="REG_SZ", "BrowserHTM"    [HKEY_CURRENT_USER\Software\Chromium]       "lastrun"="REG_SZ", "13092214874159445"    [HKEY_CURRENT_USER\Software\Classes\.htm]       "(Default)"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Classes\.html]       "(Default)"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Classes\.shtml]       "(Default)"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Classes\.xht]       "(Default)"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Classes\.xhtml]       "(Default)"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Classes\ftp\DefaultIcon]       "(Default)"=REG_SZ, "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"    [HKEY_CURRENT_USER\Software\Classes\ftp\shell\open\command]       "(Default)"=REG_SZ, ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" -- "%1""    [HKEY_CURRENT_USER\Software\Classes\http\DefaultIcon]       "(Default)"=REG_SZ, "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"    [HKEY_CURRENT_USER\Software\Classes\http\shell\open\command]       "(Default)"=REG_SZ, ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" -- "%1""    [HKEY_CURRENT_USER\Software\Classes\https\DefaultIcon]       "(Default)"=REG_SZ, "C:\Program Files (x86)\AdBlaster\Application\browser.exe,0"    [HKEY_CURRENT_USER\Software\Classes\https\shell\open\command]       "(Default)"=REG_SZ, ""C:\Program Files (x86)\AdBlaster\Application\browser.exe" -- "%1""    [HKEY_CURRENT_USER\Software\Clients\StartMenuInternet]       "(Default)"=REG_SZ, "AdBlaster"    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]       "Progid"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]       "Progid"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]       "Progid"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]       "Progid"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]       "Progid"=REG_SZ, "BrowserHTM"    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]       "browser"="REG_SZ", "C:\Program Files (x86)\AdBlaster\Application\browser.exe"
Malwarebytes Anti-Malware log:

As mentioned before the full version of Malwarebytes Anti-Malware could have protected your computer against this threat.
We use different ways of protecting your computer(s):
  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.

			
		


		

		
			

		
	


	

	

		
Link to post

		
			
		
		
		

		
			
Share on other sites

			

	


	

	

		
	




	



					
					
						



	
	



					
					
				
			
			



		

	


	
	
	
	
	

	
		

			

				
					


    
          Share
    

    

        
        
            

            
        
    


				
				
					

				
                

                




				
			

		

	







	

		
			
				Go to topic listing
			
		
	

	




						


	

		
    
			
				
					
					
  • 

    
    
    
        
            Recently Browsing
        
        
          0 members
        
    
    
    
    
        
      
            
                
    • No registered users viewing this page.
      • 
            
        
    
        
    
    

    • 
				
			
		

	


					

					


					

				

			

			
		

		
         
 Back to top

      			
			


	

		×
		

			
				

					
				

			

			

			

			
		

	






	

		×
		

			
    
				
  • Create New...
    • 
				
			

		

	



			






















	

		

			
Important Information

			
This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.