Jump to content

Recommended Posts

Hey guys. So I have just gotten Malware Anti-Malware Bytes Pro about 2 weeks ago, and my Scheduler has not worked at all. I have daily quick scans and weekly full scans set to occur, but they never do. I am running a Windows 7 64 bit laptop computer.

 

Database Version: v2013.09.15.06

 

I would appreciate any help with the issue. Thanks.

Link to post
Share on other sites

  • Root Admin

Please click on START and then copy / paste each RED line below and click the OK button.
This should remove all current schedules and create the following scheduled tasks.

Remove all currrent shedules
mbam.exe /unschedule /all

Check for database updates every 4 hours
mbam.exe /schedule /update /silent /hourly /every 4 /starting 09/15/2013 16:25:00 /recover 2

Run a Quick Scan every day at 5:15PM
mbam.exe /schedule /scan -quick -log -silent -remove -reboot /silent /daily /every 1 /starting 09/15/2013 17:15:00 /recover 23

Link to post
Share on other sites

  • Root Admin

Please create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post, instead please attach the log CheckResults.txt file which should now be located on your desktop to your next post


 

Link to post
Share on other sites

Alright, here it is.

 

mbam-check result log version: 2.0.0.1000

 
Malwarebytes Version: REG_SZ 1.75.0.1300
 
Date Log Created: 09/18/13
Time Log Created: 15:16:09
 
User Account type: Administrator
 
64 bit Operating System
 
Product Name: REG_SZ Windows 7 Home Premium
 
Current Build Number: 7601
 
Current Version Number: 6.1
 
Current CSDVersion: Service Pack 1
 
Proxy Status: No proxy is Set
 
LAN Settings:
=============
 
only 'Automatically detect settings' is selected
 
SystemPartition:
================
 
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
 
Balloon Tips Status:
====================
 
Enabled
 
Time Format Settings:
=====================
 
Should be:
h:mm:ss tt
AM 
PM 
:
 
Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :
 
Language and Regional Settings:
===============================
 
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: 850 Please refer to this link for details: Here 
 
Startup Folders for Error_Expanding_Variables Check:
====================================================
 
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
 
 
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
 
TERMService:
==============
Type : 32
State : 1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE : 1077
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
TermService Start is set to: 3 (Manual Startup)
 
Compatibility Flag Settings (Any MBAM file listings should be removed):
=======================================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Users\Noah\Downloads\dxwebsetup (1).exeREG_SZ WINXPSP2
 
 
 
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
 
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
 
Service and Driver Status:
==========================
 
MBAMProtector:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
MBAMService:
==============
Type : 16
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
MBAMScheduler:
==============
Type : 16
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
 
 
MBAMProtector Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type                          REG_DWORD 2
Start                         REG_DWORD 3
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
Group                         REG_SZ FSFilter Anti-Virus
DependOnService               REG_MULTI_SZ FltMgr
 
WOW64                         REG_DWORD 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance               REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude                      REG_SZ 328800
Flags                         REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
MBAMService Registry Values:
============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
DependOnService               REG_MULTI_SZ MBAMProtector
 
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware service
DelayedAutostart              REG_DWORD 0
MBAMScheduler Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware scheduler
 
MBAM DLL's and Runtime Files:
=============================
 
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid
(Default):                    REG_SZ vbAccelerator Grid Control
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid
(Default):                    REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}
 
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass
(Default):                    REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid
(Default):                    REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}
 
HKEY_CLASSES_ROOT\SSubTimer6.CTimer
(Default):                    REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid
(Default):                    REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}
 
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass
(Default):                    REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid
(Default):                    REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}
 
 
 
 
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default):                    REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default):                    REG_SZ 1.0
 
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel                REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default):                    REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default):                    REG_SZ 1.0
 
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel                REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default):                    REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default):                    REG_SZ 1.0
 
 
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default):                    REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default):                    REG_SZ 2
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default):                    REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default):                    REG_SZ 2
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default):                    REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default):                    REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ _ISubclass
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ __CTimer
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ CTimer
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default):                    REG_SZ __vbalGrid
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default):                    REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version                       REG_SZ 1.1
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default):                    REG_SZ vbalGrid
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default):                    REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version                       REG_SZ 1.1
MBAM Registry Settings and License Info:
========================================
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
advancedheuristics            REG_DWORD 1
downloadprogram               REG_DWORD 1
hidereg                       REG_DWORD 0
detectp2p                     REG_DWORD 2
detectpum                     REG_DWORD 2
detectpup                     REG_DWORD 2
updatewarn                    REG_DWORD 1
updatewarndays                REG_DWORD 7
useproxy                      REG_DWORD 0
useauthentication             REG_DWORD 0
contextmenu                   REG_DWORD 1
reportthreats                 REG_DWORD 1
startwithwindows              REG_DWORD 1
startfsdisabled               REG_DWORD 0
startipdisabled               REG_DWORD 0
silentipmode                  REG_DWORD 0
autoquarantine                REG_DWORD 1
notifyinstallprogram          REG_DWORD 1
trialpromptshown              REG_DWORD 1
autoquarantinenotify          REG_DWORD 1
alwaysscanarchives            REG_DWORD 1
InstallPath                   REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
dbdate                        REG_SZ Wed, 18 Sep 2013 17:13:15 GMT
dbversion                     REG_SZ v2013.09.18.10
programversion                REG_SZ 1.75.0.1300
programbuild                  REG_SZ consumer
trialended                    REG_DWORD 0
ID                            XXXXX-XXXXX This is hidden data.
Key                           XXXX-XXXX-XXXX-XXXX This is hidden data.
SchedulerQueue                REG_MULTI_SZ 1052674, 30323248, 531502592, 4, 2 | 30323869, 3514822529
55582724, 30323255, 466731520, 1, 23 | 30323707, 3141513728
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial)
TrialId                       There is data here but it is hidden.
StartDate                     REG_SZ Wed, 28 Aug 2013 17:18:59 UTC
EndDate                       REG_SZ Wed, 11 Sep 2013 17:18:59 UTC
HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles               REG_DWORD 1
alwaysscanheuristics          REG_DWORD 1
alwaysscanmemory              REG_DWORD 1
alwaysscanregistry            REG_DWORD 1
alwaysscanstartups            REG_DWORD 1
autosavelog                   REG_DWORD 1
openlog                       REG_DWORD 1
defaultscan                   REG_DWORD 1
terminateie                   REG_DWORD 0
Language                      REG_SZ English.lng
selectedrives                 REG_SZ C:\|D:\|E:\|
HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles               REG_DWORD 1
alwaysscanheuristics          REG_DWORD 1
alwaysscanmemory              REG_DWORD 1
alwaysscanregistry            REG_DWORD 1
alwaysscanstartups            REG_DWORD 1
autosavelog                   REG_DWORD 1
openlog                       REG_DWORD 1
defaultscan                   REG_DWORD 0
terminateie                   REG_DWORD 0
selectedrives                 REG_SZ C:\|D:\|
HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles               REG_DWORD 1
alwaysscanheuristics          REG_DWORD 1
alwaysscanmemory              REG_DWORD 1
alwaysscanregistry            REG_DWORD 1
alwaysscanstartups            REG_DWORD 1
autosavelog                   REG_DWORD 1
openlog                       REG_DWORD 1
defaultscan                   REG_DWORD 0
terminateie                   REG_DWORD 0
selectedrives                 REG_SZ C:\|D:\|
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1
Inno Setup: Setup Version     REG_SZ 5.5.3-dev (a)
Inno Setup: App Path          REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
InstallLocation               REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\
Inno Setup: Icon Group        REG_SZ Malwarebytes' Anti-Malware
Inno Setup: User              REG_SZ Noah
Inno Setup: Selected Tasks    REG_SZ desktopicon
Inno Setup: Deselected Tasks  REG_SZ quicklaunchicon
Inno Setup: Language          REG_SZ English
DisplayName                   REG_SZ Malwarebytes Anti-Malware version 1.75.0.1300
DisplayIcon                   REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
UninstallString               REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
QuietUninstallString          REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENT
DisplayVersion                REG_SZ 1.75.0.1300
Publisher                     REG_SZ Malwarebytes Corporation
URLInfoAbout                  REG_SZ http://www.malwarebytes.org
NoModify                      REG_DWORD 1
NoRepair                      REG_DWORD 1
InstallDate                   REG_SZ 20130828
MajorVersion                  REG_DWORD 1
MinorVersion                  REG_DWORD 75
EstimatedSize                 REG_DWORD 19743
Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
 
Scheduler Queue:
================
 
Scheduled Item: Update Schedule Options: | Hourly | Silent
Start Time: 2013-09-15 16:25 Repeating Every: 4 Recover if missed by: 2
Scheduled Item: Scan Schedule Options: Quick Scan | Daily | Scan Remove | Scan Reboot | Scan Log | Silent
Start Time: 2013-09-15 17:15 Repeating Every: 1 Recover if missed by: 23
 
 
 
Context Menu Entries:
=====================
 
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
(Default):                    REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
 
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
(Default):                    REG_SZ IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
ThreadingModel                REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
(Default):                    REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
(Default):                    REG_SZ MBAMExt.MBAMShlExt
 
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default):                    REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default):                    REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
 
 
MBAM Drivers:
=============
 
C:\Windows\system32\drivers\mbam.sys File Size: 25928     BYTES FileVersion: 1.60.2.0
 
 
Required Dependencies:
======================
 
BFE:
==============
Type : 32
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ErrorControl                  REG_DWORD 1
Start                         REG_DWORD 2
Type                          REG_DWORD 32
DependOnService               REG_MULTI_SZ RpcSs
 
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
 
fltmgr:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded              REG_DWORD 1
DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group                         REG_SZ FSFilter Infrastructure
ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl                  REG_DWORD 3
Start                         REG_DWORD 0
Tag                           REG_DWORD 1
Type                          REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0                             REG_SZ Root\LEGACY_FLTMGR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
C:\Windows\system32\drivers\fltmgr.sys File Size: 289664    BYTES FileVersion: 6.1.7601.17514
C:\Windows\SysWOW64\olepro32.dll File Size: 90112     BYTES FileVersion: 6.1.7601.17514
 
 
List of MBAM Related Directories:
=================================
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware
7z.dll                         File Size:    914432 BYTES FileVersion: 9.20.0.0
changes.txt                   File Size:       200 BYTES
license.rtf                   File Size:     17916 BYTES
mbam.chm                       File Size:    474148 BYTES
mbam.dll                       File Size:    527944 BYTES FileVersion: 1.70.0.0
mbam.exe                       File Size:    887432 BYTES FileVersion: 1.75.0.1
mbamcore.dll                   File Size:   1127496 BYTES FileVersion: 1.70.0.0
mbamext.dll                   File Size:     95304 BYTES FileVersion: 1.70.0.0
mbamgui.exe                   File Size:    532040 BYTES FileVersion: 1.70.0.0
mbamnet.dll                   File Size:   2191944 BYTES FileVersion: 1.70.0.0
mbampt.exe                     File Size:     40008 BYTES FileVersion: 1.70.0.0
mbamscheduler.exe             File Size:    418376 BYTES FileVersion: 1.70.0.0
mbamservice.exe               File Size:    701512 BYTES FileVersion: 1.70.0.0
ssubtmr6.dll                   File Size:     46416 BYTES FileVersion: 1.1.0.3
unins000.dat                   File Size:     15518 BYTES
unins000.exe                   File Size:    712264 BYTES FileVersion: 51.52.0.0
unins000.msg                   File Size:     11277 BYTES
vbalsgrid6.ocx                 File Size:    496976 BYTES FileVersion: 2.0.0.40
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon
chameleon.chm                 File Size:    186068 BYTES
firefox.com                   File Size:    218184 BYTES
firefox.exe                   File Size:    218184 BYTES
firefox.pif                   File Size:    218184 BYTES
firefox.scr                   File Size:    218184 BYTES
iexplore.exe                   File Size:    218184 BYTES
mbam-chameleon.com             File Size:    218184 BYTES
mbam-chameleon.exe             File Size:    218184 BYTES
mbam-chameleon.pif             File Size:    218184 BYTES
mbam-chameleon.scr             File Size:    218184 BYTES
mbam-killer.exe               File Size:    896072 BYTES
rundll32.exe                   File Size:    218184 BYTES
svchost.exe                   File Size:    218184 BYTES
winlogon.exe                   File Size:    218184 BYTES
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languages
arabic.lng                     File Size:     21894 BYTES
belarusian.lng                 File Size:     26884 BYTES
bosnian.lng                   File Size:     27108 BYTES
bulgarian.lng                 File Size:     27574 BYTES
catalan.lng                   File Size:     28252 BYTES
chineseSI.lng                 File Size:     11024 BYTES
chineseTR.lng                 File Size:     11952 BYTES
croatian.lng                   File Size:     26670 BYTES
czech.lng                     File Size:     24874 BYTES
danish.lng                     File Size:     26582 BYTES
dutch.lng                     File Size:     28342 BYTES
english.lng                   File Size:     24542 BYTES
estonian.lng                   File Size:     25146 BYTES
finnish.lng                   File Size:     25950 BYTES
french.lng                     File Size:     29830 BYTES
german.lng                     File Size:     29894 BYTES
greek.lng                     File Size:     29300 BYTES
hebrew.lng                     File Size:     19362 BYTES
hungarian.lng                 File Size:     28666 BYTES
indonesian.lng                 File Size:     26854 BYTES
italian.lng                   File Size:     28194 BYTES
japanese.lng                   File Size:     16266 BYTES
korean.lng                     File Size:     14188 BYTES
latvian.lng                   File Size:     27100 BYTES
lithuanian.lng                 File Size:     27838 BYTES
norwegian.lng                 File Size:     25116 BYTES
polish.lng                     File Size:     26644 BYTES
portugueseBR.lng               File Size:     28654 BYTES
portuguesePT.lng               File Size:     29062 BYTES
romanian.lng                   File Size:     28290 BYTES
russian.lng                   File Size:     27302 BYTES
serbian.lng                   File Size:     26804 BYTES
slovak.lng                     File Size:     25644 BYTES
slovenian.lng                 File Size:     24852 BYTES
spanish.lng                   File Size:     30060 BYTES
swedish.lng                   File Size:     25992 BYTES
thai.lng                       File Size:     26092 BYTES
turkish.lng                   File Size:     25876 BYTES
vietnamese.lng                 File Size:     29528 BYTES
 
C:\Users\Noah\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware
 
C:\Users\Noah\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
mbam-log-2013-08-28 (11-20-40).txt File Size:      1870 BYTES
mbam-log-2013-08-29 (14-00-47).txt File Size:      1886 BYTES
mbam-log-2013-08-30 (13-03-26).txt File Size:      1888 BYTES
mbam-log-2013-09-05 (21-13-51).txt File Size:      1968 BYTES
mbam-log-2013-09-08 (12-13-31).txt File Size:      1974 BYTES
mbam-log-2013-09-14 (09-41-30).txt File Size:      1970 BYTES
 
C:\Users\Noah\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
 
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware
rules.ref                     File Size:   6386212 BYTES
 
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration
build.conf                     File Size:       140 BYTES
config.conf                   File Size:      4076 BYTES
custom.conf                   File Size:        20 BYTES
database.conf                 File Size:       432 BYTES
html.conf                     File Size:      2904 BYTES
local.conf                     File Size:       996 BYTES
manifest.conf                 File Size:      1752 BYTES
messaging.conf                 File Size:      1430 BYTES
news.conf                     File Size:       272 BYTES
 
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs
mbam-log-2013-09-07 (16-27-17).txt File Size:      1924 BYTES
mbam-log-2013-09-08 (16-27-15).txt File Size:      1926 BYTES
mbam-log-2013-09-09 (16-27-10).txt File Size:      1926 BYTES
mbam-log-2013-09-10 (16-27-09).txt File Size:      1924 BYTES
mbam-log-2013-09-11 (16-27-12).txt File Size:      1924 BYTES
mbam-log-2013-09-12 (16-27-13).txt File Size:      1924 BYTES
mbam-log-2013-09-13 (16-27-12).txt File Size:      1926 BYTES
mbam-log-2013-09-13 (16-27-13).txt File Size:      1968 BYTES
mbam-log-2013-09-14 (16-27-16).txt File Size:      1968 BYTES
mbam-log-2013-09-14 (16-27-17).txt File Size:      1926 BYTES
mbam-log-2013-09-15 (16-27-32).txt File Size:      1926 BYTES
mbam-log-2013-09-16 (06-37-44).txt File Size:      1924 BYTES
mbam-log-2013-09-16 (17-15-07).txt File Size:      1924 BYTES
mbam-log-2013-09-17 (17-15-32).txt File Size:      1926 BYTES
protection-log-2013-08-28.txt File Size:      3250 BYTES
protection-log-2013-08-29.txt File Size:       604 BYTES
protection-log-2013-08-30.txt File Size:      1618 BYTES
protection-log-2013-09-01.txt File Size:      2708 BYTES
protection-log-2013-09-02.txt File Size:       620 BYTES
protection-log-2013-09-03.txt File Size:       620 BYTES
protection-log-2013-09-04.txt File Size:      1076 BYTES
protection-log-2013-09-05.txt File Size:       604 BYTES
protection-log-2013-09-07.txt File Size:       436 BYTES
protection-log-2013-09-08.txt File Size:       662 BYTES
protection-log-2013-09-09.txt File Size:       436 BYTES
protection-log-2013-09-10.txt File Size:       436 BYTES
protection-log-2013-09-11.txt File Size:      1360 BYTES
protection-log-2013-09-12.txt File Size:       436 BYTES
protection-log-2013-09-13.txt File Size:       872 BYTES
protection-log-2013-09-14.txt File Size:       892 BYTES
protection-log-2013-09-15.txt File Size:      2000 BYTES
protection-log-2013-09-16.txt File Size:      3720 BYTES
protection-log-2013-09-17.txt File Size:      6150 BYTES
protection-log-2013-09-18.txt File Size:      2860 BYTES
 
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
 
===============================================================

END OF FILE

Link to post
Share on other sites

How do I get my key information? It says the order number but the key is censored like ****.

 

Hi:

 

Until AdvancedSetup returns to assist you with your scheduler issues, to answer this question about your ID & key:

  • If you purchased online, the ID and key will be in a confirmation email sent to you at the time of purchase.
  • If you purchased a CD, it will be somewhere in the box, typically on the CD sleeve.

The information can also be located in the Windows registry -- but, if you're not comfortable poking around there, I would suggest the other methods of obtaining the ID and key, first.

 

Additional helpful information about activation with the license ID and key: How do I activate Malwarebytes Anti-Malware?

 

Please wait for AdvancedSetup to further assist you. :)

 

Kind regards,

 

daledoc1

Link to post
Share on other sites

  • Root Admin

The information is already stored in your Registry if you've installed it before as shown in that canned message.

If you like you can also run this tool to get a copy of the registration information from the Registry.

 

GetMalwarebytesRegistration

It will place a copy of the registration details on your desktop named MyMalwarebytesRegistration.txt.  I would suggest moving it from the Desktop to your Documents folder.

 

 

Link to post
Share on other sites

Hi:

 

Sorry you are still having trouble with scheduled tasks.
 
Until AdvancedSetup returns, please re-run the mbam-check AND the DDS tool and attach the 3 logs to your next reply, so that he can re-assess the situation.
 
Thanks!
 
daledoc1

 

P.S. As you probably already know, scheduled UPDATES occur randomly in a 30-minute window that begins 15 minutes before and ends 15 minutes after the scheduled time. :)  Scheduled SCANS should take place at the exact time they are scheduled, assuming that the computer's power management settings aren't preventing it from happening.
---------------------------

Step 1 -- Create an mbam-check log:

Download mbam-check.exe from HERE and save it to your desktop.
Double-click on mbam-check.exe to run it, it should then open a log file.
Please attach to your next reply the CheckResults.txt file which should now be located on your desktop.

Then, if you can, please also upload your 3 most recent Protection module logs:

In Windows XP, these logs are located in: C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
In Windows Vista/7/8, these logs are located in: C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs



Step 2 -- Run DDS and create 2 logs:

Download DDS from one of the locations below and save it to your Desktop:
dds.scr
dds.com


Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once it is downloaded, you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  •  
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please attach both of the following logs to your next reply: DDS.txt and Attach.txt
    --->You can ignore the note about zipping the Attach.txt file in most cases.
Link to post
Share on other sites

Okay. Here's the mbam-check log:

 

mbam-check result log version: 2.0.0.1000

 
Malwarebytes Version: REG_SZ 1.75.0.1300
 
Date Log Created: 09/30/13
Time Log Created: 06:45:58
 
User Account type: Administrator
 
64 bit Operating System
 
Product Name: REG_SZ Windows 7 Home Premium
 
Current Build Number: 7601
 
Current Version Number: 6.1
 
Current CSDVersion: Service Pack 1
 
Proxy Status: No proxy is Set
 
LAN Settings:
=============
 
only 'Automatically detect settings' is selected
 
SystemPartition:
================
 
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
 
Balloon Tips Status:
====================
 
Enabled
 
Time Format Settings:
=====================
 
Should be:
h:mm:ss tt
AM 
PM 
:
 
Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :
 
Language and Regional Settings:
===============================
 
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: 850 Please refer to this link for details: Here 
 
Startup Folders for Error_Expanding_Variables Check:
====================================================
 
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
 
 
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
 
TERMService:
==============
Type : 32
State : 1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE : 1077
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
TermService Start is set to: 3 (Manual Startup)
 
Compatibility Flag Settings (Any MBAM file listings should be removed):
=======================================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Users\Noah\Downloads\dxwebsetup (1).exeREG_SZ WINXPSP2
 
 
 
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
 
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
 
Service and Driver Status:
==========================
 
MBAMProtector:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
MBAMService:
==============
Type : 16
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
MBAMScheduler:
==============
Type : 16
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
 
 
MBAMProtector Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type                          REG_DWORD 2
Start                         REG_DWORD 3
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
Group                         REG_SZ FSFilter Anti-Virus
DependOnService               REG_MULTI_SZ FltMgr
 
WOW64                         REG_DWORD 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance               REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude                      REG_SZ 328800
Flags                         REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
MBAMService Registry Values:
============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
DependOnService               REG_MULTI_SZ MBAMProtector
 
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware service
DelayedAutostart              REG_DWORD 0
MBAMScheduler Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware scheduler
 
MBAM DLL's and Runtime Files:
=============================
 
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid
(Default):                    REG_SZ vbAccelerator Grid Control
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid
(Default):                    REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}
 
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass
(Default):                    REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid
(Default):                    REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}
 
HKEY_CLASSES_ROOT\SSubTimer6.CTimer
(Default):                    REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid
(Default):                    REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}
 
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass
(Default):                    REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid
(Default):                    REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}
 
 
 
 
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default):                    REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default):                    REG_SZ 1.0
 
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel                REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default):                    REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default):                    REG_SZ 1.0
 
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel                REG_SZ Apartment
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default):                    REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default):                    REG_SZ 1.0
 
 
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default):                    REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default):                    REG_SZ 2
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default):                    REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default):                    REG_SZ 2
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default):                    REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default):                    REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ _ISubclass
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ ISubclass
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ __CTimer
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default):                    REG_SZ CTimer
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default):                    REG_SZ __vbalGrid
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default):                    REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version                       REG_SZ 1.1
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default):                    REG_SZ vbalGrid
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default):                    REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version                       REG_SZ 1.1
MBAM Registry Settings and License Info:
========================================
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
advancedheuristics            REG_DWORD 1
downloadprogram               REG_DWORD 1
hidereg                       REG_DWORD 0
detectp2p                     REG_DWORD 0
detectpum                     REG_DWORD 1
detectpup                     REG_DWORD 2
updatewarn                    REG_DWORD 1
updatewarndays                REG_DWORD 7
useproxy                      REG_DWORD 0
useauthentication             REG_DWORD 0
contextmenu                   REG_DWORD 1
reportthreats                 REG_DWORD 1
startwithwindows              REG_DWORD 1
startfsdisabled               REG_DWORD 0
startipdisabled               REG_DWORD 0
silentipmode                  REG_DWORD 0
autoquarantine                REG_DWORD 1
notifyinstallprogram          REG_DWORD 1
trialpromptshown              REG_DWORD 0
autoquarantinenotify          REG_DWORD 1
alwaysscanarchives            REG_DWORD 1
InstallPath                   REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
dbdate                        REG_SZ Mon, 30 Sep 2013 00:07:16 GMT
dbversion                     REG_SZ v2013.09.30.01
programversion                REG_SZ 1.75.0.1300
programbuild                  REG_SZ consumer
trialended                    REG_DWORD 1
ID                            XXXXX-XXXXX This is hidden data.
Key                           XXXX-XXXX-XXXX-XXXX This is hidden data.
SchedulerQueue                REG_MULTI_SZ 2113544, 30324131, 1875380224, 1, 23 | 30325589, 3813062656
3149826, 30324131, 1875380224, 1, 23 | 30326158, 184793778
2105348, 30324131, 1875380224, 1, 23 | 30326193, 1652815872
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial)
TrialId                       There is data here but it is hidden.
StartDate                     REG_SZ Wed, 28 Aug 2013 17:18:59 UTC
EndDate                       REG_SZ Wed, 11 Sep 2013 17:18:59 UTC
HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles               REG_DWORD 1
alwaysscanheuristics          REG_DWORD 1
alwaysscanmemory              REG_DWORD 1
alwaysscanregistry            REG_DWORD 1
alwaysscanstartups            REG_DWORD 1
autosavelog                   REG_DWORD 1
openlog                       REG_DWORD 1
defaultscan                   REG_DWORD 1
terminateie                   REG_DWORD 0
Language                      REG_SZ English.lng
selectedrives                 REG_SZ C:\|D:\|E:\|
HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles               REG_DWORD 1
alwaysscanheuristics          REG_DWORD 1
alwaysscanmemory              REG_DWORD 1
alwaysscanregistry            REG_DWORD 1
alwaysscanstartups            REG_DWORD 1
autosavelog                   REG_DWORD 1
openlog                       REG_DWORD 1
defaultscan                   REG_DWORD 0
terminateie                   REG_DWORD 0
HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles               REG_DWORD 1
alwaysscanheuristics          REG_DWORD 1
alwaysscanmemory              REG_DWORD 1
alwaysscanregistry            REG_DWORD 1
alwaysscanstartups            REG_DWORD 1
autosavelog                   REG_DWORD 1
openlog                       REG_DWORD 1
defaultscan                   REG_DWORD 0
terminateie                   REG_DWORD 0
 
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1
Inno Setup: Setup Version     REG_SZ 5.5.3-dev (a)
Inno Setup: App Path          REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
InstallLocation               REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\
Inno Setup: Icon Group        REG_SZ Malwarebytes' Anti-Malware
Inno Setup: User              REG_SZ Noah
Inno Setup: Selected Tasks    REG_SZ desktopicon
Inno Setup: Deselected Tasks  REG_SZ quicklaunchicon
Inno Setup: Language          REG_SZ English
DisplayName                   REG_SZ Malwarebytes Anti-Malware version 1.75.0.1300
DisplayIcon                   REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
UninstallString               REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
QuietUninstallString          REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENT
DisplayVersion                REG_SZ 1.75.0.1300
Publisher                     REG_SZ Malwarebytes Corporation
URLInfoAbout                  REG_SZ http://www.malwarebytes.org
NoModify                      REG_DWORD 1
NoRepair                      REG_DWORD 1
InstallDate                   REG_SZ 20130918
MajorVersion                  REG_DWORD 1
MinorVersion                  REG_DWORD 75
EstimatedSize                 REG_DWORD 19743
Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
 
Scheduler Queue:
================
 
Scheduled Item: Scan Schedule Options: Full Scan | Weekly | Wake From Sleep
Start Time: 2013-09-20 01:48 Repeating Every: 1 Recover if missed by: 23
Scheduled Item: Update Schedule Options: | Hourly | Silent | Wake From Sleep
Start Time: 2013-09-20 01:48 Repeating Every: 1 Recover if missed by: 23
Scheduled Item: Scan Schedule Options: Quick Scan | Daily | Wake From Sleep
Start Time: 2013-09-20 01:48 Repeating Every: 1 Recover if missed by: 23
 
 
 
Context Menu Entries:
=====================
 
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
(Default):                    REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
 
 
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
(Default):                    REG_SZ IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
Version                       REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
(Default):                    REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
ThreadingModel                REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
(Default):                    REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
(Default):                    REG_SZ MBAMExt.MBAMShlExt
 
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default):                    REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default):                    REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default):                    REG_SZ 0
HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware
 
 
MBAM Drivers:
=============
 
C:\Windows\system32\drivers\mbam.sys File Size: 25928     BYTES FileVersion: 1.60.2.0
 
 
Required Dependencies:
======================
 
BFE:
==============
Type : 32
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ErrorControl                  REG_DWORD 1
Start                         REG_DWORD 2
Type                          REG_DWORD 32
DependOnService               REG_MULTI_SZ RpcSs
 
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
 
fltmgr:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded              REG_DWORD 1
DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group                         REG_SZ FSFilter Infrastructure
ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl                  REG_DWORD 3
Start                         REG_DWORD 0
Tag                           REG_DWORD 1
Type                          REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0                             REG_SZ Root\LEGACY_FLTMGR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
C:\Windows\system32\drivers\fltmgr.sys File Size: 289664    BYTES FileVersion: 6.1.7601.17514
C:\Windows\SysWOW64\olepro32.dll File Size: 90112     BYTES FileVersion: 6.1.7601.17514
 
 
List of MBAM Related Directories:
=================================
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware
7z.dll                         File Size:    914432 BYTES FileVersion: 9.20.0.0
changes.txt                   File Size:       200 BYTES
license.rtf                   File Size:     17916 BYTES
mbam.chm                       File Size:    474148 BYTES
mbam.dll                       File Size:    527944 BYTES FileVersion: 1.70.0.0
mbam.exe                       File Size:    887432 BYTES FileVersion: 1.75.0.1
mbamcore.dll                   File Size:   1127496 BYTES FileVersion: 1.70.0.0
mbamext.dll                   File Size:     95304 BYTES FileVersion: 1.70.0.0
mbamgui.exe                   File Size:    532040 BYTES FileVersion: 1.70.0.0
mbamnet.dll                   File Size:   2191944 BYTES FileVersion: 1.70.0.0
mbampt.exe                     File Size:     40008 BYTES FileVersion: 1.70.0.0
mbamscheduler.exe             File Size:    418376 BYTES FileVersion: 1.70.0.0
mbamservice.exe               File Size:    701512 BYTES FileVersion: 1.70.0.0
ssubtmr6.dll                   File Size:     46416 BYTES FileVersion: 1.1.0.3
unins000.dat                   File Size:     15518 BYTES
unins000.exe                   File Size:    712264 BYTES FileVersion: 51.52.0.0
unins000.msg                   File Size:     11277 BYTES
vbalsgrid6.ocx                 File Size:    496976 BYTES FileVersion: 2.0.0.40
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware\9XHG-44WV-9NLW-UY1D
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware\9XHG-44WV-9NLW-UY1D\Configuration
news.conf                     File Size:       272 BYTES
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon
chameleon.chm                 File Size:    186068 BYTES
firefox.com                   File Size:    218184 BYTES
firefox.exe                   File Size:    218184 BYTES
firefox.pif                   File Size:    218184 BYTES
firefox.scr                   File Size:    218184 BYTES
iexplore.exe                   File Size:    218184 BYTES
mbam-chameleon.com             File Size:    218184 BYTES
mbam-chameleon.exe             File Size:    218184 BYTES
mbam-chameleon.pif             File Size:    218184 BYTES
mbam-chameleon.scr             File Size:    218184 BYTES
mbam-killer.exe               File Size:    896072 BYTES
rundll32.exe                   File Size:    218184 BYTES
svchost.exe                   File Size:    218184 BYTES
winlogon.exe                   File Size:    218184 BYTES
 
C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languages
arabic.lng                     File Size:     21894 BYTES
belarusian.lng                 File Size:     26884 BYTES
bosnian.lng                   File Size:     27108 BYTES
bulgarian.lng                 File Size:     27574 BYTES
catalan.lng                   File Size:     28252 BYTES
chineseSI.lng                 File Size:     11024 BYTES
chineseTR.lng                 File Size:     11952 BYTES
croatian.lng                   File Size:     26670 BYTES
czech.lng                     File Size:     24874 BYTES
danish.lng                     File Size:     26582 BYTES
dutch.lng                     File Size:     28342 BYTES
english.lng                   File Size:     24542 BYTES
estonian.lng                   File Size:     25146 BYTES
finnish.lng                   File Size:     25950 BYTES
french.lng                     File Size:     29830 BYTES
german.lng                     File Size:     29894 BYTES
greek.lng                     File Size:     29300 BYTES
hebrew.lng                     File Size:     19362 BYTES
hungarian.lng                 File Size:     28666 BYTES
indonesian.lng                 File Size:     26854 BYTES
italian.lng                   File Size:     28194 BYTES
japanese.lng                   File Size:     16266 BYTES
korean.lng                     File Size:     14188 BYTES
latvian.lng                   File Size:     27100 BYTES
lithuanian.lng                 File Size:     27838 BYTES
norwegian.lng                 File Size:     25116 BYTES
polish.lng                     File Size:     26644 BYTES
portugueseBR.lng               File Size:     28654 BYTES
portuguesePT.lng               File Size:     29062 BYTES
romanian.lng                   File Size:     28290 BYTES
russian.lng                   File Size:     27302 BYTES
serbian.lng                   File Size:     26804 BYTES
slovak.lng                     File Size:     25644 BYTES
slovenian.lng                 File Size:     24852 BYTES
spanish.lng                   File Size:     30060 BYTES
swedish.lng                   File Size:     25992 BYTES
thai.lng                       File Size:     26092 BYTES
turkish.lng                   File Size:     25876 BYTES
vietnamese.lng                 File Size:     29528 BYTES
 
C:\Users\Noah\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware
 
C:\Users\Noah\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
mbam-log-2013-09-18 (20-41-20).txt File Size:      1966 BYTES
mbam-log-2013-09-18 (20-42-13).txt File Size:      1916 BYTES
mbam-log-2013-09-18 (20-42-19).txt File Size:      1930 BYTES
mbam-log-2013-09-20 (17-01-49).txt File Size:      1914 BYTES
mbam-log-2013-09-20 (17-01-50).txt File Size:      1966 BYTES
mbam-log-2013-09-24 (20-24-54).txt File Size:      1968 BYTES
 
C:\Users\Noah\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
 
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware
rules.ref                     File Size:   6494148 BYTES
 
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration
build.conf                     File Size:       140 BYTES
config.conf                   File Size:      4076 BYTES
custom.conf                   File Size:        20 BYTES
database.conf                 File Size:       432 BYTES
html.conf                     File Size:      2904 BYTES
local.conf                     File Size:       999 BYTES
manifest.conf                 File Size:      1752 BYTES
messaging.conf                 File Size:      1430 BYTES
news.conf                     File Size:       272 BYTES
 
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs
protection-log-2013-09-18.txt File Size:      2730 BYTES
protection-log-2013-09-19.txt File Size:      4104 BYTES
protection-log-2013-09-20.txt File Size:      6322 BYTES
protection-log-2013-09-21.txt File Size:     12110 BYTES
protection-log-2013-09-22.txt File Size:      6994 BYTES
protection-log-2013-09-23.txt File Size:      6568 BYTES
protection-log-2013-09-24.txt File Size:      4378 BYTES
protection-log-2013-09-25.txt File Size:      5582 BYTES
protection-log-2013-09-26.txt File Size:      5304 BYTES
protection-log-2013-09-27.txt File Size:      6734 BYTES
protection-log-2013-09-28.txt File Size:     13130 BYTES
protection-log-2013-09-29.txt File Size:     11694 BYTES
 
===============================================================
END OF FILE
 

 

DDS.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 10.0.9200.16686  BrowserJavaVersion: 10.25.2
Run by Noah at 6:50:04 on 2013-09-30
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.2.1033.18.3835.1688 [GMT -6:00]
.
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.0.0.128\InstStub.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
TCP: NameServer = 65.87.230.4 65.87.230.5
TCP: Interfaces\{AB47A664-9292-4279-B638-3B1BDCB533BF} : DHCPNameServer = 65.87.230.4 65.87.230.5
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-10-22 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-11-16 203264]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-11-16 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-8-28 46136]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-18 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-10-22 38456]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-9-2 19456]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-9-2 57856]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2013-09-27 13:08:33 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E087DD5E-D466-4F51-89B4-53B208790BA0}\mpengine.dll
2013-09-24 22:45:04 3094128 ----a-w- C:\Users\Noah\worldpainter_64_1.6.3.exe
2013-09-24 01:51:57 -------- d-----w- C:\Users\Noah\AppData\Roaming\WorldPainter
2013-09-24 01:50:57 -------- d-----w- C:\Program Files\WorldPainter
2013-09-23 23:06:39 -------- d-----w- C:\Users\Noah\AppData\Roaming\.minecraft
2013-09-23 01:37:31 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2013-09-23 00:54:35 -------- d-----w- C:\Program Files (x86)\Origin Games
2013-09-22 23:49:12 -------- d-----w- C:\Users\Noah\AppData\Roaming\Origin
2013-09-22 23:49:10 -------- d-----w- C:\Users\Noah\AppData\Local\Origin
2013-09-22 23:47:06 -------- d-----w- C:\ProgramData\Origin
2013-09-22 23:47:06 -------- d-----w- C:\ProgramData\Electronic Arts
2013-09-22 23:47:03 -------- d-----w- C:\Program Files (x86)\Origin
2013-09-19 02:37:49 -------- d-----w- C:\Users\Noah\AppData\Roaming\Malwarebytes
2013-09-19 02:37:39 -------- d-----w- C:\ProgramData\Malwarebytes
2013-09-19 02:37:38 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-09-19 02:37:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-11 13:01:30 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-09-08 18:11:48 -------- d-----r- C:\Program Files (x86)\Skype
2013-09-02 21:40:27 -------- d-----w- C:\Users\Noah\AppData\Local\LogMeIn Hamachi
2013-09-02 21:39:12 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2013-09-02 16:19:44 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-09-02 16:19:44 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-09-02 14:19:45 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-09-02 14:12:05 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-02 14:12:00 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-09-02 14:05:56 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-09-02 14:05:54 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-09-02 14:05:54 111448 ----a-w- C:\Windows\System32\consent.exe
2013-09-02 14:05:53 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-09-02 14:05:13 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-02 14:05:12 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-09-02 14:05:12 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-02 14:05:12 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-02 14:05:12 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-02 14:05:11 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-02 14:05:11 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-02 14:04:52 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-09-02 14:04:51 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-09-02 14:04:50 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-09-02 14:04:50 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-09-02 14:04:17 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-09-02 14:04:16 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-09-02 14:04:16 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-09-02 14:04:16 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-09-02 14:04:15 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-09-02 14:04:15 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-09-02 14:04:15 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-09-02 14:04:15 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-09-02 14:03:42 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-09-02 14:03:42 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-09-02 14:03:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-09-02 14:03:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-09-02 14:01:20 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-09-02 14:01:20 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-09-02 14:00:42 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-09-02 14:00:42 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-09-02 14:00:40 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-02 14:00:31 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-09-02 14:00:31 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-09-02 14:00:28 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2013-09-02 14:00:03 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-09-02 14:00:02 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-09-02 14:00:00 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-09-02 02:13:27 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-09-02 02:13:27 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-09-02 02:13:27 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-09-02 02:13:27 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-09-02 02:11:09 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-09-02 02:11:09 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-09-02 02:11:08 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-09-02 02:11:08 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-09-02 02:11:07 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-09-02 02:11:07 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-09-02 02:11:07 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-09-02 01:49:01 2315776 ----a-w- C:\Windows\System32\tquery.dll
2013-09-02 01:49:01 2223616 ----a-w- C:\Windows\System32\mssrch.dll
2013-09-02 01:49:00 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2013-09-02 01:49:00 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2013-09-02 01:49:00 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll
2013-09-02 01:49:00 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll
2013-09-02 01:47:50 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2013-09-02 01:46:59 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-09-02 01:42:50 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-09-02 01:39:57 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-09-02 01:39:57 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2013-09-02 01:38:36 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2013-09-02 01:38:36 31232 ----a-w- C:\Windows\System32\prevhost.exe
2013-09-02 01:38:34 67072 ----a-w- C:\Windows\splwow64.exe
2013-09-02 01:38:34 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-09-01 14:24:07 -------- d-----w- C:\Windows\System32\SPReview
2013-09-01 14:23:15 -------- d-----w- C:\Windows\System32\EventProviders
2013-08-31 16:46:58 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2013-08-31 16:45:59 584192 ----a-w- C:\Windows\System32\ipsmsnap.dll
2013-08-31 16:44:59 933376 ----a-w- C:\Windows\System32\SmiEngine.dll
2013-08-31 16:43:59 90112 ----a-w- C:\Windows\SysWow64\srvcli.dll
2013-08-31 16:42:52 399872 ----a-w- C:\Windows\System32\dpx.dll
2013-08-31 16:42:52 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
2013-08-31 16:42:10 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2013-08-31 16:42:10 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2013-08-31 16:38:35 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
.
==================== Find3M  ====================
.
2013-09-02 01:10:24 175616 ----a-w- C:\Windows\System32\msclmd.dll
2013-09-02 01:10:24 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-08-28 21:20:13 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-08-28 21:14:57 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-08-28 21:12:00 1892184 ----a-w- C:\Windows\SysWow64\d3dx9_42.dll
2013-08-28 17:13:59 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-28 17:13:56 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-08-28 17:13:56 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-07 10:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.

============= FINISH:  6:51:52.03 ===============

Link to post
Share on other sites

(It said the post was too long, so sorry for double posting)

 

Attach.txt

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 28/08/2013 10:41:26 AM
System Uptime: 28/09/2013 1:01:24 AM (53 hours ago)
.
Motherboard: Hewlett-Packard |  | 1604
Processor: AMD Athlon II P340 Dual-Core Processor | Socket S1G4 | 2200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 281 GiB total, 218.666 GiB free.
D: is FIXED (NTFS) - 17 GiB total, 2.49 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP22: 07/09/2013 7:57:41 AM - Windows Update
RP23: 12/09/2013 6:34:23 AM - Windows Update
RP24: 17/09/2013 7:16:10 AM - Windows Update
RP25: 22/09/2013 7:33:12 PM - Installed DirectX
RP26: 24/09/2013 7:04:10 AM - Windows Update
RP27: 25/09/2013 6:39:39 AM - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3 MUI
Adobe Shockwave Player 11.5
Agatha Christie - Death on the Nile
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD USB Filter Driver
AMD VISION Engine Control Center
Atheros Driver Installation Program
Battlefield 1942™
Bejeweled 2 Deluxe
Bing Bar
Blackhawk Striker 2
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink DVD Suite
CyberLink PowerDVD 9
CyberLink YouCam
Dora's Carnival Adventure
Energy Star Digital Logo
Escape Rosecliff Island
ESU for Microsoft Windows 7
FATE
Final Drive Nitro
GIMP 2.8.6
Google Chrome
Google Update Helper
Hearts of Iron III
HP Advisor
HP Customer Experience Enhancements
HP Documentation
HP Game Console
HP Games
HP Power Manager
HP Quick Launch
HP Setup
HP Software Framework
HP Support Assistant
HP Wireless Assistant
HPAsset component for HP Active Support Library
Java 7 Update 25
Java Auto Updater
Java 6 Update 20 (64-bit)
Jewel Quest - Heritage
Junk Mail filter update
LabelPrint
LightScribe System Software
LogMeIn Hamachi
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
MSVCRT
Norton Internet Security
Norton Online Backup
Origin
Penguins!
PhotoNow!
Plants vs. Zombies
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
Recovery Manager
RtVOsd
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Sid Meier's Civilization V
Skype Click to Call
Skype™ 6.7
Steam
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Victoria II
Virtual Villagers - The Secret City
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR 5.00 (32-bit)
WorldPainter 1.6.3
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
29/09/2013 8:36:40 PM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
29/09/2013 7:11:47 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RtVOsdService service.
28/09/2013 7:04:57 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.
26/09/2013 6:37:12 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
26/09/2013 6:37:12 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
25/09/2013 6:44:30 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001a (0x0000000000041790, 0xfffffa8002417550, 0x000000000000ffff, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092513-35849-01.
25/09/2013 6:39:29 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}
25/09/2013 6:39:28 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
25/09/2013 6:39:28 AM, Error: Service Control Manager [7000]  - The Volume Shadow Copy service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
24/09/2013 6:51:34 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
23/09/2013 7:01:48 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
23/09/2013 4:08:16 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
23/09/2013 4:08:16 PM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 
Link to post
Share on other sites

(It said the post was too long, so sorry for double posting)

 

Attach.txt

This is why we ask you to ATTACH the files instead of copy and past ;) .....

For future reference, You can attach the files by clicking on More Reply Options (bottom right of the window you are typing in).... Either way someone will review your logs and get back with you....

Link to post
Share on other sites

  • Root Admin

Well the Event Logs show that something is going on that may be either an infection or possibly a software conflict as processes are not responding.

 

You can either contact the Helpdesk for further assistance of post in the Malware Removal forum and someone will assist you in checking your computer for a possible infection.

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.


 

 

 

==== Event Viewer Messages From Past Week ========
.
29/09/2013 8:36:40 PM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
29/09/2013 7:11:47 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RtVOsdService service.
28/09/2013 7:04:57 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.
26/09/2013 6:37:12 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
26/09/2013 6:37:12 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
25/09/2013 6:44:30 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000001a (0x0000000000041790, 0xfffffa8002417550, 0x000000000000ffff, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 092513-35849-01.
25/09/2013 6:39:29 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}
25/09/2013 6:39:28 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Volume Shadow Copy service to connect.
25/09/2013 6:39:28 AM, Error: Service Control Manager [7000]  - The Volume Shadow Copy service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
24/09/2013 6:51:34 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
23/09/2013 7:01:48 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
23/09/2013 4:08:16 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
23/09/2013 4:08:16 PM, Error: Service Control Manager [7000]  - The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
Link to post
Share on other sites

Assuming you bought it through the MBAM store....

You should contact Cleverbridge.....

If you lost your ID and License Key then send an email to: cs@cleverbridge.com

cs@cleverbridge.com

Phone: +1-866-522-6855

Monday - Friday: 8:00 AM - 8:00 PM (CST)

Also, their contact info can be found HERE.

when you get the email Print it out

Malwarebytes Tech support does not have any access to, nor information pertaining to any sales\shipping\user account\registration issues.

If you need anything else just post.

Thanks :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.