Sign in to follow this  
Followers 0
Alikhan

mbamservice.exe taking 100mb ram when idle

7 posts in this topic

I'm using Avast Internet Security with Malwarebytes and since my upgrade to Windows 8, Malwarebytes is taking up 100mb of ram all the time. I've set all the exclusions and it's made no difference. I've even done a clean install using mbam-clean.exe and it didn't make a difference too. Is this supposed to be normal?

post-89152-0-94915900-1362326415.gif

Share this post


Link to post
Share on other sites

Hello and :welcome:

This is not uncommon and the memory usage varies depending on ones computer configuration, hardware, memory, number of files.... You probably have nothing to worry about. If you would like you could provide some logs for us and we can have a look...

Please post an mbam-check log:

Create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please attach the CheckResults.txt file which should now be located on your desktop to your next reply

Next, Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool, on Vista or Win 7 right click and select Run as administrator

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.


  • When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt
    You can ignore the note about zipping the Attach.txt file in most cases.

Share this post


Link to post
Share on other sites

The only reason I'm concerned is that I'm using the same security combination upstairs with Windows 7 and that takes between 40-50mb ram when idle.

mbam-check result log version: 2.0.0.1000

Malwarebytes Version: REG_SZ 1.70.0.1100

Date Log Created: 03/03/13

Time Log Created: 16:49:46

User Account type: Administrator

64 bit Operating System

Product Name: REG_SZ Windows 8 Pro

Current Build Number: 9200

Current Version Number: 6.2

Current CSDVersion:

Proxy Status: No proxy is Set

LAN Settings:

=============

only 'Automatically detect settings' is selected

SystemPartition:

================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\

SystemPartition REG_SZ \Device\HarddiskVolume2

Balloon Tips Status:

====================

Enabled

Time Format Settings:

=====================

Should be:

h:mm:ss tt

AM

PM

:

Currently:

REG_SZ h:mm:ss tt

REG_SZ AM

REG_SZ PM

REG_SZ :

Language and Regional Settings:

===============================

ACP: Language is English (United States)

MACCP: Language is English (United States)

OEMCP: 850 Please refer to this link for details: Here

Startup Folders for Error_Expanding_Variables Check:

====================================================

All Users Startup Folder Exists.

Current User's Startup Folder Exists.

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

===============================================================================

TERMService:

==============

Type : 32

State : 1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE : 1077

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

TermService Start is set to: 3 (Manual Startup)

Compatibility Flag Settings (Any MBAM file listings should be removed):

=======================================================================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

C:\Users\Ali Khan\Desktop\Auroradvdcopy.exeREG_SZ $ Win8RTM

Malwarebytes Anti-Malware Shell Extension Block Check:

======================================================

MBAM Startup Entries:

=====================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Service and Driver Status:

==========================

MBAMProtector:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

MBAMService:

==============

Type : 16

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

MBAMScheduler:

==============

Type : 16

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

<--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon

MBAMProtector Registry Values:

==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector

Type REG_DWORD 2

Start REG_DWORD 3

ErrorControl REG_DWORD 1

ImagePath REG_EXPAND_SZ \??\C:\WINDOWS\system32\drivers\mbam.sys

Group REG_SZ FSFilter Anti-Virus

DependOnService REG_MULTI_SZ FltMgr

WOW64 REG_DWORD 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances

DefaultInstance REG_SZ MBAMProtector Instance

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance

Altitude REG_SZ 328800

Flags REG_DWORD 0

MBAMService Registry Values:

============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService

Type REG_DWORD 16

Start REG_DWORD 2

ErrorControl REG_DWORD 1

ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"

DependOnService REG_MULTI_SZ MBAMProtector

WOW64 REG_DWORD 1

ObjectName REG_SZ LocalSystem

Description REG_SZ Malwarebytes Anti-Malware service

DelayedAutostart REG_DWORD 0

MBAMScheduler Registry Values:

==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler

Type REG_DWORD 16

Start REG_DWORD 2

ErrorControl REG_DWORD 1

ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"

WOW64 REG_DWORD 1

ObjectName REG_SZ LocalSystem

Description REG_SZ Malwarebytes Anti-Malware scheduler

MBAM DLL's and Runtime Files:

=============================

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid

(Default): REG_SZ vbAccelerator Grid Control

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid

(Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass

(Default): REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid

(Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.CTimer

(Default): REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid

(Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass

(Default): REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid

(Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default): REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel REG_SZ Apartment

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default): REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel REG_SZ Apartment

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default): REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default): REG_SZ 1.0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1

(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS

(Default): REG_SZ 2

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1

(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS

(Default): REG_SZ 2

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0

(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0

(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ _ISubclass

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ ISubclass

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ __CTimer

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}

(Default): REG_SZ CTimer

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}

(Default): REG_SZ __vbalGrid

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib

(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}

Version REG_SZ 1.1

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}

(Default): REG_SZ vbalGrid

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32

(Default): REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib

(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}

Version REG_SZ 1.1

MBAM Registry Settings and License Info:

========================================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware

advancedheuristics REG_DWORD 1

downloadprogram REG_DWORD 1

hidereg REG_DWORD 0

detectp2p REG_DWORD 0

detectpum REG_DWORD 1

detectpup REG_DWORD 2

updatewarn REG_DWORD 1

updatewarndays REG_DWORD 7

useproxy REG_DWORD 0

useauthentication REG_DWORD 0

contextmenu REG_DWORD 1

reportthreats REG_DWORD 0

startwithwindows REG_DWORD 1

startfsdisabled REG_DWORD 0

startipdisabled REG_DWORD 0

silentipmode REG_DWORD 0

autoquarantine REG_DWORD 1

notifyinstallprogram REG_DWORD 1

trialpromptshown REG_DWORD 0

autoquarantinenotify REG_DWORD 1

InstallPath REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

dbdate REG_SZ Sun, 03 Mar 2013 15:35:19 GMT

dbversion REG_SZ v2013.03.03.07

programversion REG_SZ 1.70.0.1100

programbuild REG_SZ consumer

ID XXXXX This is hidden data.

Key XXXX-XXXX-XXXX-XXXX This is hidden data.

SchedulerQueue REG_MULTI_SZ 2101250, 30283188, 3321380352, 1, 23 | 30283815, 2353519505

4160, 0, 0, 0, 0 | 0, 0

HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles REG_DWORD 1

alwaysscanheuristics REG_DWORD 1

alwaysscanmemory REG_DWORD 1

alwaysscanregistry REG_DWORD 1

alwaysscanstartups REG_DWORD 1

autosavelog REG_DWORD 1

openlog REG_DWORD 1

defaultscan REG_DWORD 1

terminateie REG_DWORD 0

Language REG_SZ English.lng

selectedrives REG_SZ C:\|E:\|

HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles REG_DWORD 1

alwaysscanheuristics REG_DWORD 1

alwaysscanmemory REG_DWORD 1

alwaysscanregistry REG_DWORD 1

alwaysscanstartups REG_DWORD 1

autosavelog REG_DWORD 1

openlog REG_DWORD 1

defaultscan REG_DWORD 0

terminateie REG_DWORD 0

HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles REG_DWORD 1

alwaysscanheuristics REG_DWORD 1

alwaysscanmemory REG_DWORD 1

alwaysscanregistry REG_DWORD 1

alwaysscanstartups REG_DWORD 1

autosavelog REG_DWORD 1

openlog REG_DWORD 1

defaultscan REG_DWORD 0

terminateie REG_DWORD 0

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

Inno Setup: Setup Version REG_SZ 5.5.3-dev (a)

Inno Setup: App Path REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

InstallLocation REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\

Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware

Inno Setup: User REG_SZ Ali Khan

Inno Setup: Selected Tasks REG_SZ desktopicon

Inno Setup: Deselected Tasks REG_SZ quicklaunchicon

Inno Setup: Language REG_SZ English

DisplayName REG_SZ Malwarebytes Anti-Malware version 1.70.0.1100

DisplayIcon REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

UninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"

QuietUninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENT

DisplayVersion REG_SZ 1.70.0.1100

Publisher REG_SZ Malwarebytes Corporation

URLInfoAbout REG_SZ http://www.malwarebytes.org

NoModify REG_DWORD 1

NoRepair REG_DWORD 1

InstallDate REG_SZ 20130228

MajorVersion REG_DWORD 1

MinorVersion REG_DWORD 70

EstimatedSize REG_DWORD 18968

Pending File Rename Operations:

================================

If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

Scheduler Queue:

================

Scheduled Item: Update Schedule Options: | Hourly | Wake From Sleep

Start Time: 2013-02-28 13:09 Repeating Every: 1 Recover if missed by: 23

Scheduled Item: Update Schedule Options: | OnReboot

Start Time: OnReboot

Context Menu Entries:

=====================

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt

(Default): REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer

(Default): REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1

(Default): REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID

(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}

(Default): REG_SZ IMBAMShlExt

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32

(Default): REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib

(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

Version REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}

(Default): REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll

ThreadingModel REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID

(Default): REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib

(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID

(Default): REG_SZ MBAMExt.MBAMShlExt

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default): REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default): REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default): REG_SZ 0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware

MBAM Drivers:

=============

C:\WINDOWS\system32\drivers\mbam.sys File Size: 24176 BYTES FileVersion: 1.60.2.0

Required Dependencies:

======================

BFE:

==============

Type : 32

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

DisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001

ErrorControl REG_DWORD 1

Group REG_SZ NetworkProvider

ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork

Start REG_DWORD 2

Type REG_DWORD 32

Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002

DependOnService REG_MULTI_SZ RpcSs

WfpLwfs

ObjectName REG_SZ NT AUTHORITY\LocalService

ServiceSidType REG_DWORD 3

RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege

FailureActions REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters

ServiceDllUnloadOnStop REG_DWORD 1

ServiceMain REG_SZ BfeServiceMain

ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll

fltmgr:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr

AttachWhenLoaded REG_DWORD 1

DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001

ErrorControl REG_DWORD 3

Group REG_SZ FSFilter Infrastructure

ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys

Start REG_DWORD 0

Tag REG_DWORD 1

Type REG_DWORD 2

Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000

C:\WINDOWS\system32\drivers\fltmgr.sys File Size: 374512 BYTES FileVersion: 6.2.9200.16384

C:\WINDOWS\SysWOW64\mscomctl.ocx File Size: 1070152 BYTES FileVersion: 6.1.98.34

C:\WINDOWS\SysWOW64\olepro32.dll File Size: 79360 BYTES FileVersion: 6.2.9200.16384

List of MBAM Related Directories:

=================================

C:\Program Files (x86)\Malwarebytes' Anti-Malware

changes.txt File Size: 2128 BYTES

license.rtf File Size: 17916 BYTES

mbam.chm File Size: 469873 BYTES

mbam.dll File Size: 508264 BYTES FileVersion: 1.70.0.0

mbam.exe File Size: 824232 BYTES FileVersion: 1.70.0.9

mbamcore.dll File Size: 1091432 BYTES FileVersion: 1.70.0.0

mbamext.dll File Size: 93544 BYTES FileVersion: 1.70.0.0

mbamgui.exe File Size: 512360 BYTES FileVersion: 1.70.0.0

mbamnet.dll File Size: 2171240 BYTES FileVersion: 1.70.0.0

mbampt.exe File Size: 38248 BYTES FileVersion: 1.70.0.0

mbamscheduler.exe File Size: 398184 BYTES FileVersion: 1.70.0.0

mbamservice.exe File Size: 682344 BYTES FileVersion: 1.70.0.0

mbamtoast.dll File Size: 74312 BYTES FileVersion: 1.70.0.0

ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3

unins000.dat File Size: 15893 BYTES

unins000.exe File Size: 710504 BYTES FileVersion: 51.52.0.0

unins000.msg File Size: 11277 BYTES

vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40

C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon

chameleon.chm File Size: 186068 BYTES

firefox.com File Size: 216424 BYTES

firefox.exe File Size: 216424 BYTES

firefox.pif File Size: 216424 BYTES

firefox.scr File Size: 216424 BYTES

iexplore.exe File Size: 216424 BYTES

mbam-chameleon.com File Size: 216424 BYTES

mbam-chameleon.exe File Size: 216424 BYTES

mbam-chameleon.pif File Size: 216424 BYTES

mbam-chameleon.scr File Size: 216424 BYTES

mbam-killer.exe File Size: 894312 BYTES

rundll32.exe File Size: 216424 BYTES

svchost.exe File Size: 216424 BYTES

winlogon.exe File Size: 216424 BYTES

C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languages

arabic.lng File Size: 21728 BYTES

belarusian.lng File Size: 26766 BYTES

bosnian.lng File Size: 26988 BYTES

bulgarian.lng File Size: 27400 BYTES

catalan.lng File Size: 28114 BYTES

chineseSI.lng File Size: 10970 BYTES

chineseTR.lng File Size: 11894 BYTES

croatian.lng File Size: 26576 BYTES

czech.lng File Size: 24682 BYTES

danish.lng File Size: 26434 BYTES

dutch.lng File Size: 28142 BYTES

english.lng File Size: 24418 BYTES

estonian.lng File Size: 25014 BYTES

finnish.lng File Size: 25770 BYTES

french.lng File Size: 29674 BYTES

german.lng File Size: 29698 BYTES

greek.lng File Size: 29116 BYTES

hebrew.lng File Size: 19202 BYTES

hungarian.lng File Size: 28430 BYTES

italian.lng File Size: 28022 BYTES

japanese.lng File Size: 16140 BYTES

korean.lng File Size: 14096 BYTES

latvian.lng File Size: 26916 BYTES

lithuanian.lng File Size: 27664 BYTES

macedonian.lng File Size: 28864 BYTES

norwegian.lng File Size: 24978 BYTES

polish.lng File Size: 26484 BYTES

portugueseBR.lng File Size: 28544 BYTES

portuguesePT.lng File Size: 28904 BYTES

romanian.lng File Size: 28090 BYTES

russian.lng File Size: 27134 BYTES

serbian.lng File Size: 26662 BYTES

slovak.lng File Size: 25486 BYTES

slovenian.lng File Size: 24696 BYTES

spanish.lng File Size: 29902 BYTES

swedish.lng File Size: 25800 BYTES

thai.lng File Size: 25884 BYTES

turkish.lng File Size: 25800 BYTES

vietnamese.lng File Size: 29400 BYTES

C:\Users\Ali Khan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware

C:\Users\Ali Khan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

mbam-log-2013-02-28 (16-55-12).txt File Size: 1896 BYTES

mbam-log-2013-02-28 (20-25-28).txt File Size: 1918 BYTES

mbam-log-2013-03-01 (14-20-44).txt File Size: 1892 BYTES

mbam-log-2013-03-02 (22-12-29).txt File Size: 1880 BYTES

mbam-log-2013-03-02 (22-12-45).txt File Size: 1920 BYTES

C:\Users\Ali Khan\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware

exclusions.dat File Size: 320 BYTES

rules.ref File Size: 5972104 BYTES

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration

build.conf File Size: 140 BYTES

config.conf File Size: 3970 BYTES

custom.conf File Size: 20 BYTES

database.conf File Size: 432 BYTES

html.conf File Size: 2762 BYTES

local.conf File Size: 1176 BYTES

manifest.conf File Size: 1752 BYTES

messaging.conf File Size: 1430 BYTES

news.conf File Size: 405 BYTES

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

protection-log-2013-02-28.txt File Size: 18968 BYTES

protection-log-2013-03-01.txt File Size: 24802 BYTES

protection-log-2013-03-02.txt File Size: 5022 BYTES

protection-log-2013-03-03.txt File Size: 2770 BYTES

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

===============================================================

END OF FILE

Share this post


Link to post
Share on other sites

I disabled my AV while running DDS.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16482

Run by Ali Khan at 16:53:40 on 2013-03-03

Microsoft Windows 8 Pro 6.2.9200.0.1252.44.1033.18.3874.2213 [GMT 0:00]

.

AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Program Files\AVAST Software\Avast\afwServ.exe

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\WINDOWS\system32\AdminService.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\system32\dashost.exe

C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\WINDOWS\System32\dwm.exe

C:\WINDOWS\system32\svchost.exe -k GPSvcGroup

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\taskhostex.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe

C:\Windows\System32\RuntimeBroker.exe

C:\WINDOWS\system32\taskeng.exe

C:\WINDOWS\system32\taskeng.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Windows\AsScrPro.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Users\Ali Khan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ali Khan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ali Khan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ali Khan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ali Khan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ali Khan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Ali Khan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\WINDOWS\SysWOW64\ctfmon.exe

C:\Users\Ali Khan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://asus.msn.com

uDefault_Page_URL = hxxp://asus.msn.com

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL

BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL

BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker32.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Conime] C:\WINDOWS\System32\conime.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:255

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{88B4C9BC-E42F-4DD2-BCA7-4E6EA52B551C} : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{CAA6E7FA-BA17-4714-A626-D1F15B7B0A83} : DHCPNameServer = 192.168.0.1

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-mStart Page = about:blank

x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - <orphaned>

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL

x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL

x64-BHO: avast! Ad Blocker: {FFCB3198-32F3-4E8B-9539-4324694ED663} - C:\Program Files (x86)\AVAST Software\avast! Ad Blocker IE\Adblocker64.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe

x64-Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3

x64-mPolicies-Explorer: NoDriveAutoRun = dword:67108863

x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:255

x64-mPolicies-System: PromptOnSecureDesktop = dword:0

x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll

x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\Drivers\aswRvrt.sys [2013-2-28 65408]

R0 aswVmm;aswVmm;C:\WINDOWS\System32\Drivers\aswVmm.sys [2013-2-28 177672]

R1 aswFW;avast! TDI Firewall driver;C:\WINDOWS\System32\Drivers\aswFW.sys [2013-2-28 127208]

R1 aswKbd;aswKbd;C:\WINDOWS\System32\Drivers\aswKbd.sys [2013-2-28 22664]

R1 aswNdisFlt;Avast! Firewall Driver;C:\WINDOWS\System32\Drivers\aswNdisFlt.sys [2013-2-28 269872]

R1 aswSnx;aswSnx;C:\WINDOWS\System32\Drivers\aswSnx.sys [2013-2-28 1025880]

R1 aswSP;aswSP;C:\WINDOWS\System32\Drivers\aswSP.sys [2013-2-28 377992]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

R2 AFBAgent;AFBAgent;C:\WINDOWS\System32\FBAgent.exe [2011-4-1 379520]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\System32\Drivers\aswFsBlk.sys [2013-2-28 33472]

R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\Drivers\aswMonFlt.sys [2013-2-28 80888]

R2 AtherosSvc;AtherosSvc;C:\WINDOWS\System32\AdminService.exe [2012-8-29 208384]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-2-28 45248]

R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2013-2-28 136912]

R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]

R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-28 398184]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-28 682344]

R2 SrvUpdater;Software Updater;C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [2013-2-18 32256]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-1 2655768]

R3 BtFilter;BtFilter;C:\WINDOWS\System32\Drivers\btfilter.sys [2012-8-29 565760]

R3 ETD;ELAN PS/2 Port Input Device;C:\WINDOWS\System32\Drivers\ETD.sys [2011-4-1 138024]

R3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\Drivers\IntcDAud.sys [2010-10-14 317440]

R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\Drivers\L1C63x64.sys [2012-6-22 110744]

R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2013-2-28 24176]

R3 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2012-10-1 178824]

S3 Revoflt;Revoflt;C:\WINDOWS\System32\Drivers\revoflt.sys [2013-2-25 31800]

S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-7 161384]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-26 117248]

S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\Drivers\WSDScan.sys [2013-2-24 23552]

.

=============== File Associations ===============

.

FileExt: .vbs: VBSFile="C:\WINDOWS\System32\WScript.exe" "%1" %* [userChoice]

.

=============== Created Last 30 ================

.

2013-03-01 14:52:08 -------- d-----w- C:\WINDOWS\SysWow64\Adobe

2013-02-28 20:08:17 -------- d-----w- C:\Program Files (x86)\SoftwareUpdater

2013-02-28 19:55:56 -------- d-----w- C:\Program Files (x86)\AVAST Software

2013-02-28 13:28:19 -------- d-----w- C:\Users\Ali Khan\AppData\Roaming\Malwarebytes

2013-02-28 13:28:12 -------- d-----w- C:\ProgramData\Malwarebytes

2013-02-28 13:28:11 24176 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2013-02-28 13:28:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-02-28 13:12:08 127208 ----a-w- C:\WINDOWS\System32\drivers\aswFW.sys

2013-02-28 13:12:07 71064 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys

2013-02-28 13:11:59 65408 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys

2013-02-28 13:11:59 22664 ----a-w- C:\WINDOWS\System32\drivers\aswKbd.sys

2013-02-28 13:11:59 177672 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys

2013-02-28 13:11:59 1025880 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys

2013-02-28 13:11:58 80888 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys

2013-02-28 13:11:44 269872 ----a-w- C:\WINDOWS\System32\drivers\aswNdisFlt.sys

2013-02-28 13:11:33 41664 ----a-w- C:\WINDOWS\avastSS.scr

2013-02-28 13:11:16 -------- d-----w- C:\Program Files\AVAST Software

2013-02-28 13:08:51 -------- d-----w- C:\ProgramData\AVAST Software

2013-02-27 20:34:17 -------- d-----w- C:\Users\Ali Khan\AppData\Roaming\SUPERAntiSpyware.com

2013-02-27 20:34:17 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2013-02-26 18:03:44 443392 ----a-w- C:\WINDOWS\System32\ReAgent.dll

2013-02-26 18:03:44 375808 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll

2013-02-26 18:03:44 1010688 ----a-w- C:\WINDOWS\System32\reseteng.dll

2013-02-25 20:50:23 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack

2013-02-25 14:17:47 -------- d-----w- C:\ProgramData\PRICache

2013-02-25 13:24:14 -------- d-----w- C:\WINDOWS\SysWow64\kodak

2013-02-25 13:14:21 31800 ----a-w- C:\WINDOWS\System32\drivers\revoflt.sys

2013-02-25 13:14:21 -------- d-----w- C:\ProgramData\VS Revo Group

2013-02-25 13:14:20 -------- d-----w- C:\Program Files\VS Revo Group

2013-02-25 12:36:50 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin

2013-02-24 23:52:07 -------- d-sh--w- C:\found.000

2013-02-24 18:44:16 2367528 ----a-w- C:\WINDOWS\System32\WSService.dll

2013-02-24 18:44:16 13640704 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll

2013-02-24 18:44:08 3265256 ----a-w- C:\WINDOWS\System32\drivers\evbda.sys

2013-02-24 18:44:03 10791936 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll

2013-02-24 18:42:25 3554304 ----a-w- C:\WINDOWS\System32\tquery.dll

2013-02-24 18:41:41 301568 ----a-w- C:\WINDOWS\System32\newdev.dll

2013-02-24 18:40:59 98304 ----a-w- C:\WINDOWS\System32\wudriver.dll

2013-02-24 18:39:57 929792 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll

2013-02-24 18:22:13 78168 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

2013-02-24 18:22:13 692568 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

2013-02-24 18:19:02 -------- d-----r- C:\WINDOWS\BrowserChoice

2013-02-24 17:36:48 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-02-24 17:36:47 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll

2013-02-24 17:23:34 144384 ----a-w- C:\WINDOWS\System32\tssdisai.dll

2013-02-24 17:23:31 126976 ----a-w- C:\WINDOWS\System32\RDWebAI.dll

2013-02-24 17:23:29 135680 ----a-w- C:\WINDOWS\System32\appserverai.dll

2013-02-24 17:23:29 122880 ----a-w- C:\WINDOWS\System32\VmHostAI.dll

2013-02-24 17:23:26 148480 ----a-w- C:\WINDOWS\System32\poqexec.exe

2013-02-24 17:23:26 132608 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe

2013-02-24 17:23:23 405504 ----a-w- C:\WINDOWS\System32\pcasvc.dll

2013-02-24 17:23:23 31232 ----a-w- C:\WINDOWS\System32\pcadm.dll

2013-02-24 17:23:23 13312 ----a-w- C:\WINDOWS\System32\pcalua.exe

2013-02-24 17:23:23 11776 ----a-w- C:\WINDOWS\System32\pcaevts.dll

2013-02-24 17:23:22 2048 ----a-w- C:\WINDOWS\SysWow64\tzres.dll

2013-02-24 17:23:22 2048 ----a-w- C:\WINDOWS\System32\tzres.dll

2013-02-24 17:21:25 17888 ----a-w- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll

2013-02-24 17:20:04 17888 ----a-w- C:\WINDOWS\System32\msvcr100_clr0400.dll

2013-02-24 17:19:01 83968 ----a-w- C:\WINDOWS\SysWow64\wiaacmgr.exe

2013-02-24 17:19:00 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll

2013-02-24 17:17:21 1437696 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll

2013-02-24 17:17:20 1690624 ----a-w- C:\WINDOWS\System32\GdiPlus.dll

2013-02-24 17:11:14 4055552 ----a-w- C:\WINDOWS\System32\win32k.sys

2013-02-24 17:09:09 2361344 ----a-w- C:\WINDOWS\System32\msxml6.dll

2013-02-24 17:09:08 2048 ----a-w- C:\WINDOWS\SysWow64\msxml6r.dll

2013-02-24 17:09:08 2048 ----a-w- C:\WINDOWS\SysWow64\msxml3r.dll

2013-02-24 17:09:08 2048 ----a-w- C:\WINDOWS\System32\msxml6r.dll

2013-02-24 17:09:08 2048 ----a-w- C:\WINDOWS\System32\msxml3r.dll

2013-02-24 17:09:08 1836032 ----a-w- C:\WINDOWS\System32\msxml3.dll

2013-02-24 17:09:08 1802240 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll

2013-02-24 17:09:08 1438720 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll

2013-02-24 17:07:51 1084416 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-24 17:07:50 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll

2013-02-24 16:21:37 -------- d-----w- C:\Users\Ali Khan\AppData\Local\VirtualStore

2013-02-24 16:21:30 -------- d-----w- C:\Users\Ali Khan\AppData\Local\Packages

2013-02-24 15:59:03 -------- d-----w- C:\ProgramData\SonicFocus

2013-02-24 15:58:58 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM

2013-02-24 15:58:58 -------- d-----w- C:\Program Files\Realtek

2013-02-24 15:53:17 -------- d-----w- C:\WINDOWS\Panther

2013-02-24 15:41:13 35400 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe

2013-02-24 15:41:13 1166440 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll

2013-02-24 15:41:12 124040 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll

2013-02-24 15:41:10 35400 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe

2013-02-24 15:41:10 102528 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll

2013-02-24 15:41:09 778856 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll

2013-02-24 15:39:26 -------- d-----w- C:\Program Files\Elantech

2013-02-24 15:13:14 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros

2013-02-23 21:47:58 -------- d-----w- C:\Users\Ali Khan\AppData\Roaming\PowerISO

2013-02-23 21:35:53 -------- d-----w- C:\Users\Ali Khan\AppData\Roaming\DAEMON Tools Pro

2013-02-23 21:34:09 -------- d-----w- C:\ProgramData\DAEMON Tools Pro

2013-02-23 20:53:21 -------- d-----w- C:\Users\Ali Khan\AppData\Roaming\uTorrent

2013-02-17 21:55:46 -------- d-----r- C:\Program Files (x86)\Skype

2013-02-17 21:05:44 -------- d-----w- C:\Users\Ali Khan\AppData\Local\VS Revo Group

2013-02-13 13:51:44 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server

2013-02-13 13:50:37 -------- d-----w- C:\Program Files\Microsoft SQL Server

2013-02-13 13:47:43 -------- d-----w- C:\Program Files\Microsoft Analysis Services

2013-02-13 13:47:43 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services

2013-02-11 07:43:52 511328 ----a-w- C:\WINDOWS\capicom.dll

2013-02-11 07:43:49 1721576 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01009.dll

.

==================== Find3M ====================

.

2013-02-24 18:23:22 45056 ----a-w- C:\WINDOWS\System32\acovcnt.exe

2013-01-31 03:29:52 2226408 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys

2013-01-17 01:28:58 273840 ----a-w- C:\WINDOWS\System32\MpSigStub.exe

2013-01-16 00:35:49 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll

2013-01-16 00:31:26 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll

2013-01-14 03:56:14 6967016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe

2013-01-10 01:53:32 28904 ----a-w- C:\WINDOWS\System32\drivers\msgpiowin32.sys

2013-01-10 01:40:39 1448168 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys

2013-01-10 01:40:38 303848 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys

2013-01-10 01:39:29 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys

2013-01-10 01:39:22 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys

2013-01-10 01:29:56 91880 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys

2013-01-10 01:29:54 1934056 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys

2013-01-10 01:29:21 785504 ----a-w- C:\WINDOWS\System32\drivers\Wdf01000.sys

2013-01-09 23:26:46 1611776 ----a-w- C:\WINDOWS\SysWow64\mmc.exe

2013-01-09 23:26:35 410624 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.dll

2013-01-09 23:26:35 261120 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll

2013-01-09 23:26:25 278528 ----a-w- C:\WINDOWS\SysWow64\srm.dll

2013-01-09 23:26:25 202752 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll

2013-01-09 23:26:23 1752064 ----a-w- C:\WINDOWS\SysWow64\setupapi.dll

2013-01-09 23:26:20 67584 ----a-w- C:\WINDOWS\SysWow64\samlib.dll

2013-01-09 23:26:08 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll

2013-01-09 23:26:03 436736 ----a-w- C:\WINDOWS\SysWow64\MP4SDECD.DLL

2013-01-09 23:25:55 582144 ----a-w- C:\WINDOWS\SysWow64\gpprefcl.dll

2013-01-09 23:23:32 95232 ----a-w- C:\WINDOWS\System32\wiaacmgr.exe

2013-01-09 23:23:25 2094592 ----a-w- C:\WINDOWS\System32\mmc.exe

2013-01-09 23:23:23 240640 ----a-w- C:\WINDOWS\System32\fsquirt.exe

2013-01-09 23:23:18 256000 ----a-w- C:\WINDOWS\System32\WSDMon.dll

2013-01-09 23:23:16 1964544 ----a-w- C:\WINDOWS\System32\wlidsvc.dll

2013-01-09 23:23:14 594944 ----a-w- C:\WINDOWS\System32\Windows.Networking.dll

2013-01-09 23:23:14 406016 ----a-w- C:\WINDOWS\System32\Windows.Media.dll

2013-01-09 23:23:09 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll

2013-01-09 23:23:08 279040 ----a-w- C:\WINDOWS\System32\srm.dll

2013-01-09 23:23:07 1886208 ----a-w- C:\WINDOWS\System32\setupapi.dll

2013-01-09 23:23:05 728064 ----a-w- C:\WINDOWS\System32\samsrv.dll

2013-01-09 23:22:53 464384 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll

2013-01-09 23:22:53 151040 ----a-w- C:\WINDOWS\System32\netprofm.dll

2013-01-09 23:22:43 1120768 ----a-w- C:\WINDOWS\System32\msctf.dll

2013-01-09 23:22:41 666112 ----a-w- C:\WINDOWS\System32\MP4SDECD.DLL

2013-01-09 23:22:35 438272 ----a-w- C:\WINDOWS\System32\lsm.dll

2013-01-09 23:22:29 894464 ----a-w- C:\WINDOWS\System32\iphlpsvc.dll

2013-01-09 23:22:29 159232 ----a-w- C:\WINDOWS\System32\inetpp.dll

2013-01-09 23:22:26 49152 ----a-w- C:\WINDOWS\System32\drivers\UMDF\HidBthLE.dll

2013-01-09 23:22:25 820736 ----a-w- C:\WINDOWS\System32\gpprefcl.dll

2013-01-09 23:22:05 1918464 ----a-w- C:\WINDOWS\System32\wbem\cimwin32.dll

2013-01-09 03:59:16 74752 ----a-w- C:\WINDOWS\System32\drivers\BTHUSB.SYS

2013-01-09 03:58:34 51712 ----a-w- C:\WINDOWS\System32\drivers\bthenum.sys

2013-01-09 03:57:50 1175040 ----a-w- C:\WINDOWS\System32\drivers\bthport.sys

2013-01-04 05:32:36 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb

2013-01-04 04:19:53 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb

2012-12-28 20:56:00 81984 ----a-w- C:\WINDOWS\System32\bdod.bin

2012-12-20 00:37:37 1775616 ----a-w- C:\WINDOWS\SysWow64\wininet.dll

2012-12-20 00:37:04 2881536 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll

2012-12-20 00:37:02 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll

2012-12-20 00:37:02 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll

2012-12-20 00:36:50 431616 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll

2012-12-20 00:29:16 2246656 ----a-w- C:\WINDOWS\System32\wininet.dll

2012-12-20 00:29:11 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll

2012-12-20 00:28:29 3966464 ----a-w- C:\WINDOWS\System32\jscript9.dll

2012-12-20 00:28:26 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll

2012-12-20 00:28:04 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll

2012-12-18 01:56:27 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll

2012-12-16 08:28:20 46080 ----a-w- C:\WINDOWS\System32\atmlib.dll

2012-12-16 08:20:01 35328 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll

2012-12-16 08:08:33 362496 ----a-w- C:\WINDOWS\System32\atmfd.dll

2012-12-16 07:57:09 300032 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll

2012-12-06 04:23:00 170496 ----a-w- C:\WINDOWS\System32\TimeBrokerServer.dll

2012-12-06 04:22:59 178176 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll

2012-12-04 04:21:42 368640 ----a-w- C:\WINDOWS\System32\sppwinob.dll

.

============= FINISH: 16:54:19.82 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 8 Pro

Boot Device: \Device\HarddiskVolume2

Install Date: 2/24/2013 4:21:21 PM

System Uptime: 3/3/2013 3:47:58 PM (1 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K53E

Processor: Intel® Core i3-2310M CPU @ 2.10GHz | CPU 1 | 2095/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 575 GiB total, 539.568 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP2: 2/28/2013 1:10:55 PM - avast! Internet Security Setup

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Reader XI (11.0.02)

Adobe Shockwave Player 12.0

aioscnnr

Alcor Micro USB Card Reader

ASUS FancyStart

ASUS LifeFrame3

ASUS Live Update

ASUS Splendid Video Enhancement Technology

AsusScr_K3 Series_ENG

Atheros WLAN and Bluetooth Client Installation Program

ATK Package

µTorrent

avast! Ad Blocker

avast! Internet Security

BYOND

C4USelfUpdater

CCleaner

center

D3DX10

Definition update for Microsoft Office 2013 (KB2760587) 64-Bit Edition

essentials

ETDWare PS/2-X64 8.0.5.1_WHQL

Fast Boot

Google Chrome

Google Toolbar for Internet Explorer

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

K-Lite Codec Pack 9.7.5 (Basic)

Kodak AIO Printer

KODAK AiO Software

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft Access MUI (English) 2013

Microsoft Access Setup Metadata MUI (English) 2013

Microsoft Application Error Reporting

Microsoft DCF MUI (English) 2013

Microsoft Excel MUI (English) 2013

Microsoft Groove MUI (English) 2013

Microsoft InfoPath MUI (English) 2013

Microsoft Lync MUI (English) 2013

Microsoft Office 32-bit Components 2013

Microsoft Office OSM MUI (English) 2013

Microsoft Office OSM UX MUI (English) 2013

Microsoft Office Professional Plus 2013

Microsoft Office Proofing (English) 2013

Microsoft Office Proofing Tools 2013 - English

Microsoft Office Proofing Tools 2013 - Español

Microsoft Office Shared 32-bit MUI (English) 2013

Microsoft Office Shared MUI (English) 2013

Microsoft Office Shared Setup Metadata MUI (English) 2013

Microsoft OneNote MUI (English) 2013

Microsoft Outlook MUI (English) 2013

Microsoft PowerPoint MUI (English) 2013

Microsoft Publisher MUI (English) 2013

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Word MUI (English) 2013

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Movie Maker

MSVCRT

MSVCRT110

MSVCRT110_amd64

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

ocr

Outils de vérification linguistique 2013 de Microsoft Office - Français

PDF Settings CS6

Photo Common

Photo Gallery

PreReq

PrintProjects

Realtek High Definition Audio Driver

Revo Uninstaller Pro 3.0.2

Skype Click to Call

Skype™ 6.2

SoftwareUpdater

Sonic Focus

SopCast 3.5.0

swMSM

Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition

Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition

Update for Microsoft Lync 2013 (KB2760512) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition

Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition

Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition

Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760311) 64-Bit Edition

Update for Microsoft Office 2013 (KB2760318) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767852) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767861) 64-Bit Edition

Update for Microsoft Office 2013 (KB2767864) 64-Bit Edition

Update for Microsoft OneNote 2013 (KB2737968) 64-Bit Edition

Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition

Update for Microsoft SkyDrive Pro (KB2760214) 64-Bit Edition

Update for Microsoft Visio Viewer 2013 (KB2767856) 64-Bit Edition

Update for Microsoft Word 2013 (KB2760244) 64-Bit Edition

Update for Microsoft Word 2013 (KB2767854) 64-Bit Edition

Windows Live Communications Platform

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinFlash

WinRAR 4.20 (64-bit)

Wireless Console 3

.

==== Event Viewer Messages From Past Week ========

.

3/3/2013 3:48:02 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.

3/3/2013 3:47:39 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

3/1/2013 2:56:46 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-3154655457-56958264-2728854862-4131557813-1870302242-185781391-191500189). This security permission can be modified using the Component Services administrative tool.

2/26/2013 5:14:07 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-1813268761-4144601999-2376202420-870689610-3008036278-4174748336-1321914667). This security permission can be modified using the Component Services administrative tool.

2/25/2013 2:07:20 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-17053975-222786771-38844745-1155300887-2986075076-3769844206-3981166251). This security permission can be modified using the Component Services administrative tool.

2/25/2013 2:04:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

2/25/2013 2:04:43 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/25/2013 1:27:07 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-856404191-1522327111-2016130853-3993148712-1496285319-3190681140-3617258836). This security permission can be modified using the Component Services administrative tool.

2/25/2013 1:26:19 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-26983492-1355952166-4067896605-2512856943-1558638129-1692534823-1355846313). This security permission can be modified using the Component Services administrative tool.

2/24/2013 6:10:22 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.

2/24/2013 5:28:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Qualcomm Atheros Communications - Bluetooth Controller - Bluetooth Module.

2/24/2013 5:24:59 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

2/24/2013 5:14:27 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.

2/24/2013 5:13:36 PM, Error: Service Control Manager [7034] - The AFBAgent service terminated unexpectedly. It has done this 1 time(s).

2/24/2013 4:41:26 PM, Error: Service Control Manager [7038] - The WSService service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

2/24/2013 4:41:26 PM, Error: Service Control Manager [7038] - The FDResPub service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

2/24/2013 4:41:26 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Time Broker service, but this action failed with the following error: An instance of the service is already running.

2/24/2013 4:41:26 PM, Error: Service Control Manager [7000] - The Windows Store Service (WSService) service failed to start due to the following error: The service did not start due to a logon failure.

2/24/2013 4:41:26 PM, Error: Service Control Manager [7000] - The Function Discovery Resource Publication service failed to start due to the following error: The service did not start due to a logon failure.

2/24/2013 4:24:10 PM, Error: Service Control Manager [7031] - The Windows Store Service (WSService) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

2/24/2013 4:24:10 PM, Error: Service Control Manager [7031] - The Time Broker service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

2/24/2013 4:24:10 PM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

2/24/2013 4:24:10 PM, Error: Service Control Manager [7031] - The Function Discovery Resource Publication service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

2/24/2013 4:11:42 PM, Error: Service Control Manager [7024] - The BranchCache service terminated with the following service-specific error: This program is blocked by group policy. For more information, contact your system administrator.

2/24/2013 4:11:40 PM, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.

2/24/2013 4:11:24 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

2/24/2013 4:03:12 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with the following service-specific error: Server execution failed

2/24/2013 4:03:12 PM, Error: Service Control Manager [7023] - The Network List Service service terminated with the following error: The device is not ready.

2/24/2013 4:03:12 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80080005.

2/24/2013 3:57:10 PM, Error: Service Control Manager [7023] - The IP Helper service terminated with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

2/24/2013 1:43:25 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) did not load: SASDIFSV SASKUTIL

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

There is a lot more going on with this computer than just 100mb of ram usage... These other issues are either due to an infection, previous infection or some hardware/software conflict. These have to be corrected and it would be best if you seek help from one of our experts....

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you


==== Event Viewer Messages From Past Week ========
.
3/3/2013 3:48:02 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
3/3/2013 3:47:39 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/1/2013 2:56:46 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-3154655457-56958264-2728854862-4131557813-1870302242-185781391-191500189). This security permission can be modified using the Component Services administrative tool.
2/26/2013 5:14:07 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-1813268761-4144601999-2376202420-870689610-3008036278-4174748336-1321914667). This security permission can be modified using the Component Services administrative tool.
2/25/2013 2:07:20 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-17053975-222786771-38844745-1155300887-2986075076-3769844206-3981166251). This security permission can be modified using the Component Services administrative tool.
2/25/2013 2:04:43 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
2/25/2013 2:04:43 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/25/2013 1:27:07 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-856404191-1522327111-2016130853-3993148712-1496285319-3190681140-3617258836). This security permission can be modified using the Component Services administrative tool.
2/25/2013 1:26:19 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {000C101C-0000-0000-C000-000000000046} and APPID {000C101C-0000-0000-C000-000000000046} to the user AliKhan-PC\Ali Khan SID (S-1-5-21-2847728861-3915489070-3157556616-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-26983492-1355952166-4067896605-2512856943-1558638129-1692534823-1355846313). This security permission can be modified using the Component Services administrative tool.
2/24/2013 6:10:22 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
2/24/2013 5:28:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Qualcomm Atheros Communications - Bluetooth Controller - Bluetooth Module.
2/24/2013 5:24:59 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
2/24/2013 5:14:27 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
2/24/2013 5:13:36 PM, Error: Service Control Manager [7034] - The AFBAgent service terminated unexpectedly. It has done this 1 time(s).
2/24/2013 4:41:26 PM, Error: Service Control Manager [7038] - The WSService service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
2/24/2013 4:41:26 PM, Error: Service Control Manager [7038] - The FDResPub service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
2/24/2013 4:41:26 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Time Broker service, but this action failed with the following error: An instance of the service is already running.
2/24/2013 4:41:26 PM, Error: Service Control Manager [7000] - The Windows Store Service (WSService) service failed to start due to the following error: The service did not start due to a logon failure.
2/24/2013 4:41:26 PM, Error: Service Control Manager [7000] - The Function Discovery Resource Publication service failed to start due to the following error: The service did not start due to a logon failure.
2/24/2013 4:24:10 PM, Error: Service Control Manager [7031] - The Windows Store Service (WSService) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/24/2013 4:24:10 PM, Error: Service Control Manager [7031] - The Time Broker service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/24/2013 4:24:10 PM, Error: Service Control Manager [7031] - The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2/24/2013 4:24:10 PM, Error: Service Control Manager [7031] - The Function Discovery Resource Publication service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/24/2013 4:11:42 PM, Error: Service Control Manager [7024] - The BranchCache service terminated with the following service-specific error: This program is blocked by group policy. For more information, contact your system administrator.
2/24/2013 4:11:40 PM, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.
2/24/2013 4:11:24 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Workstation service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2/24/2013 4:03:12 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with the following service-specific error: Server execution failed
2/24/2013 4:03:12 PM, Error: Service Control Manager [7023] - The Network List Service service terminated with the following error: The device is not ready.
2/24/2013 4:03:12 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80080005.
2/24/2013 3:57:10 PM, Error: Service Control Manager [7023] - The IP Helper service terminated with the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2/24/2013 1:43:25 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) did not load: SASDIFSV SASKUTIL
.
==== End Of File ===========================

Share this post


Link to post
Share on other sites

Are you sure it's Malware related since last week I installed Windows 8 (upgrade over W7)? All the errors are related from last week when the PC as upgraded.. The errors are more than a week old and I have been using this PC continuously every day..

Share this post


Link to post
Share on other sites

I did not say it was malware related, go back and read my statement, it states that it could be one of many items, and since you just upgraded from 7 to 8 you may have some sort of hardware/software conflict, either way all those issues need to be resolved.... The experts can help you do that....

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.