Jump to content

Blankz13

Honorary Members
  • Posts

    27
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi Maurice, finally the culprit was the Baidu Player which is a player for streaming Asian movies and right after the uninstall MBAM was able to update it. I guess the streaming player conflicted with MBAM's update process and thus rendering it unable to update. But all is well now, and thank you for the time and dedication that you have put into my problem. I really appreciate the assistance and extremely grateful of your service!
  2. And here is the attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-10-14.05) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume2 Install Date: 8/11/2010 1:23:32 AM System Uptime: 10/15/2012 8:00:12 PM (54 hours ago) . Motherboard: ASUSTeK Computer INC. | | P5Q PRO TURBO Processor: Intel® Core2 Quad CPU Q6600 @ 2.40GHz | LGA 775 | 3194/356mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 112 GiB total, 14.842 GiB free. D: is CDROM () F: is FIXED (NTFS) - 75 GiB total, 36.566 GiB free. H: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Ralink RT61 Turbo Wireless LAN Card Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&1B359D48&0&00F0 Manufacturer: Ralink Technology Corp. Name: Ralink RT61 Turbo Wireless LAN Card PNP Device ID: PCI\VEN_1814&DEV_0301&SUBSYS_25611814&REV_00\4&1B359D48&0&00F0 Service: rt61x64 . ==== System Restore Points =================== . RP326: 10/15/2012 7:50:14 PM - Installed Microsoft Fix it 50195 . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer Adobe Digital Editions Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) AIM 7 Akamai NetSession Interface AMD Catalyst Install Manager Apple Application Support Apple Mobile Device Support Apple Software Update BaiduPlayer1.17.0.172 Bandisoft MPEG-1 Decoder Battlefield 3™ Battlelog Web Plugins Bonjour BS.Player FREE Canon MP495 series MP Drivers Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Combined Community Codec Pack 2009-09-09 Core Temp 1.0 RC2 Counter-Strike CPUID CPU-Z 1.59 D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Diablo III DivX Setup Dota 2 Driver Sweeper version 2.7.5 ERUNT 1.1j ESET Online Scanner v3 ESN Sonar Geeks3D.com FurMark 1.9.1 Google Chrome Google Earth Plug-in Google Update Helper Heroes of Newerth High-Definition Video Playback HP Update iTunes Malwarebytes Anti-Malware version 1.65.0.1400 Maple 15 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 15.0 (x86 en-US) Mozilla Firefox 16.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 Movie ThemePack Basic Nero Audio Pack 1 Nero Core Components 10 Nero Kwik Media Nero Update NeroKwikMedia Help (CHM) Nexon Game Manager NJStar Communicator Octoshape Streaming Services Origin Pando Media Booster PunkBuster Services QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 Samsung_MonSetup Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition Skype™ 5.10 Spybot - Search & Destroy StarCraft II Steam Tencent QQ Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition VC80CRTRedist - 8.0.50727.6195 Ventrilo Client for Windows x64 Winamp Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Messenger Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR archiver Xiph.Org Open Codecs 0.85.17777 . ==== Event Viewer Messages From Past Week ======== . 10/17/2012 10:14:05 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3. 10/15/2012 9:58:22 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2. 10/15/2012 8:01:53 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/11/2012 8:54:43 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 10/11/2012 11:28:18 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. . ==== End Of File ===========================
  3. Here is the DDS: DDS (Ver_2012-10-14.05) - NTFS_AMD64 Internet Explorer: 8.0.7600.16385 Run by Moo at 2:05:48 on 2012-10-18 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8191.4804 [GMT -4:00] . AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SysWOW64\svchost.exe -k Akamai C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\AIM\aim.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\Moo\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Users\Moo\AppData\Local\Akamai\netsession_win.exe C:\Users\Moo\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Windows\system32\calc.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe C:\Windows\system32\conhost.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE C:\Windows\splwow64.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Moo\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [Octoshape Streaming Services] "C:\Users\Moo\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun uRun: [Akamai NetSession Interface] "C:\Users\Moo\AppData\Local\Akamai\netsession_win.exe" mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll LSP: C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab TCP: NameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{279FE8B6-33E7-44B1-A7B3-CDA3658FD8A4}\865716E676 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{7F657AD3-AC3D-4285-93A6-F5A0147B9D06} : DHCPNameServer = 209.18.47.61 209.18.47.62 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Moo\AppData\Roaming\Mozilla\Firefox\Profiles\gyjzsbuj.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Baidu\BaiduPlayer\1.17.0.172\npxbdyy.dll FF - plugin: C:\Program Files (x86)\Baidu\BaiduPlayer\1.17.0.172\npxbdyyreg.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Users\Moo\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Users\Moo\AppData\Roaming\Mozilla\plugins\npoctoshape.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2012-8-30 228768] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-7-27 239616] R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-12-15 21992] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-7 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-7 676936] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-7-22 690472] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-8-11 1153368] R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2012-7-28 10278912] R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2012-7-27 368640] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-10-7 25928] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-13 136176] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-8 250808] S3 atillk64;atillk64;C:\Users\Moo\Desktop\PC Tools\GPU-Z\ATIWinFlash\atillk64.sys [2011-12-27 14608] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-13 136176] S3 LVUVC64;Logitech QuickCam S5500(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2009-10-7 6379288] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-10 115168] S3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\System32\drivers\netr6164.sys [2010-4-7 446304] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-13 1255736] S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-13 23040] S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088] . =============== Created Last 30 ================ . 2012-10-18 00:12:01 9291768 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{947B64C6-980E-493C-B3DD-559CBDA9FA67}\mpengine.dll 2012-10-17 00:11:47 9308616 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-10-14 18:48:05 -------- d-----w- C:\Program Files (x86)\ESET 2012-10-12 02:03:01 157272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe 2012-10-12 02:03:00 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe 2012-10-10 20:05:18 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2012-10-10 20:04:55 220160 ----a-w- C:\Windows\System32\wintrust.dll 2012-10-10 20:04:55 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-10-10 20:04:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll 2012-10-10 20:04:51 2048 ----a-w- C:\Windows\System32\tzres.dll 2012-10-10 20:04:46 714752 ----a-w- C:\Windows\System32\kerberos.dll 2012-10-10 20:04:45 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll 2012-10-10 20:04:43 1462784 ----a-w- C:\Windows\System32\crypt32.dll 2012-10-10 20:04:42 182272 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-10-10 20:04:42 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-10-10 20:04:42 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-10-10 20:04:42 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-10-10 20:04:41 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-10-08 20:52:19 -------- d-----w- C:\Users\Moo\AppData\Local\Macromedia 2012-10-08 17:07:09 10220472 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-10-08 16:35:56 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-10-07 15:36:34 -------- d-----w- C:\Users\Moo\AppData\Roaming\Malwarebytes 2012-10-07 15:36:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-10-07 15:36:26 -------- d-----w- C:\ProgramData\Malwarebytes 2012-10-07 15:36:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-10-06 22:08:50 -------- d-sh--w- C:\$RECYCLE.BIN 2012-10-06 21:22:19 98816 ----a-w- C:\Windows\sed.exe 2012-10-06 21:22:19 256000 ----a-w- C:\Windows\PEV.exe 2012-10-06 21:22:19 208896 ----a-w- C:\Windows\MBR.exe 2012-10-06 16:20:42 -------- d-----w- C:\Users\Moo\AppData\Local\{BC66F34C-2587-4E0F-9912-21501EFAF14C} 2012-10-05 15:42:07 972192 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2AB04F3C-68CA-44E8-8ED1-77A69E4DCEB9}\gapaengine.dll 2012-10-05 15:40:03 -------- d-----w- C:\Users\Moo\AppData\Local\{7C2CB488-79EF-46DB-88F8-F2C3058C0D48} 2012-10-05 15:37:11 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2012-10-05 15:36:59 -------- d-----w- C:\Program Files\Microsoft Security Client 2012-10-05 15:36:35 374664 ----a-w- C:\Windows\System32\drivers\netio.sys 2012-10-05 06:15:25 9308616 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ED977251-6C38-40A7-A31C-9A3543481081}\mpengine.dll 2012-10-04 18:20:12 -------- d-----w- C:\Users\Moo\AppData\Local\{82A88B75-CC49-4BCE-9CFC-5DCB9099A6D8} 2012-10-04 06:19:38 -------- d-----w- C:\Users\Moo\AppData\Local\{F80719D3-6459-4150-8A04-6788082AF32E} 2012-10-01 16:33:48 -------- d-----w- C:\Users\Moo\AppData\Local\{037B723B-C5E2-4D87-B6FC-72E2C4AE9D64} 2012-09-29 20:34:16 -------- d-----w- C:\Windows\AutoKMS 2012-09-29 20:25:13 -------- d-----w- C:\Windows\PCHEALTH 2012-09-29 20:23:09 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-09-29 19:18:27 -------- d-----w- C:\Users\Moo\AppData\Local\{2A49C49E-EF7B-43DF-A2ED-7FD31692DE12} 2012-09-28 20:39:59 0 ----a-w- C:\Windows\ativpsrm.bin 2012-09-28 20:34:29 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2012-09-28 20:34:23 -------- d-----w- C:\Program Files\ATI 2012-09-28 20:34:05 -------- d-----w- C:\Program Files\ATI Technologies 2012-09-28 20:33:11 -------- d-----w- C:\AMD 2012-09-28 20:30:16 -------- d-----w- C:\Users\Moo\AppData\Local\{E83B316D-A754-45EA-B3AC-D575093D29BB} 2012-09-23 07:21:23 -------- d-----w- C:\Users\Moo\AppData\Local\{CFE4BC51-868C-428C-A4BE-EB8C0D9A4586} 2012-09-21 05:07:14 -------- d-----w- C:\Users\Moo\AppData\Local\{F1FAFB52-A3F8-4309-B6AE-41B15EEC5511} 2012-09-21 05:01:42 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-09-21 05:01:24 -------- d-----w- C:\Program Files\iPod 2012-09-21 05:01:23 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2012-09-21 05:01:23 -------- d-----w- C:\Program Files\iTunes 2012-09-21 05:01:23 -------- d-----w- C:\Program Files (x86)\iTunes 2012-09-20 21:43:33 -------- d-----w- C:\Users\Moo\AppData\Local\Runic Games 2012-09-19 07:00:46 -------- d-----r- C:\Program Files (x86)\Skype . ==================== Find3M ==================== . 2012-10-12 18:23:05 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-10-12 18:23:05 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-10-12 03:39:09 281520 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-10-08 19:07:18 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-31 02:03:48 228768 ----a-w- C:\Windows\System32\drivers\MpFilter.sys 2012-08-31 02:03:48 128456 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2012-08-30 18:11:29 5505904 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-08-30 17:18:33 3958128 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-08-30 17:18:33 3902832 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-08-24 18:05:27 1197568 ----a-w- C:\Windows\System32\wininet.dll 2012-08-24 18:02:20 57856 ----a-w- C:\Windows\System32\licmgr10.dll 2012-08-24 17:10:47 981504 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-08-24 17:08:47 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2012-08-24 16:45:23 482816 ----a-w- C:\Windows\System32\html.iec 2012-08-24 16:02:45 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-24 16:01:45 386048 ----a-w- C:\Windows\SysWow64\html.iec 2012-08-24 15:27:17 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-21 17:01:20 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-08-21 17:01:20 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll 2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll 2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll 2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2012-08-18 15:37:49 425984 ----a-w- C:\Windows\System32\KernelBase.dll 2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe 2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe 2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2012-08-02 17:55:04 574464 ----a-w- C:\Windows\System32\d3d10level9.dll 2012-08-02 17:05:42 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll 2012-07-28 04:09:20 5538984 ----a-w- C:\Windows\SysWow64\atiumdag.dll 2012-07-28 04:07:44 10278912 ----a-w- C:\Windows\System32\drivers\atikmdag.sys 2012-07-28 03:43:12 70144 ----a-w- C:\Windows\System32\coinst_8.982.dll 2012-07-28 03:19:34 24935424 ----a-w- C:\Windows\System32\atio6axx.dll 2012-07-28 02:50:10 20546560 ----a-w- C:\Windows\SysWow64\atioglxx.dll 2012-07-28 02:15:50 163840 ----a-w- C:\Windows\System32\atiapfxx.exe 2012-07-28 02:15:42 931328 ----a-w- C:\Windows\SysWow64\aticfx32.dll 2012-07-28 02:13:56 1100288 ----a-w- C:\Windows\System32\aticfx64.dll 2012-07-28 02:10:40 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll 2012-07-28 02:10:34 534528 ----a-w- C:\Windows\System32\atieclxx.exe 2012-07-28 02:09:44 239616 ----a-w- C:\Windows\System32\atiesrxx.exe 2012-07-28 02:08:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll 2012-07-28 02:08:04 21504 ----a-w- C:\Windows\System32\atimuixx.dll 2012-07-28 02:07:58 59392 ----a-w- C:\Windows\System32\atiedu64.dll 2012-07-28 02:07:52 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll 2012-07-28 02:07:10 6430208 ----a-w- C:\Windows\SysWow64\atidxx32.dll 2012-07-28 01:51:12 7052288 ----a-w- C:\Windows\System32\atidxx64.dll 2012-07-28 01:41:32 4266496 ----a-w- C:\Windows\System32\atiumd6a.dll 2012-07-28 01:35:10 51200 ----a-w- C:\Windows\System32\aticalrt64.dll 2012-07-28 01:35:08 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll 2012-07-28 01:35:02 44544 ----a-w- C:\Windows\System32\aticalcl64.dll 2012-07-28 01:35:00 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll 2012-07-28 01:34:48 16034304 ----a-w- C:\Windows\System32\aticaldd64.dll 2012-07-28 01:32:32 4751872 ----a-w- C:\Windows\SysWow64\atiumdva.dll 2012-07-28 01:30:10 13605888 ----a-w- C:\Windows\SysWow64\aticaldd.dll 2012-07-28 01:25:52 6676480 ----a-w- C:\Windows\System32\atiumd64.dll 2012-07-28 01:15:32 540160 ----a-w- C:\Windows\System32\atiadlxx.dll 2012-07-28 01:15:22 368640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll 2012-07-28 01:15:12 17920 ----a-w- C:\Windows\System32\atig6pxx.dll 2012-07-28 01:15:08 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll 2012-07-28 01:15:08 14848 ----a-w- C:\Windows\System32\atiglpxx.dll 2012-07-28 01:15:04 41984 ----a-w- C:\Windows\System32\atig6txx.dll 2012-07-28 01:14:56 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll 2012-07-28 01:14:46 368640 ----a-w- C:\Windows\System32\drivers\atikmpag.sys 2012-07-28 01:13:54 129536 ----a-w- C:\Windows\System32\atiuxp64.dll 2012-07-28 01:13:48 109568 ----a-w- C:\Windows\SysWow64\atiuxpag.dll 2012-07-28 01:13:40 103936 ----a-w- C:\Windows\System32\atiu9p64.dll 2012-07-28 01:13:32 83456 ----a-w- C:\Windows\SysWow64\atiu9pag.dll 2012-07-28 01:12:54 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll 2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\atimpc64.dll 2012-07-28 01:08:42 56320 ----a-w- C:\Windows\System32\amdpcom64.dll 2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\atimpc32.dll 2012-07-28 01:08:36 56832 ----a-w- C:\Windows\SysWow64\amdpcom32.dll . ============= FINISH: 2:06:16.36 ===============
  4. ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=ac4c86732904664c837ed6c5bf649184 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-10-16 09:59:18 # local_time=2012-10-16 05:59:18 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=5893 16776574 100 94 76914 101963682 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=217568 # found=0 # cleaned=0 # scan_time=4525 Here is the result after the ESET finished scanning the second time around.
  5. Hi Maurice, I've followed every step of the instructions you provided and I also let ESET finish its scanning process which took about 1hr and a half. The scan concluded without finding any threats, and the log.txt at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt did not contain anything else but "ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK" I found it weird that it didn't show anything else. I'll run it again and post the results when possible. I hope this clarifies anything that may have been unclear.
  6. Also, I'm going to reinstall Spybot S&D and hope it won't interfere with future trouble shooting.
  7. This is everything from the scan log: ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK
  8. MiniToolBox by Farbar Version: 23-07-2012 Ran by Moo (administrator) on 12-10-2012 at 19:09:48 Microsoft Windows 7 Ultimate (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) = Local Area Connection (Connected) Ralink RT61 Turbo Wireless LAN Card = Wireless Network Connection (Hardware not present) # ---------------------------------- # IPv4 Configuration # ---------------------------------- pushd interface ipv4 reset set global popd # End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : Moo-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : nyc.rr.com Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : nyc.rr.com Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) Physical Address. . . . . . . . . : 00-24-8C-73-E1-C6 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::153b:9bde:160c:2754%11(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.111(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Thursday, October 11, 2012 11:27:13 PM Lease Expires . . . . . . . . . . : Saturday, October 13, 2012 2:16:03 PM Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 234890380 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-F4-15-32-00-24-8C-73-E1-C6 DNS Servers . . . . . . . . . . . : 209.18.47.61 209.18.47.62 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.nyc.rr.com: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : nyc.rr.com Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 9: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:41f:bb7:3f57:fe90(Preferred) Link-local IPv6 Address . . . . . : fe80::41f:bb7:3f57:fe90%12(Preferred) Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : Disabled Server: dns-cac-lb-01.rr.com Address: 209.18.47.61 Name: google.com Addresses: 2607:f8b0:4006:800::1003 74.125.226.198 74.125.226.199 74.125.226.200 74.125.226.201 74.125.226.206 74.125.226.192 74.125.226.193 74.125.226.194 74.125.226.195 74.125.226.196 74.125.226.197 Pinging google.com [74.125.226.197] with 32 bytes of data: Reply from 74.125.226.197: bytes=32 time=21ms TTL=54 Reply from 74.125.226.197: bytes=32 time=19ms TTL=54 Ping statistics for 74.125.226.197: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 19ms, Maximum = 21ms, Average = 20ms Server: dns-cac-lb-01.rr.com Address: 209.18.47.61 Name: yahoo.com Addresses: 98.139.183.24 72.30.38.140 98.138.253.109 Pinging yahoo.com [72.30.38.140] with 32 bytes of data: Reply from 72.30.38.140: bytes=32 time=427ms TTL=50 Reply from 72.30.38.140: bytes=32 time=605ms TTL=50 Ping statistics for 72.30.38.140: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 427ms, Maximum = 605ms, Average = 516ms Server: dns-cac-lb-01.rr.com Address: 209.18.47.61 Name: bleepingcomputer.com Address: 208.43.87.2 Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data: Reply from 208.43.87.2: Destination host unreachable. Reply from 208.43.87.2: Destination host unreachable. Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time=4ms TTL=128 Reply from 127.0.0.1: bytes=32 time=2ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 2ms, Maximum = 4ms, Average = 3ms =========================================================================== Interface List 11...00 24 8c 73 e1 c6 ......Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) 1...........................Software Loopback Interface 1 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.111 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.111 276 192.168.1.111 255.255.255.255 On-link 192.168.1.111 276 192.168.1.255 255.255.255.255 On-link 192.168.1.111 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.111 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.111 276 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 12 58 ::/0 On-link 1 306 ::1/128 On-link 12 58 2001::/32 On-link 12 306 2001:0:9d38:6ab8:41f:bb7:3f57:fe90/128 On-link 11 276 fe80::/64 On-link 12 306 fe80::/64 On-link 12 306 fe80::41f:bb7:3f57:fe90/128 On-link 11 276 fe80::153b:9bde:160c:2754/128 On-link 1 306 ff00::/8 On-link 12 306 ff00::/8 On-link 11 276 ff00::/8 On-link =========================================================================== Persistent Routes: None ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation) Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Catalog9 01 C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll [203424] () Catalog9 02 C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll [203424] () Catalog9 03 C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll [203424] () Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 14 C:\ProgramData\Baidu\BaiduPlayer\BdAccLSP(1.0.14.138).dll [203424] () x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation) x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation) x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.) x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.) x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.) x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (10/12/2012 02:46:50 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (10/11/2012 03:54:16 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (10/07/2012 03:18:26 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (10/06/2012 03:47:20 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (10/05/2012 03:09:48 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (10/04/2012 03:40:47 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (10/02/2012 02:23:27 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (10/01/2012 00:31:18 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (09/29/2012 05:14:03 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (09/29/2012 04:29:00 PM) (Source: .NET Runtime Optimization Service) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll . Error code = 0x80070005 System errors: ============= Error: (10/11/2012 11:28:18 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC) Error: (10/11/2012 11:28:15 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (10/11/2012 08:54:43 AM) (Source: volsnap) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (10/11/2012 03:23:46 AM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (10/08/2012 04:46:30 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (10/08/2012 00:34:09 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (10/08/2012 00:32:42 PM) (Source: EventLog) (User: ) Description: The previous system shutdown at 12:31:55 PM on ?10/?8/?2012 was unexpected. Error: (10/07/2012 11:32:17 AM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (10/07/2012 11:24:44 AM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (10/06/2012 06:09:45 PM) (Source: DCOM) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Microsoft Office Sessions: ========================= Error: (10/12/2012 02:46:50 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (10/11/2012 03:54:16 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (10/07/2012 03:18:26 PM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (10/06/2012 03:47:20 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (10/05/2012 03:09:48 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (10/04/2012 03:40:47 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (10/02/2012 02:23:27 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (10/01/2012 00:31:18 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (09/29/2012 05:14:03 PM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (09/29/2012 04:29:00 PM) (Source: .NET Runtime Optimization Service)(User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll . Error code = 0x80070005 C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v9.0.dll **** End of log **** And yes, i have the Trial set of MBAM, did not purchase the license.
  9. Followed your instructions and still the same error, I think my computer may have broke MBAM haha.
  10. 2012-10-07: 2012/10/07 11:36:38 -0400 MOO-PC Moo MESSAGE Executing scheduled update: Daily 2012/10/07 11:36:38 -0400 MOO-PC Moo ERROR Scheduled update failed: Host not found failed with error code 0 2012/10/07 11:36:40 -0400 MOO-PC Moo MESSAGE Starting protection 2012/10/07 11:36:40 -0400 MOO-PC Moo MESSAGE Protection started successfully 2012/10/07 11:36:40 -0400 MOO-PC Moo MESSAGE Starting IP protection 2012/10/07 11:36:41 -0400 MOO-PC Moo MESSAGE IP Protection started successfully 2012/10/07 12:47:01 -0400 MOO-PC Moo MESSAGE Starting database refresh 2012/10/07 12:47:01 -0400 MOO-PC Moo MESSAGE Stopping IP protection 2012/10/07 12:47:01 -0400 MOO-PC Moo MESSAGE IP Protection stopped successfully 2012/10/07 12:47:03 -0400 MOO-PC Moo MESSAGE Database refreshed successfully 2012/10/07 12:47:03 -0400 MOO-PC Moo MESSAGE Starting IP protection 2012/10/07 12:47:04 -0400 MOO-PC Moo MESSAGE IP Protection started successfully 2012/10/07 16:09:52 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 51421, Process: chrome.exe) 2012/10/07 16:09:52 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 51422, Process: chrome.exe) 2012/10/07 21:14:12 -0400 MOO-PC Moo IP-BLOCK 79.142.79.108 (Type: outgoing, Port: 54127, Process: chrome.exe) 2012/10/07 21:14:12 -0400 MOO-PC Moo IP-BLOCK 79.142.79.109 (Type: outgoing, Port: 54128, Process: chrome.exe) 2012/10/07 21:16:44 -0400 MOO-PC Moo IP-BLOCK 79.142.79.108 (Type: outgoing, Port: 54241, Process: chrome.exe) 2012/10/07 21:16:44 -0400 MOO-PC Moo IP-BLOCK 79.142.79.108 (Type: outgoing, Port: 54242, Process: chrome.exe) 2012/10/07 21:16:44 -0400 MOO-PC Moo IP-BLOCK 79.142.79.109 (Type: outgoing, Port: 54243, Process: chrome.exe) 2012/10/07 21:16:44 -0400 MOO-PC Moo IP-BLOCK 79.142.79.109 (Type: outgoing, Port: 54246, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 54978, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 54983, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 54984, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 54985, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 54986, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 54987, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 54996, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55003, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55005, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55006, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55007, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55008, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55009, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55010, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55011, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55012, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55013, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55014, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55015, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55016, Process: chrome.exe) 2012/10/07 21:28:21 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 55017, Process: chrome.exe) 2012/10/07 21:28:45 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55226, Process: chrome.exe) 2012/10/07 21:28:45 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55227, Process: chrome.exe) 2012/10/07 21:55:18 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55670, Process: chrome.exe) 2012/10/07 21:55:18 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55671, Process: chrome.exe) 2012/10/07 21:55:18 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55672, Process: chrome.exe) 2012/10/07 21:55:34 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55690, Process: chrome.exe) 2012/10/07 21:55:34 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55691, Process: chrome.exe) 2012/10/07 21:56:14 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55787, Process: chrome.exe) 2012/10/07 21:56:14 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55788, Process: chrome.exe) 2012/10/07 21:56:14 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55789, Process: chrome.exe) 2012/10/07 21:56:14 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55790, Process: chrome.exe) 2012/10/07 21:56:14 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55791, Process: chrome.exe) 2012/10/07 22:19:19 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55974, Process: chrome.exe) 2012/10/07 22:19:19 -0400 MOO-PC Moo IP-BLOCK 217.23.13.82 (Type: outgoing, Port: 55975, Process: chrome.exe) 2012-10-08: 2012/10/08 01:53:12 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 59007, Process: chrome.exe) 2012/10/08 01:53:12 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 59008, Process: chrome.exe) 2012/10/08 01:53:12 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 59009, Process: chrome.exe) 2012/10/08 01:53:12 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 59010, Process: chrome.exe) 2012/10/08 01:53:12 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 59011, Process: chrome.exe) 2012/10/08 01:53:12 -0400 MOO-PC Moo IP-BLOCK 80.82.70.249 (Type: outgoing, Port: 59014, Process: chrome.exe) 2012/10/08 02:03:12 -0400 MOO-PC Moo IP-BLOCK 121.10.143.17 (Type: outgoing, Port: 59420, Process: chrome.exe) 2012/10/08 02:03:12 -0400 MOO-PC Moo IP-BLOCK 121.10.143.17 (Type: outgoing, Port: 59423, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.119 (Type: outgoing, Port: 60290, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.119 (Type: outgoing, Port: 60291, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.119 (Type: outgoing, Port: 60292, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.214.25 (Type: outgoing, Port: 60321, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.214.25 (Type: outgoing, Port: 60322, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.214.25 (Type: outgoing, Port: 60323, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.214.80 (Type: outgoing, Port: 60324, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.214.80 (Type: outgoing, Port: 60325, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.214.80 (Type: outgoing, Port: 60326, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.214.185 (Type: outgoing, Port: 60327, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.214.185 (Type: outgoing, Port: 60328, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.214.185 (Type: outgoing, Port: 60329, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.243 (Type: outgoing, Port: 60330, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.243 (Type: outgoing, Port: 60331, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.243 (Type: outgoing, Port: 60332, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.244 (Type: outgoing, Port: 60333, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.244 (Type: outgoing, Port: 60334, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.244 (Type: outgoing, Port: 60335, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.245 (Type: outgoing, Port: 60336, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.245 (Type: outgoing, Port: 60337, Process: chrome.exe) 2012/10/08 02:38:50 -0400 MOO-PC Moo IP-BLOCK 222.76.215.245 (Type: outgoing, Port: 60338, Process: chrome.exe) 2012/10/08 11:17:46 -0400 MOO-PC Moo MESSAGE Executing scheduled update: Daily 2012/10/08 11:17:47 -0400 MOO-PC Moo ERROR Scheduled update failed: Host not found failed with error code 0 2012/10/08 12:33:12 -0400 MOO-PC Moo MESSAGE Starting protection 2012/10/08 12:33:12 -0400 MOO-PC Moo MESSAGE Protection started successfully 2012/10/08 12:33:12 -0400 MOO-PC Moo MESSAGE Starting IP protection 2012/10/08 12:33:13 -0400 MOO-PC Moo MESSAGE IP Protection started successfully 2012/10/08 16:38:46 -0400 MOO-PC Moo MESSAGE Stopping protection 2012/10/08 16:38:46 -0400 MOO-PC Moo MESSAGE Protection stopped successfully 2012/10/08 16:38:46 -0400 MOO-PC Moo MESSAGE Stopping IP protection 2012/10/08 16:38:46 -0400 MOO-PC Moo MESSAGE IP Protection stopped successfully 2012/10/08 16:38:47 -0400 MOO-PC Moo MESSAGE Protection stopped 2012/10/08 16:45:40 -0400 MOO-PC Moo MESSAGE Starting protection 2012/10/08 16:45:40 -0400 MOO-PC Moo MESSAGE Protection started successfully 2012/10/08 16:45:40 -0400 MOO-PC Moo MESSAGE Starting IP protection 2012/10/08 16:45:42 -0400 MOO-PC Moo MESSAGE IP Protection started successfully 2012-10-09: 2012/10/09 04:20:20 -0400 MOO-PC Moo IP-BLOCK 208.91.207.10 (Type: outgoing, Port: 55693, Process: firefox.exe) 2012/10/09 04:20:20 -0400 MOO-PC Moo IP-BLOCK 208.91.207.10 (Type: outgoing, Port: 55694, Process: firefox.exe) 2012/10/09 11:03:46 -0400 MOO-PC Moo MESSAGE Executing scheduled update: Daily 2012/10/09 11:03:46 -0400 MOO-PC Moo ERROR Scheduled update failed: Host not found failed with error code 0 protection-log-2012-10-07.txt protection-log-2012-10-08.txt protection-log-2012-10-09.txt
  11. Here is the log from MBAM-check: mbam-check result log version: 1.10.0.1000 Malwarebytes Version: REG_SZ 1.65.0.1400 Date Log Created: 10/09/12 Time Log Created: 17:14:55 64 bit Operating System Product Name: REG_SZ Windows 7 Ultimate Current Build Number: 7600 Current Version Number: 6.1 Current CSDVersion: Proxy Status: No proxy is Set Proxy Override: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ ProxyOverride REG_SZ *.local;127.0.0.1:9421;<local> LAN Settings: ============= No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY SystemPartition: ================ HKEY_LOCAL_MACHINE\SYSTEM\Setup\ SystemPartition REG_SZ \Device\HarddiskVolume2 Balloon Tips Status: ==================== Enabled Time Format Settings: ===================== Should be: h:mm:ss tt AM PM : Currently: REG_SZ h:mm:ss tt REG_SZ AM REG_SZ PM REG_SZ : Language and Regional Settings: =============================== ACP: Language is English (United States) MACCP: Language is English (United States) OEMCP: Language is English (United States) Startup Folders for Error_Expanding_Variables Check: ==================================================== All Users Startup Folder Exists. Current User's Startup Folder Exists. Terminal Services Status for (null) entries in PM logs and GetUserToken errors: =============================================================================== TERMService: ============== Type : 32 State : 1 (The service is not running.) (State is stopped) WIN32_EXIT_CODE : 1077 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 TermService Start is set to: 3 (Manual Startup) Compatibility Flag Settings (Any MBAM file listings should be removed): ======================================================================= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers C:\Program Files (x86)\Steam\Steam.exeREG_SZ RUNASADMIN F:\Games\Smite\HiRezGamesDiagAndSupport.exeREG_SZ VISTARTM HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers C:\QQ\Bin\QQ.exe REG_SZ ELEVATECREATEPROCESS C:\Program Files (x86)\Heroes of Newerth\hon.exeREG_SZ RUNASADMIN C:\Program Files (x86)\Steam\Steam.exeREG_SZ # C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.9.1\FurMark.exeREG_SZ ELEVATECREATEPROCESS MBAM Startup Entries: ===================== Service and Driver Status: ========================== MBAMProtector: ============== Type : 2 State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 MBAMService: ============== Type : 16 State : 4 (The service is running.) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 MBAMProtector Registry Values: ============================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector Type REG_DWORD 2 Start REG_DWORD 3 ErrorControl REG_DWORD 1 ImagePath REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys Group REG_SZ FSFilter Anti-Virus DependOnService REG_MULTI_SZ FltMgr WOW64 REG_DWORD 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances DefaultInstance REG_SZ MBAMProtector Instance HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance Altitude REG_SZ 328800 Flags REG_DWORD 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum 0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000 Count REG_DWORD 1 NextInstance REG_DWORD 1 MBAMService Registry Values: ============================ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService Type REG_DWORD 16 Start REG_DWORD 2 ErrorControl REG_DWORD 1 ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" DependOnService REG_MULTI_SZ MBAMProtector WOW64 REG_DWORD 1 ObjectName REG_SZ LocalSystem Description REG_SZ Malwarebytes Anti-Malware service MBAM DLL's and Runtime Files: ============================= HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid (Default): REG_SZ vbAccelerator Grid Control HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid (Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67} HKEY_CLASSES_ROOT\SSubTimer6.GSubclass (Default): REG_SZ SSubTimer6.GSubclass HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid (Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\SSubTimer6.CTimer (Default): REG_SZ SSubTimer6.CTimer HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid (Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\SSubTimer6.ISubclass (Default): REG_SZ SSubTimer6.ISubclass HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid (Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ SSubTimer6.ISubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID (Default): REG_SZ SSubTimer6.ISubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION (Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ SSubTimer6.GSubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID (Default): REG_SZ SSubTimer6.GSubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION (Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ SSubTimer6.CTimer HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID (Default): REG_SZ SSubTimer6.CTimer HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION (Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A} HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1 (Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS (Default): REG_SZ 2 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1 (Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS (Default): REG_SZ 2 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0 (Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix) HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0 HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0 (Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix) HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ _ISubclass HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ ISubclass HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ __CTimer HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ CTimer HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB} (Default): REG_SZ __vbalGrid HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib (Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A} Version REG_SZ 1.1 HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB} (Default): REG_SZ vbalGrid HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib (Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A} Version REG_SZ 1.1 MBAM Registry Settings and License Info: ======================================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware advancedheuristics REG_DWORD 1 downloadprogram REG_DWORD 1 hidereg REG_DWORD 0 detectp2p REG_DWORD 0 detectpum REG_DWORD 1 detectpup REG_DWORD 2 updatewarn REG_DWORD 1 updatewarndays REG_DWORD 7 useproxy REG_DWORD 0 useauthentication REG_DWORD 0 contextmenu REG_DWORD 1 reportthreats REG_DWORD 1 startwithwindows REG_DWORD 1 startfsdisabled REG_DWORD 0 startipdisabled REG_DWORD 0 silentipmode REG_DWORD 0 notifyinstallprogram REG_DWORD 1 trialpromptshown REG_DWORD 1 InstallPath REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware dbdate REG_SZ Mon, 01 Oct 2012 15:00:00 GMT dbversion REG_SZ v2012.10.01.05 programversion REG_SZ 1.65.0.1400 trialended REG_DWORD 0 SchedulerQueue REG_MULTI_SZ 6148, 30254205, 208940320, 1, 23 | 30254639, 1198425825 HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial) TrialId There is data here but it is hidden. HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware alwaysscanfiles REG_DWORD 1 alwaysscanheuristics REG_DWORD 1 alwaysscanmemory REG_DWORD 1 alwaysscanregistry REG_DWORD 1 alwaysscanstartups REG_DWORD 1 autosavelog REG_DWORD 1 openlog REG_DWORD 1 defaultscan REG_DWORD 0 terminateie REG_DWORD 0 Language REG_SZ English.lng selectedrives REG_SZ C:\|F:\| HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware alwaysscanfiles REG_DWORD 1 alwaysscanheuristics REG_DWORD 1 alwaysscanmemory REG_DWORD 1 alwaysscanregistry REG_DWORD 1 alwaysscanstartups REG_DWORD 1 autosavelog REG_DWORD 1 openlog REG_DWORD 1 defaultscan REG_DWORD 0 terminateie REG_DWORD 0 HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware alwaysscanfiles REG_DWORD 1 alwaysscanheuristics REG_DWORD 1 alwaysscanmemory REG_DWORD 1 alwaysscanregistry REG_DWORD 1 alwaysscanstartups REG_DWORD 1 autosavelog REG_DWORD 1 openlog REG_DWORD 1 defaultscan REG_DWORD 0 terminateie REG_DWORD 0 HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1 Inno Setup: Setup Version REG_SZ 5.4.3 (a) Inno Setup: App Path REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware InstallLocation REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware Inno Setup: User REG_SZ Moo Inno Setup: Selected Tasks REG_SZ desktopicon Inno Setup: Deselected Tasks REG_SZ quicklaunchicon Inno Setup: Language REG_SZ English DisplayName REG_SZ Malwarebytes Anti-Malware version 1.65.0.1400 DisplayIcon REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe UninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" QuietUninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENT DisplayVersion REG_SZ 1.65.0.1400 Publisher REG_SZ Malwarebytes Corporation URLInfoAbout REG_SZ http://www.malwarebytes.org NoModify REG_DWORD 1 NoRepair REG_DWORD 1 InstallDate REG_SZ 20121007 MajorVersion REG_DWORD 1 MinorVersion REG_DWORD 65 EstimatedSize REG_DWORD 19772 Pending File Rename Operations: ================================ If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\ PendingFileRenameOperations REG_MULTI_SZ \??\C:\Windows\system32\spool\PRTPROCS\x64\1_CNMPDA9.DLL Scheduler Queue: ================ Scheduled Item: Update Schedule Options: | Daily | Random Start Time: 2012-10-07 11:15 Repeating Every: 1 Recover if missed by: 23 Context Menu Entries: ===================== HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer (Default): REG_SZ MBAMExt.MBAMShlExt.1 HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1 (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE} (Default): REG_SZ IMBAMShlExt HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib (Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID (Default): REG_SZ MBAMExt.MBAMShlExt.1 HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib (Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID (Default): REG_SZ MBAMExt.MBAMShlExt HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0 (Default): REG_SZ MBAMExt 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0 HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0 (Default): REG_SZ MBAMExt 1.0 Type Library HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware MBAM Drivers: ============= C:\Windows\system32\drivers\mbam.sys File Size: 25928 BYTES FileVersion: 1.60.2.0 Required Dependencies: ====================== fltmgr: ============== Type : 2 State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr AttachWhenLoaded REG_DWORD 1 DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001 Group REG_SZ FSFilter Infrastructure ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000 ErrorControl REG_DWORD 3 Start REG_DWORD 0 Tag REG_DWORD 1 Type REG_DWORD 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum 0 REG_SZ Root\LEGACY_FLTMGR\0000 Count REG_DWORD 1 NextInstance REG_DWORD 1 C:\Windows\system32\drivers\fltmgr.sys File Size: 290368 BYTES FileVersion: 6.1.7600.16385 C:\Windows\SysWOW64\mscomctl.ocx File Size: 1070152 BYTES FileVersion: 6.1.98.34 C:\Windows\SysWOW64\olepro32.dll File Size: 90112 BYTES FileVersion: 6.1.7600.16385 List of MBAM Related Directories: ================================= C:\Program Files (x86)\Malwarebytes' Anti-Malware changes.txt File Size: 2780 BYTES license.txt File Size: 11141 BYTES mbam.chm File Size: 582708 BYTES mbam.dll File Size: 499784 BYTES FileVersion: 1.65.0.0 mbam.exe File Size: 981656 BYTES FileVersion: 1.62.0.140 mbamcore.dll File Size: 1089608 BYTES FileVersion: 1.62.0.0 mbamext.dll File Size: 95304 BYTES FileVersion: 1.61.0.0 mbamgui.exe File Size: 766536 BYTES FileVersion: 1.65.0.0 mbamnet.dll File Size: 2168392 BYTES FileVersion: 1.62.0.0 mbampt.exe File Size: 40008 BYTES FileVersion: 1.61.0.0 mbamscheduler.exe File Size: 399432 BYTES FileVersion: 1.65.0.0 mbamservice.exe File Size: 676936 BYTES FileVersion: 1.65.0.0 ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3 unins000.dat File Size: 15350 BYTES unins000.exe File Size: 711240 BYTES FileVersion: 51.52.0.0 unins000.msg File Size: 10550 BYTES vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon chameleon.chm File Size: 186068 BYTES firefox.com File Size: 218696 BYTES firefox.exe File Size: 218696 BYTES firefox.pif File Size: 218696 BYTES firefox.scr File Size: 218696 BYTES iexplore.exe File Size: 218696 BYTES mbam-chameleon.com File Size: 218696 BYTES mbam-chameleon.exe File Size: 218696 BYTES mbam-chameleon.pif File Size: 218696 BYTES mbam-chameleon.scr File Size: 218696 BYTES mbam-killer.exe File Size: 896072 BYTES rundll32.exe File Size: 218696 BYTES svchost.exe File Size: 218696 BYTES winlogon.exe File Size: 218696 BYTES C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languages arabic.lng File Size: 21110 BYTES belarusian.lng File Size: 26026 BYTES bosnian.lng File Size: 26236 BYTES bulgarian.lng File Size: 26678 BYTES catalan.lng File Size: 27226 BYTES chineseSI.lng File Size: 10642 BYTES chineseTR.lng File Size: 11588 BYTES croatian.lng File Size: 25844 BYTES czech.lng File Size: 23894 BYTES danish.lng File Size: 25750 BYTES dutch.lng File Size: 27282 BYTES english.lng File Size: 23742 BYTES estonian.lng File Size: 24112 BYTES finnish.lng File Size: 24990 BYTES french.lng File Size: 28790 BYTES german.lng File Size: 28870 BYTES greek.lng File Size: 28316 BYTES hebrew.lng File Size: 18714 BYTES hungarian.lng File Size: 27548 BYTES italian.lng File Size: 27186 BYTES japanese.lng File Size: 15814 BYTES korean.lng File Size: 13710 BYTES latvian.lng File Size: 26208 BYTES lithuanian.lng File Size: 26920 BYTES macedonian.lng File Size: 27830 BYTES norwegian.lng File Size: 24216 BYTES polish.lng File Size: 25726 BYTES portugueseBR.lng File Size: 27720 BYTES portuguesePT.lng File Size: 28056 BYTES romanian.lng File Size: 27308 BYTES russian.lng File Size: 26352 BYTES serbian.lng File Size: 25970 BYTES slovak.lng File Size: 24752 BYTES slovenian.lng File Size: 23998 BYTES spanish.lng File Size: 29010 BYTES swedish.lng File Size: 25132 BYTES thai.lng File Size: 25190 BYTES turkish.lng File Size: 25046 BYTES vietnamese.lng File Size: 28574 BYTES C:\Users\Moo\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware C:\Users\Moo\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs C:\Users\Moo\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware rules.ref File Size: 7135009 BYTES C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration build.conf File Size: 140 BYTES config.conf File Size: 3276 BYTES custom.conf File Size: 20 BYTES database.conf File Size: 432 BYTES local.conf File Size: 630 BYTES manifest.conf File Size: 545 BYTES messaging.conf File Size: 20 BYTES news.conf File Size: 405 BYTES C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs protection-log-2012-10-07.txt File Size: 11428 BYTES protection-log-2012-10-08.txt File Size: 8790 BYTES protection-log-2012-10-09.txt File Size: 834 BYTES =============================================================== END OF FILE
  12. Update option still does not work, same error as before. I am using the trial version sorry I forgot to state this earlier.
  13. # AdwCleaner v2.004 - Logfile created 10/08/2012 at 12:31:28 # Updated 06/10/2012 by Xplode # Operating system : Windows 7 Ultimate (64 bits) # User : Moo - MOO-PC # Boot Mode : Normal # Running from : C:\Users\Moo\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility Folder Deleted : C:\Users\Moo\AppData\LocalLow\boost_interprocess Folder Deleted : C:\Users\Moo\AppData\Roaming\OpenCandy ***** [Registry] ***** Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1 Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.7600.16385 [OK] Registry is clean. -\\ Mozilla Firefox v15.0 (en-US) Profile name : default File : C:\Users\Moo\AppData\Roaming\Mozilla\Firefox\Profiles\gyjzsbuj.default\prefs.js C:\Users\Moo\AppData\Roaming\Mozilla\Firefox\Profiles\gyjzsbuj.default\user.js ... Deleted ! [OK] File is clean. -\\ Google Chrome v22.0.1229.79 File : C:\Users\Moo\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[R1].txt - [3741 octets] - [07/10/2012 11:26:57] AdwCleaner[s1].txt - [3689 octets] - [08/10/2012 12:31:28] ########## EOF - C:\AdwCleaner[s1].txt - [3749 octets] ##########
  14. Malwarebytes still wont update after following your instructions. However, I could update it manually by downloading the definitions from http://malwarebytes.gt500.org/, would there be any difference between manually updating and using MBAM automatic update?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.