RobertSchlein
-
Posts
2 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by RobertSchlein
-
-
I am getting the same error. Additionally, one of my applications I use daily won't close after I use it a moment.
I have read other forums about similar codes and have some reports.
mbam-check result log version: 1.10.0.1000
Malwarebytes Version: REG_SZ 1.65.1.1000
Date Log Created: 11/20/12
Time Log Created: 12:26:25
32 bit Operating System
Product Name: REG_SZ Microsoft Windows XP
Current Build Number: 2600
Current Version Number: 5.1
Current CSDVersion: Service Pack 3
OS Product Info: Home Edition
Proxy Status: No proxy is Set
Proxy Override:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
ProxyOverride REG_SZ *.local
LAN Settings:
=============
No Settings are Set <--NOT DETECTING SETTING AUTOMATICALLY
SystemPartition:
================
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
Balloon Tips Status:
====================
Enabled
Time Format Settings:
=====================
Should be:
h:mm:ss tt
AM
PM
:
Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :
Language and Regional Settings:
===============================
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: Language is English (United States)
Startup Folders for Error_Expanding_Variables Check:
====================================================
All Users Startup Folder Exists.
Current User's startup Folder Exists.
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
TERMService:
==============
Type : 32
State : 4 (The service is running.) (State is stopped)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
TermService Start is set to: 3 (Manual Startup)
Compatibility Flag Settings (Any MBAM file listings should be removed):
=======================================================================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Documents and Settings\Rob Schlein\Local Settings\Application Data\Google\Chrome\Application\chrome.exeREG_SZ EnableNXShowUI
C:\Program Files\Internet Explorer\iexplore.exeREG_SZ EnableNXShowUI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\XX\XX.BAT REG_SZ WIN95
C:\XX\CUSTOM030.BAT REG_SZ WIN95
C:\Program Files\R&R Report Writer\rrw.exeREG_SZ WIN98
C:\TEMP\MENU.EXE REG_SZ WIN95
C:\Documents and Settings\Rob Schlein\Desktop\Rnav2003.exeREG_SZ WIN98
C:\MENU.BAT REG_SZ WIN98 DISABLECICERO
C:\Documents and Settings\Rob Schlein\Desktop\MENU.BAT.pifREG_SZ WIN95
C:\MENU\MENU.EXE REG_SZ WIN95 DISABLETHEMES
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked
MBAM Startup Entries:
=====================
Service and Driver Status:
==========================
MBAMProtector:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
MBAMService:
==============
Type : 16
State : 4 (The service is running.)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
MBAMProtector Registry Values:
==============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type REG_DWORD 2
Start REG_DWORD 3
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ \??\C:\WINDOWS\system32\drivers\mbam.sys
Group REG_SZ FSFilter Anti-Virus
DependOnService REG_MULTI_SZ FltMgr
DependOnGroup REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude REG_SZ 328800
Flags REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Security
Security REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1
MBAMService Registry Values:
============================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type REG_DWORD 16
Start REG_DWORD 2
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"
DependOnService REG_MULTI_SZ MBAMProtector
DependOnGroup REG_DWORD 0
ObjectName REG_SZ LocalSystem
Description REG_SZ Malwarebytes Anti-Malware service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService\Security
Security REG_BINARY Binary Data
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService\Enum
0 REG_SZ Root\LEGACY_MBAMSERVICE\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1
MBAM DLL's and Runtime Files:
=============================
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid
(Default): REG_SZ vbAccelerator Grid Control
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid
(Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid
(Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\SSubTimer6.CTimer
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid
(Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid
(Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID
(Default): REG_SZ SSubTimer6.CTimer
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION
(Default): REG_SZ 1.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
(Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
(Default): REG_SZ 2
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
(Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ ISubclass
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
(Default): REG_SZ CTimer
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
(Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
(Default): REG_SZ vbalGrid
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
(Default): REG_SZ {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
(Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}
Version REG_SZ 1.1
MBAM Registry Settings and License Info:
========================================
HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware
InstallPath REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
Affiliate REG_SZ https://store.malwarebytes.org/342/?scope=checkout&cart=29945
dbversion REG_SZ v2012.11.20.03
programversion REG_SZ 1.65.1.1000
dbdate REG_SZ Tue, 20 Nov 2012 15:17:35 GMT
hidereg REG_DWORD 0
startipdisabled REG_DWORD 0
useproxy REG_DWORD 0
useauthentication REG_DWORD 0
downloadprogram REG_DWORD 1
advancedheuristics REG_DWORD 1
scanreboot REG_DWORD 1
detectp2p REG_DWORD 0
detectpum REG_DWORD 1
detectpup REG_DWORD 2
updatewarn REG_DWORD 1
updatewarndays REG_DWORD 7
notifyinstallprogram REG_DWORD 1
trialended REG_DWORD 0
SchedulerQueue REG_MULTI_SZ 6148, 30175178, 103391312, 1, 23 | 30262936, 1967437424
ID XXXXX-XXXXX This is hidden data.
Key XXXX-XXXX-XXXX-XXXX This is hidden data.
contextmenu REG_DWORD 1
reportthreats REG_DWORD 1
silentipmode REG_DWORD 0
trialpromptshown REG_DWORD 1
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware\UUID
There is data here but it is hidden.
HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware (Trial)
TrialId There is data here but it is hidden.
HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware
language REG_SZ english.lng
selectedrives REG_SZ C:\|
terminateie REG_DWORD 0
autosavelog REG_DWORD 1
openlog REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
defaultscan REG_DWORD 0
alwaysscanstartups REG_DWORD 1
HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
contextmenu REG_DWORD 1
defaultscan REG_DWORD 0
reportthreats REG_DWORD 1
terminateie REG_DWORD 0
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
silentipmode REG_DWORD 0
trialpromptshown REG_DWORD 0
HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware
alwaysscanfiles REG_DWORD 1
alwaysscanheuristics REG_DWORD 1
alwaysscanmemory REG_DWORD 1
alwaysscanregistry REG_DWORD 1
alwaysscanstartups REG_DWORD 1
autosavelog REG_DWORD 1
openlog REG_DWORD 1
contextmenu REG_DWORD 1
defaultscan REG_DWORD 0
reportthreats REG_DWORD 1
terminateie REG_DWORD 0
startwithwindows REG_DWORD 1
startfsdisabled REG_DWORD 0
silentipmode REG_DWORD 0
trialpromptshown REG_DWORD 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1
Inno Setup: Setup Version REG_SZ 5.4.3 (a)
Inno Setup: App Path REG_SZ C:\Program Files\Malwarebytes' Anti-Malware
InstallLocation REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\
Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware
Inno Setup: User REG_SZ Rob Schlein
Inno Setup: Selected Tasks REG_SZ desktopicon,quicklaunchicon
Inno Setup: Deselected Tasks REG_DWORD 0
Inno Setup: Language REG_SZ English
DisplayName REG_SZ Malwarebytes Anti-Malware version 1.65.1.1000
DisplayIcon REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
UninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
QuietUninstallString REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" /SILENT
DisplayVersion REG_SZ 1.65.1.1000
Publisher REG_SZ Malwarebytes Corporation
URLInfoAbout REG_SZ http://www.malwarebytes.org
NoModify REG_DWORD 1
NoRepair REG_DWORD 1
InstallDate REG_SZ 20121109
MajorVersion REG_DWORD 1
MinorVersion REG_DWORD 65
Scheduler Queue:
================
Scheduled Item: Update Schedule Options: | Daily | Random
Start Time: 2011-09-10 14:57 Repeating Every: 1 Recover if missed by: 23
Context Menu Entries:
=====================
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
(Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
(Default): REG_SZ IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
(Default): REG_SZ {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
Version REG_SZ 1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
(Default): REG_SZ MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
ThreadingModel REG_SZ Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
(Default): REG_SZ MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
(Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
(Default): REG_SZ MBAMExt.MBAMShlExt
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
(Default): REG_SZ MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
(Default): REG_SZ 0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
(Default): REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\
MBAM Drivers:
=============
C:\WINDOWS\system32\drivers\mbam.sys File Size: 22856 BYTES FileVersion: 1.60.2.0
Required Dependencies:
======================
fltmgr:
==============
Type : 2
State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0
SERVICE_EXIT_CODE : 0
CHECKPOINT : 0
WAIT_HINT : 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
Description REG_SZ File System Filter Manager Driver
DisplayName REG_SZ FltMgr
ErrorControl REG_DWORD 1
Group REG_SZ FSFilter Infrastructure
ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys
Start REG_DWORD 0
Type REG_DWORD 2
Tag REG_DWORD 1
AttachWhenLoaded REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0 REG_SZ Root\LEGACY_FLTMGR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1
C:\WINDOWS\system32\drivers\fltmgr.sys File Size: 129792 BYTES FileVersion: 5.1.2600.5512
C:\WINDOWS\system32\comctl32.ocx File Size: 608448 BYTES FileVersion: 6.0.81.5
C:\WINDOWS\system32\mscomctl.ocx File Size: 1070152 BYTES FileVersion: 6.1.98.34
C:\WINDOWS\system32\olepro32.dll File Size: 84992 BYTES FileVersion: 5.1.2600.5512
List of MBAM Related Directories:
=================================
C:\Program Files\Malwarebytes' Anti-Malware
changes.rtf File Size: 785 BYTES
changes.txt File Size: 576 BYTES
license.txt File Size: 11141 BYTES
mbam.chm File Size: 582708 BYTES
mbam.dll File Size: 499784 BYTES FileVersion: 1.65.0.0
mbam.exe File Size: 981656 BYTES FileVersion: 1.62.0.140
mbamcore.dll File Size: 1089608 BYTES FileVersion: 1.62.0.0
mbamext.dll File Size: 80968 BYTES FileVersion: 1.61.0.0
mbamgui.exe File Size: 766536 BYTES FileVersion: 1.65.0.0
mbamnet.dll File Size: 2168904 BYTES FileVersion: 1.62.0.0
mbampt.exe File Size: 40008 BYTES FileVersion: 1.61.0.0
mbamscheduler.exe File Size: 399432 BYTES FileVersion: 1.65.0.0
mbamservice.exe File Size: 676936 BYTES FileVersion: 1.65.0.0
ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3
unins000.dat File Size: 97693 BYTES
unins000.exe File Size: 711240 BYTES FileVersion: 51.52.0.0
unins000.msg File Size: 10550 BYTES
vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40
zlib.dll File Size: 79696 BYTES FileVersion: 1.2.3.0
C:\Program Files\Malwarebytes' Anti-Malware\Chameleon
chameleon.chm File Size: 186068 BYTES
firefox.com File Size: 218184 BYTES
firefox.exe File Size: 218184 BYTES
firefox.pif File Size: 218184 BYTES
firefox.scr File Size: 218184 BYTES
iexplore.exe File Size: 218184 BYTES
mbam-chameleon.com File Size: 218184 BYTES
mbam-chameleon.exe File Size: 218184 BYTES
mbam-chameleon.pif File Size: 218184 BYTES
mbam-chameleon.scr File Size: 218184 BYTES
mbam-killer.exe File Size: 984648 BYTES FileVersion: 1.60.0.47
rundll32.exe File Size: 218184 BYTES
svchost.exe File Size: 218184 BYTES
winlogon.exe File Size: 218184 BYTES
C:\Program Files\Malwarebytes' Anti-Malware\Languages
arabic.lng File Size: 21110 BYTES
belarusian.lng File Size: 26026 BYTES
bosnian.lng File Size: 26236 BYTES
bulgarian.lng File Size: 26678 BYTES
catalan.lng File Size: 27226 BYTES
chineseSI.lng File Size: 10642 BYTES
chineseTR.lng File Size: 11588 BYTES
croatian.lng File Size: 25844 BYTES
czech.lng File Size: 23894 BYTES
danish.lng File Size: 25750 BYTES
dutch.lng File Size: 27282 BYTES
english.lng File Size: 23742 BYTES
estonian.lng File Size: 24112 BYTES
finnish.lng File Size: 24990 BYTES
french.lng File Size: 28790 BYTES
german.lng File Size: 28870 BYTES
greek.lng File Size: 28316 BYTES
hebrew.lng File Size: 18714 BYTES
hungarian.lng File Size: 27548 BYTES
italian.lng File Size: 27186 BYTES
japanese.lng File Size: 15814 BYTES
korean.lng File Size: 13710 BYTES
latvian.lng File Size: 26208 BYTES
lithuanian.lng File Size: 26920 BYTES
macedonian.lng File Size: 27830 BYTES
norwegian.lng File Size: 24216 BYTES
polish.lng File Size: 25726 BYTES
portugueseBR.lng File Size: 27720 BYTES
portuguesePT.lng File Size: 28056 BYTES
romanian.lng File Size: 27308 BYTES
russian.lng File Size: 26352 BYTES
serbian.lng File Size: 25970 BYTES
slovak.lng File Size: 24752 BYTES
slovenian.lng File Size: 23998 BYTES
spanish.lng File Size: 29010 BYTES
swedish.lng File Size: 25132 BYTES
thai.lng File Size: 25190 BYTES
turkish.lng File Size: 25046 BYTES
vietnamese.lng File Size: 28574 BYTES
C:\Documents and Settings\Rob Schlein\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
C:\Documents and Settings\Rob Schlein\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs
mbam-log-2010-10-04 (12-02-15).txt File Size: 1746 BYTES
mbam-log-2010-10-05 (11-13-43).txt File Size: 896 BYTES
mbam-log-2010-10-05 (12-41-20).txt File Size: 912 BYTES
mbam-log-2010-10-07 (17-11-08).txt File Size: 894 BYTES
mbam-log-2011-04-16 (15-57-38).txt File Size: 895 BYTES
mbam-log-2011-09-10 (17-42-48).txt File Size: 902 BYTES
mbam-log-2011-11-29 (15-46-10).txt File Size: 902 BYTES
mbam-log-2012-11-20 (11-21-55).txt File Size: 1946 BYTES
C:\Documents and Settings\Rob Schlein\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
===============================================================
END OF FILE
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by Rob Schlein at 12:28:09 on 2012-11-20
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3061.1968 [GMT -6:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe
C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\WebDrive\wdService.exe
C:\WINDOWS\System32\WFXSVC.EXE
C:\Program Files\WinFax\WFXMOD32.EXE
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\FaxTalk Trial\FTmsgsvc.exe
C:\Program Files\Seagate Replica\bin\ReplicaSysMon.exe
C:\Program Files\Seagate Replica\bin\Seagate-Replica-Svc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Seagate Replica\bin\Seagate-Replica-Autoplay.exe
C:\Program Files\Seagate Replica\bin\Seagate-Replica-Tray.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k eapsvcs
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k dot3svc
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bigtalldirect.com
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr/*http://www.yahoo.com/ext/search/search.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://home.peoplepc.com/search
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Yahoo! Companion BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\common\ycomp5_1_6_0.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Solid Converter PDF: {259F616C-A300-44F5-B04A-ED001A26C85C} - c:\program files\soliddocuments\solidconverterpdf\scpdf\ExploreExtPDF.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: EWPBrowseObject Class: {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboForm.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: IeCaptureBho Object: {7c1ce531-09e9-4fc5-9803-1c2956615786} - LocalServer32 - <no file>
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - c:\program files\search toolbar\SearchToolbar.dll
BHO: Viewpoint Toolbar BHO: {A7327C09-B521-4EDB-8509-7D2660C9EC98} - LocalServer32 - <no file>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: &Google Notebook: {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - c:\program files\google\google notebook\gnotes1.0.2.19-1365465124.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - c:\program files\google\chrome frame\application\23.0.1271.64\npchrome_frame.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\RoboForm.dll
TB: &Yahoo! Companion: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\common\ycomp5_1_6_0.dll
TB: Copernic Agent: {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - c:\program files\copernic agent\CopernicAgentExt.dll
TB: Google Notebook: {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - c:\program files\google\google notebook\gnotes1.0.2.19-1365465124.dll
TB: Ask Toolbar: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboForm.dll
TB: &Yahoo! Companion: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\common\ycomp5_1_6_0.dll
TB: Copernic Agent: {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - c:\program files\copernic agent\CopernicAgentExt.dll
TB: Solid Converter PDF: {259F616C-A300-44F5-B04A-ED001A26C85C} - c:\program files\soliddocuments\solidconverterpdf\scpdf\ExploreExtPDF.dll
TB: Google Notebook: {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - c:\program files\google\google notebook\gnotes1.0.2.19-1365465124.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Easy-WebPrint: {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Search Toolbar: {9D425283-D487-4337-BAB6-AB8354A81457} - c:\program files\search toolbar\SearchToolbar.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
EB: &Yahoo! Messenger: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0411.dll
EB: &Yahoo! Messenger: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0411.dll
EB: Copernic Agent Results: {6F480F82-C3A6-4D35-96F7-B297AD49FBE8} - c:\program files\copernic agent\CopernicAgentExt.dll
EB: Google Notebook: {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - c:\program files\google\google notebook\gnotes1.0.2.19-1365465124.dll
EB: Copernic Agent: {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - c:\program files\copernic agent\CopernicAgentExt.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [backup4all 3] "c:\program files\softland\backup4all 3\Backup4all.exe" /s
uRun: [Google Update] "c:\documents and settings\rob schlein\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [Logitech Vid] "c:\program files\logitech\vid hd\Vid.exe" -bootmode
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [WebDriveTray] c:\program files\webdrive\webdrive.exe /trayicon
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [NWTRAY] NWTRAY.EXE
mRun: [AdaptecDirectCD] c:\program files\adaptec\easy cd creator 5\directcd\DirectCD.exe
mRun: [pdfFactory Pro Dispatcher v1] c:\windows\system32\spool\drivers\w32x86\2\fppdis1.exe
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [pdfFactory Dispatcher v2] "c:\windows\system32\spool\drivers\w32x86\3\fppdis2a.exe" /source=HKLM
mRun: [sDVirtualPrinterAgent] c:\progra~1\sdapps\print-~1\SDVPAGENT.EXE
mRun: [FinePrint Dispatcher v5] "c:\windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe" /source=HKLM
mRun: [WinFaxAppPortStarter] wfxsnt40.exe
mRun: [WFXSwtch] c:\progra~1\winfax\WFXSWTCH.exe
mRun: [PeachtreePrefetcher.exe] c:\program files\sage software\peachtree8\PeachtreePrefetcher.exe /configfile:peachtreeprefetcher.winstart.config
mRun: [Ask and Record FLV Service] "c:\program files\ask & record toolbar\FLVSrvc.exe" /run
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [brStsWnd] c:\program files\brownie\BrstsWnd.exe Autorun
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [FaxTalk FaxCenter Pro 8] "c:\program files\faxtalk trial\FTClCtrl.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
StartupFolder: c:\docume~1\robsch~1\startm~1\programs\startup\dosprn.lnk - c:\program files\dosprn\DOSprn.exe
StartupFolder: c:\docume~1\robsch~1\startm~1\programs\startup\efax44~1.lnk - c:\program files\efax messenger 4.4\J2GTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: CompatibleRUPSecurity = dword:1
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Note this (Google Notebook) - c:\program files\google\google notebook\gnotes1.0.2.19-1365465124.dll/gn_menu1.html
IE: Note this item (Google Notebook) - c:\program files\google\google notebook\gnotes1.0.2.19-1365465124.dll/gn_menu2.html
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Search Using Copernic Agent - c:\program files\copernic agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
IE: Yahoo! Dictionary - /c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! Search - /c:\program files\yahoo!\Common/ycsrch.htm
IE: {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - c:\progra~1\copern~2\COPERN~1.EXE
IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021} - <orphaned>
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboForm.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboForm.dll
IE: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - {4C171D40-8277-11D5-AD55-00010333D0AD} - c:\program files\yahoo!\messenger\yhexbmes0411.dll
IE: {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - c:\progra~1\copern~2\COPERN~1.EXE
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboForm.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: symsupportutil - hxxps://www-secure.symantec.com/techsupp/activedata/symsupportutil.CAB
DPF: {00000075-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/voxacm.CAB
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813
DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} - hxxps://www.refurbdepot.com/CFIDE/classes/CFJava.cab
DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} - hxxp://down.plaxo.com/down/release/PlaxoInstall.cab
DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} - hxxp://download.mcafee.com/molbin/Shared/MGBrwFld.cab
DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {16F67783-7E72-4C39-99C4-4780A8335484} - hxxp://www.syncmyride.com/Own/Modules/UploadDownload/applets/sync.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} - hxxps://www.peoplepc.com/ppcos/ISP60/Download/ppcwebi.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - hxxp://download.yahoo.com/dl/installs/yinst0309.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo.walgreens.com/WalgreensActivia.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.av.aol.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} - hxxps://www.webiqonline.com/WebIQ/bin/WebIQ.cab
DPF: {556EEC63-31E2-47C3-BF29-DFF799D2FE04} - hxxps://secure.logmein.com/activex/RACtrl.cab
DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - hxxp://software-dl.real.com/22339e56b57531774405/netzip/RdxIE601.cab
DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} - hxxp://office.microsoft.com/productupdates/content/opuc.cab
DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} - hxxp://216.249.24.141/code/PWActiveXImgCtl.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {8E28B3A9-FE83-45D1-B657-D5426B81A121} - hxxp://cs7b.instantservice.com/jars/customerxsigned35.cab
DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} - hxxp://www.installengine.com/engine/isetup.cab
DPF: {94B82441-A413-4E43-8422-D49930E69764} - hxxps://rtc.webresponse.one.microsoft.com/media/xp/TLIEFlash.CAB
DPF: {960B6AEC-118A-4745-A070-819025E17534} - hxxps://www.novastor.com/olbs/webrestore/wbr.cab
DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - hxxp://acs.pandasoftware.com/activescan/as5free/asinst.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37538.6022106481
DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - hxxp://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll
DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://download.av.aol.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
DPF: {BE5431D2-0F30-11D4-89D9-00C04F509C0A} - hxxps://secure.stamps.com/download/us/cab/stamps/stamps.cab?r=0.409881591796875&file=stamps.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab
DPF: {CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-1_4_0_01-win.cab
DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14_01-windows-i586.cab
DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/1.4/jinstall-14_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - hxxp://www.symantec.com/techsupp/activedata/SymAData.dll
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D6376DD2-C2BD-49B2-A1B1-138F869633F3} - hxxp://acs.pandasoftware.com/activescanpro/as5/asproinst.cab
DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
DPF: {E2B7DB22-38C5-11D5-91F6-00104BDB8FF9} - hxxp://www.eprintdriver.com/demos/cabs/LMVRGBxf.cab
DPF: {E2B7DB7E-38C5-11D5-91F6-00104BDB8FF9} - hxxp://www.eprintdriver.com/demos/cabs/LCodcScr.cab
DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} - hxxps://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/RACtrl.cab?rnd=1827532856
TCP: NameServer = 10.0.0.1
TCP: Interfaces\{5547D208-8BE8-41E4-9A4B-6E29702E1C18} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{BF29A8FF-A9F5-4A7D-9F9A-58DBFA384539} : DHCPNameServer = 10.0.0.1
Handler: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - c:\program files\copernic agent\CopernicAgentExt.dll
Handler: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - c:\program files\copernic agent\CopernicAgentExt.dll
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - c:\program files\google\chrome frame\application\23.0.1271.64\npchrome_frame.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - c:\program files\stardock\fences\FencesMenu.dll
SEH: WinFax PRO IShellExecuteHook - {A213B520-C6C2-11d0-AF9D-008029E1027E} - c:\program files\winfax\WFXSEH32.DLL
LSA: Authentication Packages = msv1_0 nwv1_0
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rob schlein\application data\mozilla\firefox\profiles\v7plfz3v.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1423464&SearchSource=3&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.bigtalldirect.com/index_1024.htm
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\rob schlein\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\rob schlein\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\rob schlein\local settings\application data\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\rob schlein\local settings\application data\rockmelt\update\1.2.189.1\npRockMeltOneClick8.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.93\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbrowster.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\nitro pdf\reader\npdf.dll
FF - plugin: c:\program files\nitro pdf\reader\npnitroie.dll
FF - plugin: c:\program files\nitro pdf\reader\npnitromozilla.dll
FF - plugin: c:\program files\opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\opera\program\plugins\npdrmv2.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\npwmsdrm.dll
FF - ExtSQL: 2012-10-15 10:38; artur.dubovoy@gmail.com; c:\documents and settings\rob schlein\application data\mozilla\firefox\profiles\v7plfz3v.default\extensions\artur.dubovoy@gmail.com.xpi
FF - ExtSQL: 2012-10-15 11:01; {bee6eb20-01e0-ebd1-da83-080329fb9a3a}; c:\documents and settings\rob schlein\application data\mozilla\firefox\profiles\v7plfz3v.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF - ExtSQL: 2012-11-01 13:54; clpics@eternicode.com; c:\documents and settings\rob schlein\application data\mozilla\firefox\profiles\v7plfz3v.default\extensions\clpics@eternicode.com.xpi
FF - ExtSQL: 2012-11-01 13:56; craigslistfusion@craigslistfusion.com; c:\documents and settings\rob schlein\application data\mozilla\firefox\profiles\v7plfz3v.default\extensions\craigslistfusion@craigslistfusion.com.xpi
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-3-31 28544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-6 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-6 355632]
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;ABBYY PDF Transformer 3.0 Licensing Service;c:\program files\abbyy pdf transformer 3.0\NetworkLicenseServer.exe [2009-4-27 759048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-6 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-6 44808]
R2 FaxTalk FaxCenter Pro 8;FaxTalk FaxCenter Pro 8;c:\program files\faxtalk trial\FTmsgsvc.exe [2012-9-11 33368]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-9-30 374704]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-5-30 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2007-5-30 47640]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-9 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-10-4 676936]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\nitro pdf\reader\NitroPDFReaderDriverService2.exe [2012-8-22 184848]
R2 psqlWGE;Pervasive PSQL Workgroup Engine;c:\program files\pervasive software\psql\bin\w3dbsmgr.exe [2008-6-6 435496]
R2 ReplicaSysMon;Seagate Replica System Monitor;c:\program files\seagate replica\bin\ReplicaSysMon.exe [2011-3-28 416208]
R2 Seagate-Replica-Svc;Seagate Replica Service;c:\program files\seagate replica\bin\Seagate-Replica-Svc.exe [2011-3-28 1947600]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-10-2 3064000]
R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2004-2-4 585728]
R2 WebDriveFSD;WebDrive Filesystem Driver;c:\program files\webdrive\wdfsd.sys [2011-4-21 147416]
R2 WinDriver;WinDriver;c:\windows\system32\drivers\windrvr.sys [2002-10-9 205220]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [2010-6-24 28256]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-10-1 39424]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-10-4 22856]
S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-5-15 234888]
S2 ltmodem;Hayes Modem Driver;c:\windows\system32\ltmodem.sys [2002-10-9 727848]
S2 SBService;ScriptBlocking Service;c:\progra~1\common~1\symant~1\script~1\sbserv.exe --> c:\progra~1\common~1\symant~1\script~1\SBServ.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [2010-6-24 28256]
S3 bcm;Beceem Communications Inc. Tarang3;c:\windows\system32\drivers\drxvi314.sys [2010-7-4 233472]
S3 bcmbusctr;Beceem Devices' Enumerator Driver;c:\windows\system32\drivers\BcmBusCtr.sys [2010-7-4 54784]
S3 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\CCPROXY.EXE [2004-3-10 218736]
S3 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2004-2-4 235120]
S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20050325.009\NAVENG.Sys [2005-3-25 73728]
S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20050325.009\NavEx15.Sys [2005-3-25 631040]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2003-6-13 30336]
S3 Peachtree SmartPosting 2011;Peachtree SmartPosting 2011;c:\program files\sage software\peachtree8\SmartPostingService2011.exe [2010-4-10 43848]
S3 radpms;Driver for RADPMS Device;c:\windows\system32\drivers\radpms.sys [2007-5-30 12192]
S3 Wdm1;USB Bridge Cable Driver;c:\windows\system32\drivers\USBBC.sys [2002-10-9 15576]
S3 Winacusb;Winacusb;c:\windows\system32\drivers\winacusb.sys --> c:\windows\system32\drivers\winacusb.sys [?]
S4 AloPar;AloPar;c:\windows\system32\drivers\AloPar.sys [2002-10-9 4112]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1"
ShellExec: NovaBackup.exe: Open="c:\program files\novastor\novabackup\7\NovaBackup.exe"
ShellExec: solidconverterpdf.exe: open="c:\program files\soliddocuments\solidconverterpdf\scpdf\solidconverterpdf.exe"
ShellExec: solidconverterpdfopenwith.exe: open="c:\program files\soliddocuments\solidconverterpdf\scpdf\solidconverterpdf.exe" -i "%1" -z -w x
.
=============== Created Last 30 ================
.
2012-11-09 20:20:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-01 18:53:24 -------- d-----w- c:\program files\Nirodha Software
.
==================== Find3M ====================
.
2012-11-09 20:20:00 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-09 20:19:58 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-09 20:19:58 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-09 14:48:27 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-09 14:48:26 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-05 18:35:18 83912 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-11-05 18:35:17 92072 ----a-w- c:\windows\system32\LMIinit.dll
2012-11-05 18:35:17 52648 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2012-11-05 18:35:17 31144 ----a-w- c:\windows\system32\LMIport.dll
2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-30 01:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-11 15:13:24 33368 ----a-w- c:\windows\system32\ftumn80.dll
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-22 22:31:38 27152 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-08-22 22:31:38 18448 ----a-w- c:\windows\system32\nitrolocalui2.dll
2001-04-05 15:46:32 5226496 ----a-w- c:\program files\Epson Registration.exe
.
============= FINISH: 12:29:32.31 ===============
I have an attach.txt also, but I read that to send it upon request.
Shell_notification failed
in Malwarebytes for Windows Support Forum
Posted
I'm having trouble finding a phone number contact. Can someone call me? ~number removed~