Jump to content

mhbmd

Members
  • Posts

    16
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

1,509 profile views
  1. Thanks for your help. I'll re-install and report back on the results.
  2. I still haven't re-installed MBAM. I can do so and see if it will function properly, though it may take several days to really tell. The issue has taken a few days to recur in the past. Is that your suggestion? Did the logs suggest something specific?
  3. Sorry, that one was CheckResults.txt, not CHKDSKResults.txt. Thanks again for your help. Let's try this: TimeCreated : 7/2/2016 11:23:56 AM Message : Checking file system on C: The type of the file system is NTFS. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... 214784 file records processed. File verification completed. 1453 large file records processed. 0 bad file records processed. 0 EA records processed. 9359 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 287102 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 214784 file SDs/SIDs processed. Cleaning up 1112 unused index entries from index $SII of file 0x9 . Cleaning up 1112 unused index entries from index $SDH of file 0x9 . Cleaning up 1112 unused security descriptors. Security descriptor verification completed. 36160 data files processed. CHKDSK is verifying Usn Journal... 265549688 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... 214768 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 35838408 free clusters processed. Free space verification is complete. CHKDSK discovered free space marked as allocated in the master file table (MFT) bitmap. CHKDSK discovered free space marked as allocated in the volume bi tmap. Windows has made corrections to the file system. 219673599 KB total disk space. 75661116 KB in 176315 files. 109092 KB in 36161 indexes. 0 KB in bad sectors. 549755 KB in use by the system. 65536 KB occupied by the log file. 143353636 KB available on disk. 4096 bytes in each allocation unit. 54918399 total allocation units on disk. 35838409 allocation units available on disk. Internal Info: 00 47 03 00 07 3e 03 00 51 29 06 00 00 00 00 00 .G...>..Q)...... 0e 02 00 00 8f 24 00 00 00 00 00 00 00 00 00 00 .....$.......... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ Windows has finished checking your disk. Please wait while your computer restarts.
  4. I did, exactly as you suggested in your last post. I don't understand these logs; do they suggest that I didn't run check disc? It ran on restart for at least 20 minutes. I then immediately ran powershell as you asked and posted the logs.
  5. Here you go. Thanks. Potential issues: ============================== MBAMService ====================== Type: 16 State: 1 (The service is not running.) (State is stopped) WIN32_EXIT_CODE: 1067 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 MbamWebAccessControl ====================== Type: 2 State: 1 (The service is not running.) (State is stopped) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ mbam-check result log version: 2.3.2.0 ======================================== User Account type: Administrator DomainComputer: No OS: Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System Current Version and Build: 6.1.7601 Malwarebytes Anti-Malware: 2.2.1.1043 Installed On: 2016/06/22 Malware Database: 2016.06.27.07 Rootkit Database: 2016.05.27.01 Remediation Database: 2016.06.21.01 IP Database: 2016.06.27.01 Domain Database: 2016.06.27.04 License: Premium Malware Protection: 4 (The service is running.) Malicious Website Protection: 1 (The service is not running.) Chameleon: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon Log Created: 2016/06/27 18:11:40 User Information for Local System: =========================================== User Account: Administrator Account Level: Admin User Account: Guest Account Level: Guest User Account: HomeGroupUser$ Account Level: Guest User Account: Michael Account Level: Admin Total # of user entries: 4 UAC Settings: =================== SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA DWORD 0 Status: OFF SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin DWORD 0 Status: OFF AntiVirus Information: =================== AntiVirus Software Installed: "Bitdefender Antivirus Free Edition" FireWall Information: =================== NO 3rd Party Firewall Software Installed AntiSpyware Information: =================== AntiSpyware Software Installed: "Bitdefender Antivirus Free Edition" AntiSpyware Software Installed: "Windows Defender" Machine Information =============================================== Machine ID: 6ffb13f491bc2e24c3c805989131bb91415aa55c Installation Token: L6mzZMG2pSNaAREWqmbn System has been up for: 24.6642 Hours Current Date: 2016-Jun-27 22:11:41.889904 Date Booted: 2016-Jun-26 22:11:41.889904 Detection and Protection Settings =============================================== Use Advanced Heuristics Engine (Shuriken): true Scan for rootkits: false Scan within archives: true PUP (Potentially Unwanted Program) detections: Treat Detections as Malware PUM (Potentially Unwanted Modification) detections: Treat Detections as Malware Compatibility Flag Settings: ================================= Malwarebytes Anti-Malware Shell Extension Block Check: ====================================================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked: MBAM Startup Entries: ===================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Malwarebytes Anti-Malware Service and Driver Status: ======================================================= --------------Driver File Info:-------------- C:\Windows\system32\drivers\mbam.sys File Size: 27008 BYTES FileVersion: 0.1.16.0 MD5: [78bff5425e044086e74e78650a359fbb] C:\Windows\system32\drivers\mwac.sys File Size: 64896 BYTES FileVersion: 1.0.6.0 MD5: [452acb7a9914398d9e18cccffcf92208] C:\Windows\system32\drivers\mbamswissarmy.sys File Size: 217328 BYTES FileVersion: 4.1.0.51 MD5: [b65efc9029517b820bf14c94c3499738] C:\Windows\system32\drivers\mbamchameleon.sys File Size: 140672 BYTES FileVersion: 1.1.22.0 MD5: [1239597bab7eed2bb16d035af87e65d9] --------------MBAMProtector:-------------- Type: 2 State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 --------------MBAMService:-------------- Type: 16 State: 1 (The service is not running.) (State is stopped) WIN32_EXIT_CODE: 1067 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 --------------MBAMScheduler:-------------- Type: 16 State: 4 (The service is running.) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 --------------MBAMChameleon:-------------- Type: N/A State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon WIN32_EXIT_CODE: N/A SERVICE_EXIT_CODE: N/A CHECKPOINT: N/A WAIT_HINT: N/A --------------MBAMWebAccessControl:-------------- Type: 2 State: 1 (The service is not running.) (State is stopped) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 Required Dependencies: ====================== --------------BFE:-------------- Type: 32 State: 4 (The service is running.) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE DisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001 Group REG_SZ NetworkProvider ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002 ObjectName REG_SZ NT AUTHORITY\LocalService ErrorControl REG_DWORD 1 Start REG_DWORD 2 Type REG_DWORD 32 DependOnService REG_MULTI_SZ RpcSs ServiceSidType REG_DWORD 3 RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege FailureActions REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll ServiceDllUnloadOnStop REG_DWORD 1 ServiceMain REG_SZ BfeServiceMain HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data {9db5e469-b3f9-47cd-89cb-8da4a2b41a36}REG_BINARY Binary Data {6b53db2e-45ed-4aff-939d-031714733d82}REG_BINARY Binary Data {ea19a789-4ee7-4112-869e-9ecb7abe12c1}REG_BINARY Binary Data {98395d45-4563-4372-adf6-e4590a8e998b}REG_BINARY Binary Data {440cc24d-d9dd-4c4a-8985-2662e3e9f58f}REG_BINARY Binary Data {ed6afcce-ffdf-4c25-b8b5-0d0914226613}REG_BINARY Binary Data {8c0b86f2-9252-4475-82b6-feb428802c51}REG_BINARY Binary Data {fcc81bf5-5c83-4f71-843e-b00ee1b9483c}REG_BINARY Binary Data {f94da470-0558-4a08-aeb2-20c327d4d6b6}REG_BINARY Binary Data {4049000f-b01c-4950-a95f-ff0ca619abec}REG_BINARY Binary Data {671a4cc2-a19f-49a7-a5a8-a20c4cc9affe}REG_BINARY Binary Data {57fb7286-f5cc-4af2-9d67-cb4ed258bc11}REG_BINARY Binary Data {e638b86c-ebee-42ae-b6db-2bc3fefb54ba}REG_BINARY Binary Data {3dda1213-65cc-4d07-9f32-c574de510bf6}REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout {971fe817-a416-4447-b577-1dd38109858e}REG_BINARY Binary Data {982a0ed3-8535-4b32-8907-63780de8bb88}REG_BINARY Binary Data {49bc316e-22f6-4ebf-ae58-75b3e49ec111}REG_BINARY Binary Data {03288309-b852-4761-8181-d399cff7f23e}REG_BINARY Binary Data {351f5661-b48e-465a-9f2b-c35915e41602}REG_BINARY Binary Data {d83c4ddf-b5b4-44a3-9221-b4da15b2708f}REG_BINARY Binary Data {1f03505a-2c31-4da5-b01e-f6ae6e6acf09}REG_BINARY Binary Data {43c2cb5a-4daa-4461-9a1d-988c81896a4a}REG_BINARY Binary Data {86002faf-e455-4493-a901-375a1045f74f}REG_BINARY Binary Data {ecb859dd-8793-4556-ad85-4c1f8fff61d6}REG_BINARY Binary Data {6ed7b0a9-ff49-4418-89e3-814735afc4ce}REG_BINARY Binary Data {e33fb58c-a13c-4763-b08c-dd3fdd87418a}REG_BINARY Binary Data {beb7d817-855c-4a44-90f5-11f95b2a6519}REG_BINARY Binary Data {c2e7b6d5-4acf-4a81-b2ad-4343823c8d90}REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data {9db5e469-b3f9-47cd-89cb-8da4a2b41a36}REG_BINARY Binary Data {c0ec88f6-8f29-487f-b75f-9ec70244e72c}REG_BINARY Binary Data {6b53db2e-45ed-4aff-939d-031714733d82}REG_BINARY Binary Data {7f3d2317-8fa9-4733-82f1-16e199869978}REG_BINARY Binary Data {ea19a789-4ee7-4112-869e-9ecb7abe12c1}REG_BINARY Binary Data {c681227d-0b6f-4aa1-b3db-d629969608f1}REG_BINARY Binary Data {98395d45-4563-4372-adf6-e4590a8e998b}REG_BINARY Binary Data {308ff412-9eba-44d5-9cea-a9be44cfdb4b}REG_BINARY Binary Data {440cc24d-d9dd-4c4a-8985-2662e3e9f58f}REG_BINARY Binary Data {6f347775-aaec-49f5-8aae-813452bfc3d4}REG_BINARY Binary Data {ed6afcce-ffdf-4c25-b8b5-0d0914226613}REG_BINARY Binary Data {7e96a182-5655-4b32-9abb-53d86f946a27}REG_BINARY Binary Data {8c0b86f2-9252-4475-82b6-feb428802c51}REG_BINARY Binary Data {73402305-c771-421c-9a9e-676e632cd58d}REG_BINARY Binary Data {fcc81bf5-5c83-4f71-843e-b00ee1b9483c}REG_BINARY Binary Data {f7f1e7a9-2a28-4fd8-9257-37b661a77308}REG_BINARY Binary Data {f94da470-0558-4a08-aeb2-20c327d4d6b6}REG_BINARY Binary Data {44a6bed6-4a59-486a-8900-d496fc034712}REG_BINARY Binary Data {4049000f-b01c-4950-a95f-ff0ca619abec}REG_BINARY Binary Data {8fd772d5-328b-4ea3-9671-36427c79d37f}REG_BINARY Binary Data {671a4cc2-a19f-49a7-a5a8-a20c4cc9affe}REG_BINARY Binary Data {cc155c6c-d1f7-4775-b8ee-6ceff2bb16c2}REG_BINARY Binary Data {57fb7286-f5cc-4af2-9d67-cb4ed258bc11}REG_BINARY Binary Data {72513c0a-8dd8-44be-b3dd-a32818022fc5}REG_BINARY Binary Data {e638b86c-ebee-42ae-b6db-2bc3fefb54ba}REG_BINARY Binary Data {3c83dd70-7e3a-43f0-854f-4b770f01a148}REG_BINARY Binary Data {3dda1213-65cc-4d07-9f32-c574de510bf6}REG_BINARY Binary Data {127e6889-bf6e-4394-aab5-d204bcf00dc0}REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data {e5e8c522-9d0e-48dc-b4fd-16789ad052e5}REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data {ff2e84f6-a3b5-4993-a23c-03f63edf942f}REG_BINARY Binary Data --------------fltmgr:-------------- Type: 2 State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE: 0 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr AttachWhenLoaded REG_DWORD 1 DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001 Group REG_SZ FSFilter Infrastructure ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000 ErrorControl REG_DWORD 3 Start REG_DWORD 0 Tag REG_DWORD 1 Type REG_DWORD 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum 0 REG_SZ Root\LEGACY_FLTMGR\0000 Count REG_DWORD 1 NextInstance REG_DWORD 1 C:\Windows\system32\drivers\fltmgr.sys File Size: 289664 BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741] C:\Windows\SysWOW64\comctl32.ocx File Size: 608448 BYTES FileVersion: 6.0.81.5 MD5: [eb5f811c1f78005b3c147599a0cccf51] C:\Windows\SysWOW64\mscomctl.ocx File Size: 1070232 BYTES FileVersion: 6.1.98.46 MD5: [273676426739b02a45a0fc9349500b65] C:\Windows\SysWOW64\olepro32.dll File Size: 90112 BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96] MBAM Registry Settings and License Info: ======================================== --------------Settings:-------------- Advanced: AutomaticQuarantine: true AutostartProtection: true LimitedMode: false StartSilentMode: false StartupDelay: -15 ApplicationState: First-Run-After-Installation: false General: DaysUntilNotifyExpiration: 5 Language: en RightClickAccess: true SilentErrors: false Logging: ExportLog: true Marketing: LastPostScanMarketingIndex: 5 Notification: ProtectionTray: DisplayMilliseconds: 3000 ScanHistory: Duration_Complete: 57406 Duration_Driver: 0 Duration_Filesystem: 676 Duration_Heuristics: 368973 Duration_Loading: 0 Duration_MasterBootRecord: 0 Duration_Memory: 40000 Duration_PreScan: 19586 Duration_Registry: 7163 Duration_Sector: 0 Duration_Startup: 15408 ItemCount_Complete: 238315 ItemCount_Driver: 0 ItemCount_Filesystem: 44683 ItemCount_Heuristics: 20569 ItemCount_Loading: 0 ItemCount_MasterBootRecord: 0 ItemCount_Memory: 2797 ItemCount_PreScan: 19500 ItemCount_Registry: 581 ItemCount_Sector: 0 ItemCount_Startup: 2212 LastRemovalRequiredDOR: false LastScanDateEpoch: 1467010333823 LastScanType: 1 (Threat Scan) Update: LastUpdate: 2016-06-27T21:18:16 NotifyInstallReady: true NotifyOutdatedDatabase: 7 ProxyPassword: ProxyPort: 0 ProxyServer: ProxyUsername: UseProxy: false UseProxyAuthentication: false CheckProgramUpdates: true --------------Account:-------------- Account Status: Premium Expiration Time: Activation Time: 2016/06/22 22:14:16 Trial Used: true --------------Access Policies:-------------- Scheduler Queue: ================ tasks: 3e2e0096-e4ff-4e1a-9538-5ad976873e50: parameters: NotifyWhenUpdateCompletes: false TaskType: 3 triggers: b2da439a-14f7-4445-a45d-0eeaba1f9ce5: dateinterval: 0:0:0 (Days:Months:Years) lastscheduled: Mon, 27 Jun 2016 18:04:32.473343 -0400 lasttriggered: Mon, 27 Jun 2016 18:04:32.473343 -0400 nextscheduled: Mon, 27 Jun 2016 18:21:59.473599 -0400 recovery: 00:00:00 (Hours:Minutes:Seconds) start: Wed, 22 Jun 2016 23:11:46.473599 -0400 timeinterval: 01:00:00 (Hours:Minutes:Seconds) type: Hourly uuid: b2da439a-14f7-4445-a45d-0eeaba1f9ce5 type: update uuid: 3e2e0096-e4ff-4e1a-9538-5ad976873e50 e801e474-57ec-48d7-b3d2-01e153f660cf: parameters: AutoDelete: false CheckForUpdatesBeforeScanStart: true ScanConfig: ExportLog: true FileSystemOption: true Quarantine: Prompt RebootSystemWhenMalwareDetected: false ScanArchives: true ScanExtra: true ScanHeuristic: true ScanMemoryObjects: true ScanPUM: Treat Detections as Malware ScanPUP: Treat Detections as Malware ScanRegistry: true ScanRootkits: false ScanSource: 1 ScanStartup: true ScanTargets: ScanType: 1 (Threat Scan) Silent: true StartTaskFromSystemAccount: false TaskType: 0 triggers: 48fb7704-e690-4f58-b6d0-01e3080d1219: dateinterval: 1:0:0 (Days:Months:Years) lastscheduled: Mon, 27 Jun 2016 02:52:08.009138 -0400 lasttriggered: Mon, 27 Jun 2016 02:52:08.009138 -0400 nextscheduled: Tue, 28 Jun 2016 02:54:14 -0400 recovery: 23:00:00 (Hours:Minutes:Seconds) start: Thu, 23 Jun 2016 02:51:39 -0400 timeinterval: 00:00:00 (Hours:Minutes:Seconds) type: Daily uuid: 48fb7704-e690-4f58-b6d0-01e3080d1219 type: scan uuid: e801e474-57ec-48d7-b3d2-01e153f660cf Pending File Rename Operations: ================================ If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation. MBAMProtector Registry Values: ============================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector Type REG_DWORD 2 Start REG_DWORD 3 ErrorControl REG_DWORD 1 ImagePath REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys Group REG_SZ FSFilter Anti-Virus DependOnService REG_MULTI_SZ FltMgr WOW64 REG_DWORD 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances DefaultInstance REG_SZ MBAMProtector Instance HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance Altitude REG_SZ 328800 Flags REG_DWORD 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters PassThruFile REG_SZ mbampt.exe ProductPath REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum 0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000 Count REG_DWORD 1 NextInstance REG_DWORD 1 MBAMService Registry Values: ============================ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService Type REG_DWORD 16 Start REG_DWORD 2 ErrorControl REG_DWORD 1 ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" DependOnService REG_MULTI_SZ MBAMProtector WOW64 REG_DWORD 1 ObjectName REG_SZ LocalSystem Description REG_SZ Malwarebytes Anti-Malware service DelayedAutostart REG_DWORD 0 MBAMScheduler Registry Values: ============================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler Type REG_DWORD 16 Start REG_DWORD 2 ErrorControl REG_DWORD 1 ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" WOW64 REG_DWORD 1 ObjectName REG_SZ LocalSystem Description REG_SZ Malwarebytes Anti-Malware scheduler Terminal Services Status for (null) entries in PM logs and GetUserToken errors: =============================================================================== --------------TERMService:-------------- Type: 32 State: 1 (The service is not running.) (State is stopped) WIN32_EXIT_CODE: 1077 SERVICE_EXIT_CODE: 0 CHECKPOINT: 0 WAIT_HINT: 0 TermService Start is set to: 3 (Manual Startup) Proxy Status: No proxy is Set Proxy Override: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ ProxyOverride REG_SZ *.local LAN Settings: ============= only 'Automatically detect settings' is selected SystemPartition: ================ HKEY_LOCAL_MACHINE\SYSTEM\Setup\ SystemPartition REG_SZ \Device\HarddiskVolume1 Balloon Tips Status: ==================== Enabled Time Format Settings: ===================== Should be: h:mm:ss tt AM PM : Currently: REG_SZ h:mm:ss tt REG_SZ AM REG_SZ PM REG_SZ : Language and Regional Settings: =============================== ACP: Language is English (United States) MACCP: Language is English (United States) OEMCP: Language is English (United States) Startup Folders for Error_Expanding_Variables Check: ==================================================== All Users Startup Folder Exists. Current User's Startup Folder Exists. Context Menu Entries: ===================== HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer (Default): REG_SZ MBAMExt.MBAMShlExt.1 HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1 (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE} (Default): REG_SZ IMBAMShlExt HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib (Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID (Default): REG_SZ MBAMExt.MBAMShlExt.1 HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib (Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID (Default): REG_SZ MBAMExt.MBAMShlExt HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0 (Default): REG_SZ MBAMExt 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0 HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0 (Default): REG_SZ MBAMExt 1.0 Type Library HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware List of MBAM Related Directories: ================================= C:\Program Files (x86)\Malwarebytes Anti-Malware\ 7z.dll File Size: 922080 BYTES FileVersion: 9.20.0.0 MD5: [14079a2411fa2bb7f78bc100c92bbcc2] changes.txt File Size: 1596 BYTES FileVersion: N/A MD5: [09371a0c8bd9e9554571da257d554d3e] cloud-enumeration.dll File Size: 287200 BYTES FileVersion: 1.0.1.0 MD5: [84ac20b9327dbd4d94039be93384dad5] cloud.dll File Size: 352736 BYTES FileVersion: 1.0.1.0 MD5: [5659790448fb136a80be407c4a0dbb50] license.rtf File Size: 38870 BYTES FileVersion: N/A MD5: [ed36ea764c3a452334416713c8cf1eed] master.conf File Size: 1258 BYTES FileVersion: N/A MD5: [9702ca5e82d3756c6d8af34a2ababaea] mbam.dll File Size: 609760 BYTES FileVersion: 1.0.40.0 MD5: [c4a51c1cb174066fdaf383c09f0d574b] mbam.exe File Size: 9926112 BYTES FileVersion: 2.3.173.0 MD5: [8e98e3ec16d2641005b4748cd330fb45] mbamcore.dll File Size: 2127840 BYTES FileVersion: 1.3.24.0 MD5: [63ce66ef2b30a09308eafe29baec6a75] mbamdor.exe File Size: 55264 BYTES FileVersion: 1.0.2.0 MD5: [297c1bdcc26adb339d4c0f0550e434d6] mbamext.dll File Size: 431072 BYTES FileVersion: 3.1.1.0 MD5: [67a6ec1735c77c2623b49cc1f284c8a0] mbampt.exe File Size: 40928 BYTES FileVersion: 1.0.57.0 MD5: [04d0b942b0ad4a5d2eee45d9b7d6545b] mbamresearch.exe File Size: 1949152 BYTES FileVersion: 1.1.1.0 MD5: [e601f9ca6a72493bc8185bedda17eee8] mbamscheduler.exe File Size: 1514464 BYTES FileVersion: 3.1.7.0 MD5: [9611577752e293259c7dce19e9026362] mbamservice.exe File Size: 1136608 BYTES FileVersion: 3.2.21.0 MD5: [f1a89a34388b5626f1548d393b23ecb1] mbamsrv.dll File Size: 3863008 BYTES FileVersion: 2.1.10.0 MD5: [a33629c51295570fe9f252a39ddcea93] msvcp100.dll File Size: 422880 BYTES FileVersion: 10.0.40219.325 MD5: [53a5f1b984f585997968cd0dfb27400c] msvcr100.dll File Size: 775648 BYTES FileVersion: 10.0.40219.325 MD5: [dc0213118e61e5ca865092109860792c] Qt5Core.dll File Size: 4646880 BYTES FileVersion: 5.4.1.0 MD5: [91c7c50b2a290b82604163b5a679ea24] Qt5Gui.dll File Size: 4640224 BYTES FileVersion: 5.4.1.0 MD5: [1d59b3e632aef8e24cc1707fd411113b] Qt5Network.dll File Size: 673248 BYTES FileVersion: 5.4.1.0 MD5: [e089635a8cbed229ec30cdbe29748c08] Qt5Widgets.dll File Size: 4474848 BYTES FileVersion: 5.4.1.0 MD5: [33881dda0ccc3898facadf1e4d1df237] unins000.dat File Size: 37462 BYTES FileVersion: N/A MD5: [d8f240b2103654eebc0e9ac911c164b9] unins000.exe File Size: 720085 BYTES FileVersion: 51.52.0.0 MD5: [f1505d347325c77e3eeef418495e1f57] C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows chameleon.chm File Size: 235882 BYTES FileVersion: N/A MD5: [c4190b71f037714aa77aba294434ba5b] firefox.com File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] firefox.exe File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] firefox.pif File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] firefox.scr File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] iexplore.exe File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] mbam-chameleon.com File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] mbam-chameleon.exe File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] mbam-chameleon.pif File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] mbam-chameleon.scr File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] mbam-killer.exe File Size: 1504736 BYTES FileVersion: 3.0.15.0 MD5: [b79d3c2fca170c4dd15d7316067a1fd3] rundll32.exe File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] svchost.exe File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] windows.exe File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] winlogon.exe File Size: 960480 BYTES FileVersion: 3.1.29.0 MD5: [f86a4139730504047f52ccfb8c47e9f5] C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats qgif.dll File Size: 29664 BYTES FileVersion: 5.4.1.0 MD5: [0b528e4c9bbd9efdea9bc8ac6a967d6d] qico.dll File Size: 29664 BYTES FileVersion: 5.4.1.0 MD5: [7b36d94db81b8b0dfd9323228dd96b51] C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages lang_ar.qm File Size: 87404 BYTES FileVersion: N/A MD5: [269d3107ca72a75fe154ce4ff718af50] lang_bg.qm File Size: 133911 BYTES FileVersion: N/A MD5: [376ad1e4ad206bc32da09b12b564ecc4] lang_ca.qm File Size: 92634 BYTES FileVersion: N/A MD5: [2d35f58b0c2db44ad2717f4a4526a085] lang_cs.qm File Size: 105193 BYTES FileVersion: N/A MD5: [2c191de828d5e05fd7afa27ee1245023] lang_da.qm File Size: 88039 BYTES FileVersion: N/A MD5: [f8a4941d5d388160d252832a77ab584f] lang_de.qm File Size: 139276 BYTES FileVersion: N/A MD5: [b55f37281f0fcadfae67aecf0bf4cca5] lang_el.qm File Size: 126897 BYTES FileVersion: N/A MD5: [bd671253e071bac626beea63393abcda] lang_en.qm File Size: 3081 BYTES FileVersion: N/A MD5: [e2790b3cd9fdd9d3e266e9623fe477af] lang_es.qm File Size: 138468 BYTES FileVersion: N/A MD5: [cc4f3aab63d933d5964e2bba62df4277] lang_et.qm File Size: 107794 BYTES FileVersion: N/A MD5: [aa4845cd64b20377cea0ebc66eed4a42] lang_fi.qm File Size: 130793 BYTES FileVersion: N/A MD5: [00653d1fb2f790817aef991025c176aa] lang_fr.qm File Size: 141996 BYTES FileVersion: N/A MD5: [e06db8ef6b826b75ec5859913651ed44] lang_he.qm File Size: 98928 BYTES FileVersion: N/A MD5: [2954e902664f2e129f8a8d8238e90552] lang_hu.qm File Size: 132359 BYTES FileVersion: N/A MD5: [6bf3b8c78fd393ef2811a19742518b9a] lang_id.qm File Size: 129135 BYTES FileVersion: N/A MD5: [6be058072a90897595c6f097a3caa797] lang_it.qm File Size: 134154 BYTES FileVersion: N/A MD5: [183990148beec433023688db65a7bf2e] lang_ja.qm File Size: 73762 BYTES FileVersion: N/A MD5: [f6bfd643cb92fa760ae6ec64344ee7e1] lang_ko.qm File Size: 85731 BYTES FileVersion: N/A MD5: [53b5a94eb309d69993a5bc3cd43a85e4] lang_lt.qm File Size: 90799 BYTES FileVersion: N/A MD5: [eecd8edca1fb068ad3bd88aa711bdae2] lang_lv.qm File Size: 90659 BYTES FileVersion: N/A MD5: [683950904e725821740217824df440ff] lang_nl.qm File Size: 133514 BYTES FileVersion: N/A MD5: [442a6cf7e07e6f676d8b5ae41637549c] lang_no.qm File Size: 129833 BYTES FileVersion: N/A MD5: [8949e21e367e5a32ca9f36d8d22c9771] lang_pl.qm File Size: 133827 BYTES FileVersion: N/A MD5: [48379f4ac164adfc8d448bf53c8e2df8] lang_pt_BR.qm File Size: 136918 BYTES FileVersion: N/A MD5: [b1ea2002cf5362b24ca0a026f448e3f1] lang_pt_PT.qm File Size: 136982 BYTES FileVersion: N/A MD5: [5e23b66cb6d8d9894b991cc8f33658af] lang_ro.qm File Size: 90458 BYTES FileVersion: N/A MD5: [bcf524020255c4f7a6fdbae8df2bfe81] lang_ru.qm File Size: 137874 BYTES FileVersion: N/A MD5: [5e28394fbd12f21301e2b7e1a9dbac94] lang_sk.qm File Size: 131080 BYTES FileVersion: N/A MD5: [68e0e95e7131d101188a57e3a413dee5] lang_sl.qm File Size: 107631 BYTES FileVersion: N/A MD5: [83755001a3f1bd527d0b4b7a77d0b37d] lang_sv.qm File Size: 129135 BYTES FileVersion: N/A MD5: [b3c38242beb63f895fabcc14bbc6807a] lang_tr.qm File Size: 88838 BYTES FileVersion: N/A MD5: [1e4a3c0dcd7074ad4a3971ce67762cda] lang_vi.qm File Size: 133386 BYTES FileVersion: N/A MD5: [586de19c023986bf884ad56fc29c8f5e] lang_zh_TW.qm File Size: 87797 BYTES FileVersion: N/A MD5: [e120a014cf077bdcbcdcbf98c3438188] C:\Program Files (x86)\Malwarebytes Anti-Malware\\platforms qwindows.dll File Size: 929760 BYTES FileVersion: 5.4.1.0 MD5: [6c54d2ebeaacbe9b56816536041c8281] C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins fixdamage.exe File Size: 823776 BYTES FileVersion: 1.4.0.1001 MD5: [bbfc25590af3e45d8cca1fab95648b40] C:\Users\Michael\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware actions.ref File Size: 8263 BYTES FileVersion: N/A MD5: [c312abcb0e4fa4d6007dcd1976b49b77] akadomains.ref File Size: 92 BYTES FileVersion: N/A MD5: [73d5774cbd8df165274a0691ae264808] akaips.ref File Size: 92 BYTES FileVersion: N/A MD5: [2a6869d1f91f0a0b87b1d27bd30ccc5c] domains.ref File Size: 665145 BYTES FileVersion: N/A MD5: [c5b6eb9fd96e185b2c4cdc2caa228bf2] exclusions.dat File Size: 0 BYTES FileVersion: N/A MD5: [d41d8cd98f00b204e9800998ecf8427e] ips.ref File Size: 137904 BYTES FileVersion: N/A MD5: [6c3fc2a051bf681388457c4b1d17bb2e] rules.ref File Size: 9675350 BYTES FileVersion: N/A MD5: [2c025f363acb9ae6333bbc50cd923e73] swissarmy.ref File Size: 28249 BYTES FileVersion: N/A MD5: [796931ca33465057e4349a3844809397] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration build.conf File Size: 4598 BYTES FileVersion: N/A MD5: [de66cec162c8eeb42c3ff3cc3b434524] database.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2] gatekeeper.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2] license.conf File Size: 2853 BYTES FileVersion: N/A MD5: [436b7b4e11a29387cb6f04c6d1439abd] manifest.conf File Size: 3409 BYTES FileVersion: N/A MD5: [a259c8937f6c031b339ee4d2ba785e75] marketing.conf File Size: 6974 BYTES FileVersion: N/A MD5: [53bbca93e7bbeb7f5dca1ef9419ccb28] net.conf File Size: 7338 BYTES FileVersion: N/A MD5: [6ad43ddd04d0b2763cd94a4a0d504d3a] notifications.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2] scheduler.conf File Size: 2119 BYTES FileVersion: N/A MD5: [20dbb46a83942d98c351415128d14dcb] settings.conf File Size: 2093 BYTES FileVersion: N/A MD5: [1f5d565586117876ea09c1ab576b3be3] statistics.conf File Size: 513 BYTES FileVersion: N/A MD5: [e713fece491720c3a582e47c11e63dc2] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore build.conf File Size: 4179 BYTES FileVersion: N/A MD5: [20d9566b3cf94f1e395de8f40046fc68] database.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2] gatekeeper.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2] license.conf File Size: 23 BYTES FileVersion: N/A MD5: [0ec01df616b565180556881d8042255b] manifest.conf File Size: 3171 BYTES FileVersion: N/A MD5: [a6e5576f7723acab40490fb9e64dfc1c] marketing.conf File Size: 6974 BYTES FileVersion: N/A MD5: [53bbca93e7bbeb7f5dca1ef9419ccb28] net.conf File Size: 6530 BYTES FileVersion: N/A MD5: [9fb4acfdc11c7af48a760db4c7bfebf0] notifications.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2] scheduler.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2] settings.conf File Size: 1724 BYTES FileVersion: N/A MD5: [e27b42126b89352fdaae8f1630b9a8d8] statistics.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs mbam-log-2016-06-22 (22-14-34).xml File Size: 2616 BYTES FileVersion: N/A MD5: [e6ef8d325758e449ba5cf05e8e4bc954] mbam-log-2016-06-23 (03-06-15).xml File Size: 2616 BYTES FileVersion: N/A MD5: [082dc3f29cfcb20e436a8f2fc8e8c642] mbam-log-2016-06-24 (02-44-05).xml File Size: 2616 BYTES FileVersion: N/A MD5: [c232f2105f638ce03a040b0e727619c4] mbam-log-2016-06-24 (02-59-50).xml File Size: 2616 BYTES FileVersion: N/A MD5: [46401a1734e87cd6a9e18f5547e4d4f2] mbam-log-2016-06-25 (02-43-27).xml File Size: 2616 BYTES FileVersion: N/A MD5: [0c2b9f6d127861bdba627abe7ea7a776] mbam-log-2016-06-25 (03-03-38).xml File Size: 2616 BYTES FileVersion: N/A MD5: [fadd2af966dd1804806bc0483d805e8e] mbam-log-2016-06-26 (03-05-08).xml File Size: 2616 BYTES FileVersion: N/A MD5: [dcfc42a5b468361b396a48dc36830062] mbam-log-2016-06-27 (02-52-08).xml File Size: 2616 BYTES FileVersion: N/A MD5: [c4f08b854280fcb72a5e2de40e03d3ec] protection-log-2016-06-22.xml File Size: 6928 BYTES FileVersion: N/A MD5: [814ac49a279ac6f56281ef4b3999b7d4] protection-log-2016-06-23.xml File Size: 22391 BYTES FileVersion: N/A MD5: [1a8c06bf5e9475345b0b61b58b711320] protection-log-2016-06-24.xml File Size: 7735 BYTES FileVersion: N/A MD5: [2cd4be9610eac18d24696ab6eb9b0d88] protection-log-2016-06-25.xml File Size: 23090 BYTES FileVersion: N/A MD5: [6a05ad581b39a3b11319d5f2bf74f3ae] protection-log-2016-06-26.xml File Size: 13601 BYTES FileVersion: N/A MD5: [548f35d4ee2d129337106e879612e339] protection-log-2016-06-27.xml File Size: 11785 BYTES FileVersion: N/A MD5: [e6c0ff91ff526866a6dcd734db97c24b] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine Malware Exclusions: =================== Web Exclusions: ================ Quarantined Items: =================== =============================================================== END OF FILE
  6. Thank you for your help. I've done as you suggested. FRST.txt Addition.txt
  7. Yes. As stated in my MBAM Help post, I have followed the instructions in this post to the letter, three separate times. I am still having the "Protection Disabled" issue. I also do not believe that I am infected, but the response in the MBAM Help forum advised me to post here. If the logs do not indicate an infection, what is my next step?
  8. Thanks, I have posted in the Malware Removal Help forum as you suggested.
  9. I am posting here as suggested in my post in the MBAM Help forum: It seems unlikely that I have been infected with malware, as I have always used anti-virus (currently Bitdefender Free) and MBAM Premium. However, I am attaching the suggested logs in hopes that someone can suggest a solution to the repeated issue of real time protection becoming disabled. Thanks in advance for any help. FRST.txt Addition.txt
  10. For the past 2 weeks or 3 weeks, I have been repeatedly receiving the "Protection Disabled" alert for Malwarebytes Anti-Malware Home Premium (real time protection is repeatedly disabled). I have followed the recommendations to remove MBAM found in this post: Three times, in fact, disabling my anti-virus, rebooting, re-installing and then re-activating the latest version of MBAM, with the eventual reappearance of the "Protection Disabled" alert. I am attaching the requested diagnostic logs. FRST.txt Addition.txt CheckResults.txt
  11. No, it's not just you. Now that I know what you were referring to (my mistake), I do not have the Context menu, either. I believe that explains it.
  12. If by Right Click Context Menu you mean the menu of options accessed by right clicking on the Malwarebytes taskbar icon, then I can confirm that it functions properly on my Vista Home Premium 64-bit system.
  13. I just finished a test of the 1.37 beta, and it performed flawlessly on my Vista 64-bit system (protection module active), and I'm now running the final release version with no issues. Hooray for 64-bit compatibility! Great software. Great job, guys!
  14. Well, my 24 hour test results for the beta are likely of no real benefit now, but here goes anyway: Installed quickly, without issues (Vista x64 SP1, Intel Core 2 Duo E7300 with 4 GB RAM)). Quick scan ran in 1 minute 25 seconds, with one problem detected (the NoActiveDesktopChanges registry entry) which I chose to allow Malwarebytes to correct. Full scan ran in 21 minutes 54 seconds with no malicious items detected. The scheduled quick scan ran unattended this morning as expected, and the appropriate log entry was made. System resource usage is about 20.5 MB memory for mbamservice.exe (which I assume is the protection module), and roughly twice that for mbam.exe (the scanner). I have noticed no impact on system performance with the protection module active. No apparent impact on email retrieval with Outlook 2007. I am running Avast! v. 4.8 Home Edition, Secunia PSI, and even Windows Defender with no apparent conflicts. So far, absolutely no issues with the 1.37 beta at all. If my experience is typical, I believe Malwarebytes is now compatible with Vista 64-bit! Note: The Operating Systems list under Download for v 1.37 still states "Vista (32-bit only)."
  15. I am running Windows Vista 64 bit and have installed Malwarebytes v. 1.37 to aid in the evaluation of this beta version. So far everything seems to be running as expected, with the exception of the Protection module. As with every prior version, the Protection module appears to require activation via the Purchase or Register routes. How am I to test this function in Vista x64 if it is not activated in the beta version? Obviously I have not purchased a license for the program since the Protection function has not, to this point, functioned under Vista x64. Please advise.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.