AZGUY

Hi Ron & doc, Here is where I am guys >> I went to the MBAM scheduler and changed the update settings from daily to hourly. That seems to have done the trick. I am now receiving MBAM updates several times a day as I would expect. I am reluctant to remove the registry entries you noted, because the Schwab related entries may affect my brokerage account at Schwab.... I'm not sure? Since my updates are now updating regularly, I would prefer to leave the registry entries alone. I am a firm believer of "if it ain't broke , don't fix it" If you agree, please let me know. I appreciate all of your help and I learned a great deal about MBAM and the system internals, I Thank You. Sincerely, Rich

@ advanced & doc, Its 1 am here and I'm hitting the sack. I'll be back later today 9/27/13. Thanks again for all your help guys. Cheers Rich zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz

Hi doc, Here is the log as an attachment (I hope) Thanks again for you and AdvanceSetup help on this. CheckResults.txt

Thanks daledoc.>> no question to me is ever a stupid question .. because I'm always learning Yes, I did already setup the MBAM PRO scheduler, but thanks to you I reset the update scheduler from "daily to hourly" so you did help me. Thanks

Hi Ron, I just ran the scans now as you requested. Please let me know if you need anything else that would help you help me. Thanks again. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16506 Run by Richard at 23:59:41 on 2013-09-26 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6088.3548 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\Zentimo\ZentimoService.exe C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\windows\system32\taskhost.exe C:\windows\system32\taskeng.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe C:\Program Files (x86)\Lenovo\Energy Management\utility.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Windows\SysWOW64\WinFLTrayH.exe C:\windows\system32\taskeng.exe C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe C:\Program Files (x86)\Schwab\StreetSmart Edge\QuickLaunch.exe C:\Users\Richard\AppData\Local\NDS\PCShow\PCShowServerPMWrapper.exe C:\Users\Richard\AppData\Local\NDS\PCShow\NDSPCShowServer.exe C:\Program Files\CrashPlan\CrashPlanTray.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\Microsoft Works\WkCalRem.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe C:\Program Files\CrashPlan\CrashPlanService.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe C:\windows\SysWow64\WinFLServiceH.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Macrium\Reflect\ReflectService.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\windows\system32\wbem\unsecapp.exe C:\windows\splwow64.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\vds.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\system32\SearchIndexer.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE C:\Program Files\iPod\bin\iPodService.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Secunia\PSI\sua.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Richard\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll uRun: [Google Update] "C:\Users\Richard\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe" uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart uRun: [WinFLTrayH] C:\windows\SysWow64\WinFLTrayH.exe uRun: [QuickLaunch] C:\Program Files (x86)\Schwab\StreetSmart Edge\QuickLaunch.exe uRun: [PCShowServer] C:\Users\Richard\AppData\Local\NDS\PCShow\PCShowServerPMWrapper.exe uRun: [screenpresso] "C:\Users\Richard\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe" -startup mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" mRun: [KeePass 2 PreLoad] "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [EaseUs Watch] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe" mRun: [EaseUs Tray] "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\Users\Richard\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\wkcalrem.LNK - C:\Program Files (x86)\Microsoft Works\WkCalRem.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CRASHP~1.LNK - C:\Program Files\CrashPlan\CrashPlanTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200 IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{4D861309-407A-46F0-8E28-D61AD67AEB21} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe x64-Run: [Logitech Download Assistant] C:\windows\System32\rundll32.exe C:\windows\System32\LogiLDA.dll,LogiFetch x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\i67rt51a.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Richard\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Users\Richard\AppData\Local\NDS\PCShow\npPlayerPlugin.dll FF - plugin: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\i67rt51a.default\extensions\coralietab@mozdev.org\plugins\npCoralIETab.dll FF - plugin: C:\Users\Richard\AppData\Roaming\Mozilla\plugins\npatgpc.dll FF - plugin: C:\Users\Richard\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Richard\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Richard\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-2 65336] R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-2 204880] R0 EUBAKUP;EUBAKUP;C:\windows\System32\drivers\eubakup.sys [2011-12-31 59976] R0 EUBKMON;EUBKMON;C:\windows\System32\drivers\EUBKMON.sys [2011-12-31 48200] R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-10-27 57952] R0 LHDmgr;LHDmgr;C:\windows\System32\drivers\LhdX64.sys [2012-7-10 39008] R0 SmartDefragDriver;SmartDefragDriver;C:\windows\System32\drivers\SmartDefragDriver.sys [2013-9-20 17720] R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-1-24 1030952] R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-1-24 378944] R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-10-27 13408] R1 EUDSKACS;EUDSKACS;C:\windows\System32\drivers\eudskacs.sys [2011-12-31 18504] R1 EUFDDISK;EUFDDISK;C:\windows\System32\drivers\EuFdDisk.sys [2011-12-31 189000] R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-1-24 33400] R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-1-24 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-9-4 46808] R2 CrashPlanService;CrashPlan Backup Service;C:\Program Files\CrashPlan\CrashPlanService.exe [2012-10-31 222720] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504] R2 EaseUS Agent;EaseUS Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2013-6-9 68168] R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440] R2 FLServiceH;FLServiceH;C:\Windows\SysWOW64\WinFLServiceH.exe [2013-5-7 90832] R2 Guard Agent;Guard Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [2013-6-9 23624] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-27 13336] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-7 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-7 701512] R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2013-6-28 409720] R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-13 994360] R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-10-13 399416] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944] R2 SSPORT;SSPORT;C:\windows\System32\drivers\SSPORT.SYS [2011-3-13 11576] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-27 2656280] R2 ZentimoService;Zentimo Assistant;C:\Program Files (x86)\Zentimo\ZentimoService.exe [2012-1-10 1160536] R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-10-25 29792] R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-1-28 31088] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-10-27 317440] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-10-27 76912] R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-9-7 25928] R3 PSI;PSI;C:\windows\System32\drivers\psi_mf.sys [2010-9-1 17976] R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2013-6-26 767144] R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576] R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840] R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2013-6-26 23208] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2011-10-27 349224] S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-10-27 39464] S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2011-10-27 299520] S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2009-6-10 187392] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-12-10 1255736] S3 WSDScan;WSD Scan Support via UMB;C:\windows\System32\drivers\WSDScan.sys [2009-7-13 25088] S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-09-26 23:24:27 -------- d-----w- C:\Program Files\iPod 2013-09-26 23:24:26 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-26 23:24:26 -------- d-----w- C:\Program Files\iTunes 2013-09-26 23:24:26 -------- d-----w- C:\Program Files (x86)\iTunes 2013-09-25 00:56:43 -------- d-----w- C:\AdwCleaner 2013-09-23 04:53:31 -------- d-----w- C:\Program Files\Synaptics 2013-09-20 17:49:13 32600 ----a-w- C:\windows\System32\SmartDefragBootTime.exe 2013-09-20 17:48:43 17720 ----a-w- C:\windows\System32\drivers\SmartDefragDriver.sys 2013-09-20 00:36:03 3723656 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe 2013-09-15 04:57:29 155584 ----a-w- C:\windows\System32\drivers\ataport.sys 2013-09-15 00:49:26 -------- d-----w- C:\Users\Richard\AppData\Roaming\Samsung 2013-09-15 00:49:17 -------- d-----w- C:\Program Files\Common Files\Common Desktop Agent 2013-09-15 00:49:17 -------- d-----w- C:\Program Files (x86)\Common Files\Common Desktop Agent 2013-09-15 00:49:08 -------- d-----w- C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller 2013-09-15 00:49:07 -------- d-----w- C:\Program Files (x86)\SamsungPrinterLiveUpdate 2013-09-15 00:46:58 1724416 ------w- C:\windows\gdiplus.dll 2013-09-12 20:10:31 -------- d-sh--w- C:\windows\SysWow64\AI_RecycleBin 2013-09-12 20:10:28 -------- d-----w- C:\Program Files (x86)\Reason 2013-09-08 05:39:22 25928 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-09-08 05:39:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-06 07:19:17 1571160 ------w- C:\windows\TotalUninstaller.exe 2013-09-06 07:19:16 219136 ----a-w- C:\windows\System32\SBuySupplies.exe 2013-09-06 07:19:15 -------- d-----w- C:\Program Files (x86)\Samsung 2013-09-05 14:04:02 209272 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll . ==================== Find3M ==================== . 2013-09-20 00:36:22 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-09-20 00:36:21 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-08-30 07:48:10 72016 ----a-w- C:\windows\System32\drivers\aswRdr2.sys 2013-08-30 07:48:10 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys 2013-08-30 07:48:10 204880 ----a-w- C:\windows\System32\drivers\aswVmm.sys 2013-08-30 07:48:10 1030952 ----a-w- C:\windows\System32\drivers\aswSnx.sys 2013-08-30 07:48:09 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys 2013-08-30 07:47:40 41664 ----a-w- C:\windows\avastSS.scr 2013-08-08 01:20:43 3155456 ----a-w- C:\windows\System32\win32k.sys 2013-08-02 02:23:53 5550528 ----a-w- C:\windows\System32\ntoskrnl.exe 2013-08-02 02:15:44 1732032 ----a-w- C:\windows\System32\ntdll.dll 2013-08-02 02:15:03 362496 ----a-w- C:\windows\System32\wow64win.dll 2013-08-02 02:15:03 243712 ----a-w- C:\windows\System32\wow64.dll 2013-08-02 02:15:03 13312 ----a-w- C:\windows\System32\wow64cpu.dll 2013-08-02 02:14:57 215040 ----a-w- C:\windows\System32\winsrv.dll 2013-08-02 02:14:11 16384 ----a-w- C:\windows\System32\ntvdm64.dll 2013-08-02 02:13:34 424448 ----a-w- C:\windows\System32\KernelBase.dll 2013-08-02 01:59:30 3968960 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2013-08-02 01:59:30 3913664 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2013-08-02 01:51:23 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll 2013-08-02 01:50:42 5120 ----a-w- C:\windows\SysWow64\wow32.dll 2013-08-02 01:50:42 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll 2013-08-02 01:09:17 338432 ----a-w- C:\windows\System32\conhost.exe 2013-08-02 00:59:09 112640 ----a-w- C:\windows\System32\smss.exe 2013-08-02 00:45:37 25600 ----a-w- C:\windows\SysWow64\setup16.exe 2013-08-02 00:45:36 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll 2013-08-02 00:45:35 7680 ----a-w- C:\windows\SysWow64\instnm.exe 2013-08-02 00:45:34 2048 ----a-w- C:\windows\SysWow64\user.exe 2013-08-02 00:43:05 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2013-08-02 00:43:05 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2013-08-02 00:43:05 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2013-08-02 00:43:05 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2013-08-01 15:30:33 76408 ----a-w- C:\windows\System32\drivers\psmounterex.sys 2013-07-31 13:29:19 2312704 ----a-w- C:\windows\System32\jscript9.dll 2013-07-31 13:19:03 1392128 ----a-w- C:\windows\System32\wininet.dll 2013-07-31 13:18:24 1494528 ----a-w- C:\windows\System32\inetcpl.cpl 2013-07-31 13:14:29 173056 ----a-w- C:\windows\System32\ieUnatt.exe 2013-07-31 13:13:07 599040 ----a-w- C:\windows\System32\vbscript.dll 2013-07-31 13:08:44 2382848 ----a-w- C:\windows\System32\mshtml.tlb 2013-07-31 10:00:20 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-07-31 09:52:44 1129472 ----a-w- C:\windows\SysWow64\wininet.dll 2013-07-31 09:52:34 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2013-07-31 09:48:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2013-07-31 09:48:09 420864 ----a-w- C:\windows\SysWow64\vbscript.dll 2013-07-31 09:45:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-07-25 09:25:54 1888768 ----a-w- C:\windows\System32\WMVDECOD.DLL 2013-07-25 08:57:27 1620992 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL 2013-07-19 01:58:42 2048 ----a-w- C:\windows\System32\tzres.dll 2013-07-19 01:41:01 2048 ----a-w- C:\windows\SysWow64\tzres.dll 2013-07-09 05:52:52 224256 ----a-w- C:\windows\System32\wintrust.dll 2013-07-09 05:51:16 1217024 ----a-w- C:\windows\System32\rpcrt4.dll 2013-07-09 05:46:20 184320 ----a-w- C:\windows\System32\cryptsvc.dll 2013-07-09 05:46:20 1472512 ----a-w- C:\windows\System32\crypt32.dll 2013-07-09 05:46:20 139776 ----a-w- C:\windows\System32\cryptnet.dll 2013-07-09 04:52:33 663552 ----a-w- C:\windows\SysWow64\rpcrt4.dll 2013-07-09 04:52:10 175104 ----a-w- C:\windows\SysWow64\wintrust.dll 2013-07-09 04:46:31 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll 2013-07-09 04:46:31 1166848 ----a-w- C:\windows\SysWow64\crypt32.dll 2013-07-09 04:46:31 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll 2013-07-06 06:03:53 1910208 ----a-w- C:\windows\System32\drivers\tcpip.sys . ============= FINISH: 0:00:16.41 =============== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. ITS FOR RON !!! IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/10/2011 12:32:50 PM System Uptime: 9/26/2013 11:38:15 PM (1 hours ago) . Motherboard: LENOVO | | Base Board Product Name Processor: Intel® Core i5-2430M CPU @ 2.40GHz | CPU1 | 2401/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 655 GiB total, 542.906 GiB free. D: is FIXED (NTFS) - 29 GiB total, 26.965 GiB free. F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft Virtual WiFi Miniport Adapter Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&1CD4B4AA&0&01 Manufacturer: Microsoft Name: Microsoft Virtual WiFi Miniport Adapter PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&1CD4B4AA&0&01 Service: vwifimp . ==== System Restore Points =================== . RP191: 9/7/2013 10:27:46 PM - Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 1.75.0.1300 RP192: 9/7/2013 10:29:04 PM - Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 1.75.0.1300 RP193: 9/12/2013 1:10:08 PM - Installed Should I Remove It RP194: 9/14/2013 5:11:46 PM - Revo Uninstaller's restore point - Samsung ML-2950 Series RP195: 9/14/2013 5:13:34 PM - Revo Uninstaller's restore point - Samsung ML-2950 Series RP196: 9/14/2013 9:57:31 PM - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.04) AnswerWorks 5.0 English Runtime Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Client Installation Program Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Auslogics Duplicate File Finder avast! Free Antivirus Bonjour Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon IJ Network Scanner Selector EX Canon IJ Network Tool Canon MG5300 series MP Drivers Canon MG5300 series On-screen Manual Canon MG5300 series User Registration Canon MP Navigator EX 5.0 Canon MP560 series MP Drivers Canon My Printer Canon Solution Menu EX CCleaner Cisco WebEx Meetings Common Desktop Agent Compatibility Pack for the 2007 Office system Conexant HD Audio Cox TV Connect CrashPlan D3DX10 EaseUS Todo Backup Free 6.0 Energy Management FlipShare Folder Lock Google Chrome Google Drive Google Earth Google Talk Plugin HiJackThis Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Internet TV for Windows Media Center iSEEK AnswerWorks English Runtime iTunes Junk Mail filter update KeePass Password Safe 1.22 KeePass Password Safe 2.17 Lenovo Bluetooth with Enhanced Data Rate Software Lenovo EasyCamera Lenovo EE Boot Optimizer Lenovo Games Console Lenovo OneKey Recovery Lenovo YouCam LibreOffice 3.6 LibreOffice 3.6 Help Pack (English) Macrium Reflect Free Edition Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MozBackup 1.5.1 Mozilla Firefox 24.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) NirSoft Wireless Network Watcher PDF reDirect (remove only) Picasa 3 Power2Go Quicken 2010 Quicken 2013 QuickTime Realtek USB 2.0 Reader Driver Recuva Revo Uninstaller 1.95 Samsung Easy Printer Manager Samsung ML-2950 Series Samsung Printer Live Update Screenpresso Secunia PSI (2.0.0.4003) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Should I Remove It Smart Defrag 2 Speccy SRWare Iron 16.0.950.0 StreetSmart Edge® Synaptics Pointing Device Driver TaxACT 2011 - 1040 Edition TaxACT 2011 Arizona TaxACT 2012 - 1040 Edition TaxACT 2012 Arizona The Weather Channel App Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939) UserGuide VeriFace Windows Automated Installation Kit Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Center Add-in for Flash Zentimo PRO 1.5 . ==== Event Viewer Messages From Past Week ======== . 9/26/2013 9:59:00 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 9/26/2013 4:22:30 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 9/26/2013 11:40:42 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 9/26/2013 11:40:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect. 9/26/2013 11:40:00 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 9/25/2013 5:41:02 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 9/24/2013 4:04:10 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 64-31-50-91-71-9C. Network operations on this system may be disrupted as a result. 9/24/2013 10:09:00 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.102 with the system having network hardware address D0-DF-9A-7F-77-B3. Network operations on this system may be disrupted as a result. . ==== End Of File ===========================

I recently purchased MBAM PRO which states : Scheduled updates to keep protection up-to-date automatically. (PRO version only) I have my settings set to notify me if my existing update is over 2 days old. Now I am receiving notifications that my updates are 2 days old and to click on the MBAM icon in the system tray to update it. Why are my updates not automatically updating ? Before when I used the free MBAM I manually updated the MBAM several times a day. How can the PRO version be protecting me if its not automatically updating MBAM's definition (or whatever MBAM calls it) files at the very least daily? Please advise. Thanks, Rich

Hi MBAM Staff ~Ron Lewis Thank you for your prompt reply and all the information including links. I bookmarked this page for future reference. Currently, I am not having the problem with MBAM quarantining my Avast definition files. Why, I'm not sure? Maybe my system required a cold reboot after I placed Avast on the MBAM PRO Ignore List? Is this a possibility? If the original problem reoccurs I will continue this thread after performing all the procedures which you have recommended. Is this the best way to proceed? Thanks again, Richard

I just upgraded from my free MBAM to the PRO version. I am, and also have been, running the free Avast AV software. What is happeneing is that when I boot my WIN7 64bit laptop and Avast begins to d/l the latest definition files MBAM PRO starts quaranteeing all the Avast definition files ??? I tried to "add" Avast to the MBAM ignore List from the drop-down menu, but that makes no difference. My understanding is that MBAM PRO is "suppose" to be compatible with all Anti-Virus programs. Apparently not Any help and advice is truly appreciated. Richard