Stick's Content - Page 2 - Malwarebytes Forums

DAILY SCANS

Stick replied to Stick's topic in Malwarebytes for Windows Support Forum

mbam-check result log version: 2.0.0.1000 Malwarebytes Version: REG_SZ 1.75.0.1300 Date Log Created: 05/19/13 Time Log Created: 06:24:29 User Account type: Administrator 64 bit Operating System Product Name: REG_SZ Windows 7 Home Premium Current Build Number: 7601 Current Version Number: 6.1 Current CSDVersion: Service Pack 1 Proxy Status: No proxy is Set LAN Settings: ============= only 'Automatically detect settings' is selected SystemPartition: ================ HKEY_LOCAL_MACHINE\SYSTEM\Setup\ SystemPartition REG_SZ \Device\HarddiskVolume1 Balloon Tips Status: ==================== Enabled Time Format Settings: ===================== Should be: h:mm:ss tt AM PM : Currently: REG_SZ h:mm:ss tt REG_SZ AM REG_SZ PM REG_SZ : Language and Regional Settings: =============================== ACP: Language is English (United States) MACCP: Language is English (United States) OEMCP: Language is English (United States) Startup Folders for Error_Expanding_Variables Check: ==================================================== All Users Startup Folder Exists. Current User's Startup Folder Exists. Terminal Services Status for (null) entries in PM logs and GetUserToken errors: =============================================================================== TERMService: ============== Type : 32 State : 4 (The service is running.) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 TermService Start is set to: 2 (Automatic Startup) Compatibility Flag Settings (Any MBAM file listings should be removed): ======================================================================= HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers SIGN.MEDIA=1A2CD3 setup.exe REG_SZ WINXPSP2 HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers Malwarebytes Anti-Malware Shell Extension Block Check: ====================================================== MBAM Startup Entries: ===================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Service and Driver Status: ========================== MBAMProtector: ============== Type : 2 State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 MBAMService: ============== Type : 16 State : 4 (The service is running.) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 MBAMScheduler: ============== Type : 16 State : 4 (The service is running.) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon MBAMProtector Registry Values: ============================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector Type REG_DWORD 2 Start REG_DWORD 3 ErrorControl REG_DWORD 1 ImagePath REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys Group REG_SZ FSFilter Anti-Virus DependOnService REG_MULTI_SZ FltMgr WOW64 REG_DWORD 1 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances DefaultInstance REG_SZ MBAMProtector Instance HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance Altitude REG_SZ 328800 Flags REG_DWORD 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum 0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000 Count REG_DWORD 1 NextInstance REG_DWORD 1 MBAMService Registry Values: ============================ HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService Type REG_DWORD 16 Start REG_DWORD 2 ErrorControl REG_DWORD 1 ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" DependOnService REG_MULTI_SZ MBAMProtector WOW64 REG_DWORD 1 ObjectName REG_SZ LocalSystem Description REG_SZ Malwarebytes Anti-Malware service DelayedAutostart REG_DWORD 0 MBAMScheduler Registry Values: ============================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler Type REG_DWORD 16 Start REG_DWORD 2 ErrorControl REG_DWORD 1 ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" WOW64 REG_DWORD 1 ObjectName REG_SZ LocalSystem Description REG_SZ Malwarebytes Anti-Malware scheduler MBAM DLL's and Runtime Files: ============================= HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid (Default): REG_SZ vbAccelerator Grid Control HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid (Default): REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67} HKEY_CLASSES_ROOT\SSubTimer6.GSubclass (Default): REG_SZ SSubTimer6.GSubclass HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid (Default): REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\SSubTimer6.CTimer (Default): REG_SZ SSubTimer6.CTimer HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid (Default): REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\SSubTimer6.ISubclass (Default): REG_SZ SSubTimer6.ISubclass HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid (Default): REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ SSubTimer6.ISubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID (Default): REG_SZ SSubTimer6.ISubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION (Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ SSubTimer6.GSubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID (Default): REG_SZ SSubTimer6.GSubclass HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION (Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ SSubTimer6.CTimer HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID (Default): REG_SZ SSubTimer6.CTimer HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION (Default): REG_SZ 1.0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A} HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1 (Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS (Default): REG_SZ 2 HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1 (Default): REG_SZ vbAccelerator VB6 SGrid Control 2.0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS (Default): REG_SZ 2 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0 (Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix) HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0 HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0 (Default): REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix) HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ _ISubclass HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ ISubclass HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ __CTimer HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A} (Default): REG_SZ CTimer HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib (Default): REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB} (Default): REG_SZ __vbalGrid HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib (Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A} Version REG_SZ 1.1 HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB} (Default): REG_SZ vbalGrid HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32 (Default): REG_SZ {00020420-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Wow6432Node\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib (Default): REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A} Version REG_SZ 1.1 MBAM Registry Settings and License Info: ======================================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware advancedheuristics REG_DWORD 1 downloadprogram REG_DWORD 1 hidereg REG_DWORD 0 detectp2p REG_DWORD 1 detectpum REG_DWORD 1 detectpup REG_DWORD 1 updatewarn REG_DWORD 1 updatewarndays REG_DWORD 1 useproxy REG_DWORD 0 useauthentication REG_DWORD 0 contextmenu REG_DWORD 1 reportthreats REG_DWORD 1 startwithwindows REG_DWORD 1 startfsdisabled REG_DWORD 0 startipdisabled REG_DWORD 0 silentipmode REG_DWORD 0 autoquarantine REG_DWORD 1 notifyinstallprogram REG_DWORD 1 trialpromptshown REG_DWORD 1 autoquarantinenotify REG_DWORD 1 InstallPath REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware dbdate REG_SZ Sat, 18 May 2013 12:55:18 GMT dbversion REG_SZ v2013.05.18.03 programversion REG_SZ 1.75.0.1300 programbuild REG_SZ consumer trialended REG_DWORD 0 ID XXXXX-XXXXX This is hidden data. Key XXXX-XXXX-XXXX-XXXX This is hidden data. alwaysscanarchives REG_DWORD 1 SchedulerQueue REG_MULTI_SZ 16392, 30297386, 1975711744, 1, 1 | 30298836, 2273132544 32776, 30297411, 2601529344, 1, 1 | 30298861, 2898950144 HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial) TrialId There is data here but it is hidden. StartDate REG_SZ Thu, 31 Jan 2013 21:15:37 UTC EndDate REG_SZ Thu, 14 Feb 2013 21:15:37 UTC HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware alwaysscanfiles REG_DWORD 1 alwaysscanheuristics REG_DWORD 1 alwaysscanmemory REG_DWORD 1 alwaysscanregistry REG_DWORD 1 alwaysscanstartups REG_DWORD 1 autosavelog REG_DWORD 1 openlog REG_DWORD 1 defaultscan REG_DWORD 2 terminateie REG_DWORD 0 Language REG_SZ English.lng selectedrives REG_SZ C:\|D:\| HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware alwaysscanfiles REG_DWORD 1 alwaysscanheuristics REG_DWORD 1 alwaysscanmemory REG_DWORD 1 alwaysscanregistry REG_DWORD 1 alwaysscanstartups REG_DWORD 1 autosavelog REG_DWORD 1 openlog REG_DWORD 1 defaultscan REG_DWORD 0 terminateie REG_DWORD 0 HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware alwaysscanfiles REG_DWORD 1 alwaysscanheuristics REG_DWORD 1 alwaysscanmemory REG_DWORD 1 alwaysscanregistry REG_DWORD 1 alwaysscanstartups REG_DWORD 1 autosavelog REG_DWORD 1 openlog REG_DWORD 1 defaultscan REG_DWORD 0 terminateie REG_DWORD 0 HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1 Inno Setup: Setup Version REG_SZ 5.5.3-dev (a) Inno Setup: App Path REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware InstallLocation REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\ Inno Setup: Icon Group REG_SZ Malwarebytes' Anti-Malware Inno Setup: User REG_SZ PhillyT65 Inno Setup: Selected Tasks REG_DWORD 0 Inno Setup: Deselected Tasks REG_SZ desktopicon,quicklaunchicon Inno Setup: Language REG_SZ English DisplayName REG_SZ Malwarebytes Anti-Malware version 1.75.0.1300 DisplayIcon REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe UninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" QuietUninstallString REG_SZ "C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" /SILENT DisplayVersion REG_SZ 1.75.0.1300 Publisher REG_SZ Malwarebytes Corporation URLInfoAbout REG_SZ http://www.malwarebytes.org NoModify REG_DWORD 1 NoRepair REG_DWORD 1 InstallDate REG_SZ 20130410 MajorVersion REG_DWORD 1 MinorVersion REG_DWORD 75 EstimatedSize REG_DWORD 19743 Pending File Rename Operations: ================================ If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation. Scheduler Queue: ================ Scheduled Item: Scan Schedule Options: Full Scan | Weekly Start Time: 2013-05-10 03:00 Repeating Every: 1 Recover if missed by: 1 Scheduled Item: Scan Schedule Options: Flash Scan | Weekly Start Time: 2013-05-10 06:00 Repeating Every: 1 Recover if missed by: 1 Context Menu Entries: ===================== HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer (Default): REG_SZ MBAMExt.MBAMShlExt.1 HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1 (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID (Default): REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3} HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE} (Default): REG_SZ IMBAMShlExt HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32 (Default): REG_SZ {00020424-0000-0000-C000-000000000046} HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib (Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65} Version REG_SZ 1.0 HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} (Default): REG_SZ MBAMShlExt Class HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll ThreadingModel REG_SZ Apartment HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID (Default): REG_SZ MBAMExt.MBAMShlExt.1 HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib (Default): REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID (Default): REG_SZ MBAMExt.MBAMShlExt HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0 (Default): REG_SZ MBAMExt 1.0 Type Library HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0 HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65} HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0 (Default): REG_SZ MBAMExt 1.0 Type Library HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win64 (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS (Default): REG_SZ 0 HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR (Default): REG_SZ C:\Program Files (x86)\Malwarebytes' Anti-Malware MBAM Drivers: ============= C:\Windows\system32\drivers\mbam.sys File Size: 25928 BYTES FileVersion: 1.60.2.0 Required Dependencies: ====================== BFE: ============== Type : 32 State : 4 (The service is running.) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE DisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001 Group REG_SZ NetworkProvider ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002 ObjectName REG_SZ NT AUTHORITY\LocalService ErrorControl REG_DWORD 1 Start REG_DWORD 2 Type REG_DWORD 32 DependOnService REG_MULTI_SZ RpcSs ServiceSidType REG_DWORD 3 RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege FailureActions REG_BINARY Binary Data HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll ServiceDllUnloadOnStop REG_DWORD 1 ServiceMain REG_SZ BfeServiceMain fltmgr: ============== Type : 2 State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 SERVICE_EXIT_CODE : 0 CHECKPOINT : 0 WAIT_HINT : 0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr AttachWhenLoaded REG_DWORD 1 DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001 Group REG_SZ FSFilter Infrastructure ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000 ErrorControl REG_DWORD 3 Start REG_DWORD 0 Tag REG_DWORD 1 Type REG_DWORD 2 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum 0 REG_SZ Root\LEGACY_FLTMGR\0000 Count REG_DWORD 1 NextInstance REG_DWORD 1 C:\Windows\system32\drivers\fltmgr.sys File Size: 289664 BYTES FileVersion: 6.1.7601.17514 C:\Windows\SysWOW64\comctl32.ocx File Size: 608448 BYTES FileVersion: 6.0.81.5 C:\Windows\SysWOW64\mscomctl.ocx File Size: 1066176 BYTES FileVersion: 6.0.88.62 C:\Windows\SysWOW64\olepro32.dll File Size: 90112 BYTES FileVersion: 6.1.7601.17514 List of MBAM Related Directories: ================================= C:\Program Files (x86)\Malwarebytes' Anti-Malware 7z.dll File Size: 914432 BYTES FileVersion: 9.20.0.0 changes.txt File Size: 200 BYTES license.rtf File Size: 17916 BYTES mbam.chm File Size: 474148 BYTES mbam.dll File Size: 527944 BYTES FileVersion: 1.70.0.0 mbam.exe File Size: 887432 BYTES FileVersion: 1.75.0.1 mbamcore.dll File Size: 1127496 BYTES FileVersion: 1.70.0.0 mbamext.dll File Size: 93544 BYTES FileVersion: 1.70.0.0 mbamgui.exe File Size: 532040 BYTES FileVersion: 1.70.0.0 mbamnet.dll File Size: 2191944 BYTES FileVersion: 1.70.0.0 mbampt.exe File Size: 40008 BYTES FileVersion: 1.70.0.0 mbamscheduler.exe File Size: 418376 BYTES FileVersion: 1.70.0.0 mbamservice.exe File Size: 701512 BYTES FileVersion: 1.70.0.0 ssubtmr6.dll File Size: 46416 BYTES FileVersion: 1.1.0.3 unins000.dat File Size: 29883 BYTES unins000.exe File Size: 712264 BYTES FileVersion: 51.52.0.0 unins000.msg File Size: 11277 BYTES vbalsgrid6.ocx File Size: 496976 BYTES FileVersion: 2.0.0.40 C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon chameleon.chm File Size: 186068 BYTES firefox.com File Size: 218184 BYTES firefox.exe File Size: 218184 BYTES firefox.pif File Size: 218184 BYTES firefox.scr File Size: 218184 BYTES iexplore.exe File Size: 218184 BYTES mbam-chameleon.com File Size: 218184 BYTES mbam-chameleon.exe File Size: 218184 BYTES mbam-chameleon.pif File Size: 218184 BYTES mbam-chameleon.scr File Size: 218184 BYTES mbam-killer.exe File Size: 896072 BYTES rundll32.exe File Size: 218184 BYTES svchost.exe File Size: 218184 BYTES winlogon.exe File Size: 218184 BYTES C:\Program Files (x86)\Malwarebytes' Anti-Malware\Languages arabic.lng File Size: 21894 BYTES belarusian.lng File Size: 26884 BYTES bosnian.lng File Size: 27108 BYTES bulgarian.lng File Size: 27574 BYTES catalan.lng File Size: 28252 BYTES chineseSI.lng File Size: 11024 BYTES chineseTR.lng File Size: 11952 BYTES croatian.lng File Size: 26670 BYTES czech.lng File Size: 24874 BYTES danish.lng File Size: 26582 BYTES dutch.lng File Size: 28342 BYTES english.lng File Size: 24542 BYTES estonian.lng File Size: 25146 BYTES finnish.lng File Size: 25950 BYTES french.lng File Size: 29830 BYTES german.lng File Size: 29894 BYTES greek.lng File Size: 29300 BYTES hebrew.lng File Size: 19362 BYTES hungarian.lng File Size: 28666 BYTES indonesian.lng File Size: 26854 BYTES italian.lng File Size: 28194 BYTES japanese.lng File Size: 16266 BYTES korean.lng File Size: 14188 BYTES latvian.lng File Size: 27100 BYTES lithuanian.lng File Size: 27838 BYTES macedonian.lng File Size: 28864 BYTES norwegian.lng File Size: 25116 BYTES polish.lng File Size: 26644 BYTES portugueseBR.lng File Size: 28654 BYTES portuguesePT.lng File Size: 29062 BYTES romanian.lng File Size: 28290 BYTES russian.lng File Size: 27302 BYTES serbian.lng File Size: 26804 BYTES slovak.lng File Size: 25644 BYTES slovenian.lng File Size: 24852 BYTES spanish.lng File Size: 30060 BYTES swedish.lng File Size: 25992 BYTES thai.lng File Size: 26092 BYTES turkish.lng File Size: 25876 BYTES vietnamese.lng File Size: 29528 BYTES C:\Users\PhillyT65\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware C:\Users\PhillyT65\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs mbam-log-2013-05-17 (03-00-05).txt File Size: 1956 BYTES mbam-log-2013-05-17 (06-00-05).txt File Size: 1902 BYTES C:\Users\PhillyT65\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware exclusions.dat File Size: 2 BYTES mbam-setup.exe File Size: 10285040 BYTES FileVersion: 1.75.0.1300 rules.ref File Size: 6549969 BYTES C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration build.conf File Size: 140 BYTES config.conf File Size: 4076 BYTES custom.conf File Size: 20 BYTES database.conf File Size: 432 BYTES html.conf File Size: 2762 BYTES local.conf File Size: 1357 BYTES manifest.conf File Size: 1752 BYTES messaging.conf File Size: 1430 BYTES news.conf File Size: 363 BYTES C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs protection-log-2013-05-16.txt File Size: 488 BYTES protection-log-2013-05-17.txt File Size: 3278 BYTES protection-log-2013-05-18.txt File Size: 1746 BYTES C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine =============================================================== END OF FILE OK....NOW is it right ???

DAILY SCANS

Stick replied to Stick's topic in Malwarebytes for Windows Support Forum

DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16576 Run by PhillyT65 at 6:33:41 on 2013-05-19 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3571.1723 [GMT -5:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\msdtc.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\atieclxx.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\System32\spoolsv.exe C:\PROGRA~2\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://myyahoo.com/ uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe Trusted Zone: jeepin.com Trusted Zone: lisd.net DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{87F3F179-3F29-417B-92B7-FCFA92AA33B8} : DHCPNameServer = 192.168.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2012-2-29 82560] R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2012-2-29 42624] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-4 204288] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-31 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-31 701512] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 130008] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-11-4 1128952] R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-31 25928] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-5-16 533096] R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-11-4 47232] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-8 1255736] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-1-9 19456] S3 SIVDRIVER;SIV Kernel Driver;C:\Windows\System32\drivers\SIVX64.sys [2012-2-23 57312] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-1-9 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-1-9 30208] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-05-19 08:36:23 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF1D3C43-E33F-4BC7-8172-4802F3AEBEDF}\mpengine.dll 2013-05-19 05:38:50 9460464 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-05-18 01:14:44 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2013-05-18 01:04:31 2876528 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2013-05-18 01:04:21 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2013-05-15 04:45:20 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-05-15 04:45:20 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2013-05-15 04:45:20 144384 ----a-w- C:\Windows\System32\cdd.dll 2013-05-15 04:44:21 1930752 ----a-w- C:\Windows\System32\authui.dll 2013-05-15 04:44:20 70144 ----a-w- C:\Windows\System32\appinfo.dll 2013-05-15 04:44:20 1796096 ----a-w- C:\Windows\SysWow64\authui.dll 2013-05-15 04:44:20 111448 ----a-w- C:\Windows\System32\consent.exe 2013-05-15 04:43:48 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll 2013-05-15 04:43:48 230400 ----a-w- C:\Windows\System32\wwansvc.dll 2013-05-15 04:43:20 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-04-30 12:04:48 -------- d-----w- C:\Users\PhillyT65\AppData\Local\VS Revo Group 2013-04-30 12:04:43 -------- d-----w- C:\ProgramData\VS Revo Group 2013-04-29 22:56:39 165376 ----a-w- C:\Windows\SysWow64\unrar.dll 2013-04-29 22:56:34 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack 2013-04-29 22:55:23 -------- d-----w- C:\ProgramData\APN 2013-04-24 06:27:48 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1A1597EA-65CF-4C33-9588-B4F0BB09B735}\gapaengine.dll 2013-04-24 04:46:36 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys . ==================== Find3M ==================== . 2013-05-15 00:31:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-15 00:31:22 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll 2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll 2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-04-04 19:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe . ============= FINISH: 6:34:03.89 ===============. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 1/7/2013 3:24:28 PM System Uptime: 5/15/2013 3:24:49 AM (99 hours ago) . Motherboard: PEGATRON CORPORATION | | 2ACF Processor: AMD E2-3200 APU with Radeon HD Graphics | P0 | 2400/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 920 GiB total, 882.736 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.427 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP58: 4/24/2013 3:00:14 AM - Windows Update RP59: 4/27/2013 3:27:38 AM - Windows Update RP61: 4/30/2013 7:05:36 AM - Revo Uninstaller Pro's restore point - Free Opener RP62: 5/1/2013 1:21:14 AM - Windows Update RP63: 5/4/2013 1:21:55 PM - Windows Update RP64: 5/7/2013 4:58:43 PM - Windows Update RP66: 5/10/2013 5:50:27 AM - Revo Uninstaller Pro's restore point - PressReader RP67: 5/11/2013 12:57:27 AM - Windows Update RP68: 5/15/2013 12:39:58 AM - Windows Update RP69: 5/15/2013 3:00:13 AM - Windows Update RP70: 5/18/2013 3:36:33 AM - Windows Update . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX AMD APP SDK Runtime AMD Media Foundation Decoders AMD VISION Engine Control Center ATI Catalyst Install Manager Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help English D3DX10 ESET Online Scanner v3 Hewlett-Packard ACLM.NET v1.2.1.1 HP Auto HP Client Services HP Customer Experience Enhancements HP LinkUp HP MovieStore HP Odometer HP Setup HP Setup Manager HP Support Assistant HP Support Information HP Update HP Vision Hardware Diagnostics Junk Mail filter update K-Lite Codec Pack 7.0.0 (Standard) LabelPrint Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Mathematics Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) PDF Complete Special Edition PlayReady PC Runtime amd64 PlayReady PC Runtime x86 Power2Go Realtek High Definition Audio Driver Recovery Manager Remote Graphics Receiver RoxioNow Player Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Install Manager Yahoo! Messenger Yahoo! Software Update Zinio Reader 4 . ==== Event Viewer Messages From Past Week ======== . 5/18/2013 9:23:43 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user VIGGILANTE\PhillyT65 SID (S-1-5-21-3041398442-320649397-160515667-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 5/18/2013 9:23:43 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user VIGGILANTE\PhillyT65 SID (S-1-5-21-3041398442-320649397-160515667-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 5/15/2013 3:26:18 AM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 5/15/2013 3:26:17 AM, Error: Service Control Manager [7001] - The Routing and Remote Access service depends on the Remote Access Connection Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 5/15/2013 3:26:15 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect. 5/15/2013 3:26:15 AM, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 5/15/2013 3:25:42 AM, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration. . ==== End Of File =========================== Did I do it right??...

DAILY SCANS

Stick replied to Stick's topic in Malwarebytes for Windows Support Forum

I run a FULL SCAN DAILY @ 3:00AM ...This morning I had 2 scans run...One at 3:00AM...One at 6:00 AM Both were ROAMING SCANS.Both were identical.Protection Scan ran at 6:00AM with no issues.Is this normal ???

SIGNS

Stick posted a topic in Tailwaggers and Jokes

In a Podiatrist's office: "Time wounds all heels." (read it again) On a Septic Tank Truck: Yesterday's Meals on Wheels At a Proctologist's door: "To expedite your visit, please back in. " On a Plumber's truck: "We repair what your husband fixed." On another Plumber's truck: "Don't sleep with a drip. Call your plumber." At a Tire Shop in Milwaukee : "Invite us to your next blowout." At a Towing company: "We don't charge an arm and a leg. We want tows." On an Electrician's truck: "Let us remove your shorts." In a Non-smoking Area: "If we see smoke, we will assume you are on fire and take appropriate action." On a Maternity Room door: "Push. Push. Push." At an Optometrist's Office: "If you don't see what you're looking for, you've come to the right place." On a Taxidermist's window: "We really know our stuff." ************************** On a Fence: "Salesmen welcome! Dog food is expensive!" At a Car Dealership: "The best way to get back on your feet - miss a car payment." Outside a Muffler Shop: "No appointment necessary. We hear you coming." In a Veterinarian's waiting room: "Be back in 5 minutes. Sit! Stay!" At the Electric Company "We would be delighted if you send in your payment. However, if you don't, you will be." In a Restaurant window: "Don't stand there and be hungry; come on in and get fed up." In the front yard of a Funeral Home: "Drive carefully. We'll wait." At a Propane Filling Station: "Thank heaven for little grills." And don't forget the sign at a CHICAGO RADIATOR SHOP: "Best place in town to take a leak." Sign on the back of another Septic Tank Truck: "Caution - This Truck is full of Political Promises

May 12, 2013

DAILY SCANS

Stick replied to Stick's topic in Malwarebytes for Windows Support Forum

Will do...Thanks for the advice

DAILY SCANS

Stick posted a topic in Malwarebytes for Windows Support Forum

As of this morning my FULL SCAN will not start unless I do it manually.I do a FULL and a FLASH SCAN @ 2hrs apart

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

This mornings scan...I like it when there's no issues... Machine is runnin good...no issues so far.. My original concern was those OUTGOING IP BLOCKS other than that everything else is fine..."all the ducks are in a row"...Thats the way I like it Malwarebytes Anti-Malware (PRO) 1.70.0.1100 www.malwarebytes.org Database version: v2013.03.15.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 PhillyT65 :: VIGGILANTE [administrator] Protection: Enabled 3/15/2013 3:00:04 AM mbam-log-2013-03-15 (03-00-04).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 317048 Time elapsed: 40 minute(s), 22 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) 2013/03/15 01:55:28 -0500 VIGGILANTE PhillyT65 MESSAGE Executing scheduled update: Daily 2013/03/15 01:55:35 -0500 VIGGILANTE PhillyT65 MESSAGE Scheduled update executed successfully: database updated from version v2013.03.14.06 to version v2013.03.15.01 2013/03/15 01:55:35 -0500 VIGGILANTE PhillyT65 MESSAGE Starting database refresh 2013/03/15 01:55:35 -0500 VIGGILANTE PhillyT65 MESSAGE Stopping IP protection 2013/03/15 01:55:36 -0500 VIGGILANTE PhillyT65 MESSAGE IP Protection stopped successfully 2013/03/15 01:55:39 -0500 VIGGILANTE PhillyT65 MESSAGE Database refreshed successfully 2013/03/15 01:55:39 -0500 VIGGILANTE PhillyT65 MESSAGE Starting IP protection 2013/03/15 01:55:51 -0500 VIGGILANTE PhillyT65 MESSAGE IP Protection started successfully 2013/03/15 03:00:00 -0500 VIGGILANTE PhillyT65 MESSAGE Executing scheduled scan: Full Scan | Daily 2013/03/15 03:00:00 -0500 VIGGILANTE PhillyT65 MESSAGE Scheduled scan executed successfully 2013/03/15 07:39:40 -0500 VIGGILANTE PhillyT65 MESSAGE Starting database refresh 2013/03/15 07:39:40 -0500 VIGGILANTE PhillyT65 MESSAGE Stopping IP protection 2013/03/15 07:39:41 -0500 VIGGILANTE PhillyT65 MESSAGE IP Protection stopped successfully 2013/03/15 07:39:44 -0500 VIGGILANTE PhillyT65 MESSAGE Database refreshed successfully 2013/03/15 07:39:44 -0500 VIGGILANTE PhillyT65 MESSAGE Starting IP protection 2013/03/15 07:39:56 -0500 VIGGILANTE PhillyT65 MESSAGE IP Protection started successfully

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2013-03-13 11:38:28 ----------------------------- 11:38:28.620 OS Version: Windows x64 6.1.7601 Service Pack 1 11:38:28.635 Number of processors: 2 586 0x100 11:38:28.635 ComputerName: VIGGILANTE UserName: PhillyT65 11:38:31.896 Initialize success 11:38:45.952 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b 11:38:45.967 Disk 0 Vendor: ST310005 HP63 Size: 953869MB BusType: 11 11:38:45.983 Disk 0 MBR read successfully 11:38:45.999 Disk 0 MBR scan 11:38:45.999 Disk 0 Windows 7 default MBR code 11:38:46.014 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 98 MB offset 2048 11:38:46.030 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 941826 MB offset 208845 11:38:46.045 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 11939 MB offset 1929070592 11:38:46.092 Disk 0 scanning C:\Windows\system32\drivers 11:38:52.098 Service scanning 11:39:00.990 Modules scanning 11:39:01.006 Disk 0 trace - called modules: 11:39:01.021 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 11:39:01.021 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045fc060] 11:39:01.021 3 CLASSPNP.SYS[fffff8800145143f] -> nt!IofCallDriver -> [0xfffffa8004482ac0] 11:39:01.037 5 amd_xata.sys[fffff88001162d00] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa800447f420] 11:39:01.037 Scan finished successfully 11:39:30.256 Disk 0 MBR has been saved successfully to "C:\Users\PhillyT65\Documents\MBR.dat" 11:39:30.630 The log file has been saved successfully to "C:\Users\PhillyT65\Documents\aswMBR.txt" aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2013-03-13 13:40:00 ----------------------------- 13:40:00.270 OS Version: Windows x64 6.1.7601 Service Pack 1 13:40:00.270 Number of processors: 2 586 0x100 13:40:00.270 ComputerName: VIGGILANTE UserName: PhillyT65 13:40:04.092 Initialze error C000010E - driver not loaded 13:40:04.389 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process. 13:40:20.802 The log file has been saved successfully to "C:\Users\PhillyT65\Documents\aswMBR.txt"

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

Junkware Removal Tool (JRT) by Thisisu Version: 4.7.1 (03.12.2013:1) OS: Windows 7 Home Premium x64 Ran by PhillyT65 on Fri 03/15/2013 at 9:27:19.10 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670} Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827} Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827} Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\PhillyT65\appdata\local\visi_coupon" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 03/15/2013 at 9:35:50.62 End of JRT log Ran the J R T @ 10 min ago...

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

Ok...I've been kinda goin back n forth between MBAM...and BLEEPIN COMPUTER...to be honest I've tried everything that's been suggested on both sites...both have made good recomendation and so far nothing has come up on ANY of the scans guess I'll hafta keep an eyeball on the puter ...n see what's what....THANKS for the assistance I reallt appreciate the help

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

Just ran MBAM ANTI ROOKKIT....There was nothing found...

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

TDS Killer I've ran...Malware Bytes Anti-Rookkit not yet TDS also came up with nothing found

KATZS...or CATS either way

Stick posted a topic in Tailwaggers and Jokes

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

It would not download ...anyway I tried

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

Cannot get COMBO FIX in any way shape or form..What started all this is when my MABM runs @ 3am...I was at first getting 2013/03/08 08:13:33 -0600 VIGGILANTE PhillyT65 IP-BLOCK 31.133.33.44 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 08:13:41 -0600 VIGGILANTE PhillyT65 IP-BLOCK 31.133.33.44 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 08:13:41 -0600 VIGGILANTE PhillyT65 IP-BLOCK 31.133.33.44 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 08:13:49 -0600 VIGGILANTE PhillyT65 IP-BLOCK 31.133.33.44 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 11:23:11 -0600 VIGGILANTE PhillyT65 IP-BLOCK 222.69.194.141 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 11:23:11 -0600 VIGGILANTE PhillyT65 IP-BLOCK 222.69.194.141 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 11:23:19 -0600 VIGGILANTE PhillyT65 IP-BLOCK 222.69.194.141 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 11:23:19 -0600 VIGGILANTE PhillyT65 IP-BLOCK 222.69.194.141 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 20:33:41 -0600 VIGGILANTE PhillyT65 IP-BLOCK 218.9.122.184 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 20:33:41 -0600 VIGGILANTE PhillyT65 IP-BLOCK 218.9.122.184 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 20:33:41 -0600 VIGGILANTE PhillyT65 IP-BLOCK 218.9.122.184 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 20:33:49 -0600 VIGGILANTE PhillyT65 IP-BLOCK 218.9.122.184 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 21:17:14 -0600 VIGGILANTE PhillyT65 IP-BLOCK 218.9.122.184 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 21:17:22 -0600 VIGGILANTE PhillyT65 IP-BLOCK 218.9.122.184 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 21:17:22 -0600 VIGGILANTE PhillyT65 IP-BLOCK 218.9.122.184 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 21:17:22 -0600 VIGGILANTE PhillyT65 IP-BLOCK 218.9.122.184 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 23:45:20 -0600 VIGGILANTE PhillyT65 IP-BLOCK 222.69.15.236 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 23:45:20 -0600 VIGGILANTE PhillyT65 IP-BLOCK 222.69.15.236 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 23:45:29 -0600 VIGGILANTE PhillyT65 IP-BLOCK 222.69.15.236 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 23:54:25 -0600 VIGGILANTE PhillyT65 IP-BLOCK 91.214.46.213 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 23:54:33 -0600 VIGGILANTE PhillyT65 IP-BLOCK 91.214.46.213 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 23:54:33 -0600 VIGGILANTE PhillyT65 IP-BLOCK 91.214.46.213 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 23:54:33 -0600 VIGGILANTE PhillyT65 IP-BLOCK 91.214.46.213 (Type: outgoing, Port: 51901, Process: svchost.exe) At least this many on a daily basis...but since then it has narrowed way down to basically 1 IP with maybe 4-5 like the above.. So for now I'll just keep an eyeball on the situation and keep track of the scans..I do appreciate your help with this and should the need arise again I'll be back The computer hasn't really been slow at all and there have been no popups other than on my trusted sites..

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

Publisher of COMBO FIX couldn't be veridied,,Bleeping Computer link..smart screen filter is OFF Link 2 is in Spanish Link 3 just didn't look right to me All the other stuff I've downloaded can I delete that since I've already sent the files Is Combo Fix for XP only...I'm runnin Winders 7 Home Premium

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

SECURITY CHECK Results of screen317's Security Check version 0.99.61 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

Also got... # AdwCleaner v2.114 - Logfile created 03/11/2013 at 15:10:00 # Updated 05/03/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : PhillyT65 - VIGGILANTE # Boot Mode : Normal # Running from : C:\Users\PhillyT65\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Found : HKU\S-1-5-21-3041398442-320649397-160515667-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} ***** [internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16464 [OK] Registry is clean. ************************* AdwCleaner[R1].txt - [1271 octets] - [11/03/2013 15:10:00] ########## EOF - C:\AdwCleaner[R1].txt - [1331 octets] ##########

DDS and ATTACH FILES

Stick replied to Stick's topic in Resolved Malware Removal Logs

Why do I get..."SecurityCheck(2).exe is not commonly down loaded and could harm your computer"...in RED ???

DDS and ATTACH FILES

Stick posted a topic in Resolved Malware Removal Logs

I have been getting ...more times than listed :2013/03/08 08:13:33 -0600 VIGGILANTE PhillyT65 IP-BLOCK 31.133.33.44 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 08:13:41 -0600 VIGGILANTE PhillyT65 IP-BLOCK 31.133.33.44 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 08:13:41 -0600 VIGGILANTE PhillyT65 IP-BLOCK 31.133.33.44 (Type: outgoing, Port: 51901, Process: svchost.exe) 2013/03/08 08:13:49 -0600 VIGGILANTE PhillyT65 IP-BLOCK 31.133.33.44 (Type: outgoing, Port: 51901, Process: svchost.exe) Here is DDS and ATTACH files DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16464 Run by PhillyT65 at 10:33:58 on 2013-03-11 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3571.2124 [GMT -5:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k defragsvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\System32\msdtc.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\System32\WUDFHost.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Internet Explorer\IELowutil.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_171_ActiveX.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://my.yahoo.com/ uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> ATTACH FILE . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 1/7/2013 3:24:28 PM System Uptime: 3/10/2013 12:52:39 PM (22 hours ago) . Motherboard: PEGATRON CORPORATION | | 2ACF Processor: AMD E2-3200 APU with Radeon HD Graphics | P0 | 2400/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 920 GiB total, 882.837 GiB free. D: is FIXED (NTFS) - 12 GiB total, 1.427 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP29: 2/23/2013 1:14:33 AM - Windows Update RP30: 2/26/2013 1:22:32 AM - Windows Update RP31: 2/26/2013 9:16:47 PM - Windows Update RP32: 3/2/2013 1:11:52 AM - Windows Update RP33: 3/3/2013 11:17:29 AM - Removed Blio. RP34: 3/5/2013 5:44:39 PM - Windows Update RP35: 3/9/2013 12:46:05 AM - Windows Update RP36: 3/9/2013 8:05:43 AM - Removed Norton Online Backup RP37: 3/10/2013 12:50:57 PM - Removed Microsoft Office 2010 RP38: 3/10/2013 12:51:35 PM - Removed Microsoft Office Click-to-Run 2010 . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX Agatha Christie - Peril at End House AMD APP SDK Runtime AMD Media Foundation Decoders AMD VISION Engine Control Center ATI Catalyst Install Manager Bejeweled 3 Blackhawk Striker 2 Blasterball 3 Bounce Symphony Cake Mania Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chronicles of Albian Chuzzle Deluxe Cradle of Rome 2 D3DX10 Farm Frenzy FATE FileASSASSIN Governor of Poker 2 Premium Edition Hewlett-Packard ACLM.NET v1.2.1.1 HP Auto HP Client Services HP Customer Experience Enhancements HP Games HP LinkUp HP MovieStore HP Odometer HP Setup HP Setup Manager HP Support Assistant HP Support Information HP Update HP Vision Hardware Diagnostics Jewel Quest: The Sleepless Star - Collector's Edition Junk Mail filter update LabelPrint Mah Jong Medley Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Mathematics Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery of Mortlake Mansion Namco All-Stars: PAC-MAN PDF Complete Special Edition Penguins! Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer Power2Go PressReader Realtek High Definition Audio Driver Recovery Manager Remote Graphics Receiver RoxioNow Player Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Slingo Supreme Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Vacation Quest - The Hawaiian Islands Virtual Villagers 5 - New Believers WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Yahoo! Install Manager Yahoo! Messenger Yahoo! Software Update Zinio Reader 4 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 3/9/2013 8:10:03 AM, Error: Service Control Manager [7022] - The Diagnostic Service Host service hung on starting. 3/7/2013 4:16:57 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user VIGGILANTE\PhillyT65 SID (S-1-5-21-3041398442-320649397-160515667-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/11/2013 8:55:58 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user VIGGILANTE\PhillyT65 SID (S-1-5-21-3041398442-320649397-160515667-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/11/2013 8:55:58 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user VIGGILANTE\PhillyT65 SID (S-1-5-21-3041398442-320649397-160515667-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/10/2013 12:53:33 PM, Error: Service Control Manager [7001] - The Routing and Remote Access service depends on the Remote Access Connection Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 3/10/2013 12:53:33 PM, Error: Service Control Manager [7001] - The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 3/10/2013 12:53:31 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Software Framework Service service to connect. 3/10/2013 12:53:31 PM, Error: Service Control Manager [7000] - The HP Software Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/10/2013 12:53:00 PM, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.

Malwarebytes & Norton 360

Stick replied to Sara22's topic in Malwarebytes for Windows Support Forum

Norton expires...in 2 days...I set it to run once a week...MBAM runs every morning..I can't tell IF or WHEN MSE has run...not even sure it does...but have not had any issues..get an occasional : (2013/03/06 03:54:18 -0600 XXXXXXXXXX XXXX IP-BLOCK 222.71.229.49 (Type: outgoing, Port: 51901, Process: svchost.exe) from MBAM..these are random...some times 2-3 and usually wording I have manually run MSE and came up with no instances or notifications as to any kind of malware or viruses... So would it be ok to keep MSE and MBAM...with MBAM being my choice for full scans??

Malwarebytes & Norton 360

Stick replied to Sara22's topic in Malwarebytes for Windows Support Forum

My Norton is going to be expired...I am currently running MBAM and MSE...is this going to cause issues if I do not keep Norton.. Norton came loaded with the machine when I bought it..

3 MOST FEARED WORDS

Stick replied to Stick's topic in Tailwaggers and Jokes

Yeah...but it takes a lil longer to find that out...unless there's a POLIROID camera in there somewhere

3 MOST FEARED WORDS

Stick posted a topic in Tailwaggers and Jokes

The 3 MOST FEARED WORDS AT THE END OF A DATE........ "That's him officer"

COURT SETTLEMENT

Stick posted a topic in Tailwaggers and Jokes

A piece heard on the radio from a court settlement "Such news of an amicable settlement (has) made this Court happier than a tick on a fat dog because it is otherwise busier than a one legged cat in a sand box and, quite frankly would have rather jumped naked off a twelve foot step ladder into a five gallon bucket of porcupines than have presided over a two week trial of the herein dispute, a trial which, no doubt would have made the jury more confused than a hungry baby in a topless bar and made the parties and their attorneys madder than mosquitoes in a mannequin factory

Events

Profiles

Forums

Everything posted by Stick

Important Information