Jump to content

Scheduled scan not running after Windows files repaired


Recommended Posts

I recently had some corrupted Windows (Vista) files fixed by a local computer repair place. After that, my scheduled nighlty MBAM update and full scan stopped functioning. Yesterday I downloaded the MBAM clean removal tool and removed and reinstalled the program. I entered the ID and Key I'd received for the Pro version and scheduled a new nightly update and scan. It looks like the update occured as scheduled but that the scan did not. Any suggestions? Thanks.

Link to post
Share on other sites

Hello and :welcome:

Sorry your having issues with MBAM. In order to get to the bottom of this please provide the scans below.

Please run the tools below and ATTACH (do not copy and paste) the logs so someone can better assist you.

Please post an mbam-check log:

Create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please attach the CheckResults.txt file which should now be located on your desktop to your next reply
Next:

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply: DDS.txt and Attach.txt

    You can ignore the note about zipping the Attach.txt file in most cases.

Link to post
Share on other sites

Thank you. An error message tells me that posting all 3 files is too long a post, so I'll post 1 at a time.

 

CheckResults.txt

 

mbam-check result log version: 2.0.0.1000

Malwarebytes Version: REG_SZ        1.75.0.1300

Date Log Created: 09/11/13
Time Log Created: 11:43:25

User Account type: Administrator

32 bit Operating System

Product Name: REG_SZ        Windows Vista Ultimate

Current Build Number: 6002

Current Version Number: 6.0

Current CSDVersion: Service Pack 2

Proxy Status: No proxy is Set

LAN Settings:
=============

No Settings are Set        <--NOT DETECTING SETTING AUTOMATICALLY

SystemPartition:
================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\
    SystemPartition    REG_SZ        \Device\HarddiskVolume3

Balloon Tips Status:
====================

Enabled

Time Format Settings:
=====================

Should be:
        h:mm:ss tt
        AM
        PM
        :

Currently:
REG_SZ        h:mm:ss tt
REG_SZ        AM
REG_SZ        PM
REG_SZ        :

Language and Regional Settings:
===============================

ACP:     Language is English (United States)
MACCP:     Language is English (United States)
OEMCP:     Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:
====================================================

All Users Startup Folder Exists.
Current User's Startup Folder Exists.


Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================

TERMService:
==============
Type             : 32
State             : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE        : 0
SERVICE_EXIT_CODE    : 0
CHECKPOINT        : 0
WAIT_HINT        : 0


TermService Start is set to: 2 (Automatic Startup)

Compatibility Flag Settings (Any MBAM file listings should be removed):
=======================================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exeREG_SZ        ELEVATECREATEPROCESS
    c:\Program Files\Corel\CorelDRAW Graphics Suite X4\PROGRAMS\CORELDRW.EXEREG_SZ        DISABLECICERO
    c:\Program Files\Corel\CorelDRAW Graphics Suite X4\PROGRAMS\CORELPP.EXEREG_SZ        DISABLECICERO
    C:\Program Files\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exeREG_SZ        WINXPSP2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
    C:\Program Files\Client Bookkeeping Solution\CbsApp.exeREG_SZ        ELEVATECREATEPROCESS



Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================



MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
    Malwarebytes Anti-Malware     REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

Service and Driver Status:
==========================

MBAMProtector:
==============
Type             : 2
State             : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE        : 0
SERVICE_EXIT_CODE    : 0
CHECKPOINT        : 0
WAIT_HINT        : 0


MBAMService:
==============
Type             : 16
State             : 4 (The service is running.)
WIN32_EXIT_CODE        : 0
SERVICE_EXIT_CODE    : 0
CHECKPOINT        : 0
WAIT_HINT        : 0


MBAMScheduler:
==============
Type             : 16
State             : 4 (The service is running.)
WIN32_EXIT_CODE        : 0
SERVICE_EXIT_CODE    : 0
CHECKPOINT        : 0
WAIT_HINT        : 0


        <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon


MBAMProtector Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
    Type                          REG_DWORD        2
    Start                         REG_DWORD        3
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    \??\C:\Windows\system32\drivers\mbam.sys
    Group                         REG_SZ        FSFilter Anti-Virus
    DependOnService               REG_MULTI_SZ    FltMgr

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
    DefaultInstance               REG_SZ        MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
    Altitude                      REG_SZ        328800
    Flags                         REG_DWORD        0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
    0                             REG_SZ        Root\LEGACY_MBAMPROTECTOR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1
MBAMService Registry Values:
============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
    Type                          REG_DWORD        16
    Start                         REG_DWORD        2
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"
    DependOnService               REG_MULTI_SZ    MBAMProtector

    ObjectName                    REG_SZ        LocalSystem
    Description                   REG_SZ        Malwarebytes Anti-Malware service
    DelayedAutostart              REG_DWORD        0
MBAMScheduler Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
    Type                          REG_DWORD        16
    Start                         REG_DWORD        2
    ErrorControl                  REG_DWORD        1
    ImagePath                     REG_EXPAND_SZ    "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe"
    ObjectName                    REG_SZ        LocalSystem
    Description                   REG_SZ        Malwarebytes Anti-Malware scheduler
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler\Enum
    0                             REG_SZ        Root\LEGACY_MBAMSCHEDULER\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1

MBAM DLL's and Runtime Files:
=============================

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid
    (Default):                    REG_SZ        vbAccelerator Grid Control
HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid
    (Default):                    REG_SZ        {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass
    (Default):                    REG_SZ        SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid
    (Default):                    REG_SZ        {71A27032-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.CTimer
    (Default):                    REG_SZ        SSubTimer6.CTimer
HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid
    (Default):                    REG_SZ        {71A27034-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass
    (Default):                    REG_SZ        SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid
    (Default):                    REG_SZ        {71A2702F-C7D8-11D2-BEF8-525400DFB47A}



HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}
    (Default):                    REG_SZ        SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID
    (Default):                    REG_SZ        SSubTimer6.ISubclass
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
    (Default):                    REG_SZ        {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION
    (Default):                    REG_SZ        1.0

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}
    (Default):                    REG_SZ        SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
    ThreadingModel                REG_SZ        Apartment
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID
    (Default):                    REG_SZ        SSubTimer6.GSubclass
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
    (Default):                    REG_SZ        {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION
    (Default):                    REG_SZ        1.0

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}
    (Default):                    REG_SZ        SSubTimer6.CTimer
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
    ThreadingModel                REG_SZ        Apartment
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID
    (Default):                    REG_SZ        SSubTimer6.CTimer
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
    (Default):                    REG_SZ        {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION
    (Default):                    REG_SZ        1.0



HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1
    (Default):                    REG_SZ        vbAccelerator VB6 SGrid Control 2.0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS
    (Default):                    REG_SZ        2
HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0
    (Default):                    REG_SZ        vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS
    (Default):                    REG_SZ        0
HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}
    (Default):                    REG_SZ        ISubclass
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
    (Default):                    REG_SZ        {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
    (Default):                    REG_SZ        {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
    (Default):                    REG_SZ        {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
    Version                       REG_SZ        1.0

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}
    (Default):                    REG_SZ        CTimer
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid
    (Default):                    REG_SZ        {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32
    (Default):                    REG_SZ        {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib
    (Default):                    REG_SZ        {71A2702D-C7D8-11D2-BEF8-525400DFB47A}
    Version                       REG_SZ        1.0

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}
    (Default):                    REG_SZ        vbalGrid
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid
    (Default):                    REG_SZ        {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32
    (Default):                    REG_SZ        {00020420-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib
    (Default):                    REG_SZ        {DE8CE233-DD83-481D-844C-C07B96589D3A}
    Version                       REG_SZ        1.1

MBAM Registry Settings and License Info:
========================================

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware
    advancedheuristics            REG_DWORD        1
    downloadprogram               REG_DWORD        1
    hidereg                       REG_DWORD        0
    detectp2p                     REG_DWORD        0
    detectpum                     REG_DWORD        1
    detectpup                     REG_DWORD        2
    updatewarn                    REG_DWORD        1
    updatewarndays                REG_DWORD        7
    useproxy                      REG_DWORD        0
    useauthentication             REG_DWORD        0
    contextmenu                   REG_DWORD        1
    reportthreats                 REG_DWORD        1
    startwithwindows              REG_DWORD        1
    startfsdisabled               REG_DWORD        0
    startipdisabled               REG_DWORD        0
    silentipmode                  REG_DWORD        0
    autoquarantine                REG_DWORD        1
    notifyinstallprogram          REG_DWORD        1
    trialpromptshown              REG_DWORD        0
    autoquarantinenotify          REG_DWORD        1
    alwaysscanarchives            REG_DWORD        1
    InstallPath                   REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware
    dbdate                        REG_SZ        Tue, 10 Sep 2013 19:29:52 GMT
    dbversion                     REG_SZ        v2013.09.10.10
    programversion                REG_SZ        1.75.0.1300
    programbuild                  REG_SZ        consumer
    ID                            XXXXX-XXXXX    This is hidden data.
    Key                           XXXX-XXXX-XXXX-XXXX    This is hidden data.
    SchedulerQueue                REG_MULTI_SZ    2101252, 30322309, 305793536, 1, 10 | 30322343, 3489521475
                            6307844, 30322317, 1946055168, 1, 10 | 0, 0




HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware
    alwaysscanfiles               REG_DWORD        1
    alwaysscanheuristics          REG_DWORD        1
    alwaysscanmemory              REG_DWORD        1
    alwaysscanregistry            REG_DWORD        1
    alwaysscanstartups            REG_DWORD        1
    autosavelog                   REG_DWORD        1
    openlog                       REG_DWORD        1
    defaultscan                   REG_DWORD        0
    terminateie                   REG_DWORD        0
    Language                      REG_SZ        English.lng
    selectedrives                 REG_SZ        C:\|D:\|G:\|
HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware
    alwaysscanfiles               REG_DWORD        1
    alwaysscanheuristics          REG_DWORD        1
    alwaysscanmemory              REG_DWORD        1
    alwaysscanregistry            REG_DWORD        1
    alwaysscanstartups            REG_DWORD        1
    autosavelog                   REG_DWORD        1
    openlog                       REG_DWORD        1
    defaultscan                   REG_DWORD        0
    terminateie                   REG_DWORD        0
HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware
    alwaysscanfiles               REG_DWORD        1
    alwaysscanheuristics          REG_DWORD        1
    alwaysscanmemory              REG_DWORD        1
    alwaysscanregistry            REG_DWORD        1
    alwaysscanstartups            REG_DWORD        1
    autosavelog                   REG_DWORD        1
    openlog                       REG_DWORD        1
    defaultscan                   REG_DWORD        0
    terminateie                   REG_DWORD        0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1
    Inno Setup: Setup Version     REG_SZ        5.5.3-dev (a)
    Inno Setup: App Path          REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware
    InstallLocation               REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware\
    Inno Setup: Icon Group        REG_SZ        Malwarebytes' Anti-Malware
    Inno Setup: User              REG_SZ        me
    Inno Setup: Selected Tasks    REG_SZ        desktopicon
    Inno Setup: Deselected Tasks  REG_SZ        quicklaunchicon
    Inno Setup: Language          REG_SZ        English
    DisplayName                   REG_SZ        Malwarebytes Anti-Malware version 1.75.0.1300
    DisplayIcon                   REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    UninstallString               REG_SZ        "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    QuietUninstallString          REG_SZ        "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" /SILENT
    DisplayVersion                REG_SZ        1.75.0.1300
    Publisher                     REG_SZ        Malwarebytes Corporation
    URLInfoAbout                  REG_SZ        http://www.malwarebytes.org
    NoModify                      REG_DWORD        1
    NoRepair                      REG_DWORD        1
    InstallDate                   REG_SZ        20130910
    MajorVersion                  REG_DWORD        1
    MinorVersion                  REG_DWORD        75

Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

Scheduler Queue:
================

Scheduled Item: Update     Schedule Options:    | Daily    | Wake From Sleep    
Start Time: 2013-09-11 00:23     Repeating Every: 1     Recover if missed by: 10
Scheduled Item: Scan     Schedule Options:    Full Scan    | Daily    | Scan Remove    | Wake From Sleep    
Start Time: 2013-09-11 01:23     Repeating Every: 1     Recover if missed by: 10



Context Menu Entries:
=====================

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt
    (Default):                    REG_SZ        {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt
    (Default):                    REG_SZ        {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt
    (Default):                    REG_SZ        MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID
    (Default):                    REG_SZ        {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer
    (Default):                    REG_SZ        MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1
    (Default):                    REG_SZ        MBAMShlExt Class
HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID
    (Default):                    REG_SZ        {57CE581A-0CB6-4266-9CA0-19364C90A0B3}


HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}
    (Default):                    REG_SZ        IMBAMShlExt
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid
    (Default):                    REG_SZ        {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32
    (Default):                    REG_SZ        {00020424-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib
    (Default):                    REG_SZ        {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
    Version                       REG_SZ        1.0
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
    (Default):                    REG_SZ        MBAMShlExt Class
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
    ThreadingModel                REG_SZ        Apartment
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID
    (Default):                    REG_SZ        MBAMExt.MBAMShlExt.1
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib
    (Default):                    REG_SZ        {AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID
    (Default):                    REG_SZ        MBAMExt.MBAMShlExt

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0
    (Default):                    REG_SZ        MBAMExt 1.0 Type Library
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS
    (Default):                    REG_SZ        0
HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR
    (Default):                    REG_SZ        C:\Program Files\Malwarebytes' Anti-Malware



MBAM Drivers:
=============

C:\Windows\system32\drivers\mbam.sys    File Size: 22856     BYTES    FileVersion: 1.60.2.0


Required Dependencies:
======================

BFE:
==============
Type             : 32
State             : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE        : 0
SERVICE_EXIT_CODE    : 0
CHECKPOINT        : 0
WAIT_HINT        : 0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
    DisplayName                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1001
    Group                         REG_SZ        NetworkProvider
    ImagePath                     REG_EXPAND_SZ    %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
    Description                   REG_SZ        @%SystemRoot%\system32\bfe.dll,-1002
    ObjectName                    REG_SZ        NT AUTHORITY\LocalService
    ErrorControl                  REG_DWORD        1
    Start                         REG_DWORD        2
    Type                          REG_DWORD        32
    DependOnService               REG_MULTI_SZ    RpcSs

    ServiceSidType                REG_DWORD        3
    RequiredPrivileges            REG_MULTI_SZ    SeAuditPrivilege
                            SeImpersonatePrivilege

    FailureActions                REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
    ServiceDll                    REG_EXPAND_SZ    %SystemRoot%\System32\bfe.dll
    ServiceDllUnloadOnStop        REG_DWORD        1
    ServiceMain                   REG_SZ        BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY    Binary Data

    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY    Binary Data

    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY    Binary Data

    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY    Binary Data

    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY    Binary Data

    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY    Binary Data

    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY    Binary Data

    {2729ee66-d21e-4f00-b440-b11f9e8b1bc4}REG_BINARY    Binary Data

    {a5f7f5de-ff63-4626-bb95-a6b1c6ec65d0}REG_BINARY    Binary Data

    {7e07c361-3d1a-4c91-ba62-8553922c464b}REG_BINARY    Binary Data

    {a78018b0-7397-45e7-886d-2fc6e7a878cf}REG_BINARY    Binary Data

    {0aa8b2a7-d8e6-4574-8b79-5389071e8fa2}REG_BINARY    Binary Data

    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY    Binary Data

    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY    Binary Data

    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY    Binary Data

    {790018f5-8e05-4a78-88ac-ebc35a2e5ee5}REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
    {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY    Binary Data

    {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY    Binary Data

    {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY    Binary Data

    {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY    Binary Data

    {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY    Binary Data

    {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY    Binary Data

    {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY    Binary Data

    {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY    Binary Data

    {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY    Binary Data

    {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY    Binary Data

    {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY    Binary Data

    {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY    Binary Data

    {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY    Binary Data

    {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY    Binary Data

    {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY    Binary Data

    {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY    Binary Data

    {3cd72f71-3c6e-49fd-b77c-4e58456a8d7a}REG_BINARY    Binary Data

    {55208d43-d432-42a7-a38a-c3d2a6461f78}REG_BINARY    Binary Data

    {25434595-0231-4312-81d8-e3e7e2cb81e3}REG_BINARY    Binary Data

    {76e819cb-d317-4f73-af11-ee05d19211c5}REG_BINARY    Binary Data

    {877a423b-9710-4a3e-beb6-0a8cfebdc642}REG_BINARY    Binary Data

    {2729ee66-d21e-4f00-b440-b11f9e8b1bc4}REG_BINARY    Binary Data

    {a5f7f5de-ff63-4626-bb95-a6b1c6ec65d0}REG_BINARY    Binary Data

    {7e07c361-3d1a-4c91-ba62-8553922c464b}REG_BINARY    Binary Data

    {a78018b0-7397-45e7-886d-2fc6e7a878cf}REG_BINARY    Binary Data

    {0aa8b2a7-d8e6-4574-8b79-5389071e8fa2}REG_BINARY    Binary Data

    {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY    Binary Data

    {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY    Binary Data

    {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY    Binary Data

    {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY    Binary Data

    {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY    Binary Data

    {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY    Binary Data

    {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY    Binary Data

    {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY    Binary Data

    {b232d62d-7510-4cff-94a1-7fa9f3353a3f}REG_BINARY    Binary Data

    {790018f5-8e05-4a78-88ac-ebc35a2e5ee5}REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
    {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY    Binary Data

    {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY    Binary Data

    {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY    Binary Data

    {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY    Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
    {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY    Binary Data

    {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY    Binary Data

fltmgr:
==============
Type             : 2
State             : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE        : 0
SERVICE_EXIT_CODE    : 0
CHECKPOINT        : 0
WAIT_HINT        : 0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
    AttachWhenLoaded              REG_DWORD        1
    DisplayName                   REG_SZ        FltMgr
    Group                         REG_SZ        FSFilter Infrastructure
    ImagePath                     REG_EXPAND_SZ    system32\drivers\fltmgr.sys
    Description                   REG_SZ        File System Filter Manager Driver
    ErrorControl                  REG_DWORD        3
    Start                         REG_DWORD        0
    Tag                           REG_DWORD        1
    Type                          REG_DWORD        2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
    0                             REG_SZ        Root\LEGACY_FLTMGR\0000
    Count                         REG_DWORD        1
    NextInstance                  REG_DWORD        1
C:\Windows\system32\drivers\fltmgr.sys    File Size: 190424    BYTES    FileVersion: 6.0.6002.18005
C:\Windows\system32\comctl32.ocx    File Size: 608448    BYTES    FileVersion: 6.0.81.5
C:\Windows\system32\mscomctl.ocx    File Size: 1070152   BYTES    FileVersion: 6.1.98.34
C:\Windows\system32\olepro32.dll    File Size: 88576     BYTES    FileVersion: 6.0.6002.18005


List of MBAM Related Directories:
=================================

C:\Program Files\Malwarebytes' Anti-Malware
7z.dll                            File Size:    914432 BYTES    FileVersion: 9.20.0.0
changes.txt                       File Size:       200 BYTES
license.rtf                       File Size:     17916 BYTES
mbam.chm                          File Size:    474148 BYTES
mbam.dll                          File Size:    527944 BYTES    FileVersion: 1.70.0.0
mbam.exe                          File Size:    887432 BYTES    FileVersion: 1.75.0.1
mbamcore.dll                      File Size:   1127496 BYTES    FileVersion: 1.70.0.0
mbamext.dll                       File Size:     80968 BYTES    FileVersion: 1.70.0.0
mbamgui.exe                       File Size:    532040 BYTES    FileVersion: 1.70.0.0
mbamnet.dll                       File Size:   2191944 BYTES    FileVersion: 1.70.0.0
mbampt.exe                        File Size:     40008 BYTES    FileVersion: 1.70.0.0
mbamscheduler.exe                 File Size:    418376 BYTES    FileVersion: 1.70.0.0
mbamservice.exe                   File Size:    701512 BYTES    FileVersion: 1.70.0.0
ssubtmr6.dll                      File Size:     46416 BYTES    FileVersion: 1.1.0.3
unins000.dat                      File Size:     15078 BYTES
unins000.exe                      File Size:    712264 BYTES    FileVersion: 51.52.0.0
unins000.msg                      File Size:     11277 BYTES
vbalsgrid6.ocx                    File Size:    496976 BYTES    FileVersion: 2.0.0.40

C:\Program Files\Malwarebytes' Anti-Malware\Chameleon
chameleon.chm                     File Size:    186068 BYTES
firefox.com                       File Size:    218184 BYTES
firefox.exe                       File Size:    218184 BYTES
firefox.pif                       File Size:    218184 BYTES
firefox.scr                       File Size:    218184 BYTES
iexplore.exe                      File Size:    218184 BYTES
mbam-chameleon.com                File Size:    218184 BYTES
mbam-chameleon.exe                File Size:    218184 BYTES
mbam-chameleon.pif                File Size:    218184 BYTES
mbam-chameleon.scr                File Size:    218184 BYTES
mbam-killer.exe                   File Size:    896072 BYTES
rundll32.exe                      File Size:    218184 BYTES
svchost.exe                       File Size:    218184 BYTES
winlogon.exe                      File Size:    218184 BYTES

C:\Program Files\Malwarebytes' Anti-Malware\Languages
arabic.lng                        File Size:     21894 BYTES
belarusian.lng                    File Size:     26884 BYTES
bosnian.lng                       File Size:     27108 BYTES
bulgarian.lng                     File Size:     27574 BYTES
catalan.lng                       File Size:     28252 BYTES
chineseSI.lng                     File Size:     11024 BYTES
chineseTR.lng                     File Size:     11952 BYTES
croatian.lng                      File Size:     26670 BYTES
czech.lng                         File Size:     24874 BYTES
danish.lng                        File Size:     26582 BYTES
dutch.lng                         File Size:     28342 BYTES
english.lng                       File Size:     24542 BYTES
estonian.lng                      File Size:     25146 BYTES
finnish.lng                       File Size:     25950 BYTES
french.lng                        File Size:     29830 BYTES
german.lng                        File Size:     29894 BYTES
greek.lng                         File Size:     29300 BYTES
hebrew.lng                        File Size:     19362 BYTES
hungarian.lng                     File Size:     28666 BYTES
indonesian.lng                    File Size:     26854 BYTES
italian.lng                       File Size:     28194 BYTES
japanese.lng                      File Size:     16266 BYTES
korean.lng                        File Size:     14188 BYTES
latvian.lng                       File Size:     27100 BYTES
lithuanian.lng                    File Size:     27838 BYTES
norwegian.lng                     File Size:     25116 BYTES
polish.lng                        File Size:     26644 BYTES
portugueseBR.lng                  File Size:     28654 BYTES
portuguesePT.lng                  File Size:     29062 BYTES
romanian.lng                      File Size:     28290 BYTES
russian.lng                       File Size:     27302 BYTES
serbian.lng                       File Size:     26804 BYTES
slovak.lng                        File Size:     25644 BYTES
slovenian.lng                     File Size:     24852 BYTES
spanish.lng                       File Size:     30060 BYTES
swedish.lng                       File Size:     25992 BYTES
thai.lng                          File Size:     26092 BYTES
turkish.lng                       File Size:     25876 BYTES
vietnamese.lng                    File Size:     29528 BYTES

C:\Users\me\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware

C:\Users\me\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
mbam-log-2013-09-11 (11-27-57).txt    File Size:      1916 BYTES

C:\Users\me\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware
rules.ref                         File Size:   6843407 BYTES

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration
build.conf                        File Size:       140 BYTES
config.conf                       File Size:      4076 BYTES
custom.conf                       File Size:        20 BYTES
database.conf                     File Size:       432 BYTES
html.conf                         File Size:      2904 BYTES
local.conf                        File Size:       768 BYTES
manifest.conf                     File Size:      1752 BYTES
messaging.conf                    File Size:      1430 BYTES
news.conf                         File Size:       272 BYTES

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs
protection-log-2013-09-10.txt     File Size:      1316 BYTES
protection-log-2013-09-11.txt     File Size:       162 BYTES

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

===============================================================
END OF FILE

Link to post
Share on other sites

Here's the 2nd file:

 

dds.txt

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6002.18005  BrowserJavaVersion: 1.6.0_37
Run by me at 13:17:42 on 2013-09-11
Microsoft® Windows Vista™ Ultimate   6.0.6002.2.1252.1.1033.18.3581.1540 [GMT -4:00]
.
AV: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Windows\system32\lxbccoms.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\dllhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe
C:\Windows\system32\dllhost.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Users\rspitz\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Memeo\AutoBackup\InstantBackup.exe
C:\Program Files\Memeo\AutoBackup\MemeoUpdater.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k swprv
.
============== Pseudo HJT Report ===============
.
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
uRun: [Google Update] "c:\users\rspitz\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [brStsMon00] c:\program files\browny02\brother\BrStMonW.exe /AUTORUN
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [Memeo Instant Backup] c:\program files\memeo\autobackup\MemeoLauncher2.exe --silent --no_ui
mRun: [sigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableLUA = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}







TCP: NameServer = 192.168.2.254
TCP: Interfaces\{2A8F54F4-4403-4B61-A4E7-7CCBB9909654} : DHCPNameServer = 192.168.2.254
TCP: Interfaces\{42BC9A18-213E-4421-8618-DEEC953076C5} : NameServer = 192.168.2.10
TCP: Interfaces\{42BC9A18-213E-4421-8618-DEEC953076C5} : DHCPNameServer = 192.168.2.254
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - c:\program files\intuit\quickbooks 2011\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Notify: gemsafe - c:\program files\gemplus\gemsafe libraries\bin\WLEventNotify.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages =  msv1_0 wvauth
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg wsauth
IFEO: ehshell.exe - "c:\program files\logmein\x86\LogMeInSystray.exe" -MceShellRedirect
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\me\appdata\roaming\mozilla\firefox\profiles\yy3ndhib.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://login.yahoo.com/config/login_verify2?&.src=ym|http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1232296438&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx%3Fn%3D185986582&id=64855
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\users\me\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\users\me\appdata\roaming\mozilla\firefox\profiles\yy3ndhib.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2009-07-02 09:20; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-10-7 35168]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-12-19 79432]
R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-10-24 472280]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-10-1 375120]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-1-27 13624]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-1-16 47640]
R2 lxbc_device;lxbc_device;c:\windows\system32\lxbccoms.exe -service --> c:\windows\system32\lxbccoms.exe -service [?]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-9-10 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-9-10 701512]
R2 QBVSS;QBIDPService;c:\program files\common files\intuit\dataprotect\QBIDPService.exe [2010-12-2 1248256]
R2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2012-4-10 671344]
R2 vmware-view-usbd;VMware View USB;c:\program files\vmware\vmware view\client\bin\vmware-view-usbd.exe [2012-5-2 2370560]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [2006-11-2 7168]
R2 wsnm;VMware View Client;c:\program files\vmware\vmware view\client\bin\wsnm.exe [2012-5-2 472176]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2013-7-9 179712]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-9-10 22856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackup\MemeoBackgroundService.exe [2011-1-24 25824]
S3 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-23 119056]
S3 BrYNSvc;BrYNSvc;c:\program files\browny02\BrYNSvc.exe [2012-5-30 245760]
S3 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]
S3 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-12 770168]
.
=============== Created Last 30 ================
.
2013-09-10 19:40:42    --------    d-----w-    c:\users\me\appdata\roaming\Malwarebytes
2013-09-10 19:40:26    --------    d-----w-    c:\programdata\Malwarebytes
2013-09-10 19:40:23    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-09-10 19:40:22    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-09-06 19:04:32    7166848    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{fb65c70a-18e7-4990-b053-9c0f5f3e3f0f}\mpengine.dll
2013-09-01 13:44:48    --------    d-----w-    c:\users\me\appdata\roaming\SanDisk SecureAccess
2013-08-31 19:37:54    --------    d-----w-    c:\windows\system32\My Vaults
2013-08-30 07:20:11    --------    d-----w-    c:\program files\Windows Portable Devices
2013-08-30 01:34:22    125952    ----a-w-    c:\windows\system32\srvsvc.dll
2013-08-30 01:34:21    17920    ----a-w-    c:\windows\system32\netevent.dll
2013-08-30 01:34:11    876032    ----a-w-    c:\windows\system32\XpsPrint.dll
2013-08-30 00:41:39    --------    d-----w-    c:\windows\system32\MRT
2013-08-30 00:38:25    92672    ----a-w-    c:\windows\system32\UIAnimation.dll
2013-08-30 00:38:24    3023360    ----a-w-    c:\windows\system32\UIRibbon.dll
2013-08-30 00:38:24    1164800    ----a-w-    c:\windows\system32\UIRibbonRes.dll
2013-08-30 00:37:08    369664    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-08-30 00:37:05    974848    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2013-08-30 00:37:05    321024    ----a-w-    c:\windows\system32\PhotoMetadataHandler.dll
2013-08-30 00:37:05    252928    ----a-w-    c:\windows\system32\dxdiag.exe
2013-08-30 00:37:05    195584    ----a-w-    c:\windows\system32\dxdiagn.dll
2013-08-30 00:37:05    189440    ----a-w-    c:\windows\system32\WindowsCodecsExt.dll
2013-08-30 00:37:04    519680    ----a-w-    c:\windows\system32\d3d11.dll
2013-08-30 00:18:40    5120    ----a-w-    c:\windows\system32\wmi.dll
2013-08-30 00:18:40    157696    ----a-w-    c:\windows\system32\imagehlp.dll
2013-08-30 00:18:39    12800    ----a-w-    c:\windows\system32\drivers\fs_rec.sys
2013-08-29 23:14:32    --------    d-----w-    c:\windows\PCHEALTH
2013-08-29 22:58:35    24064    ----a-w-    c:\windows\system32\nshhttp.dll
2013-08-29 22:58:32    411648    ----a-w-    c:\windows\system32\drivers\http.sys
2013-08-29 22:58:31    30720    ----a-w-    c:\windows\system32\httpapi.dll
2013-08-29 22:57:00    9728    ----a-w-    c:\windows\system32\Wdfres.dll
2013-08-29 22:56:58    66560    ----a-w-    c:\windows\system32\drivers\WUDFPf.sys
2013-08-29 22:56:58    155136    ----a-w-    c:\windows\system32\drivers\WUDFRd.sys
2013-08-29 22:56:57    16896    ----a-w-    c:\windows\system32\winusb.dll
2013-08-29 22:56:56    73216    ----a-w-    c:\windows\system32\WUDFSvc.dll
2013-08-29 22:56:56    172032    ----a-w-    c:\windows\system32\WUDFPlatform.dll
2013-08-29 22:56:55    526952    ----a-w-    c:\windows\system32\drivers\Wdf01000.sys
2013-08-29 22:56:55    47720    ----a-w-    c:\windows\system32\drivers\WdfLdr.sys
2013-08-29 22:56:54    38912    ----a-w-    c:\windows\system32\WUDFCoinstaller.dll
2013-08-29 22:56:53    196608    ----a-w-    c:\windows\system32\WUDFHost.exe
2013-08-29 22:56:52    613888    ----a-w-    c:\windows\system32\WUDFx.dll
2013-08-29 22:50:05    2048    ----a-w-    c:\windows\system32\winrsmgr.dll
2013-08-29 22:48:25    72704    ----a-w-    c:\windows\system32\fontsub.dll
2013-08-29 22:48:25    34304    ----a-w-    c:\windows\system32\atmlib.dll
2013-08-29 22:48:25    293376    ----a-w-    c:\windows\system32\atmfd.dll
2013-08-29 22:48:25    23552    ----a-w-    c:\windows\system32\lpk.dll
2013-08-29 22:48:25    10240    ----a-w-    c:\windows\system32\dciman32.dll
2013-08-29 22:47:14    623616    ----a-w-    c:\windows\system32\localspl.dll
2013-08-29 22:46:59    69632    ----a-w-    c:\windows\system32\Mpeg2Data.ax
2013-08-29 22:46:59    57856    ----a-w-    c:\windows\system32\MSDvbNP.ax
2013-08-29 22:46:59    293376    ----a-w-    c:\windows\system32\psisdecd.dll
2013-08-29 22:46:59    217088    ----a-w-    c:\windows\system32\psisrndr.ax
2013-08-29 22:44:48    75776    ----a-w-    c:\windows\system32\synceng.dll
2013-08-29 22:44:23    905664    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-08-29 22:44:17    2049024    ----a-w-    c:\windows\system32\win32k.sys
2013-08-29 22:44:16    429056    ----a-w-    c:\windows\system32\EncDec.dll
2013-08-29 22:44:11    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-08-29 22:43:55    53120    ----a-w-    c:\windows\system32\drivers\partmgr.sys
2013-08-29 22:43:53    376320    ----a-w-    c:\windows\system32\dpnet.dll
2013-08-29 22:43:53    23040    ----a-w-    c:\windows\system32\dpnsvr.exe
2013-08-29 22:43:43    783360    ----a-w-    c:\windows\system32\rpcrt4.dll
2013-08-29 22:43:42    638328    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2013-08-29 22:43:42    37376    ----a-w-    c:\windows\system32\cdd.dll
2013-08-29 22:43:39    224640    ----a-w-    c:\windows\system32\drivers\volsnap.sys
2013-08-29 22:43:16    66560    ----a-w-    c:\windows\system32\packager.dll
2013-08-29 22:43:10    288768    ----a-w-    c:\windows\system32\XpsGdiConverter.dll
2013-08-29 22:43:10    1554432    ----a-w-    c:\windows\system32\xpsservices.dll
2013-08-29 22:43:09    847360    ----a-w-    c:\windows\system32\OpcServices.dll
2013-08-29 22:40:50    1314816    ----a-w-    c:\windows\system32\quartz.dll
2013-08-29 22:40:47    708608    ----a-w-    c:\program files\common files\system\ado\msado15.dll
2013-08-29 22:40:42    443904    ----a-w-    c:\windows\system32\win32spl.dll
2013-08-29 22:40:42    37376    ----a-w-    c:\windows\system32\printcom.dll
2013-08-29 22:40:39    1548288    ----a-w-    c:\windows\system32\WMVDECOD.DLL
2013-08-29 22:40:33    812544    ----a-w-    c:\windows\system32\certutil.exe
2013-08-29 22:40:32    41984    ----a-w-    c:\windows\system32\certenc.dll
2013-08-29 22:40:07    1400832    ----a-w-    c:\windows\system32\msxml6.dll
2013-08-29 22:40:04    707584    ----a-w-    c:\program files\common files\system\wab32.dll
2013-08-29 22:39:49    168960    ----a-w-    c:\program files\windows media player\wmplayer.exe
2013-08-29 22:39:48    8147456    ----a-w-    c:\windows\system32\wmploc.DLL
2013-08-29 22:39:22    9728    ----a-w-    c:\windows\system32\TCPSVCS.EXE
2013-08-29 22:39:22    27136    ----a-w-    c:\windows\system32\NETSTAT.EXE
2013-08-29 22:39:22    19968    ----a-w-    c:\windows\system32\ARP.EXE
2013-08-29 22:39:22    105984    ----a-w-    c:\windows\system32\netiohlp.dll
2013-08-29 22:39:21    8704    ----a-w-    c:\windows\system32\HOSTNAME.EXE
2013-08-29 22:39:21    17920    ----a-w-    c:\windows\system32\ROUTE.EXE
2013-08-29 22:39:21    11264    ----a-w-    c:\windows\system32\MRINFO.EXE
2013-08-29 22:39:21    10240    ----a-w-    c:\windows\system32\finger.exe
2013-08-29 22:37:58    15872    ----a-w-    c:\windows\system32\drivers\usb8023.sys
2013-08-29 22:37:53    992768    ----a-w-    c:\windows\system32\crypt32.dll
2013-08-29 22:37:52    98304    ----a-w-    c:\windows\system32\cryptnet.dll
2013-08-29 22:37:52    172544    ----a-w-    c:\windows\system32\wintrust.dll
2013-08-29 22:37:52    133120    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-08-29 22:23:21    1248768    ----a-w-    c:\windows\system32\msxml3.dll
2013-08-29 22:23:16    563712    ----a-w-    c:\windows\system32\oleaut32.dll
2013-08-29 22:23:16    555520    ----a-w-    c:\windows\system32\UIAutomationCore.dll
2013-08-29 22:23:16    4096    ----a-w-    c:\windows\system32\oleaccrc.dll
2013-08-29 22:23:16    238080    ----a-w-    c:\windows\system32\oleacc.dll
2013-08-29 22:22:51    180736    ----a-w-    c:\windows\system32\drivers\rdpwd.sys
2013-08-29 22:22:50    376320    ----a-w-    c:\windows\system32\winsrv.dll
2013-08-29 22:22:44    24576    ----a-w-    c:\windows\system32\cryptdlg.dll
2013-08-29 22:21:04    440704    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2013-08-29 22:21:04    278528    ----a-w-    c:\windows\system32\schannel.dll
2013-08-29 22:21:04    218624    ----a-w-    c:\windows\system32\msv1_0.dll
2013-08-29 22:21:04    175104    ----a-w-    c:\windows\system32\wdigest.dll
2013-08-29 22:21:04    1259008    ----a-w-    c:\windows\system32\lsasrv.dll
2013-08-29 22:21:03    9728    ----a-w-    c:\windows\system32\lsass.exe
2013-08-29 22:21:03    72704    ----a-w-    c:\windows\system32\secur32.dll
2013-08-29 22:19:59    69632    ----a-w-    c:\windows\system32\drivers\bowser.sys
2013-08-29 22:18:57    128000    ----a-w-    c:\windows\system32\spoolsv.exe
2013-08-29 22:18:54    160256    ----a-w-    c:\windows\system32\wkssvc.dll
2013-08-29 22:18:51    273408    ----a-w-    c:\windows\system32\drivers\afd.sys
2013-08-29 22:18:09    1169408    ----a-w-    c:\windows\system32\sdclt.exe
2013-08-29 22:18:03    10926592    ----a-w-    c:\program files\movie maker\MOVIEMK.dll
2013-08-29 22:18:01    150016    ----a-w-    c:\program files\movie maker\MOVIEMK.exe
2013-08-29 22:16:59    30720    ----a-w-    c:\windows\system32\drivers\tcpipreg.sys
2013-08-29 22:16:41    739328    ----a-w-    c:\windows\system32\inetcomm.dll
2013-08-29 21:53:58    243712    ----a-w-    c:\windows\system32\rastls.dll
2013-08-29 21:53:54    355328    ----a-w-    c:\windows\system32\WSDApi.dll
2013-08-29 21:53:50    531968    ----a-w-    c:\windows\system32\comctl32.dll
2013-08-29 21:53:46    191488    ----a-w-    c:\windows\system32\FXSCOVER.exe
2013-08-29 21:53:29    310784    ----a-w-    c:\windows\system32\unregmp2.exe
2013-08-29 21:53:29    1418752    ----a-w-    c:\program files\windows media player\setup_wm.exe
2013-08-29 21:53:27    7680    ----a-w-    c:\windows\system32\spwmp.dll
2013-08-29 21:53:27    4096    ----a-w-    c:\windows\system32\msdxm.ocx
2013-08-29 21:53:27    4096    ----a-w-    c:\windows\system32\dxmasf.dll
2013-08-29 21:53:27    107520    ----a-w-    c:\program files\windows media player\wmpshare.exe
2013-08-29 21:53:27    107520    ----a-w-    c:\program files\windows media player\wmpconfig.exe
2013-08-29 21:52:47    604672    ----a-w-    c:\windows\system32\WMSPDMOD.DLL
2013-08-29 21:52:42    31744    ----a-w-    c:\windows\system32\msvidc32.dll
2013-08-29 21:52:42    13312    ----a-w-    c:\windows\system32\msrle32.dll
2013-08-29 21:52:42    12288    ----a-w-    c:\windows\system32\tsbyuv.dll
2013-08-29 21:52:41    91136    ----a-w-    c:\windows\system32\avifil32.dll
2013-08-29 21:52:41    50176    ----a-w-    c:\windows\system32\iyuv_32.dll
2013-08-29 21:52:41    22528    ----a-w-    c:\windows\system32\msyuv.dll
2013-08-29 21:52:40    82944    ----a-w-    c:\windows\system32\mciavi32.dll
2013-08-29 21:52:40    123904    ----a-w-    c:\windows\system32\msvfw32.dll
2013-08-29 21:44:44    613376    ----a-w-    c:\windows\system32\rdpencom.dll
2013-08-29 21:36:42    98304    ----a-w-    c:\windows\system32\cabview.dll
2013-08-29 21:30:29    2422272    ----a-w-    c:\windows\system32\wucltux.dll
2013-08-29 21:30:21    88576    ----a-w-    c:\windows\system32\wudriver.dll
2013-08-29 21:30:16    33792    ----a-w-    c:\windows\system32\wuapp.exe
2013-08-29 21:30:16    171904    ----a-w-    c:\windows\system32\wuwebv.dll
2013-08-29 19:01:54    --------    d-----w-    c:\windows\system32\eu-ES
2013-08-29 19:01:54    --------    d-----w-    c:\windows\system32\ca-ES
2013-08-29 19:01:50    --------    d-----w-    c:\windows\system32\vi-VN
2013-08-29 18:56:43    --------    d-----w-    c:\windows\system32\SPReview
2013-08-29 18:46:52    928768    ----a-w-    c:\windows\system32\scavenge.dll
2013-08-29 18:46:37    57856    ----a-w-    c:\windows\system32\compcln.exe
2013-08-29 18:46:00    87552    ----a-w-    c:\windows\system32\SearchFilterHost.exe
2013-08-29 18:46:00    57344    ----a-w-    c:\windows\system32\samlib.dll
2013-08-29 18:46:00    53248    ----a-w-    c:\windows\system32\rrinstaller.exe
2013-08-29 18:46:00    441344    ----a-w-    c:\windows\system32\SearchIndexer.exe
2013-08-29 18:46:00    38400    ----a-w-    c:\windows\system32\rtffilt.dll
2013-08-29 18:46:00    324608    ----a-w-    c:\windows\system32\sdohlp.dll
2013-08-29 18:46:00    241128    ----a-w-    c:\windows\system32\rsaenh.dll
2013-08-29 18:46:00    20992    ----a-w-    c:\windows\system32\rwinsta.exe
2013-08-29 18:46:00    185344    ----a-w-    c:\windows\system32\SearchProtocolHost.exe
2013-08-29 18:46:00    153600    ----a-w-    c:\program files\common files\microsoft shared\ink\rtscom.dll
2013-08-29 18:44:59    99840    ----a-w-    c:\windows\system32\ulib.dll
2013-08-17 04:51:26    921600    ----a-w-    c:\program files\mozilla firefox\wlan_wiz\wdsw.exe
.
==================== Find3M  ====================
.
2013-08-07 08:22:04    238872    ------w-    c:\windows\system32\MpSigStub.exe
2013-07-30 20:54:51    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-30 20:54:51    692104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-07-30 04:30:30    834048    ----a-w-    c:\windows\system32\wininet.dll
2013-07-30 04:29:08    53760    ----a-w-    c:\windows\apppatch\iebrshim.dll
2013-07-29 22:27:31    389632    ----a-w-    c:\windows\system32\html.iec
2013-07-29 22:12:28    1383424    ----a-w-    c:\windows\system32\mshtml.tlb
2013-07-09 12:10:36    1205168    ----a-w-    c:\windows\system32\ntdll.dll
2013-07-08 15:34:10    3443    ----a-w-    C:\fix.reg
2013-07-08 04:55:51    3603904    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:55:51    3551680    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-06-15 13:22:11    15872    ----a-w-    c:\windows\system32\icaapi.dll
2013-06-15 11:23:33    24064    ----a-w-    c:\windows\system32\drivers\tssecsrv.sys
.
============= FINISH: 13:18:06.27 ===============

Link to post
Share on other sites

And finally, attach.txt:

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Ultimate
Boot Device: \Device\HarddiskVolume3
Install Date: 7/8/2013 10:56:15 PM
System Uptime: 9/11/2013 1:10:14 PM (0 hours ago)
.
Motherboard: Dell Inc. |  |       
Processor: Intel® Core2 Duo CPU     T7300  @ 2.00GHz | Microprocessor | 2001/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 110 GiB total, 29.835 GiB free.
D: is FIXED (NTFS) - 2 GiB total, 1.383 GiB free.
E: is CDROM ()
F: is NetworkDisk (NTFS) - 244 GiB total, 136.09 GiB free.
G: is FIXED (NTFS) - 298 GiB total, 174.795 GiB free.
M: is NetworkDisk (NTFS) - 244 GiB total, 136.09 GiB free.
O: is NetworkDisk (NTFS) - 244 GiB total, 136.09 GiB free.
S: is NetworkDisk (NTFS) - 244 GiB total, 136.09 GiB free.
T: is NetworkDisk (NTFS) - 244 GiB total, 136.09 GiB free.
U: is NetworkDisk (NTFS) - 244 GiB total, 136.09 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Apple Software Update
AuthenTec Fingerprint Sensor Minimum Install
biolsp patch
Broadcom ASF Management Applications
Broadcom Management Programs
CCleaner
CleanUp!
Client Bookkeeping Solution 2007.1
Conexant HDA D330 MDC V.92 Modem
CorelDRAW Graphics Suite X4
CorelDRAW Graphics Suite X4 - Capture
CorelDRAW Graphics Suite X4 - Content
CorelDRAW Graphics Suite X4 - Draw
CorelDRAW Graphics Suite X4 - Extra Content
CorelDRAW Graphics Suite X4 - Filters
CorelDRAW Graphics Suite X4 - FontNav
CorelDRAW Graphics SUite X4 - ICA
CorelDRAW Graphics Suite X4 - IPM
CorelDRAW Graphics Suite X4 - Lang BR
CorelDRAW Graphics Suite X4 - Lang EN
CorelDRAW Graphics Suite X4 - Lang ES
CorelDRAW Graphics Suite X4 - Lang FR
CorelDRAW Graphics Suite X4 - PP
CorelDRAW Graphics Suite X4 - VBA
CorelDRAW® Graphics Suite X4
CorelDRAW® Graphics Suite X4 - Extra Content
CorelDRAW® Graphics Suite X4 - Windows Shell Extension
D3DX10
Dell Drivers MSI
Dell Embassy Trust Suite by Wave Systems
Dell Getting Started Guide
Dell Touchpad
Digital Line Detect
Document Manager Lite
Dragon NaturallySpeaking 10
EMBASSY Security Center
EMBASSY Security Setup
EMBASSY Trust Suite by Wave Systems
ESC Home Page Plugin
ESET NOD32 Antivirus
FLV Player 2.0 (build 25)
Gemalto
GemSafe Standard Edition 5.1
Google Chrome
Google Drive
Google Update Helper
HL-2270DW
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® PROSet/Wireless Software
Java Auto Updater
Java 6 Update 37
Java SE Runtime Environment 6
LogMeIn
Malwarebytes Anti-Malware version 1.75.0.1300
mCore
Memeo Instant Backup
mHelp
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4.5
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Basic 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Sync Framework 2.0 Core Components (x86) ENU
Microsoft Sync Framework 2.0 Provider Services (x86) ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
mMHouse
Modem Diagnostic Tool
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
mPfMgr
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
mWMI
NetAccess SSL 4.0
NetWaiting
NTRU TCG Software Stack
NVIDIA Drivers
NVIDIA nView Desktop Manager
NWZ-E460 WALKMAN Guide
OGA Notifier 2.0.0048.0
PowerDVD
Preboot Manager
Private Information Manager
QuickBooks
QuickBooks Pro 2011
QuickSet
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Roxio Activation Module
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Samsung Printer Live Update
Seagate Dashboard
Secure Update
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4.5 (KB2737083)
Security Update for Microsoft .NET Framework 4.5 (KB2742613)
Security Update for Microsoft .NET Framework 4.5 (KB2789648)
Security Update for Microsoft .NET Framework 4.5 (KB2804582)
Security Update for Microsoft .NET Framework 4.5 (KB2833957)
Security Update for Microsoft .NET Framework 4.5 (KB2835622)
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Wizards
Segoe UI
SolidWorks 2013 Document Manager API
SolidWorks eDrawings 2013
Sonic CinePlayer Decoder Pack
Spybot - Search & Destroy
SUPERAntiSpyware
SyncToy 2.1 (x86)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4.5 (KB2750147)
Update for Microsoft .NET Framework 4.5 (KB2805221)
Update for Microsoft .NET Framework 4.5 (KB2805226)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
upekmsi
Visual Basic for Applications ® Core
Visual Basic for Applications ® Core - English
Visual C++ Runtime for Dragon NaturallySpeaking
VMware View Client
Wave Infrastructure Installer
Wave Support Software
WebEx
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
.
==== Event Viewer Messages From Past Week ========
.
9/9/2013 3:07:54 PM, Error: PlugPlayManager [12]  - The device 'TSSTcorp DVD+-RW TS-L632D ATA Device' (IDE\CdRomTSSTcorp_DVD+-RW_TS-L632D_______________DE04____\5&36a3c1d8&0&0.0.0) disappeared from the system without first being prepared for removal.
9/9/2013 3:07:53 PM, Error: cdrom [15]  - The device, \Device\CdRom0, is not ready for access yet.
9/9/2013 3:07:53 PM, Error: atapi [11]  - The driver detected a controller error on \Device\Ide\IdePort0.
9/6/2013 11:06:31 PM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 172.21.9.62 for the Network Card with network address 0013E86ECEF7 has been denied by the DHCP server 192.168.2.254 (The DHCP Server sent a DHCPNACK message).
9/6/2013 11:05:52 PM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 192.168.2.77 for the Network Card with network address 0013E86ECEF7 has been denied by the DHCP server 1.1.1.1 (The DHCP Server sent a DHCPNACK message).
9/11/2013 1:11:32 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the MemeoBackgroundService service to connect.
9/11/2013 1:11:32 PM, Error: Service Control Manager [7000]  - The MemeoBackgroundService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
9/11/2013 1:09:37 PM, Error: Service Control Manager [7034]  - The Dell Internal Network Card Power Management service terminated unexpectedly.  It has done this 1 time(s).
.
==== End Of File ===========================

 

Thanks!

Link to post
Share on other sites

Sorry, I spent about 5 minutes trying to figure out how to attach the files and when I couldn't find a way, I copied and pasted. I hovered my cursor over every icon I could see and did not see one that said "Attach". Even now that you confirm that there is a way to attach, I can't find it.

Link to post
Share on other sites

Sorry, I spent about 5 minutes trying to figure out how to attach the files and when I couldn't find a way, I copied and pasted. I hovered my cursor over every icon I could see and did not see one that said "Attach". Even now that you confirm that there is a way to attach, I can't find it.

 

Hi:

 

Until Firefox returns...

 

Click "More Reply Options" at lower right corner of message window.

Look for the paperclip in the lower left corner.

Browse to the location of the file you want to attach and go from there.

Do the same for each file.

 

Hope this helps,

 

daledoc1

Link to post
Share on other sites

  • Root Admin

I don't see anything obvious right off hand that would stop the program but if you've done a System Restore then that can break the meta-data so best to try the following.

 

MBAM Clean Removal Process
 

Let us know if that corrects the issue or not please.

 

Thanks

Link to post
Share on other sites

Unfortunately, that's what I tried first and it didn't help. I saw that it had been recommended in another support thread, so I downloaded the clean uninstall program, reinstalled and reentered my ID and product key. I've delete the scheduled scan and rescheduled it to start tonight at 3 am. I'll find out in the morning if it's working.

 

Thanks for the support.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.