my system freezes and restarts while i am scanning through malwarebytes

[Luffy_zoro]

First i want to say where i saw the issue first, I used steam for playing games, one day out of the blue while i tried to start steam my system froze and it restarted on its own. I tried  to uninstalll and reinstalling steam, and other solutions provided by steam community by i couldn't install steam again. It started giving me problems during installation.

Then somebody suggested maybe its a malware problem so i installed malwarebytes  to remove the problem. But during scan my system froze and restarted as it did with steam. Now i am sure that its some malware problem. No other application shows any problem.  

I tried Malwarebyte Chameleon, Chkdsk, degfragment . But still during scan my sytem freezes and restarts .

 

So Please help to solve the issue so that i can install steam again. I tried every solution related to steam given by steamcommunity no use.   

[Luffy_zoro]

there were other members with the same problem. the were suggestions for them to use mbam-check and dds.scr . i performed it i pasted the logs here. i am awaiting any instructions.

 

 

mbam-check result log version: 2.0.0.1000

 

Malwarebytes Version: REG_SZ 1.75.0.1300

 

Date Log Created: 10/09/13

Time Log Created: 17:02:56

 

User Account type: Administrator

 

32 bit Operating System

 

Product Name: REG_SZ Windows 7 Ultimate

 

Current Build Number: 7600

 

Current Version Number: 6.1

 

Current CSDVersion: 

 

Proxy Status: No proxy is Set

 

LAN Settings:

=============

 

only 'Automatically detect settings' is selected

 

SystemPartition:

================

 

HKEY_LOCAL_MACHINE\SYSTEM\Setup\

SystemPartition REG_SZ \Device\HarddiskVolume1

 

Balloon Tips Status:

====================

 

Enabled

 

Time Format Settings:

=====================

 

Should be:

h:mm:ss tt

AM 

PM 

:

 

Currently:

REG_SZ h:mm:ss tt

REG_SZ AM

REG_SZ PM

REG_SZ :

 

Language and Regional Settings:

===============================

 

ACP: Language is English (United States)

MACCP: Language is English (United States)

OEMCP: Language is English (United States)

 

Startup Folders for Error_Expanding_Variables Check:

====================================================

 

All Users Startup Folder Exists.

Current User's Startup Folder Exists.

 

 

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

===============================================================================

 

TERMService:

==============

Type : 32

State : 1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE : 1077

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

TermService Start is set to: 3 (Manual Startup)

 

Compatibility Flag Settings (Any MBAM file listings should be removed):

=======================================================================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

SIGN.MEDIA=F2D3B5 Drivers\Software\Drivers\Video\32bit\15.7.3.1409\Setup.exeREG_SZ VISTARTM

SIGN.MEDIA=74EF5A88 Adobe Photoshop 7\Setup.exeREG_SZ WINXPSP2

C:\Users\Swamy\Downloads\Compressed\Norton 2012 Trial Reset\Norton 2012 Trial Reset\Norton Account Registration.exeREG_SZ WINXPSP2

C:\Users\Swamy\Downloads\Programs\OnLineRecovery.exeREG_SZ VISTARTM

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

 

 

 

Malwarebytes Anti-Malware Shell Extension Block Check:

======================================================

 

 

 

MBAM Startup Entries: 

=====================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

 

Service and Driver Status:

==========================

 

MBAMProtector:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

MBAMService:

==============

Type : 16

State : 1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

MBAMScheduler:

==============

Type : 16

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

MBAMChameleon:

==============

Type : 2

State : 1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE : 1077

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

MBAMProtector Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector

Type                          REG_DWORD 2

Start                         REG_DWORD 3

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys

Group                         REG_SZ FSFilter Anti-Virus

DependOnService               REG_MULTI_SZ FltMgr

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances

DefaultInstance               REG_SZ MBAMProtector Instance

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance

Altitude                      REG_SZ 328800

Flags                         REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum

0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

MBAMService Registry Values:

============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe"

DependOnService               REG_MULTI_SZ MBAMProtector

 

ObjectName                    REG_SZ LocalSystem

Description                   REG_SZ Malwarebytes Anti-Malware service

DelayedAutostart              REG_DWORD 0

MBAMScheduler Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe"

ObjectName                    REG_SZ LocalSystem

Description                   REG_SZ Malwarebytes Anti-Malware scheduler

 

MBAM DLL's and Runtime Files:

=============================

 

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid

(Default):                    REG_SZ vbAccelerator Grid Control

HKEY_CLASSES_ROOT\vbAcceleratorSGrid6.vbalGrid\Clsid

(Default):                    REG_SZ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}

 

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass

(Default):                    REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\SSubTimer6.GSubclass\Clsid

(Default):                    REG_SZ {71A27032-C7D8-11D2-BEF8-525400DFB47A}

 

HKEY_CLASSES_ROOT\SSubTimer6.CTimer

(Default):                    REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\SSubTimer6.CTimer\Clsid

(Default):                    REG_SZ {71A27034-C7D8-11D2-BEF8-525400DFB47A}

 

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass

(Default):                    REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\SSubTimer6.ISubclass\Clsid

(Default):                    REG_SZ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}

 

 

 

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default):                    REG_SZ SSubTimer6.ISubclass

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A2702F-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default):                    REG_SZ 1.0

 

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default):                    REG_SZ SSubTimer6.GSubclass

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A27032-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default):                    REG_SZ 1.0

 

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\InprocServer32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\ProgID

(Default):                    REG_SZ SSubTimer6.CTimer

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\Programmable

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\CLSID\{71A27034-C7D8-11D2-BEF8-525400DFB47A}\VERSION

(Default):                    REG_SZ 1.0

 

 

 

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1

(Default):                    REG_SZ vbAccelerator VB6 SGrid Control 2.0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\0\win32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\vbalsgrid6.ocx

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\FLAGS

(Default):                    REG_SZ 2

HKEY_CLASSES_ROOT\TypeLib\{DE8CE233-DD83-481D-844C-C07B96589D3A}\1.1\HELPDIR

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

 

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0

(Default):                    REG_SZ vbAccelerator VB6 Subclassing and Timer Assistant (with configurable message response, multi-control support + timer bug fix)

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\0\win32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\ssubtmr6.dll

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\FLAGS

(Default):                    REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{71A2702D-C7D8-11D2-BEF8-525400DFB47A}\1.0\HELPDIR

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

 

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ ISubclass

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A2702E-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version                       REG_SZ 1.0

 

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}

(Default):                    REG_SZ CTimer

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\ProxyStubClsid32

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{71A27036-C7D8-11D2-BEF8-525400DFB47A}\TypeLib

(Default):                    REG_SZ {71A2702D-C7D8-11D2-BEF8-525400DFB47A}

Version                       REG_SZ 1.0

 

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}

(Default):                    REG_SZ vbalGrid

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\ProxyStubClsid32

(Default):                    REG_SZ {00020420-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{1EDFD7DF-030D-4144-952E-9D7D86691CDB}\TypeLib

(Default):                    REG_SZ {DE8CE233-DD83-481D-844C-C07B96589D3A}

Version                       REG_SZ 1.1

 

MBAM Registry Settings and License Info:

========================================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware

advancedheuristics            REG_DWORD 1

downloadprogram               REG_DWORD 1

hidereg                       REG_DWORD 0

detectp2p                     REG_DWORD 0

detectpum                     REG_DWORD 1

detectpup                     REG_DWORD 2

updatewarn                    REG_DWORD 1

updatewarndays                REG_DWORD 7

useproxy                      REG_DWORD 0

useauthentication             REG_DWORD 0

contextmenu                   REG_DWORD 1

reportthreats                 REG_DWORD 1

startwithwindows              REG_DWORD 0 <--MBAM IS NOT SET TO START WITH WINDOWS

startfsdisabled               REG_DWORD 0

startipdisabled               REG_DWORD 0

silentipmode                  REG_DWORD 0

autoquarantine                REG_DWORD 1

notifyinstallprogram          REG_DWORD 1

trialpromptshown              REG_DWORD 1

autoquarantinenotify          REG_DWORD 1

alwaysscanarchives            REG_DWORD 1

InstallPath                   REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

dbdate                        REG_SZ Wed, 09 Oct 2013 09:57:04 GMT

dbversion                     REG_SZ v2013.10.09.03

programversion                REG_SZ 1.75.0.1300

programbuild                  REG_SZ consumer

trialended                    REG_DWORD 0

SchedulerQueue                REG_MULTI_SZ 6148, 30327821, 2509917984, 1, 23 | 30327978, 3450540730

 

ID                            XXXXX This is hidden data.

Key                           XXXX-XXXX-XXXX-XXXX This is hidden data.

 

HKEY_LOCAL_MACHINE\SOFTWARE\Malwarebytes' Anti-Malware (Trial)

TrialId                       There is data here but it is hidden.

StartDate                     REG_SZ Tue, 08 Oct 2013 08:34:12 UTC

EndDate                       REG_SZ Tue, 22 Oct 2013 08:34:12 UTC

 

HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles               REG_DWORD 1

alwaysscanheuristics          REG_DWORD 1

alwaysscanmemory              REG_DWORD 1

alwaysscanregistry            REG_DWORD 1

alwaysscanstartups            REG_DWORD 1

autosavelog                   REG_DWORD 1

openlog                       REG_DWORD 1

defaultscan                   REG_DWORD 1

terminateie                   REG_DWORD 0

Language                      REG_SZ English.lng

selectedrives                 REG_SZ C:\|D:\|E:\|F:\|G:\|

HKEY_USERS\S-1-5-18\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles               REG_DWORD 1

alwaysscanheuristics          REG_DWORD 1

alwaysscanmemory              REG_DWORD 1

alwaysscanregistry            REG_DWORD 1

alwaysscanstartups            REG_DWORD 1

autosavelog                   REG_DWORD 1

openlog                       REG_DWORD 1

defaultscan                   REG_DWORD 0

terminateie                   REG_DWORD 0

HKEY_USERS\.DEFAULT\SOFTWARE\Malwarebytes' Anti-Malware

alwaysscanfiles               REG_DWORD 1

alwaysscanheuristics          REG_DWORD 1

alwaysscanmemory              REG_DWORD 1

alwaysscanregistry            REG_DWORD 1

alwaysscanstartups            REG_DWORD 1

autosavelog                   REG_DWORD 1

openlog                       REG_DWORD 1

defaultscan                   REG_DWORD 0

terminateie                   REG_DWORD 0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

Inno Setup: Setup Version     REG_SZ 5.5.3-dev (a)

Inno Setup: App Path          REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

InstallLocation               REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\

Inno Setup: Icon Group        REG_SZ Malwarebytes' Anti-Malware

Inno Setup: User              REG_SZ Swamy

Inno Setup: Selected Tasks    REG_SZ desktopicon

Inno Setup: Deselected Tasks  REG_SZ quicklaunchicon

Inno Setup: Language          REG_SZ English

DisplayName                   REG_SZ Malwarebytes Anti-Malware version 1.75.0.1300

DisplayIcon                   REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

UninstallString               REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

QuietUninstallString          REG_SZ "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" /SILENT

DisplayVersion                REG_SZ 1.75.0.1300

Publisher                     REG_SZ Malwarebytes Corporation

URLInfoAbout                  REG_SZ http://www.malwarebytes.org

NoModify                      REG_DWORD 1

NoRepair                      REG_DWORD 1

InstallDate                   REG_SZ 20131008

MajorVersion                  REG_DWORD 1

MinorVersion                  REG_DWORD 75

EstimatedSize                 REG_DWORD 19726

 

Pending File Rename Operations: 

================================

If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

 

Scheduler Queue:

================

 

Scheduled Item: Update Schedule Options: | Daily | Random

Start Time: 2013-10-08 10:03 Repeating Every: 1 Recover if missed by: 23

 

 

 

Context Menu Entries:

=====================

 

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer

(Default):                    REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

 

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}

(Default):                    REG_SZ IMBAMShlExt

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib

(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

Version                       REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID

(Default):                    REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib

(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID

(Default):                    REG_SZ MBAMExt.MBAMShlExt

 

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default):                    REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default):                    REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default):                    REG_SZ C:\Program Files\Malwarebytes' Anti-Malware

 

 

 

MBAM Drivers:

=============

 

C:\Windows\system32\drivers\mbam.sys File Size: 22856     BYTES FileVersion: 1.60.2.0

C:\Windows\system32\drivers\mbamswissarmy.sys File Size: 40776     BYTES FileVersion: 1.60.0.0

C:\Windows\system32\drivers\mbamchameleon.sys File Size: 31560     BYTES

 

 

Required Dependencies:

======================

 

BFE:

==============

Type : 32

State : 4 (The service is running.)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001

Group                         REG_SZ NetworkProvider

ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork

Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002

ObjectName                    REG_SZ NT AUTHORITY\LocalService

ErrorControl                  REG_DWORD 1

Start                         REG_DWORD 2

Type                          REG_DWORD 32

DependOnService               REG_MULTI_SZ RpcSs

 

ServiceSidType                REG_DWORD 3

RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege

 

FailureActions                REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters

ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll

ServiceDllUnloadOnStop        REG_DWORD 1

ServiceMain                   REG_SZ BfeServiceMain

 

fltmgr:

==============

Type : 2

State : 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE : 0

SERVICE_EXIT_CODE : 0

CHECKPOINT : 0

WAIT_HINT : 0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr

AttachWhenLoaded              REG_DWORD 1

DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001

Group                         REG_SZ FSFilter Infrastructure

ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys

Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000

ErrorControl                  REG_DWORD 3

Start                         REG_DWORD 0

Tag                           REG_DWORD 1

Type                          REG_DWORD 2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum

0                             REG_SZ Root\LEGACY_FLTMGR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

C:\Windows\system32\drivers\fltmgr.sys File Size: 198208    BYTES FileVersion: 6.1.7600.16385

C:\Windows\system32\comctl32.ocx File Size: 608448    BYTES FileVersion: 6.0.81.5

C:\Windows\system32\mscomctl.ocx File Size: 1069376   BYTES FileVersion: 6.1.98.18

C:\Windows\system32\olepro32.dll File Size: 90112     BYTES FileVersion: 6.1.7600.16385

 

 

List of MBAM Related Directories:

=================================

 

C:\Program Files\Malwarebytes' Anti-Malware

7z.dll                         File Size:    914432 BYTES FileVersion: 9.20.0.0

changes.txt                   File Size:       200 BYTES

license.rtf                   File Size:     17916 BYTES

mbam.chm                       File Size:    474148 BYTES

mbam.dll                       File Size:    527944 BYTES FileVersion: 1.70.0.0

mbam.exe                       File Size:    887432 BYTES FileVersion: 1.75.0.1

mbamcore.dll                   File Size:   1127496 BYTES FileVersion: 1.70.0.0

mbamext.dll                   File Size:     80968 BYTES FileVersion: 1.70.0.0

mbamgui.exe                   File Size:    532040 BYTES FileVersion: 1.70.0.0

mbamnet.dll                   File Size:   2191944 BYTES FileVersion: 1.70.0.0

mbampt.exe                     File Size:     40008 BYTES FileVersion: 1.70.0.0

mbamscheduler.exe             File Size:    418376 BYTES FileVersion: 1.70.0.0

mbamservice.exe               File Size:    701512 BYTES FileVersion: 1.70.0.0

ssubtmr6.dll                   File Size:     46416 BYTES FileVersion: 1.1.0.3

unins000.dat                   File Size:     15082 BYTES

unins000.exe                   File Size:    712264 BYTES FileVersion: 51.52.0.0

unins000.msg                   File Size:     11277 BYTES

vbalsgrid6.ocx                 File Size:    496976 BYTES FileVersion: 2.0.0.40

 

C:\Program Files\Malwarebytes' Anti-Malware\Chameleon

chameleon.chm                 File Size:    186068 BYTES

firefox.com                   File Size:    218184 BYTES

firefox.exe                   File Size:    218184 BYTES

firefox.pif                   File Size:    218184 BYTES

firefox.scr                   File Size:    218184 BYTES

iexplore.exe                   File Size:    218184 BYTES

mbam-chameleon.com             File Size:    218184 BYTES

mbam-chameleon.exe             File Size:    218184 BYTES

mbam-chameleon.pif             File Size:    218184 BYTES

mbam-chameleon.scr             File Size:    218184 BYTES

mbam-killer.exe               File Size:    896072 BYTES

rundll32.exe                   File Size:    218184 BYTES

svchost.exe                   File Size:    218184 BYTES

winlogon.exe                   File Size:    218184 BYTES

 

C:\Program Files\Malwarebytes' Anti-Malware\Languages

arabic.lng                     File Size:     21894 BYTES

belarusian.lng                 File Size:     26884 BYTES

bosnian.lng                   File Size:     27108 BYTES

bulgarian.lng                 File Size:     27574 BYTES

catalan.lng                   File Size:     28252 BYTES

chineseSI.lng                 File Size:     11024 BYTES

chineseTR.lng                 File Size:     11952 BYTES

croatian.lng                   File Size:     26670 BYTES

czech.lng                     File Size:     24874 BYTES

danish.lng                     File Size:     26582 BYTES

dutch.lng                     File Size:     28342 BYTES

english.lng                   File Size:     24542 BYTES

estonian.lng                   File Size:     25146 BYTES

finnish.lng                   File Size:     25950 BYTES

french.lng                     File Size:     29830 BYTES

german.lng                     File Size:     29894 BYTES

greek.lng                     File Size:     29300 BYTES

hebrew.lng                     File Size:     19362 BYTES

hungarian.lng                 File Size:     28666 BYTES

indonesian.lng                 File Size:     26854 BYTES

italian.lng                   File Size:     28194 BYTES

japanese.lng                   File Size:     16266 BYTES

korean.lng                     File Size:     14188 BYTES

latvian.lng                   File Size:     27100 BYTES

lithuanian.lng                 File Size:     27838 BYTES

norwegian.lng                 File Size:     25116 BYTES

polish.lng                     File Size:     26644 BYTES

portugueseBR.lng               File Size:     28654 BYTES

portuguesePT.lng               File Size:     29062 BYTES

romanian.lng                   File Size:     28290 BYTES

russian.lng                   File Size:     27302 BYTES

serbian.lng                   File Size:     26804 BYTES

slovak.lng                     File Size:     25644 BYTES

slovenian.lng                 File Size:     24852 BYTES

spanish.lng                   File Size:     30060 BYTES

swedish.lng                   File Size:     25992 BYTES

thai.lng                       File Size:     26092 BYTES

turkish.lng                   File Size:     25876 BYTES

vietnamese.lng                 File Size:     29528 BYTES

 

C:\Users\Swamy\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware

 

C:\Users\Swamy\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs

mbam-log-2013-10-08 (17-17-11).txt File Size:      1890 BYTES

 

C:\Users\Swamy\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware

rules.ref                     File Size:   6580934 BYTES

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Configuration

build.conf                     File Size:       140 BYTES

config.conf                   File Size:      4076 BYTES

custom.conf                   File Size:        20 BYTES

database.conf                 File Size:       432 BYTES

html.conf                     File Size:      2904 BYTES

local.conf                     File Size:       998 BYTES

manifest.conf                 File Size:      1752 BYTES

messaging.conf                 File Size:      1430 BYTES

news.conf                     File Size:       272 BYTES

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

protection-log-2013-10-08.txt File Size:      6824 BYTES

protection-log-2013-10-09.txt File Size:      1026 BYTES

 

C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine

 

===============================================================

END OF FILE

 

[Luffy_zoro]

DDS (Ver_2012-11-20.01) - NTFS_x86 

Internet Explorer: 8.0.7600.16385  BrowserJavaVersion: 10.21.2

Run by Swamy at 17:05:41 on 2013-10-09

Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.2038.738 [GMT 5.5:30]

.

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe

C:\Program Files\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\WinFLService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\AVG\AVG2013\avgui.exe

C:\Windows\System32\WinFLTray.exe

C:\Program Files\Internet Download Manager\IDMan.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Mobile Partner\Mobile Partner.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\AVG\AVG2013\avgcfgex.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Internet Explorer\IELowutil.exe

C:\Windows\System32\NOTEPAD.EXE

C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Blog This in Windows Live: {2adefb8e-b923-35e6-86e2-2b7841f5d2a2} - 

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

uRun: [WinFLTray] c:\windows\system32\WinFLTray.exe

uRun: [FLBackup] c:\program files\newsoftware's\folder lock\FLComServCtrl.exe

uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot

uRun: [steam] "c:\program files\steam\Steam.exe" -silent

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices

mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"                                                                                                                                                                                                                 

mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY

uPolicies-Explorer: NoDriveAutoRun = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm

IE: Download with IDM - c:\program files\internet download manager\IEExt.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

TCP: Interfaces\{9728D89D-FD31-4F3F-B271-78461D1F9F75} : NameServer = 202.148.200.3 202.148.202.4

TCP: Interfaces\{C6B11A0E-DE22-4B4D-8795-A6555941F496} : NameServer = 202.148.202.3 202.148.200.3

TCP: Interfaces\{EE3BDC8A-C384-4362-84D3-98472BFE0151} : NameServer = 202.148.200.3 202.148.202.4

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

IFEO: garenamessenger.exe - "c:\program files\tuneup utilities 2012\TUAutoReactivator32.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\swamy\appdata\roaming\mozilla\firefox\profiles\azmgk3j2.default\

FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\users\swamy\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: c:\users\swamy\appdata\roaming\mozilla\firefox\profiles\azmgk3j2.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\plugins\np-mswmp.dll

FF - plugin: c:\users\swamy\appdata\roaming\mozilla\firefox\profiles\azmgk3j2.default\extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}\plugins\npConduitFirefoxPlugin.dll

FF - plugin: c:\users\swamy\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\swamy\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\users\swamy\appdata\roaming\mozilla\plugins\npo1d.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll

FF - ExtSQL: !HIDDEN! 2012-11-18 09:07; hotfix@mozilla.org; c:\users\swamy\appdata\roaming\mozilla\firefox\extensions\MozillaHotfix

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-5 39224]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 208184]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-9-10 22328]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]

R1 WinFLAdrv;WinFLAdrv;c:\windows\system32\WinFLAdrv.sys [2012-10-30 29184]

R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;ABBYY PDF Transformer 3.0 Licensing Service;c:\program files\abbyy pdf transformer 3.0\NetworkLicenseServer.exe [2010-2-1 759048]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]

R2 FLService;FLService;c:\windows\system32\WinFLService.exe [2012-10-30 91336]

R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2013-7-19 104928]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-10-8 418376]

R2 NEWDRIVER;NEWDRIVER;c:\windows\system32\WinVDEdrv6.sys [2012-10-30 188176]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2012\TuneUpUtilitiesService32.exe [2012-2-6 1528640]

R2 WinVDEDrv;WinVDEDrv;c:\windows\system32\WinVDEdrv.sys [2012-10-30 228112]

R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2012-10-8 208896]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-10-8 72832]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-10-8 22856]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2012\TuneUpUtilitiesDriver32.sys [2012-2-1 10064]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-10-8 701512]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-10-8 102784]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-10-9 31560]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-10-9 40776]

.

=============== Created Last 30 ================

.

2013-10-09 10:45:23 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2013-10-09 10:37:19 31560 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-10-09 10:11:51 -------- d-----w- c:\users\swamy\appdata\local\ElevatedDiagnostics

2013-10-09 09:09:35 -------- d-----w- C:\AdwCleaner

2013-10-08 08:34:04 -------- d-----w- c:\users\swamy\appdata\roaming\Malwarebytes

2013-10-08 08:33:46 -------- d-----w- c:\programdata\Malwarebytes

2013-10-08 08:33:44 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-10-08 08:33:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-10-07 07:42:26 -------- d-----w- c:\users\swamy\048298C9A4D3490B9FF9AB023A9238F3.TMP

2013-10-07 07:30:26 -------- d---a-w- c:\program files\Steam

2013-10-04 14:58:49 505104 ----a-w- c:\windows\system32\msxml.dll

2013-10-04 14:58:43 69632 ----a-w- c:\windows\system32\xmltok.dll

2013-10-04 14:58:43 36864 ----a-w- c:\windows\system32\xmlparse.dll

2013-10-04 14:58:43 35840 ----a-w- c:\windows\system32\comdlg32.oca

2013-10-04 14:58:43 28432 ----a-w- c:\windows\system32\msxmlr.dll

2013-10-04 14:58:43 26096 ----a-w- c:\windows\system32\xmlinst.exe

2013-10-04 14:58:43 24576 ----a-w- c:\windows\system32\msxml3a.dll

2013-10-04 14:58:42 89360 ----a-w- c:\windows\system32\VB5DB.DLL

2013-10-04 14:58:42 29184 ----a-w- c:\windows\system32\MSINET.oca

2013-10-04 14:54:56 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll

2013-10-04 14:54:56 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll

2013-10-04 14:54:56 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe

2013-10-04 14:54:56 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll

2013-10-04 14:54:56 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll

2013-10-04 14:54:56 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll

2013-10-04 14:54:48 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll

2013-10-04 14:54:48 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll

2013-10-02 18:36:41 -------- d-----w- c:\programdata\JetFlash220

2013-10-02 17:38:15 -------- d-----w- c:\users\swamy\appdata\roaming\tmp

2013-10-02 08:40:51 -------- d-----w- C:\DriveKey

2013-10-02 08:40:36 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll

2013-10-02 08:40:35 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll

2013-10-02 08:40:35 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll

2013-10-02 08:40:34 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll

2013-10-02 08:40:33 610436 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe

2013-09-30 05:02:57 -------- d-----w- c:\windows\system32\appmgmt

2013-09-26 08:33:12 -------- d-----w- c:\program files\Video Convert Master

2013-09-10 11:46:17 -------- d-----w- c:\users\swamy\appdata\roaming\AnvsoftPdfTools

2013-09-10 11:45:53 -------- d-----w- c:\users\swamy\appdata\local\Programs

2013-09-09 20:04:48 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys

.

==================== Find3M  ====================

.

2013-10-09 11:15:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-10-09 11:15:13 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-09-04 20:13:42 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2013-07-19 20:21:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys

2013-07-19 20:20:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys

2013-07-19 20:20:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2013-07-19 20:20:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys

.

============= FINISH: 17:06:09.45 ===============

 

 

 

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Ultimate 

Boot Device: \Device\HarddiskVolume1

Install Date: 08-Oct-12 11:57:26 AM

System Uptime: 09-Oct-13 4:21:56 PM (1 hours ago)

.

Motherboard: Intel Corporation |  | DG35EC

Processor: Intel® Core2 Quad CPU    Q6600  @ 2.40GHz | LGA 775 | 2394/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 49 GiB total, 11.983 GiB free.

D: is FIXED (NTFS) - 88 GiB total, 1.536 GiB free.

E: is FIXED (NTFS) - 98 GiB total, 5.626 GiB free.

F: is FIXED (NTFS) - 98 GiB total, 4.178 GiB free.

G: is FIXED (NTFS) - 134 GiB total, 0.152 GiB free.

H: is CDROM ()

I: is CDROM ()

J: is CDROM (CDFS)

K: is Removable

L: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP93: 08-Oct-13 3:01:06 PM - Installed Microsoft Visual C++ 2005 Redistributable

.

==== Installed Programs ======================

.

µTorrent

ABBYY PDF Transformer 3.0

Add or Remove Adobe Creative Suite 3 Master Collection

Adobe After Effects CS3 Presets

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe BridgeTalk Plugin CS3

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Creative Suite 3 Master Collection

Adobe Default Language CS3

Adobe Device Central CS3

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Fonts All

Adobe Help Viewer CS3

Adobe InDesign CS3 Icon Handler

Adobe Linguistics CS3

Adobe MotionPicture Color Files

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Reader 9.5.4

Adobe Setup

Adobe SING CS3

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe Video Profiles

Adobe WAS CS3

Adobe WinSoft Linguistics Plugin

Adobe XMP DVA Panels CS3

Adobe XMP Panels CS3

AHV content for Acrobat and Flash

AVG 2013

Chambers 21st Century Dictionary Version 1.0

Cheatbook Database 2008

COWON Media Center - jetAudio Plus VX

FIFA 09

Google Chrome

Google Talk (remove only)

Google Talk Plugin

HP USB Disk Storage Format Tool

Internet Download Manager

Java 7 Update 21

Java Auto Updater

Macromedia Extension Manager

Macromedia Flash 8

Macromedia Flash 8 Video Encoder

Macromedia Flash Player 8

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Mobile Partner

Mozilla Firefox 16.0.2 (x86 en-US)

Mozilla Maintenance Service

Norton Internet Security

PDF Settings

Picasa 3

Prince of Persia The Sands of Time

Realtek High Definition Audio Driver

Solid Edge 2D Drafting V19

Steam

TuneUp Utilities 2012

TuneUp Utilities Language Pack (en-US)

Video Convert Master v6.0

VLC media player 1.0.1

WinRAR archiver

Word to PDF Converter 3.0

.

==== Event Viewer Messages From Past Week ========

.

09-Oct-13 4:23:05 PM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for FailureActions with the following error:  Access is denied.

09-Oct-13 3:41:43 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.

09-Oct-13 3:39:30 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

09-Oct-13 3:39:30 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

09-Oct-13 3:39:28 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

09-Oct-13 3:39:18 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

09-Oct-13 3:39:04 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AVGIDSDriver AVGIDSShim Avgldx86 Avgtdix CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.

09-Oct-13 3:39:03 PM, Error: Service Control Manager [7001]  - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:  A device attached to the system is not functioning.

07-Oct-13 8:34:51 PM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

07-Oct-13 12:53:01 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

07-Oct-13 12:53:01 PM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

07-Oct-13 12:48:27 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service TuneUp.UtilitiesSvc with arguments "" in order to run the server: {5EF1CF5D-87A9-434B-8786-2A08E1C30F6C}

07-Oct-13 12:47:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

07-Oct-13 12:46:53 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

07-Oct-13 12:46:53 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

.

==== End Of File ===========================

 

[Firefox]

Hello and Welcome to Malwarebytes

Your logs show that you have some issues going on with this computer that could be from an infection or a software/hardware conflict. It would be best to have one of our experts assist you with fixing this for you.

Being that you are having issues, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you