Jump to content

Bubble pop-up says database out of date


Recommended Posts

I'm curious as to why a pop up - saying that my database is out of date - has just happened, since I have the mbam pro 2.0, and I run scans at least daily.  

 

Could a fraudulent mbam icon have slipped through?  I clicked on the bubble reflexively, but then I immediately checked my mbam dashboard, and it said that everything is up to date - hence my concern as to what is actually going on here.  Anything to be concerned with? 

Link to post
Share on other sites

Hi:

 

Welcome.
 
It's hard to say without a bit more information.

It would help if you could post a screenshot of the main MBAM program "dashboard".

Then....

A couple of easy things to check:
>>First, please be sure your system date/time are correct.
>>Then, please be sure that your AV and firewall both give MBAM full permissions. It's possible that your AV or firewall might be treating the new build as a new program and may be blocking it -- the files that need to be excluded can be found HERE. Please post back if you need help with that.
>>Also, please check to be sure there are no "Detected Threats" that need to be dealt with first, as this can prevent the program from updating: Click the "Scan" button at the top of the dashboard and verify that there are no detected threats (especially PUPs or PUMs) awaiting your actions.


If those suggestions don't resolve your issue:

  • Please follow the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - MBAM Clean Removal Process 2x
  • If that does not correct the issue, then please read the following and post back attached to your next reply the 3 requested logs - Diagnostic Logs (the 3 logs are: FRST.txt, Addition.txt and CheckResults.txt)
  • NOTE: There is an FAQ section with valuable information located here - Common Questions, Issues, and their Solutions

Please let us know how it goes.

Thanks,

Link to post
Share on other sites

Hi:

 

Thanks -- that looks normal.

 

So, I'm not sure why you are getting popup notifications that your database is out of date.

 

Are you sure those popups are from MBAM, and not another program?

Does it look like the attached picture?

 

It could be something is "off" with your settings.

 

Please read the following and post back attached to your next reply the 3 requested logs - Diagnostic Logs (the 3 logs are: FRST.txt, Addition.txt and CheckResults.txt)

 

Thanks,

post-29793-0-42155400-1405920636_thumb.p

Link to post
Share on other sites

Yes, it looks like your attached picture.  Tonight is the first time that the bubble has come up.

 

 Perhaps it's a coincidence, but a couple of days ago when I was on a p2p, I got several mbam detection/blockage balloons from both incoming - and, more concerning, outgoing processes - so I've been extra leery of unusual occurrences.  

Link to post
Share on other sites

Yes, it looks like your attached picture.  Tonight is the first time that the bubble has come up.

>>>Please read the following and post back attached to your next reply the 3 requested logs - Diagnostic Logs (the 3 logs are: FRST.txt, Addition.txt and CheckResults.txt)

 

Perhaps it's a coincidence, but a couple of days ago when I was on a p2p, I got several mbam detection/blockage balloons from both incoming - and, more concerning, outgoing processes - so I've been extra leery of unusual occurrences.

It is normal behavior to see IP block notifications when using P2P software.

It means MBAM is doing its job.

OTOH, if you think you might be infected (based on the IP blocks or other behavior), then you might want to head over to the malware removal section, to have an expert guide you through some diagnostic scans.  If so, I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.  A malware analyst will assist you with looking into your issue.

Thanks,

Link to post
Share on other sites

 

 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe

(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe

() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

(Dropbox, Inc.) C:\Users\mayfield\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

() C:\Program Files (x86)\AVG Secure Search\vprot.exe

(AVG) C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM-x32\...\Run: [startCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-12] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)

HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2571288 2014-06-22] ()

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)

HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)

Startup: C:\Users\mayfield\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\mayfield\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6914A620259ECF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF


SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}


SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF


SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = 

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 

BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)

Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File

Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File

Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

 

FireFox:

========

FF ProfilePath: C:\Users\mayfield\AppData\Roaming\Mozilla\Firefox\Profiles\62ciwkqt.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File

FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49

 

Chrome: 

=======

CHR Plugin: (Shockwave Flash) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\PepperFlash\12.0.0.70\pepflashplayer.dll No File

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll No File

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()

CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File

CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File

CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File

CHR Extension: (Google Docs) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-11]

CHR Extension: (Google Drive) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-11]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]

CHR Extension: (YouTube) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-11]

CHR Extension: (Google Search) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-11]

CHR Extension: (AVG Security Toolbar) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2012-06-09]

CHR Extension: (Google Wallet) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR Extension: (Gmail) - C:\Users\mayfield\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-11]

CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-28]

 

==================== Services (Whitelisted) =================

 

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-07-18] (WildTangent)

R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)

R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1813528 2014-06-22] (AVG Secure Search)

 

==================== Drivers (Whitelisted) ====================

 

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-22] (AVG Technologies)

R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-21] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-21 02:24 - 2014-07-21 02:25 - 00017408 _____ () C:\Users\mayfield\Downloads\FRST.txt

2014-07-21 02:23 - 2014-07-21 02:24 - 00000000 ____D () C:\FRST

2014-07-21 02:22 - 2014-07-21 02:22 - 02089984 _____ (Farbar) C:\Users\mayfield\Downloads\FRST64.exe

2014-07-18 02:51 - 2014-07-18 02:51 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-07-17 14:39 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-07-17 14:38 - 2014-07-17 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-17 14:38 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-07-17 14:38 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-07-17 14:38 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-07-17 14:37 - 2014-07-17 14:38 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log

2014-07-13 01:41 - 2014-07-13 01:41 - 00000000 ____D () C:\Users\mayfield\AppData\Roaming\Oracle

2014-07-13 01:39 - 2014-07-17 14:51 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-13 01:39 - 2014-07-13 01:39 - 00000000 ____D () C:\ProgramData\Sun

2014-07-13 01:37 - 2014-07-17 14:38 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-13 01:35 - 2014-07-13 01:35 - 00918952 _____ (Oracle Corporation) C:\Users\mayfield\Downloads\chromeinstall-7u60.exe

2014-07-12 23:51 - 2014-07-12 23:51 - 00097789 _____ () C:\Users\mayfield\Desktop\CheckResults.txt

2014-07-12 23:50 - 2014-07-12 23:50 - 01682416 _____ (Malwarebytes Corporation) C:\Users\mayfield\Downloads\mbam-check-2.1.1.1001.exe

2014-07-12 22:30 - 2014-07-12 22:30 - 00000000 ____D () C:\Users\mayfield\AppData\Local\Macromedia

2014-07-12 22:28 - 2014-07-12 22:28 - 00918952 _____ (Oracle Corporation) C:\Users\mayfield\Downloads\jxpiinstall.exe

2014-07-12 22:18 - 2014-07-12 22:18 - 00000000 ____D () C:\Users\mayfield\AppData\Roaming\Mozilla

2014-07-12 22:18 - 2014-07-12 22:18 - 00000000 ____D () C:\Users\mayfield\AppData\Local\Mozilla

2014-07-12 22:17 - 2014-07-12 22:17 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-07-12 22:17 - 2014-07-12 22:17 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 ____D () C:\ProgramData\Mozilla

2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-07-12 22:16 - 2014-07-12 22:16 - 00284224 _____ (Mozilla) C:\Users\mayfield\Downloads\Firefox Setup Stub 30.0 (1).exe

2014-07-12 22:13 - 2014-07-12 22:13 - 00284224 _____ (Mozilla) C:\Users\mayfield\Downloads\Firefox Setup Stub 30.0.exe

2014-07-10 23:12 - 2014-07-10 23:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\18262F6F.sys

2014-07-09 20:43 - 2014-06-17 22:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-09 20:43 - 2014-06-17 21:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-09 20:43 - 2014-06-17 21:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-09 20:43 - 2014-06-06 06:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-09 20:43 - 2014-06-06 05:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-09 20:42 - 2014-06-29 22:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-07-09 20:42 - 2014-06-29 22:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-07-09 20:42 - 2014-06-20 16:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-09 20:42 - 2014-06-20 15:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-09 20:42 - 2014-06-18 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-09 20:42 - 2014-06-18 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-09 20:42 - 2014-06-18 20:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-09 20:42 - 2014-06-18 20:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-09 20:42 - 2014-06-18 20:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-09 20:42 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-09 20:42 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-09 20:42 - 2014-06-18 19:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-09 20:42 - 2014-06-18 19:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-09 20:42 - 2014-06-18 19:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-09 20:42 - 2014-06-18 19:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-09 20:42 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-09 20:42 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-09 20:42 - 2014-06-18 19:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-09 20:42 - 2014-06-18 19:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-09 20:42 - 2014-06-18 19:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-09 20:42 - 2014-06-18 19:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-09 20:42 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-09 20:42 - 2014-06-18 19:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-09 20:42 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-09 20:42 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-09 20:42 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-09 20:42 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-09 20:42 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-09 20:42 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-09 20:42 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-09 20:42 - 2014-05-30 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-09 20:42 - 2014-05-30 04:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-09 20:42 - 2014-05-30 04:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-09 20:42 - 2014-05-30 04:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-09 20:42 - 2014-05-30 04:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-09 20:42 - 2014-05-30 04:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-09 20:42 - 2014-05-30 04:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-09 20:42 - 2014-05-30 03:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-09 20:42 - 2014-05-30 03:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-09 20:42 - 2014-05-30 03:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-09 20:42 - 2014-05-30 03:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-09 20:42 - 2014-05-30 03:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-09 20:42 - 2014-05-30 03:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-09 20:42 - 2014-05-30 03:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-09 20:42 - 2014-05-30 02:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-09 20:41 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-09 20:41 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-09 20:41 - 2014-06-18 20:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-09 20:41 - 2014-06-18 20:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-09 20:41 - 2014-06-18 20:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-09 20:41 - 2014-06-18 20:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-09 20:41 - 2014-06-18 20:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-09 20:41 - 2014-06-18 20:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-09 20:41 - 2014-06-18 20:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-09 20:41 - 2014-06-18 20:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-09 20:41 - 2014-06-18 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-09 20:41 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-09 20:41 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-09 20:41 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-09 20:41 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-09 20:41 - 2014-06-18 19:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-09 20:41 - 2014-06-18 19:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-09 20:41 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-09 20:41 - 2014-06-18 19:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-09 20:41 - 2014-06-18 19:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-09 20:41 - 2014-06-18 19:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-09 20:41 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-09 20:41 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-09 20:41 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-09 20:41 - 2014-06-18 18:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-09 20:41 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-09 20:41 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-09 20:41 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-09 20:40 - 2014-06-05 10:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-09 20:40 - 2014-06-05 10:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-09 20:40 - 2014-06-05 10:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-06-29 13:44 - 2014-06-29 13:44 - 04055145 _____ () C:\Users\mayfield\Downloads\03 Track 3 (1).wma

2014-06-25 01:24 - 2014-07-01 12:04 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-06-25 01:24 - 2014-07-01 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-06-25 01:19 - 2014-06-25 01:19 - 04755192 _____ (AVG Technologies) C:\Users\mayfield\Downloads\avg_free_stb_all_2014_4714_cnet.exe

 

==================== One Month Modified Files and Folders =======

 

2014-07-21 02:26 - 2012-01-10 19:53 - 00000000 ____D () C:\ProgramData\Temp

2014-07-21 02:25 - 2014-07-21 02:24 - 00017408 _____ () C:\Users\mayfield\Downloads\FRST.txt

2014-07-21 02:24 - 2014-07-21 02:23 - 00000000 ____D () C:\FRST

2014-07-21 02:22 - 2014-07-21 02:22 - 02089984 _____ (Farbar) C:\Users\mayfield\Downloads\FRST64.exe

2014-07-21 01:54 - 2014-03-02 04:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-21 01:54 - 2014-02-11 23:25 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-21 01:20 - 2014-04-17 12:27 - 00000000 ___RD () C:\Users\mayfield\Dropbox

2014-07-21 01:20 - 2014-04-17 12:25 - 00000000 ____D () C:\Users\mayfield\AppData\Roaming\Dropbox

2014-07-21 00:39 - 2012-04-09 20:49 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{15FF8D97-06DD-4DDD-A128-5F57D54AFA69}

2014-07-21 00:18 - 2014-06-12 22:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-20 23:51 - 2012-06-09 01:32 - 00000000 ____D () C:\ProgramData\MFAData

2014-07-20 23:47 - 2012-04-09 20:40 - 01207005 _____ () C:\Windows\WindowsUpdate.log

2014-07-20 13:27 - 2014-02-11 19:43 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFormayfield

2014-07-20 13:27 - 2014-02-11 19:43 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleFormayfield.job

2014-07-20 03:15 - 2014-02-11 23:25 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-19 13:38 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-19 13:38 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-19 13:35 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-19 13:32 - 2014-04-17 12:26 - 00000000 ____D () C:\Users\mayfield\AppData\Roaming\DropboxMaster

2014-07-19 13:31 - 2013-06-08 04:46 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job

2014-07-19 13:31 - 2013-06-03 14:55 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

2014-07-19 13:31 - 2012-07-07 15:41 - 00022671 _____ () C:\Windows\setupact.log

2014-07-19 13:31 - 2012-01-10 20:21 - 00000000 ____D () C:\ProgramData\PDFC

2014-07-19 13:31 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-18 21:05 - 2014-02-11 23:26 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-18 03:26 - 2012-01-10 20:04 - 00000000 ____D () C:\ProgramData\Skype

2014-07-18 03:15 - 2012-01-10 20:03 - 00000000 ____D () C:\ProgramData\CyberLink

2014-07-18 03:06 - 2012-01-10 19:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-07-18 02:56 - 2012-01-10 20:07 - 00002426 ____N () C:\Users\Public\Desktop\WildTangent Games App - hp.lnk

2014-07-18 02:56 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-07-18 02:52 - 2012-04-09 20:55 - 00000000 ____D () C:\Windows\System32\Tasks\Games

2014-07-18 02:51 - 2014-07-18 02:51 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-07-18 02:50 - 2012-01-10 20:07 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games

2014-07-18 02:49 - 2014-02-13 09:10 - 00000000 ____D () C:\Users\mayfield\AppData\Roaming\WildTangent

2014-07-18 02:49 - 2012-01-10 20:07 - 00000000 ____D () C:\ProgramData\WildTangent

2014-07-17 14:51 - 2014-07-13 01:39 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-17 14:38 - 2014-07-17 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-17 14:38 - 2014-07-17 14:37 - 00004162 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log

2014-07-17 14:38 - 2014-07-13 01:37 - 00000000 ____D () C:\Program Files (x86)\Java

2014-07-15 22:56 - 2013-11-12 06:35 - 00000000 ____D () C:\Windows\Minidump

2014-07-15 22:56 - 2012-01-10 23:04 - 00338303 ____N () C:\Windows\Minidump\071514-37034-01.dmp

2014-07-14 16:05 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache

2014-07-13 03:03 - 2012-01-10 23:04 - 00338303 ____N () C:\Windows\Minidump\071314-44195-01.dmp

2014-07-13 01:41 - 2014-07-13 01:41 - 00000000 ____D () C:\Users\mayfield\AppData\Roaming\Oracle

2014-07-13 01:39 - 2014-07-13 01:39 - 00000000 ____D () C:\ProgramData\Sun

2014-07-13 01:35 - 2014-07-13 01:35 - 00918952 _____ (Oracle Corporation) C:\Users\mayfield\Downloads\chromeinstall-7u60.exe

2014-07-12 23:51 - 2014-07-12 23:51 - 00097789 _____ () C:\Users\mayfield\Desktop\CheckResults.txt

2014-07-12 23:50 - 2014-07-12 23:50 - 01682416 _____ (Malwarebytes Corporation) C:\Users\mayfield\Downloads\mbam-check-2.1.1.1001.exe

2014-07-12 22:30 - 2014-07-12 22:30 - 00000000 ____D () C:\Users\mayfield\AppData\Local\Macromedia

2014-07-12 22:28 - 2014-07-12 22:28 - 00918952 _____ (Oracle Corporation) C:\Users\mayfield\Downloads\jxpiinstall.exe

2014-07-12 22:25 - 2014-03-02 04:19 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-12 22:25 - 2014-03-02 04:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-12 22:25 - 2014-03-02 04:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-12 22:18 - 2014-07-12 22:18 - 00000000 ____D () C:\Users\mayfield\AppData\Roaming\Mozilla

2014-07-12 22:18 - 2014-07-12 22:18 - 00000000 ____D () C:\Users\mayfield\AppData\Local\Mozilla

2014-07-12 22:17 - 2014-07-12 22:17 - 00001165 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-07-12 22:17 - 2014-07-12 22:17 - 00001153 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 ____D () C:\ProgramData\Mozilla

2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-07-12 22:17 - 2014-07-12 22:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-07-12 22:16 - 2014-07-12 22:16 - 00284224 _____ (Mozilla) C:\Users\mayfield\Downloads\Firefox Setup Stub 30.0 (1).exe

2014-07-12 22:13 - 2014-07-12 22:13 - 00284224 _____ (Mozilla) C:\Users\mayfield\Downloads\Firefox Setup Stub 30.0.exe

2014-07-11 03:02 - 2014-07-17 14:38 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-07-11 02:56 - 2014-07-17 14:39 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-07-11 02:56 - 2014-07-17 14:38 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-07-11 02:55 - 2014-07-17 14:38 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-07-10 23:12 - 2014-07-10 23:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\18262F6F.sys

2014-07-09 22:03 - 2009-07-14 00:45 - 00275712 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-09 22:01 - 2014-05-06 14:30 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-07-09 22:01 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-09 22:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-09 22:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-09 21:53 - 2013-08-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-09 21:50 - 2012-04-20 04:25 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-01 21:30 - 2012-01-10 23:04 - 00338303 ____N () C:\Windows\Minidump\070114-39343-01.dmp

2014-07-01 15:12 - 2012-01-10 23:04 - 00338303 ____N () C:\Windows\Minidump\070114-46925-01.dmp

2014-07-01 12:04 - 2014-06-25 01:24 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-07-01 12:04 - 2014-06-25 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-07-01 11:54 - 2012-01-10 23:04 - 00338303 ____N () C:\Windows\Minidump\070114-41433-01.dmp

2014-07-01 03:10 - 2012-01-10 23:04 - 00338303 ____N () C:\Windows\Minidump\070114-41246-01.dmp

2014-06-30 03:05 - 2012-09-27 16:39 - 00003224 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMAYFIELD-HP$

2014-06-30 03:05 - 2012-09-27 16:39 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForMAYFIELD-HP$.job

2014-06-29 22:09 - 2014-07-09 20:42 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-29 22:04 - 2014-07-09 20:42 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-29 13:44 - 2014-06-29 13:44 - 04055145 _____ () C:\Users\mayfield\Downloads\03 Track 3 (1).wma

2014-06-25 01:24 - 2013-09-18 14:57 - 00000000 ____D () C:\ProgramData\AVG2014

2014-06-25 01:23 - 2012-06-09 01:38 - 00000000 ___HD () C:\$AVG

2014-06-25 01:22 - 2012-06-09 01:36 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-06-25 01:19 - 2014-06-25 01:19 - 04755192 _____ (AVG Technologies) C:\Users\mayfield\Downloads\avg_free_stb_all_2014_4714_cnet.exe

2014-06-25 01:03 - 2012-07-07 15:40 - 01726688 _____ () C:\Windows\PFRO.log

2014-06-22 12:39 - 2014-04-28 00:13 - 00000000 ____D () C:\ProgramData\AVG Secure Search

2014-06-22 12:39 - 2012-09-27 14:56 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search

2014-06-22 12:39 - 2012-08-27 04:02 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2014-06-22 11:10 - 2012-01-10 23:04 - 00338303 ____N () C:\Windows\Minidump\062214-35100-01.dmp

2014-06-21 01:50 - 2012-01-10 23:04 - 00338303 ____N () C:\Windows\Minidump\062114-38267-01.dmp

 

Some content of TEMP:

====================

C:\Users\mayfield\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpakyiet.dll

C:\Users\mayfield\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwwlxnu.dll

C:\Users\mayfield\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-19 21:17

 

==================== End Of Log ============================
Link to post
Share on other sites

 

 

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

 

==================== Installed Programs ======================

 

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden

AMD Media Foundation Decoders (Version: 1.0.60512.1804 - ATI Technologies Inc.) Hidden

AMD VISION Engine Control Center (x32 Version: 2011.0512.1812.30806 - ATI) Hidden

ATI Catalyst Install Manager (HKLM\...\{85A5A208-1A5A-A736-170E-AA826BC19B2A}) (Version: 3.0.829.0 - ATI Technologies, Inc.)

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)

AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden

AVG PC Tuneup (HKLM-x32\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.27 - AVG)

AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.7.644 - AVG Technologies)

Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Bing Bar (HKLM-x32\...\{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}) (Version: 7.0.826.0 - Microsoft Corporation)

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)

Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0512.1812.30806 - ATI) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2011.0512.1812.30806 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2011.0512.1812.30806 - ATI) Hidden

CCC Help Chinese Standard (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Chinese Traditional (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Czech (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Danish (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Dutch (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help English (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Finnish (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help French (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help German (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Greek (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Hungarian (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Italian (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Japanese (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Korean (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Norwegian (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Polish (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Portuguese (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Russian (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Spanish (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Swedish (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Thai (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

CCC Help Turkish (x32 Version: 2011.0512.1811.30806 - ATI) Hidden

ccc-utility64 (Version: 2011.0512.1812.30806 - ATI) Hidden

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)

Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)

Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden

Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden

Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden

HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden

HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden

HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)

HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)

HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)

HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)

HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)

HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)

HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)

HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)

Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden

Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Kobo (HKLM-x32\...\Kobo) (Version: 2.0.3 - Kobo Inc.)

Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden

Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden

Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden

PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)

Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden

PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 -  NewspaperDirect Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6387 - Realtek Semiconductor Corp.)

Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden

RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden

Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)

Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)

The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden

Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden

TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden

Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

 

==================== Restore Points  =========================

 

11-06-2014 16:47:33 Windows Update

25-06-2014 04:56:26 Removed AVG 2014

25-06-2014 05:01:21 Removed AVG 2014

25-06-2014 05:21:20 Installed AVG 2014

25-06-2014 05:22:36 Installed AVG 2014

04-07-2014 02:08:48 Scheduled Checkpoint

10-07-2014 01:44:48 Windows Update

13-07-2014 05:37:01 Installed Java 7 Update 60

17-07-2014 18:36:31 Installed Java 7 Update 65

18-07-2014 07:01:52 Configured LabelPrint

18-07-2014 07:07:46 Configured Power2Go

18-07-2014 07:25:22 Removed Skype™ 6.11

 

==================== Hosts content: ==========================

 

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {0690B324-6799-4547-8E18-2B986605892D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)

Task: {13BE5673-78DF-49AB-A4BD-A58608D6D5BF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)

Task: {18C9A4A6-84AC-47BB-8C94-543C200778E9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3822584448-1593730336-3948292815-1000

Task: {2E061B8F-E46C-43C8-947E-3C76F10E95ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe

Task: {3909D797-9569-499D-80FD-58EFAFF62CD9} - System32\Tasks\HPCeeScheduleFormayfield => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {44E1EC2A-EC28-481C-93D5-A2F40EA71E44} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe

Task: {59C071CA-A870-4E2C-969E-4497CBD1BAC3} - System32\Tasks\AVG\PC Tuneup\Integrator\Start On mayfield Logon => C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe [2011-11-03] (AVG)

Task: {60B3AE07-5E43-4EB2-97F9-48BDA84A0733} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe

Task: {6227CB33-61B2-4FE9-911E-8F3E89EA6F4E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-12] (Adobe Systems Incorporated)

Task: {6D16B890-A2F1-4B4A-AED3-BB469CF6D84F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe

Task: {955F7EAC-B4F7-40BC-89ED-CBF530FAF9C2} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{315592BA-0614-4242-AEBE-D9E9F30274F2}.exe

Task: {E452A02F-D664-4167-A46A-053030F94DF3} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{5F0B632A-9E3B-4716-B71A-DFD27EA86C7D}.exe

Task: {EE93A401-530A-42F3-ADAD-CF0662581506} - System32\Tasks\HPCeeScheduleForMAYFIELD-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{315592BA-0614-4242-AEBE-D9E9F30274F2}.exe

Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{5F0B632A-9E3B-4716-B71A-DFD27EA86C7D}.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForMAYFIELD-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\HPCeeScheduleFormayfield.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-06-22 12:39 - 2014-06-22 12:39 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe

2012-09-27 14:56 - 2014-06-22 12:39 - 02571288 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe

2011-05-12 22:10 - 2011-05-12 22:10 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-03-14 18:20 - 2011-03-14 18:20 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2014-06-22 12:39 - 2014-06-22 12:39 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll

2014-07-19 13:32 - 2014-07-19 13:32 - 00043008 _____ () c:\users\mayfield\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwwlxnu.dll

2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\mayfield\AppData\Roaming\Dropbox\bin\libcef.dll

2012-07-06 14:56 - 2011-11-03 17:21 - 00350024 _____ () C:\Program Files (x86)\AVG\AVG PC Tuneup\madExcept_.bpl

2012-07-06 14:56 - 2011-11-03 17:21 - 00184136 _____ () C:\Program Files (x86)\AVG\AVG PC Tuneup\madBasic_.bpl

2012-07-06 14:56 - 2011-11-03 17:21 - 00050504 _____ () C:\Program Files (x86)\AVG\AVG PC Tuneup\madDisAsm_.bpl

2013-12-09 06:21 - 2014-03-21 12:21 - 01603608 _____ () C:\Program Files (x86)\AVG Secure Search\TBAPI.dll

2014-07-18 21:05 - 2014-07-15 05:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll

2014-07-18 21:05 - 2014-07-15 05:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll

2014-07-18 21:05 - 2014-07-15 05:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll

2014-07-18 21:05 - 2014-07-15 05:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll

2014-07-18 21:05 - 2014-07-15 05:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4

 

==================== Safe Mode (whitelisted) ===================

 

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/12/2014 07:02:02 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program IEXPLORE.EXE version 11.0.9600.17207 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 518

 

Start Time: 01cf9e250fe9039b

 

Termination Time: 70

 

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

 

Report Id:

 

Error: (07/08/2014 03:08:49 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program chrome.exe version 35.0.1916.153 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: ac0

 

Start Time: 01cf9a74e3d477aa

 

Termination Time: 151

 

Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

Report Id: ab9948f4-066e-11e4-814a-386077f9c32f

 

Error: (07/05/2014 09:28:47 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program mbam.exe version 1.0.0.532 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

 

Process ID: 2b8

 

Start Time: 01cf98b7feb54d2c

 

Termination Time: 60000

 

Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

 

Report Id: adab2f36-04ac-11e4-a133-386077f9c32f

 

Error: (07/01/2014 00:04:18 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_esa.cab. Verify that the file exists and that you can access it.

 

Error: (07/01/2014 00:04:17 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_zta.cab. Verify that the file exists and that you can access it.

 

Error: (07/01/2014 00:04:15 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_zha.cab. Verify that the file exists and that you can access it.

 

Error: (07/01/2014 00:04:14 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_tra.cab. Verify that the file exists and that you can access it.

 

Error: (07/01/2014 00:04:12 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_rua.cab. Verify that the file exists and that you can access it.

 

Error: (07/01/2014 00:04:11 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_msa.cab. Verify that the file exists and that you can access it.

 

Error: (07/01/2014 00:04:10 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_koa.cab. Verify that the file exists and that you can access it.

 

 

System errors:

=============

Error: (07/20/2014 03:00:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

 

Error: (07/19/2014 08:31:08 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

 

Error: (07/19/2014 08:31:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

 

Error: (07/19/2014 01:29:47 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (07/19/2014 03:31:53 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (07/18/2014 10:26:02 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (07/18/2014 08:37:10 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

 

Error: (07/18/2014 08:37:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

 

Error: (07/18/2014 03:02:22 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

Error: (07/18/2014 03:47:55 AM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

 

 

Microsoft Office Sessions:

=========================

Error: (07/12/2014 07:02:02 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: IEXPLORE.EXE11.0.9600.1720751801cf9e250fe9039b70C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

 

Error: (07/08/2014 03:08:49 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: chrome.exe35.0.1916.153ac001cf9a74e3d477aa151C:\Program Files (x86)\Google\Chrome\Application\chrome.exeab9948f4-066e-11e4-814a-386077f9c32f

 

Error: (07/05/2014 09:28:47 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: mbam.exe1.0.0.5322b801cf98b7feb54d2c60000C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeadab2f36-04ac-11e4-a133-386077f9c32f

 

Error: (07/01/2014 00:04:18 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_esa.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (07/01/2014 00:04:17 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_zta.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (07/01/2014 00:04:15 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_zha.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (07/01/2014 00:04:14 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_tra.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (07/01/2014 00:04:12 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_rua.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (07/01/2014 00:04:11 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_msa.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

 

Error: (07/01/2014 00:04:10 PM) (Source: MsiInstaller) (EventID: 11311) (User: NT AUTHORITY)

Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error 1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet): C:\ProgramData\AVG2014\SetupBackup\lng_koa.cab. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 48%

Total physical RAM: 3686.54 MB

Available physical RAM: 1890.46 MB

Total Pagefile: 7371.27 MB

Available Pagefile: 4750.22 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:449.07 GB) (Free:394.19 GB) NTFS

Drive d: (HP_RECOVERY) (Fixed) (Total:16.59 GB) (Free:2.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

==================== MBR & Partition Table ==================
Link to post
Share on other sites

Hi:

 

Thanks.

Alas, the logs are incomplete. :(

 

Please repost them -- it might be better to ATTACH them, rather than posting them inline.  Just click the "More Reply Options" button, then browse to the 3 saved files (one at a time) and then "Attach This File".

And we need the mbam-check log (checkresults.txt), too.

 

BTW, silly questions, I suppose: 

When you saw the "out of date" popup, had you just cold-started the computer after a period when it had been off for several days?

If so, did you see the popup immediately after rebooting?

 

Thanks,

Link to post
Share on other sites

 

 

User Account type:                 Administrator

OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System

Current Version and Build:         6.1.7601.0 

Malwarebytes Anti-Malware:         2.0.2.1012

Installed On:                      2014/06/12

Malware Database:                  2014.07.20.07

Rootkit Database:                  2014.07.17.01

Remediation Database:              2013.10.16.01

IP Database:                       0000.00.00.00

Domain Database:                   0000.00.00.00

License:                           Premium

Malware Protection:                4 (The service is running.)

Malicious Website Protection:      4 (The service is running.)

Chameleon:                         4 (The service is running.)

Log Created:                       2014/07/21 02:52:18

Compatibility Flag Settings:

=================================

 

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

 

 

Malwarebytes Anti-Malware Shell Extension Block Check:

======================================================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

 

MBAM Startup Entries: 

=====================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

 

Malwarebytes Anti-Malware Service and Driver Status:

=======================================================

 

--------------Driver File Info:--------------

C:\Windows\system32\drivers\mbam.sys

File Size:     25816 BYTES FileVersion: 0.1.13.0 MD5: [f92b0e478c0faa6d6661e6e977247e60]

C:\Windows\system32\drivers\mwac.sys

File Size:     63704 BYTES FileVersion: 1.0.1.0 MD5: [15e8abc06843672955ce26a009533bad]

C:\Windows\system32\drivers\mbamswissarmy.sys

File Size:    122584 BYTES FileVersion: 0.1.7.0 MD5: [8a50d5304e6ae48664cf5838ec32f647]

C:\Windows\system32\drivers\mbamchameleon.sys

File Size:     91352 BYTES FileVersion: 1.0.4.0 MD5: [9d9ed48f841ea37aa5310d54b9e5d3c7]

 

--------------MBAMProtector:--------------

Type:                   2

State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

--------------MBAMService:--------------

Type:                   16

State:                  4 (The service is running.)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

--------------MBAMScheduler:--------------

Type:                   16

State:                  4 (The service is running.)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

--------------MBAMChameleon:--------------

Type:                   2

State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

--------------MBAMWebAccessControl:--------------

Type:                   1

State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

Required Dependencies:

======================

 

--------------BFE:--------------

Type:                   32

State:                  4 (The service is running.)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001

Group                         REG_SZ NetworkProvider

ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork

Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002

ObjectName                    REG_SZ NT AUTHORITY\LocalService

ErrorControl                  REG_DWORD 1

Start                         REG_DWORD 2

Type                          REG_DWORD 32

DependOnService               REG_MULTI_SZ RpcSs

 

ServiceSidType                REG_DWORD 3

RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege

 

FailureActions                REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters

ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll

ServiceDllUnloadOnStop        REG_DWORD 1

ServiceMain                   REG_SZ BfeServiceMain

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter

{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

 

{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

 

{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

 

{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

 

{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

 

{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

 

{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

 

{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

 

{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

 

{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

 

{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data

 

{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data

 

{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data

 

{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout

{39a601ca-e62e-4af0-9147-1f1abed2430d}REG_BINARY Binary Data

 

{7e1e0ec6-eb08-46fc-9c5b-24059680de00}REG_BINARY Binary Data

 

{4060ea52-e11a-49f4-9b52-f58b00cc41ef}REG_BINARY Binary Data

 

{acc52d54-5e2d-4379-8910-f7393816aae6}REG_BINARY Binary Data

 

{b082741f-324a-4fa8-ade7-93c97481b025}REG_BINARY Binary Data

 

{eda330a1-4a26-4550-844f-315c68d05fc1}REG_BINARY Binary Data

 

{ab1861a4-9ba7-4a49-819c-d1f3066190cb}REG_BINARY Binary Data

 

{f016cf0e-f210-4947-a17a-8613d0c45acc}REG_BINARY Binary Data

 

{69029c39-dfac-4768-bdc1-dbef041d7228}REG_BINARY Binary Data

 

{58bb3d6b-32bb-4e7d-9087-5f9d1d72152f}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter

{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

 

{f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data

 

{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

 

{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

 

{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

 

{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

 

{4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data

 

{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data

 

{716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data

 

{1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data

 

{07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data

 

{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data

 

{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data

 

{0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data

 

{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

 

{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

 

{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

 

{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

 

{91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data

 

{64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data

 

{13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data

 

{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data

 

{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

 

{375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data

 

{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data

 

{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data

 

{b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data

 

{3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data

 

{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data

 

{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data

 

{b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data

 

{d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data

 

{8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data

 

{4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data

 

{3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data

 

{17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data

 

{567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data

 

{4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data

 

{3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data

 

{a9bdb705-06d9-4978-ba91-884127762079}REG_BINARY Binary Data

 

{68806cd2-dc1a-4ebf-8d5f-f66f3b5a188e}REG_BINARY Binary Data

 

{c61756ee-5b8a-464c-94e3-7976cf0f0797}REG_BINARY Binary Data

 

{986dd3dd-f49a-4eef-8ce4-2b5e8c9faeea}REG_BINARY Binary Data

 

{9568ff84-e876-47ac-a430-007f7d5510bb}REG_BINARY Binary Data

 

{4ef12e77-6726-45be-b14c-14f704e4324b}REG_BINARY Binary Data

 

{f7b17b5c-512d-45af-bb29-be9afef8268a}REG_BINARY Binary Data

 

{f30dd197-583e-4891-8360-5da90c0e880a}REG_BINARY Binary Data

 

{c692efa4-c1c6-4147-b39e-788b097adb6d}REG_BINARY Binary Data

 

{016a59fe-edfe-4015-9f24-c585a8a17e2e}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider

{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data

 

{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data

 

{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data

 

{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data

 

{d4bd4a0f-7591-4da2-ae67-3aa97c3c34c2}REG_BINARY Binary Data

 

{34bb4b10-3ece-4c99-a209-e506533c03c0}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer

{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data

 

{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data

 

{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data

 

{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data

 

--------------fltmgr:--------------

Type:                   2

State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr

AttachWhenLoaded              REG_DWORD 1

DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001

Group                         REG_SZ FSFilter Infrastructure

ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys

Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000

ErrorControl                  REG_DWORD 3

Start                         REG_DWORD 0

Tag                           REG_DWORD 1

Type                          REG_DWORD 2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum

0                             REG_SZ Root\LEGACY_FLTMGR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

 

 

C:\Windows\system32\drivers\fltmgr.sys

File Size: 289664    BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]

C:\Windows\SysWOW64\comctl32.ocx

File Size: 608448    BYTES FileVersion: 6.0.81.5 MD5: [eb5f811c1f78005b3c147599a0cccf51]

C:\Windows\SysWOW64\mscomctl.ocx

File Size: 1066176   BYTES FileVersion: 6.0.88.62 MD5: [714cf24fc19a20ae0dc701b48ded2cf6]

C:\Windows\SysWOW64\olepro32.dll

File Size: 90112     BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]

 

 

MBAM Registry Settings and License Info:

========================================

--------------Settings:--------------

Advanced: 

    AutomaticQuarantine:                                       true 

    AutostartProtection:                                       true 

    EarlyStartSelfProtection:                                  true 

    LimitedMode:                                               false 

    SelfProtection:                                            true 

    StartSilentMode:                                           false 

    StartupDelay:                                              0 

ApplicationState: 

    First-Run-After-Installation:                              false 

General: 

    DaysUntilNotifyExpiration:                                 5 

    Language:                                                  en 

    RightClickAccess:                                          true 

    SilentErrors:                                              false 

Logging: 

    ExportLog:                                                 true 

Notification: 

ProtectionTray: 

    DisplayMilliseconds:                                       7000 

ScanHistory: 

    Duration_Complete:                                         570000 

    Duration_Driver:                                           37000 

    Duration_Filesystem:                                       2000 

    Duration_Heuristics:                                       1405000 

    Duration_Loading:                                          0 

    Duration_MasterBootRecord:                                 0 

    Duration_Memory:                                           40000 

    Duration_PreScan:                                          44000 

    Duration_Registry:                                         41000 

    Duration_Sector:                                           0 

    Duration_SectorMemory:                                     0 

    Duration_Startup:                                          36000 

    ItemCount_Complete:                                        230639 

    ItemCount_Driver:                                          301 

    ItemCount_Filesystem:                                      38137 

    ItemCount_Heuristics:                                      10168 

    ItemCount_Loading:                                         0 

    ItemCount_MasterBootRecord:                                2 

    ItemCount_Memory:                                          2797 

    ItemCount_PreScan:                                         0 

    ItemCount_Registry:                                        557 

    ItemCount_Sector:                                          0 

    ItemCount_SectorMemory:                                    221 

    ItemCount_Startup:                                         1279 

    LastScanDateEpoch:                                         1405925375361 

    LastScanType:                                              1 (Threat Scan)

Update: 

    LastUpdate:                                                2014-07-21T04:17:46 

    NotifyInstallReady:                                        true 

    NotifyOutdatedDatabase:                                    1 

    ProxyPassword:                                              

    ProxyPort:                                                 0 

    ProxyServer:                                                

    ProxyUsername:                                              

    UseProxy:                                                  false 

    UseProxyAuthentication:                                    false 

--------------Account:--------------

  Account Status:                                              Premium 

  Expiration Time:                                             2034/06/12 22:45:58 

  Activation Time:                                             2014/06/12 22:45:58 

  Trial Used:                                                  false 

--------------Access Policies:--------------

 

Scheduler Queue:

================

 

tasks: 

    697e0a34-a8ed-44fc-8d4f-a087faa547c7:                       

      parameters:                                               

        CheckForUpdatesBeforeScanStart:                        false 

        ScanConfig:                                             

          ExitWhenNoMalwareDetected:                           false 

          FileSystemOption:                                    true 

          RebootSystemWhenMalwareDetected:                     false 

          RemoveMalwareAutomaticallyWhenScanEnds:              false 

          ScanArchives:                                        true 

          ScanHeuristic:                                       true 

          ScanMemoryObjects:                                   true 

          ScanPUM:                                             2 

          ScanPUP:                                             1 

          ScanRegistry:                                        true 

          ScanRootkits:                                        false 

          ScanStartup:                                         true 

          ScanTargets:                                          

          ScanType:                                            1 (Threat Scan)

          Silent:                                              true 

        StartTaskFromSystemAccount:                            false 

        TaskType:                                              0 

      triggers:                                                 

        d37e579e-9bc7-4be7-9f25-61ddd99e9d47:                   

          dateinterval:                                        1:0:0 

          lastscheduled:                                       Sun, 20 Jul 2014 14:52:06.843200 -0400 

          lasttriggered:                                       Sun, 20 Jul 2014 14:52:06.843200 -0400 

          nextscheduled:                                       Mon, 21 Jul 2014 14:52:06.843200 -0400 

          recovery:                                            00:00:00 

          start:                                               Mon, 14 Jul 2014 17:54:25 +0000 

          timeinterval:                                        00:00:00 

          type:                                                4 

          uuid:                                                d37e579e-9bc7-4be7-9f25-61ddd99e9d47 

      type:                                                    scan 

      uuid:                                                    697e0a34-a8ed-44fc-8d4f-a087faa547c7 

    beaf4aa4-b635-44ea-be39-5e6b8a23fba4:                       

      parameters:                                               

        CheckForUpdatesBeforeScanStart:                        true 

        ScanConfig:                                             

          ExitWhenNoMalwareDetected:                           false 

          FileSystemOption:                                    true 

          RebootSystemWhenMalwareDetected:                     false 

          RemoveMalwareAutomaticallyWhenScanEnds:              false 

          ScanArchives:                                        true 

          ScanHeuristic:                                       true 

          ScanMemoryObjects:                                   true 

          ScanPUM:                                             2 

          ScanPUP:                                             1 

          ScanRegistry:                                        true 

          ScanRootkits:                                        false 

          ScanStartup:                                         true 

          ScanTargets:                                          

          ScanType:                                            1 (Threat Scan)

          Silent:                                              true 

        StartTaskFromSystemAccount:                            false 

        TaskType:                                              0 

      triggers:                                                 

        5ed36b39-556f-4d1e-bfdd-ad6e9f89e702:                   

          dateinterval:                                        1:0:0 

          lastscheduled:                                       Mon, 21 Jul 2014 02:49:32.073174 -0400 

          lasttriggered:                                       Mon, 21 Jul 2014 02:49:32.073174 -0400 

          nextscheduled:                                       Tue, 22 Jul 2014 02:38:30.073174 -0400 

          recovery:                                            00:00:00 

          start:                                               Sat, 12 Jul 2014 07:18:49 +0000 

          timeinterval:                                        00:00:00 

          type:                                                4 

          uuid:                                                5ed36b39-556f-4d1e-bfdd-ad6e9f89e702 

      type:                                                    scan 

      uuid:                                                    beaf4aa4-b635-44ea-be39-5e6b8a23fba4 

 

Pending File Rename Operations: 

================================

If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

 

MBAMProtector Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector

Type                          REG_DWORD 2

Start                         REG_DWORD 3

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys

Group                         REG_SZ FSFilter Anti-Virus

DependOnService               REG_MULTI_SZ FltMgr

 

WOW64                         REG_DWORD 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances

DefaultInstance               REG_SZ MBAMProtector Instance

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance

Altitude                      REG_SZ 328800

Flags                         REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters

PassThruFile                  REG_SZ mbampt.exe

ProductPath                   REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum

0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

 

MBAMService Registry Values:

============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"

DependOnService               REG_MULTI_SZ MBAMProtector

 

WOW64                         REG_DWORD 1

ObjectName                    REG_SZ LocalSystem

Description                   REG_SZ Malwarebytes Anti-Malware service

DelayedAutostart              REG_DWORD 0

 

MBAMScheduler Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"

WOW64                         REG_DWORD 1

ObjectName                    REG_SZ LocalSystem

Description                   REG_SZ Malwarebytes Anti-Malware scheduler

 

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

Link to post
Share on other sites

Thanks for the logs.
 
>>>Are you still getting notifications about the databases being out of date?
 
ALSO: You have a lot of programs/applications crashing and you have at least some PUPs.
So, you might want to head over to the malware removal section for a deeper look.

I suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
A malware analyst will assist you with looking into your issue.

Thanks,

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.