Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

am i safe?


  • Please log in to reply
8 replies to this topic

#1 joe500

joe500

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:44 AM

Posted 15 July 2015 - 05:42 AM

okay i was browsing youtube then i logged into my google plus account then what happens is youtube videos wont play then somehow the videos play but then there is no sound then i notice the wifi icon is weird then what happens everything blacks out then it goes into the startup at this point i assume its a virus so i manually turn off the laptop take battery out/unplug it then i turn it back on it goes into the screen that asks me if i want to start windows normally well that option was gone instead it gave me two option safe mode and repair i chose repair after that everything looked normal so then i decide to run avast then malware bytes then tdsskiller i ran rkill before i did this none of these programs found anything until i ran the boot scan with avast it didnt find any infections but it did find corrupt files none of which were important they were desktop files zip files so am i safe?


Edited by hamluis, 15 July 2015 - 06:42 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 TinoNgombo

TinoNgombo

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Luanda, Angola
  • Local time:09:44 AM

Posted 15 July 2015 - 08:28 AM

Hi Joe.

If your operating system is acting normally now and the anti-virus is up-to-date and did not detect any viruses/malware, you are safe.

Please report back in case you're still having problems, so that we can try to help you.



 



#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:01:44 AM

Posted 15 July 2015 - 09:54 AM

Please post the Malwarebytes and TDSSKiller logs in your topic.  The TDSSKiller log is usually quite long, so you may need to break it up into smaller parts to post it.

 

To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  Copy and paste the log in your topic.
 

 
 
 
Please run System File Checker
 
The sfc /scannow command scans all protected system files and replaces corrupted and incorrect versions with correct Microsoft versions.
 
Click on the Start orb rsz_1rsz_1rsz_start_orb_zpshjewtibd.png and then type cmd in the Search programs and files box.
 
In the pane above the search box Programs will appear with cmd below it, right click on cmd and choose Run as administrator.
 
If you are prompted for an administrator password or for a confirmation, enter the password, or click Allow.
 
This will open the Elevated Command Prompt, it will look similar to the image below.
 
command%20prompt%20w8_zpsxjmewau9.png
 
Type in sfc /scannow and then press Enter to start the scan.  Please notice the space between sfc and the /scannow.
 
If the scan finds no integrity  problems the scan will stop.  Type in exit, then press Enter to stop the scan.
 
When the scan is finished please do the following.
 
Click on the Start orb rsz_1rsz_1rsz_start_orb_zpshjewtibd.png then copy and paste the following in the Search programs and files box.
 
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >"%userprofile%\Desktop\sfcdetails.txt"
 
This will place a new icon on the desktop titled sfcdetails.  Double click on this icon to  
the CBS log, copy and paste the log in your topic.
 
If this fails to place the icon on your desktop run the command from the Command Prompt.  Use the instructions I provided at the start of this tutorial.
 
This log may be very large, if you have problems posting it try breaking it into smaller parts.  When you copy these parts you will highlight the section you are going to copy.  If you leave that section highlighted it will give you a quick reference for where you left off.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 joe500

joe500
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:44 AM

Posted 15 July 2015 - 10:13 AM

i dont know how to obtain scan logs



#5 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:01:44 AM

Posted 15 July 2015 - 10:31 AM

I posted instructions for obtaining the Malwarebytes log in my last post.

 

To get the TDSSKiller log right click on the Start orb, then click on Windows Explorer.

 

Click on the C: drive if it isn't already present, the click on Windows, then Logs.

 

The TDSSKiller should be in there.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#6 joe500

joe500
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:44 AM

Posted 15 July 2015 - 02:42 PM

 
mbam-check result log version:     2.1.1.1001
========================================
 
User Account type:                 Administrator
OS:                                Windows 7  64 bit Operating System
Current Version and Build:         6.1.7600.0 
Malwarebytes Anti-Malware:         2.1.4.1018
Installed On:                      2015/07/15
Malware Database:                  0000.00.00.00
Rootkit Database:                  0000.00.00.00
Remediation Database:              0000.00.00.00
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Free
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      1 (The service is not running.)
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2015/07/15 14:53:13
Compatibility Flag Settings:
=================================
 
 
 
 
 
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================
 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:
 
MBAM Startup Entries: 
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
 
Malwarebytes Anti-Malware Service and Driver Status:
=======================================================
 
--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size:     25816 BYTES FileVersion: 0.1.15.0 MD5: [cf12e148c6fc151335b7d7fe03f1c7a2]
C:\Windows\system32\drivers\mwac.sys
File Size:     63704 BYTES FileVersion: 1.0.6.0 MD5: [0ce2f3e26c770cbaeb50787a2c1fd09e]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size:    136408 BYTES FileVersion: 0.2.21.0 MD5: [e9cd058c79ea15b4aa93e259fa713b07]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size:    107736 BYTES FileVersion: 1.1.13.0 MD5: [68c3b11d1ed8c97648beefec37e93e74]
 
--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMService:--------------
Type:                   16
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
--------------MBAMScheduler:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMScheduler
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A
 
 
--------------MBAMWebAccessControl:--------------
Type:                   2
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
Required Dependencies:
======================
 
--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group                         REG_SZ NetworkProvider
ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName                    REG_SZ NT AUTHORITY\LocalService
ErrorControl                  REG_DWORD 1
Start                         REG_DWORD 2
Type                          REG_DWORD 32
DependOnService               REG_MULTI_SZ RpcSs
 
ServiceSidType                REG_DWORD 3
RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege
 
FailureActions                REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop        REG_DWORD 1
ServiceMain                   REG_SZ BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
 
{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
 
{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
 
{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
 
{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
 
{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
 
{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
 
{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
 
{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
 
{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
 
{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
 
{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
 
{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
 
{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data
 
{f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data
 
{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data
 
{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data
 
{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data
 
{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data
 
{4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data
 
{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data
 
{716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data
 
{1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data
 
{07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data
 
{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data
 
{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data
 
{0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data
 
{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data
 
{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data
 
{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data
 
{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data
 
{91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data
 
{64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data
 
{13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data
 
{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data
 
{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data
 
{375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data
 
{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data
 
{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data
 
{b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data
 
{3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data
 
{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data
 
{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data
 
{b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data
 
{d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data
 
{8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data
 
{4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data
 
{3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data
 
{17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data
 
{567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data
 
{4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data
 
{3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data
 
{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data
 
{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data
 
{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data
 
{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data
 
--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded              REG_DWORD 1
DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group                         REG_SZ FSFilter Infrastructure
ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl                  REG_DWORD 3
Start                         REG_DWORD 0
Tag                           REG_DWORD 1
Type                          REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0                             REG_SZ Root\LEGACY_FLTMGR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
 
 
C:\Windows\system32\drivers\fltmgr.sys
File Size: 290368    BYTES FileVersion: 6.1.7600.16385 MD5: [f7866af72abbaf84b1fa5aa195378c59]
C:\Windows\SysWOW64\mscomctl.ocx
File Size: 1077336   BYTES FileVersion: 6.1.95.45 MD5: [f7bbb7d79adb9e3adc13f3b3c33d3d4d]
C:\Windows\SysWOW64\olepro32.dll
File Size: 90112     BYTES FileVersion: 6.1.7600.16385 MD5: [c10459dbdc2099c5a8428cb7d87db85f]
 
 
MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced: 
    AutomaticQuarantine:                                       true 
    AutostartProtection:                                       true 
    LimitedMode:                                               false 
    StartSilentMode:                                           false 
    StartupDelay:                                              -15 
ApplicationState: 
    First-Run-After-Installation:                              false 
General: 
    DaysUntilNotifyExpiration:                                 5 
    Language:                                                  en 
    RightClickAccess:                                          false 
    SilentErrors:                                              false 
Logging: 
    ExportLog:                                                 true 
Marketing: 
    LastPostScanMarketingIndex:                                1 
Notification: 
ProtectionTray: 
    DisplayMilliseconds:                                       3000 
ScanHistory: 
    Duration_Driver:                                           0 
    Duration_Filesystem:                                       96000 
    Duration_Heuristics:                                       8000 
    Duration_Loading:                                          0 
    Duration_MasterBootRecord:                                 0 
    Duration_Memory:                                           40000 
    Duration_PreScan:                                          21254 
    Duration_Registry:                                         3000 
    Duration_Sector:                                           0 
    Duration_Startup:                                          0 
    ItemCount_Driver:                                          0 
    ItemCount_Filesystem:                                      6890 
    ItemCount_Heuristics:                                      108509 
    ItemCount_Loading:                                         0 
    ItemCount_MasterBootRecord:                                0 
    ItemCount_Memory:                                          2797 
    ItemCount_PreScan:                                         21250 
    ItemCount_Registry:                                        38948 
    ItemCount_Sector:                                          0 
    ItemCount_Startup:                                         0 
    LastScanDateEpoch:                                         1436961803823 
    LastScanType:                                              1 (Threat Scan)
Update: 
    LastUpdate:                                                2015-07-15T12:03:07 
    NotifyInstallReady:                                        true 
    NotifyOutdatedDatabase:                                    7 
    ProxyPassword:                                              
    ProxyPort:                                                 0 
    ProxyServer:                                                
    ProxyUsername:                                              
    UseProxy:                                                  false 
    UseProxyAuthentication:                                    false 
--------------Account:--------------
  Account Status:                                              Free 
  Expiration Time:                                              
  Activation Time:                                              
  Trial Used:                                                  true 
--------------Access Policies:--------------
 
Scheduler Queue:
================
 
 
Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
 
MBAMProtector Registry Values:
==============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type                          REG_DWORD 2
Start                         REG_DWORD 3
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
Group                         REG_SZ FSFilter Anti-Virus
DependOnService               REG_MULTI_SZ FltMgr
 
WOW64                         REG_DWORD 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance               REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude                      REG_SZ 328800
Flags                         REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
PassThruFile                  REG_SZ mbampt.exe
ProductPath                   REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000
Count                         REG_DWORD 1
NextInstance                  REG_DWORD 1
 
MBAMService Registry Values:
============================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type                          REG_DWORD 16
Start                         REG_DWORD 2
ErrorControl                  REG_DWORD 1
ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
DependOnService               REG_MULTI_SZ MBAMProtector
 
WOW64                         REG_DWORD 1
ObjectName                    REG_SZ LocalSystem
Description                   REG_SZ Malwarebytes Anti-Malware service
DelayedAutostart              REG_DWORD 0
 
MBAMScheduler Registry Values:
==============================
 
 
 
Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================
 
--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0
 
 
TermService Start is set to: 3 (Manual Startup)
 
Proxy Status: No proxy is Set
 
LAN Settings:
=============
 
only 'Automatically detect settings' is selected
 
SystemPartition:
================
 
HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1
 
Balloon Tips Status:
====================
 
Enabled
 
Time Format Settings:
=====================
 
Should be:
h:mm:ss tt
AM 
PM 
:
 
Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :
 
Language and Regional Settings:
===============================
 
ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: Language is English (United States)
 
Startup Folders for Error_Expanding_Variables Check:
====================================================
 
All Users Startup Folder Exists.
Current User's Startup Folder Exists.
 
 
Context Menu Entries:
=====================
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
List of MBAM Related Directories:
=================================
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [284337def7b993cebabca1337e1a4f70]
changes.txt                             File Size: 2569      BYTES FileVersion:  N/A            MD5: [9114e44aeb941b9085931290c7058cbe]
license.rtf                             File Size: 39478     BYTES FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                             File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                 File Size: 602936    BYTES FileVersion:  1.0.35.0       MD5: [10c2e538c3350a23dfac6891009871b1]
mbam.exe                                 File Size: 6212408   BYTES FileVersion:  1.0.1.922      MD5: [d0a518d233620d59a3d2d79511fbb736]
mbamcore.dll                             File Size: 1965368   BYTES FileVersion:  1.1.67.0       MD5: [aeb381aa187bf97f24233d3dc15a9f31]
mbamdor.exe                             File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [55705f7aa131e7dbbc0cdde331b3794a]
mbamext.dll                             File Size: 310584    BYTES FileVersion:  3.0.6.0        MD5: [c1bb846ccc4bccb7615aa9a4429e8560]
mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [b975ee870f8dc0ef4243c371c8d49d29]
mbamscheduler.exe                       File Size: 1871160   BYTES FileVersion:  3.1.2.0        MD5: [86701b8e4c53280aa8642ac85f8500f4]
mbamservice.exe                         File Size: 1080120   BYTES FileVersion:  3.0.32.0       MD5: [e27891a49df92004041fec5c3a2d4230]
mbamsrv.dll                             File Size: 3847992   BYTES FileVersion:  1.2.7.0        MD5: [87c6f0b9b0e2001c7aa407534a1b6cc7]
msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [b273e8fb20f87e16f92db64f7fb397da]
msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [6bb43c62f67a213b9adb1b8b35bdda03]
QtCore4.dll                             File Size: 2582840   BYTES FileVersion:  4.8.5.0        MD5: [4e14c45ca4a9f489c0e82b4f316978ca]
QtGui4.dll                               File Size: 8420152   BYTES FileVersion:  4.8.5.0        MD5: [1da0ee897edbe7c429debf896a756b4a]
QtNetwork4.dll                           File Size: 909112    BYTES FileVersion:  4.8.5.0        MD5: [1b8a4122c16c0772a724b9744c537f32]
unins000.dat                             File Size: 27856     BYTES FileVersion:  N/A            MD5: [1785333d6c66a071aace72c7f2bd6dac]
unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\accessible
qtaccessiblewidgets4.dll                 File Size: 198968    BYTES FileVersion:  4.8.4.0        MD5: [ae9ff515e91b0546587231500b567474]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                           File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
firefox.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
firefox.pif                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
firefox.scr                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
iexplore.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
mbam-chameleon.com                       File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
mbam-chameleon.exe                       File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
mbam-chameleon.pif                       File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
mbam-chameleon.scr                       File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
mbam-killer.exe                         File Size: 1445176   BYTES FileVersion:  3.0.9.0        MD5: [fbd9b1bbd9025ccd392e91507919a70c]
rundll32.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
svchost.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
windows.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
winlogon.exe                             File Size: 878392    BYTES FileVersion:  3.1.16.0       MD5: [f831ddae2842929b9b40c571c5eb723a]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                               File Size: 32568     BYTES FileVersion:  4.8.4.0        MD5: [673f54e895d426a75cd283cdda7d8ea5]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_ar.qm                               File Size: 102066    BYTES FileVersion:  N/A            MD5: [1601bc6ef4bec7d2ab9ba68a7f989a37]
lang_bg.qm                               File Size: 124167    BYTES FileVersion:  N/A            MD5: [1353a08c12f1de3f9daf8d4accf005de]
lang_ca.qm                               File Size: 107459    BYTES FileVersion:  N/A            MD5: [5549692fe8f9e43e0012a088f6a94450]
lang_cs.qm                               File Size: 119884    BYTES FileVersion:  N/A            MD5: [585ff91200e8e356bc713f5ee7dd78a5]
lang_da.qm                               File Size: 102643    BYTES FileVersion:  N/A            MD5: [ef3261171bcaebac883893f374ad4024]
lang_de.qm                               File Size: 130017    BYTES FileVersion:  N/A            MD5: [7558ad2d9a5f23f95bcb9d50f7458250]
lang_el.qm                               File Size: 128427    BYTES FileVersion:  N/A            MD5: [4450767b6eaaa6869ee410d389a5e9ed]
lang_en.qm                               File Size: 100191    BYTES FileVersion:  N/A            MD5: [2b85d8e24659bf96f2c8a666bead54c4]
lang_es.qm                               File Size: 129307    BYTES FileVersion:  N/A            MD5: [74e57ce8c0dc024d7c5fcb068debb3a0]
lang_et.qm                               File Size: 122063    BYTES FileVersion:  N/A            MD5: [ff11420bba00002307e14b288c4ce19f]
lang_fi.qm                               File Size: 103951    BYTES FileVersion:  N/A            MD5: [89d33b2b7175fb7b3924d9864cdf2230]
lang_fr.qm                               File Size: 131783    BYTES FileVersion:  N/A            MD5: [d2b1267fbbb51c39e79f975fbe2182a7]
lang_he.qm                               File Size: 112817    BYTES FileVersion:  N/A            MD5: [a2614d9a5d9aba7817fbae878a92de2c]
lang_hu.qm                               File Size: 123254    BYTES FileVersion:  N/A            MD5: [c64b7919827df30fd55d9e9f40cf87a7]
lang_id.qm                               File Size: 120134    BYTES FileVersion:  N/A            MD5: [dffed4516bf61605021d9e8861c01951]
lang_it.qm                               File Size: 126353    BYTES FileVersion:  N/A            MD5: [4736f333e32d0c8f091ca9afe3fa4e71]
lang_ja.qm                               File Size: 87363     BYTES FileVersion:  N/A            MD5: [d982d5194aaa6e24e7191ee908491f9d]
lang_ko.qm                               File Size: 99039     BYTES FileVersion:  N/A            MD5: [5211e95dd40ea3b4cde5c831490822c9]
lang_lt.qm                               File Size: 105352    BYTES FileVersion:  N/A            MD5: [d610679ecb6929ee3ce82cac8f8d00a1]
lang_lv.qm                               File Size: 105344    BYTES FileVersion:  N/A            MD5: [985309298c683a35571fdb9486708287]
lang_nl.qm                               File Size: 125821    BYTES FileVersion:  N/A            MD5: [018c55baa051080bb012e63cb446b203]
lang_no.qm                               File Size: 120529    BYTES FileVersion:  N/A            MD5: [c2ee34817e0dfed9d5a5a85bc667e73c]
lang_pl.qm                               File Size: 125910    BYTES FileVersion:  N/A            MD5: [56e9a207bf8f4b564fd71e9defa96d4b]
lang_pt_BR.qm                           File Size: 124022    BYTES FileVersion:  N/A            MD5: [46a048872f4091a6a9862a54457c3a2c]
lang_pt_PT.qm                           File Size: 129551    BYTES FileVersion:  N/A            MD5: [99eb0c042faad4ee276f267a870a7abf]
lang_ro.qm                               File Size: 104981    BYTES FileVersion:  N/A            MD5: [0cbdb05b7927831d8331eb14d4638f32]
lang_ru.qm                               File Size: 126972    BYTES FileVersion:  N/A            MD5: [0febf393c35f2f1a3cd914b838da66dc]
lang_sk.qm                               File Size: 103656    BYTES FileVersion:  N/A            MD5: [d3fd5aa90bdae21984139a21058f4d71]
lang_sl.qm                               File Size: 122126    BYTES FileVersion:  N/A            MD5: [59911addc36e105cc55ba2ee31d09b7a]
lang_sv.qm                               File Size: 121593    BYTES FileVersion:  N/A            MD5: [f96d43155d3c98e43d7682983c0a9898]
lang_tr.qm                               File Size: 103127    BYTES FileVersion:  N/A            MD5: [12b05f94c8e397c62f324485e3059b07]
lang_vi.qm                               File Size: 119896    BYTES FileVersion:  N/A            MD5: [651b66fb4a9cfa95b640876670be7a27]
 
C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                           File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [f390e6d72035995d473b9a726b2d5458]
 
C:\Users\owner\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                             File Size: 1297      BYTES FileVersion:  N/A            MD5: [bf994186725bbc09436247ec78eacba1]
domains.ref                             File Size: 92        BYTES FileVersion:  N/A            MD5: [643b11322d78d9f4f46f030869ecfc49]
exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                 File Size: 80        BYTES FileVersion:  N/A            MD5: [2ec9c118caec1ae4b78c6ea95da0539f]
rules.ref                               File Size: 9768254   BYTES FileVersion:  N/A            MD5: [29ec5083381508a2080c26af2284510f]
swissarmy.ref                           File Size: 25586     BYTES FileVersion:  N/A            MD5: [494f439dd9702cf5eb4bf1d132e5d034]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                               File Size: 4595      BYTES FileVersion:  N/A            MD5: [28cde3564c49dc848c0c55d18eb31893]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 822       BYTES FileVersion:  N/A            MD5: [c2a2d546afb636eb43f7db8d54e67274]
manifest.conf                           File Size: 2432      BYTES FileVersion:  N/A            MD5: [e77cbd34b1f67b4cd93c85a89ad9c839]
marketing.conf                           File Size: 11163     BYTES FileVersion:  N/A            MD5: [5ae2d2735ac9e32afd2ddbab1d604496]
net.conf                                 File Size: 6897      BYTES FileVersion:  N/A            MD5: [12152cd6602c1fdd01ea79753f792cd1]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                           File Size: 1980      BYTES FileVersion:  N/A            MD5: [5c91984e5f1e0e9c85a0c190b4db8a90]
statistics.conf                         File Size: 513       BYTES FileVersion:  N/A            MD5: [378c673b9d56c49c30cbaab5cb70092a]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
build.conf                               File Size: 4180      BYTES FileVersion:  N/A            MD5: [a95e384299a9801e1c6ee921f54a0aee]
database.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 23        BYTES FileVersion:  N/A            MD5: [0ec01df616b565180556881d8042255b]
manifest.conf                           File Size: 1576      BYTES FileVersion:  N/A            MD5: [130c97b72f9588b7b73b037a8c62d12c]
marketing.conf                           File Size: 11163     BYTES FileVersion:  N/A            MD5: [5ae2d2735ac9e32afd2ddbab1d604496]
net.conf                                 File Size: 6085      BYTES FileVersion:  N/A            MD5: [2e9986b0f3babad30e41fd2468197e94]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf                           File Size: 1725      BYTES FileVersion:  N/A            MD5: [5454026126dac24f6e96eeb0c64123d3]
statistics.conf                         File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2015-07-15 (05-03-22).xml       File Size: 2456      BYTES FileVersion:  N/A            MD5: [68b3007ff8ed933aceb40faa3d7ea03c]
protection-log-2015-07-15.xml           File Size: 3611      BYTES FileVersion:  N/A            MD5: [122159840339a99018765dec1fb8942e]
 
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
 
Malware Exclusions:
===================
Unable to access exclusion information: Error code 20001Web Exclusions:
================
Unable to access exclusion information: Error code 20001Quarantined Items:
===================
Unable to access quarantine information: Error code 20001===============================================================
END OF FILE

Edited by joe500, 15 July 2015 - 02:55 PM.


#7 joe500

joe500
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:44 AM

Posted 15 July 2015 - 02:59 PM

i dont know how to copy and paste the tdsskillerlog



#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:01:44 AM

Posted 16 July 2015 - 09:41 AM

Obviously you know how to copy and past since you were able to do this with the Malwarebytes log.  So what is the problem?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#9 joe500

joe500
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:44 AM

Posted 16 July 2015 - 05:33 PM

its that when i look into the log information for tdsskiller killer the log there is no option to right click






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users