twopointoh

Members
  • Content count

    44
  • Joined

  • Last visited

About twopointoh

  • Rank
    New Member
  1. still no reply, nearly half of a month later.....
  2. Now I know that a quick/threat scan is reccomended over a full/custom scan excepth when you initially install the program, but my question is this. If a quick scan is supposed to scan those areas most COMMONLY infected with malware, and not everything, and malware writers know that most people only run quick scans, what is stopping them from writing new malware to now infect the parts that only the full scans will scan for malware?
  3. still no reply, what if noone replies?
  4. still no helper in thread btw, any info on how the updated version of farber is different? thanks
  5. i posted a new topic. was able to get the farber open. is it important to use the most up to date farber? i had an older version of farber installed but downloaded the new one, and finally got it to work. i also ran a full custom scan, and it is showing no issues so far, but i dont understand why my computer froze, and all the files got blocked it makes zero sense. https://forums.malwarebytes.org/index.php?showtopic=149832
  6. [so i was online, and my wifi disconnected. I reconnected the wifi, and then clicked to open firefox, but it wouldnt open, then i clicked to open comodo, and it wouldnt open. task manager wouldnt open either, and the mouse froze. I then restarted the computer, and it said ''updating your system''. I just now looked at comodo, and a bunch of things were blocked all at the time before i restarted the computer Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01 Ran by winston (administrator) on THISPC on 01-06-2014 21:03:13 Running from C:\Users\winston\Downloads Platform: Windows 8 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\System32\wlanext.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe (TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe (COMODO Security Solutions) C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe (Mozilla Corporation) C:\Program Files (x86)\Comodo\IceDragon\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Farbar) C:\Users\winston\Downloads\FRST64(5).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] => [X] HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor) HKLM\...\Run: [sRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation) HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation) HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] () HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation) HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba) HKLM-x32\...\Run: [ZALFree] => C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [13007712 2013-11-06] (Zemana Ltd.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-05-05] (Comodo Security Solutions, Inc.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2823962165-1996140017-1792182403-1001\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-15] (SUPERAntiSpyware) HKU\S-1-5-21-2823962165-1996140017-1792182403-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-15] (SUPERAntiSpyware) AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll [90448 2013-11-06] (Zemana Ltd.) AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KE50FD~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll [83208 2013-11-06] (Zemana Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com SearchScopes: HKLM - DefaultScope {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS SearchScopes: HKLM - {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS SearchScopes: HKLM-x32 - DefaultScope {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS SearchScopes: HKLM-x32 - {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS SearchScopes: HKCU - DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo SearchScopes: HKCU - {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL = SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.188.7.9 Tcpip\..\Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}: [NameServer]156.154.70.22,156.154.71.22 Tcpip\..\Interfaces\{B9033930-BCB5-4D24-A011-D7BC3168231E}: [NameServer]156.154.70.22,156.154.71.22 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) ==================== Services (Whitelisted) ================= R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation) R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-05-05] (Comodo Security Solutions, Inc.) R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO) R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-05-05] (Comodo Security Solutions, Inc.) R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [1821384 2013-12-19] () R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation) R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe [123320 2012-07-23] (Symantec Corporation) R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe [126392 2012-07-23] (Symantec Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [748784 2014-04-16] (COMODO) R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [37560 2014-04-16] (COMODO) R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127664 2014-04-16] (COMODO) S0 kebzlm; No ImagePath R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25568 2013-11-06] (Zemana Ltd.) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-01] (Malwarebytes Corporation) S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation ) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-01 21:02 - 2014-06-01 21:02 - 02067456 _____ (Farbar) C:\Users\winston\Downloads\FRST64(5).exe 2014-06-01 21:01 - 2014-06-01 21:01 - 02067456 _____ (Farbar) C:\Users\winston\Downloads\FRST64(4).exe 2014-06-01 20:32 - 2014-06-01 20:32 - 22936576 _____ () C:\Users\winston\Downloads\lps-gb-vt-x86.msi 2014-06-01 20:32 - 2014-06-01 20:32 - 00002043 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk 2014-06-01 20:13 - 2014-06-01 20:13 - 02067456 _____ (Farbar) C:\Users\winston\Downloads\FRST64(3).exe 2014-05-29 15:06 - 2014-03-28 15:19 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-05-29 15:06 - 2014-03-23 18:11 - 00269592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-05-29 14:45 - 2014-05-06 01:14 - 19274752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-05-29 14:45 - 2014-05-06 01:14 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-05-29 14:45 - 2014-05-05 23:48 - 14367232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-05-29 14:45 - 2014-05-05 23:48 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-05-29 14:45 - 2014-05-05 23:37 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-05-29 14:45 - 2014-05-05 23:26 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-05-29 14:45 - 2014-04-12 05:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2014-05-29 14:45 - 2014-04-12 05:08 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-05-29 14:45 - 2014-04-12 05:08 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-05-29 14:45 - 2014-04-12 05:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2014-05-29 14:45 - 2014-04-12 03:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2014-05-29 14:45 - 2014-04-12 03:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-05-29 14:45 - 2014-03-28 04:23 - 19759104 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-05-29 14:45 - 2014-03-28 04:23 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2014-05-29 14:45 - 2014-03-28 02:18 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-05-29 14:45 - 2014-03-10 23:32 - 06987096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-05-29 14:45 - 2014-03-10 20:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-05-29 14:45 - 2014-03-10 20:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll 2014-05-29 14:45 - 2014-03-10 20:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2014-05-29 14:45 - 2014-03-03 19:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-05-29 14:44 - 2014-04-12 05:27 - 00172888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-05-29 14:44 - 2014-04-12 05:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2014-05-29 14:44 - 2014-04-12 05:09 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2014-05-29 14:44 - 2014-04-12 05:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll 2014-05-29 14:44 - 2014-04-12 05:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll 2014-05-29 14:44 - 2014-04-12 05:08 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2014-05-29 14:44 - 2014-04-12 05:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll 2014-05-29 14:44 - 2014-04-12 03:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2014-05-29 14:44 - 2014-04-12 03:23 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2014-05-29 14:44 - 2014-04-12 03:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll 2014-05-29 14:44 - 2014-04-12 03:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll 2014-05-29 14:44 - 2014-04-12 03:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll 2014-05-29 14:44 - 2014-04-12 02:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll 2014-05-29 14:44 - 2014-03-10 23:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2014-05-29 14:44 - 2014-03-10 20:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll 2014-05-29 14:44 - 2014-03-10 20:41 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-05-29 14:44 - 2014-03-10 20:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll 2014-05-29 14:44 - 2014-03-10 20:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2014-05-29 14:44 - 2014-03-10 20:38 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-05-29 14:44 - 2014-03-10 20:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll 2014-05-29 14:44 - 2014-03-10 20:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll 2014-05-29 14:44 - 2014-03-10 20:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll 2014-05-29 14:44 - 2014-03-09 23:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-05-29 14:44 - 2014-03-09 21:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2014-05-29 14:44 - 2014-03-01 05:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2014-05-29 14:44 - 2014-03-01 05:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll 2014-05-29 14:44 - 2014-03-01 04:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll 2014-05-29 14:44 - 2014-03-01 02:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2014-05-29 14:44 - 2014-02-26 19:18 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2014-05-29 14:44 - 2014-02-26 19:18 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-05-29 14:44 - 2014-02-26 19:18 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2014-05-29 14:44 - 2014-02-26 19:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-05-29 14:44 - 2014-02-15 00:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2014-05-29 14:37 - 2014-04-19 05:39 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe 2014-05-29 14:37 - 2014-04-19 04:45 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-05-29 14:37 - 2014-04-19 04:45 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-05-29 14:37 - 2014-04-19 02:57 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-05-29 14:37 - 2014-04-19 02:57 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-05-18 00:16 - 2014-06-01 19:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-05-18 00:16 - 2014-05-18 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-05-18 00:16 - 2014-05-18 00:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-05-18 00:16 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-05-18 00:16 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-05-18 00:14 - 2014-05-18 00:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\winston\Downloads\mbam-setup-consumer-2.0.2.1012.exe 2014-05-11 12:02 - 2014-05-11 12:02 - 00390656 _____ () C:\Users\winston\Downloads\Lecture+13+Personality+Disorders.ppt ==================== One Month Modified Files and Folders ======= 2014-06-01 21:03 - 2014-04-04 22:22 - 00014665 _____ () C:\Users\winston\Downloads\FRST.txt 2014-06-01 21:03 - 2014-04-04 22:21 - 00000000 ____D () C:\FRST 2014-06-01 21:03 - 2014-01-06 19:47 - 00000000 ____D () C:\Users\winston\AppData\Local\Temp 2014-06-01 21:02 - 2014-06-01 21:02 - 02067456 _____ (Farbar) C:\Users\winston\Downloads\FRST64(5).exe 2014-06-01 21:01 - 2014-06-01 21:01 - 02067456 _____ (Farbar) C:\Users\winston\Downloads\FRST64(4).exe 2014-06-01 21:00 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-06-01 20:59 - 2014-04-04 22:23 - 00029924 _____ () C:\Users\winston\Downloads\Addition.txt 2014-06-01 20:33 - 2014-01-06 20:17 - 00000000 ____D () C:\ProgramData\Comodo 2014-06-01 20:32 - 2014-06-01 20:32 - 22936576 _____ () C:\Users\winston\Downloads\lps-gb-vt-x86.msi 2014-06-01 20:32 - 2014-06-01 20:32 - 00002043 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk 2014-06-01 20:32 - 2014-01-06 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2014-06-01 20:32 - 2014-01-06 20:00 - 00000000 ____D () C:\Program Files (x86)\Comodo 2014-06-01 20:32 - 2012-07-26 04:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp 2014-06-01 20:23 - 2014-01-06 19:47 - 01274350 _____ () C:\WINDOWS\WindowsUpdate.log 2014-06-01 20:13 - 2014-06-01 20:13 - 02067456 _____ (Farbar) C:\Users\winston\Downloads\FRST64(3).exe 2014-06-01 20:12 - 2014-01-07 00:08 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-06-01 19:59 - 2014-05-18 00:16 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-06-01 19:55 - 2012-07-26 03:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-06-01 19:53 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-06-01 19:53 - 2012-07-26 04:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-06-01 19:53 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files\Windows Defender 2014-06-01 19:53 - 2012-07-26 04:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-06-01 18:22 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent 2014-05-31 13:01 - 2014-02-08 00:13 - 00000000 ____D () C:\Users\winston\Documents\mhc 2014-05-31 12:37 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\rescache 2014-05-29 17:01 - 2014-01-08 07:19 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-05-29 17:01 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-05-29 16:55 - 2014-01-08 07:18 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-05-29 16:55 - 2012-07-26 01:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-05-29 14:57 - 2014-01-06 19:49 - 00000000 ___RD () C:\Users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-29 14:57 - 2014-01-06 19:49 - 00000000 ___RD () C:\Users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-29 14:54 - 2012-09-03 21:32 - 00580240 _____ () C:\WINDOWS\PFRO.log 2014-05-29 14:52 - 2014-02-25 21:50 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-05-29 14:52 - 2012-07-26 04:12 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-05-29 14:52 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates 2014-05-29 14:38 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\WinStore 2014-05-29 14:34 - 2012-09-03 22:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-05-26 20:54 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-05-23 17:28 - 2014-01-22 16:50 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-05-18 12:20 - 2014-01-08 00:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-18 00:16 - 2014-05-18 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-05-18 00:16 - 2014-05-18 00:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-05-18 00:16 - 2014-04-07 17:57 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-05-18 00:16 - 2014-01-06 20:30 - 00000000 ____D () C:\Users\winston\AppData\Roaming\Malwarebytes 2014-05-18 00:16 - 2014-01-06 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-18 00:14 - 2014-05-18 00:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\winston\Downloads\mbam-setup-consumer-2.0.2.1012.exe 2014-05-14 15:12 - 2014-01-07 00:08 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-05-12 07:26 - 2014-05-18 00:16 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-05-12 07:26 - 2014-05-18 00:16 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-04-07 17:57 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-05-11 12:02 - 2014-05-11 12:02 - 00390656 _____ () C:\Users\winston\Downloads\Lecture+13+Personality+Disorders.ppt 2014-05-08 01:34 - 2012-07-26 01:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-05-07 13:28 - 2014-02-25 21:50 - 00000000 ____D () C:\Users\winston\AppData\Local\Microsoft Help 2014-05-06 01:14 - 2014-05-29 14:45 - 19274752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-05-06 01:14 - 2014-05-29 14:45 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-05-05 23:48 - 2014-05-29 14:45 - 14367232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-05-05 23:48 - 2014-05-29 14:45 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-05-05 23:37 - 2014-05-29 14:45 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-05-05 23:26 - 2014-05-29 14:45 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe [2014-05-29 14:45] - [2014-04-12 05:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-27 11:10 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2014 01 Ran by winston at 2014-06-01 21:03:50 Running from C:\Users\winston\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275} FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3} ==================== Installed Programs ====================== Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) AntiLogger Free version 1.7.2.322 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.7.2.322 - Zemana Ltd.) Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.) Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden COMODO Firewall (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 6.3.39949.2976 - COMODO Security Solutions Inc.) Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 26.0.0.2 - COMODO) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden GeekBuddy (HKLM-x32\...\{39AB4A9F-97DB-4BCA-981F-B85189115037}) (Version: 4.12.99 - Comodo Security Solutions Inc) herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4615.1002 - Microsoft Corporation) Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.18.15 - Symantec Corporation) Norton Security Dashboard (HKLM-x32\...\NortonSD) (Version: 1.1.1.9 - Symantec Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 8.6.3.49 - Electronic Arts, Inc.) Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1016 - SUPERAntiSpyware.com) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated) Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba) TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA) Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.) TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation) TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425.01 - Toshiba Corporation) TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.8 - TOSHIBA Corporation) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation) TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation) TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation) TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0013 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation) TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA) TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation) TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft) Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version: - Microsoft) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft) Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft) Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft) Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (Toshiba Games) (x32 Version: 4.0.8.7 - WildTangent) Hidden Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Restore Points ========================= 06-05-2014 17:55:32 Windows Update 15-05-2014 03:36:09 Scheduled Checkpoint 23-05-2014 22:40:45 Scheduled Checkpoint 29-05-2014 18:33:59 Windows Update 02-06-2014 00:24:08 avast! antivirus system restore point ==================== Hosts content: ========================== 2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0BFFC026-FFC5-4921-BF87-D81AA33E0B37} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe Task: {10A0B690-B2D5-4215-8A2E-006E6660374D} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe Task: {14C120FD-8833-4DE0-BE9C-1907E2431E39} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {253A1F44-947C-469C-98A3-FAD0C4AB191F} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25] (COMODO) Task: {8DDD3693-2290-4B00-861D-FD5368A4C612} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\WINDOWS\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation) Task: {9062D6ED-CBD5-4C19-98EF-F0B21838B1A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation) Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {ACF678BE-A0EA-4CB6-AF5C-5E60C6BE6CE6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated) Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {C8F9080E-952A-4E91-8BDA-1E37CBE524F2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-05-23] (Microsoft Corporation) Task: {D20452E4-A800-471A-BD77-C3A8ABF515DB} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO) Task: {DC9CC2C1-1903-4017-9B0D-4255612A3300} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated) Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {F0315074-29AC-461C-BC2F-9EA1EB1856FC} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-03-21 21:48 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-01-22 16:50 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll 2013-12-19 04:07 - 2013-12-19 04:07 - 01821384 _____ () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe 2014-05-23 17:25 - 2014-05-23 17:25 - 08889512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-08-06 09:36 - 2012-08-06 09:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-07-18 22:38 - 2012-07-18 22:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll 2012-07-18 22:38 - 2012-07-18 22:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll 2012-08-13 23:13 - 2012-08-13 23:13 - 00018344 _____ () C:\Program Files\Toshiba\Teco\TecoMUI.dll 2014-05-30 14:32 - 2014-05-30 14:32 - 01179136 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\cce138051887d83dccffdc206031b09f\Windows.UI.ni.dll 2014-05-30 14:32 - 2014-05-30 14:32 - 00351232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\c355b610137057eab41db4660c5c19e1\Windows.Data.ni.dll 2014-05-30 14:32 - 2014-05-30 14:32 - 00295936 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\674a093211b1f8a3e570f640741e3b98\Windows.Foundation.ni.dll 2012-12-09 16:09 - 2012-06-25 14:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll 2014-05-05 12:20 - 2014-05-05 12:20 - 02254544 _____ () C:\Program Files (x86)\COMODO\GeekBuddy\QtCore4.dll 2014-05-05 12:20 - 2014-05-05 12:20 - 00976080 _____ () C:\Program Files (x86)\COMODO\GeekBuddy\QtNetwork4.dll 2014-05-05 12:20 - 2014-05-05 12:20 - 08024784 _____ () C:\Program Files (x86)\COMODO\GeekBuddy\QtGui4.dll 2014-05-05 12:20 - 2014-05-05 12:20 - 00032976 _____ () C:\Program Files (x86)\COMODO\GeekBuddy\imageformats\qgif4.dll 2013-12-19 04:10 - 2013-12-19 04:10 - 03204808 _____ () C:\Program Files (x86)\Comodo\IceDragon\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\13824762.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\13824762.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: TOSHIBA Web Camera - HD Description: USB Video Device Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: usbvideo Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (06/01/2014 07:56:38 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1. Parameter name: dueTime Stack Trace: at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) at System.Timers.Timer.set_Enabled(Boolean value) at SnappCloud.ActivationReminder.AraClient.PostInit() at SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (06/01/2014 07:26:31 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (06/01/2014 06:18:34 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (05/31/2014 01:04:58 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/29/2014 02:58:05 PM) (Source: Toshiba App Place) (EventID: 0) (User: ) Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1. Parameter name: dueTime Stack Trace: at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period) at System.Timers.Timer.set_Enabled(Boolean value) at SnappCloud.ActivationReminder.AraClient.PostInit() at SnappCloud.ActivationReminder.Program.Main(String[] args) Error: (05/28/2014 11:09:22 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (05/28/2014 02:03:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/27/2014 09:26:01 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 Error: (05/27/2014 10:52:58 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (05/26/2014 07:26:32 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073415161 System errors: ============= Error: (06/01/2014 08:25:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Error: (06/01/2014 08:17:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Error: (06/01/2014 08:01:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Error: (06/01/2014 08:01:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Error: (06/01/2014 08:01:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Error: (06/01/2014 08:00:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Error: (06/01/2014 08:00:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Error: (06/01/2014 08:00:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Error: (06/01/2014 08:00:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Error: (06/01/2014 08:00:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The avast! HardwareID service failed to start due to the following error: %%127 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-06-01 20:57:05.061 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-01 20:32:45.649 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-01 20:04:55.251 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-01 19:59:12.151 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-01 19:43:56.108 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-06-01 19:17:40.565 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-05-31 14:25:45.754 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-05-31 14:07:20.162 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-05-31 13:01:55.479 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. Date: 2014-05-31 12:35:12.831 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 53% Total physical RAM: 3980.21 MB Available physical RAM: 1849.11 MB Total Pagefile: 11660.21 MB Available Pagefile: 8893.6 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:585.71 GB) (Free:539.72 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 596 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================
  7. i cant get farber to open it keeps saying windows cannot access the specified device path or file....etc.
  8. [so i was online, and my wifi disconnected. I reconnected the wifi, and then clicked to open firefox, but it wouldnt open, then i clicked to open comodo, and it wouldnt open. task manager wouldnt open either, and the mouse froze. I then restarted the computer, and it said ''updating your system''. I just now looked at comodo, and a bunch of things were blocked all at the time before i restarted the computer. here is a screenshot. IMG]http://i58.tinypic.com/mv3ke8.png
  9. Thanks dale, some follow up questions i thought rootkits changed all the time. how can i be protected if the database is from march? Next question, you misunderstood my question about the skipping files i was saying that in the old version during heuristics it would skip really fast, but the last scan i did it actually paused and got stuck at a few numbers before skipping. thanks
  10. thanks dale! i just ran a threat scan, and i had 2 questions. te first is that the rootkit database is 3.27.14 i think accordingg to the log. is that the newest version?? it's from march? second question is that at some points during the heuristic analysis the scan stopped for a few seconds before going up in number of files scanned. in the old mwb it was one continuous jump through 100s of thousands of files.
  11. are you supposed to check for rootkits in the threat scan or just the full scan?
  12. it was 5.18.09 when i posted at 7 o clock, but i just tried to update again bc i wanted to run a threat scan, and it is still 5.18.09? is that right? btw, when looking at my screenshot is it normal under the scan column it says ''not running'' instead of my last scan time?
  13. Hi dale doc, in post 4 i mentioned the upgrade to 2.0 beta. I actually didnt update the database before posting...but ill see what it is now.
  14. it's supposed to take longer to scan. di you run a threat scan? a full scan is a ''custom scan''
  15. a lot to reply to, but first i'd like to say thanks again. As far as the program updates vs database updates, what i was saying was that when i clicked update(on the database updates) instead of downloading 5.18.02 it downloaded version 2.0 and tld e to upgrade. i then clicked cancel and it told me i had the latest database for 1.75. the program i downloaded was the beta from box.com.