twopointoh

don't like the new version 2.0

28 posts in this topic

I just updated to 2.0 and i hate it...is it possible to get the old one back?

BTW i noticed that this version is scanning FAR LESS files than the old version..the old one had about 360k files, this one only had 240k on threat mode, and  ichecked to scan rootkits but it never asked me to restart my computer like most rootkit scanners.... is this normal...why did it only do 240

Share this post


Link to post
Share on other sites

is it normal that it periodically gets stuck at certain files for ten minutes before continuing? this scan is taking crazy long

Share this post


Link to post
Share on other sites

no it didnt...it's still scanning after 2 hours is only at 99000 files.....this is insane

Share this post


Link to post
Share on other sites

You probably have the RootKit scanning and Archive scanning enabled in which case yes it does take a long time.  Check and make sure rootkit scanning is disabled for regular scans

Share this post


Link to post
Share on other sites

I don't like 2.0 either!-

 

Uninstalled old free on a fast Win7 32-bit desktop, and installed 2.0 from MBAM site-

Full C: scan took an ungodly long 54min (20min with old), with KIS AV temp disabled.

Found 1 PUP in the registry, that a recent old scan missed.

 

Did the same on my Win7 64-bit laptop-

Full scan froze after 50min (took 22min with old version) on a windows img  file ( it looks like it's scanning, but the files scanned number never increased (after a 20min wait))!?

Tried to Cancel scan (not!), and X'd out (HD light was still solid)?

Finally had to Kill the .exe in Task Manager, reboot and uninstalled it.

 

I'll try their clean tool next, Then download a fresh copy?

 

I don't know if MBAM is worth the Hassle anymore, if their scans are sooo darn slow!? :angry2:

Share this post


Link to post
Share on other sites

I was running the rootkit scan option (Very slow!).

Miss the old Quick scan, that only took 2.5min!

 

 

I'll try another scan with rootkit un-ticked, and search for rootkits with rootkit-beta (only took 5min!).

 

-MBAM Devs should consider separating rootkit into a entirely different scan option, if it slows regular scans sooo much!

Share this post


Link to post
Share on other sites

You probably have the RootKit scanning and Archive scanning enabled in which case yes it does take a long time.  Check and make sure rootkit scanning is disabled for regular scans

Hello advanced setup, i did indeed voluntarily check rootkit because it was my first scan and  i wanted to scan  for it...2.5 hours into the scan i was only at 115k files so canceled it....the hyper scan took 4.5 mins idk if that's normal time, but that came back clean....the threat scan which took 20 mins came back normal too...but the full scan..way too long, and i tought you needed to do a restart to effectively catch roots?

 

btw when you get a chance, i sent you a pm if you don't mind answering a personal question about my case.

thanks

Share this post


Link to post
Share on other sites

I was running the rootkit scan option (Very slow!).

Miss the old Quick scan, that only took 2.5min!

 

 

I'll try another scan with rootkit un-ticked, and search for rootkits with rootkit-beta (only took 5min!).

 

-MBAM Devs should consider separating rootkit into a entirely different scan option, if it slows regular scans sooo much!

I saw in another post that someone reinstalled version 1.75 but i dont see that option on the mwb site. btw  i dont think 2.0 is updating definitions...it says 4.04.11 is the latest version, but id think by now 4.05.01 would be out, but im not 100

Share this post


Link to post
Share on other sites

I saw in another post that someone reinstalled version 1.75 but i dont see that option on the mwb site.

A request has been made for an official download link.

Although FileHippo.com is not an official mirror, their downloaded file has high integrity if verified with VirusTotal.com

 

btw  i dont think 2.0 is updating definitions...it says 4.04.11 is the latest version, but id think by now 4.05.01 would be out, but im not 100

At the minute I post this, the current database is up-to-date at v2014.04.04.11

The database updates are not made available based on any particular time schedule.

Share this post


Link to post
Share on other sites

At this time there are no plans to provide a link to the previous version - if you really feel you want to use the older version you will need to use a site like FileHippo to obtain the older installer.

That said though don't shoot the new program down too quickly. 

 

Within probably less than a year we will no longer support or update the 1.75 version so working out any issues with us now would be in  your best interest.

The new version 2 also has a much better scanning engine which can now detect and remove many items that the 1.75 version cannot.

 

Thank you

Share this post


Link to post
Share on other sites

did a full scan without the root kits, and it still took 1.5 hours....new version is not good.

Share this post


Link to post
Share on other sites

Hi:
 
I'm just a home user.

But there will always be a tradeoff between scan speed and scan power.

There is no need to run routine full (custom) scans of the entire system -- it is neither necessary nor recommended.

Threat scans are all that are needed routinely.

Doing so often could cause wear and tear on your system.

Moreover, this recent explanation from our forum Admin explains the other factors:
 

Time taken is due to a many factors some which can be dealt with and others not as easily.

Size of disk
Disk type
Disk speed
Disk caching
CPU speed
Controller type and speed
Operating System used
Amount of files
Amount of folders
Amount of archived files such as zip, rar, sfx, etc.
Rootkit scan or not
PUM/PUP scans
Other security programs running at the same time that may potentially be monitoring all file accesses by any other process.
Drive integrity - if a drive is failing it can take a long time to ignore and bypass sectors on a disk or simply fail period and hang the scan.
Other ongoing disk I/O processes
System being infected can also affect speed of scans

https://forums.malwarebytes.org/index.php?showtopic=145429#entry811422

Best regards,

 

daledoc1

Share this post


Link to post
Share on other sites

I jut got  blue screen dps watchdog violation...is that a sign of malware??

mwb ful lscan came backc lean yeaterday

Share this post


Link to post
Share on other sites

Hi:
 
BSOD are most often the result of problems with hardware, drivers or some types of severe infection (rootkits).
 

The type of work needed to fix this cannot be performed in this particular section of the forum.

There is a dedicated area for that.

Under the circumstances, I would suggest that you please follow the advice in this pinned topic: Available Assistance For Possibly Infected Computers.
A malware analyst will assist you with looking into your issue.


Thanks,

daledoc1

Share this post


Link to post
Share on other sites

did a full scan without the root kits, and it still took 1.5 hours....new version is not good.

You do realize how many files you can get/have on your computer over years....Of course its going to take a long time to do a full scan. Just have it set up to do the normal threat scan in your schedule weekly. Set it and forget about it...

Share this post


Link to post
Share on other sites

Here is my farber scan result..even though there are two firewalls one is a trial expiring i n2 days or so

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by winston (administrator) on THISPC on 05-04-2014 11:16:47
Running from C:\Users\kyle\Downloads
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\WINDOWS\system32\WLANExt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
() C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO Security Solutions) C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [X]
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [sRS Premium Sound HD] - C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-19] (SRS Labs, Inc.)
HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] - C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] - C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [ToshibaAppPlace] - C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [ZALFree] - C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [13007712 2013-11-06] (Zemana Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-20] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2823962165-1996140017-1792182403-1001\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-15] (SUPERAntiSpyware)
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KE6D28~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(2).dll [90448 2013-11-06] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KE50FD~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(2).dll [83208 2013-11-06] (Zemana Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://mystart.toshiba.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mystart.toshiba.com
SearchScopes: HKLM - DefaultScope {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - DefaultScope {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKCU - {350FC143-25A6-49DA-85BD-31AFCE3C779D} URL =
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.188.7.9
Tcpip\..\Interfaces\{78B887CA-28F6-4A8C-9F90-CCE2BD209E9D}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{B9033930-BCB5-4D24-A011-D7BC3168231E}: [NameServer]156.154.70.22,156.154.71.22

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-20] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-03-20] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6812400 2014-03-25] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 IceDragonUpdater; C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe [1821384 2013-12-19] ()
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\SymcPCCULaunchSvc.exe [123320 2012-07-23] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.15\ccSvcHst.exe [126392 2012-07-23] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-03-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-20] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [445304 2014-03-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-20] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-20] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-20] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-25] (Symantec Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-03-25] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [748272 2014-03-25] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [37560 2014-03-25] (COMODO)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-06] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140205.002\IDSvia64.sys [521944 2014-01-20] (Symantec Corporation)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127664 2014-03-25] (COMODO)
S0 kebzlm; No ImagePath
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25568 2013-11-06] (Zemana Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140205.007\ENG64.SYS [126040 2014-01-06] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140205.007\EX64.SYS [2099288 2014-01-06] (Symantec Corporation)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation                           )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-01-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-05 11:02 - 2014-04-05 11:02 - 582763766 _____ () C:\WINDOWS\MEMORY.DMP
2014-04-05 11:02 - 2014-04-05 11:02 - 00284624 _____ () C:\WINDOWS\Minidump\040514-29156-01.dmp
2014-04-05 11:02 - 2014-04-05 11:02 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-05 01:24 - 2014-04-05 01:24 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\kyle\Downloads\uSeRiNiT.exe
2014-04-05 01:22 - 2014-04-05 01:24 - 00002184 _____ () C:\Users\kyle\Desktop\Rkill.txt
2014-04-05 01:21 - 2014-04-05 01:21 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\kyle\Downloads\rkill.com
2014-04-05 00:18 - 2014-04-05 00:18 - 00001338 _____ () C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware.lnk
2014-04-04 22:23 - 2014-04-04 23:39 - 00028976 _____ () C:\Users\kyle\Downloads\Addition.txt
2014-04-04 22:22 - 2014-04-05 11:16 - 00017618 _____ () C:\Users\kyle/Downloads\FRST.txt
2014-04-04 22:21 - 2014-04-05 11:16 - 00000000 ____D () C:\FRST
2014-04-04 22:18 - 2014-04-04 22:18 - 02157056 _____ (Farbar) C:\Users\kyle\Downloads\FRST64.exe
2014-04-04 20:48 - 2014-04-05 11:03 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-04 20:47 - 2014-04-04 20:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-04 20:47 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-04 20:47 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-04 20:46 - 2014-04-04 20:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\winston\Downloads\mbam-setup-2.0.1.1004.exe
2014-03-22 00:27 - 2014-03-22 00:27 - 02150392 _____ (Reason Company Software Inc.) C:\Users\winston\Downloads\herdProtectScan_Portable.exe
2014-03-22 00:13 - 2014-03-22 00:13 - 00000000 ____D () C:\Program Files\Reason
2014-03-22 00:12 - 2014-03-22 00:12 - 02163032 _____ (Reason Company Software Inc.) C:\Users\winston\Downloads\herdProtectScan_Setup.exe
2014-03-20 00:27 - 2014-03-20 00:27 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-20 00:27 - 2014-03-20 00:27 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-20 00:27 - 2014-03-20 00:26 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-03-20 00:26 - 2014-03-20 00:26 - 00445304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-03-18 03:50 - 2014-03-18 03:50 - 00439296 _____ () C:\Users\kyle\Downloads\Lecture+6-Neurodevelopmental+Disorders-2.ppt
2014-03-18 03:48 - 2014-03-18 03:48 - 00549888 _____ () C:\Users\kyle\Downloads\Lecture+7-Mood+disorders.ppt
2014-03-18 03:46 - 2014-03-18 03:46 - 00522752 _____ () C:\Users\kyle\Downloads\Lecture+5-Neurodevelopmental+disorders.ppt
2014-03-18 03:45 - 2014-03-18 03:45 - 00452096 _____ () C:\Users\kyle\Downloads\Lecture+4+Neurocognitive+disorders.ppt
2014-03-18 03:43 - 2014-03-18 03:43 - 00624640 _____ () C:\Users\kyle\Downloads\Lecture+3+Treatment+considerations.ppt

==================== One Month Modified Files and Folders =======

2014-04-05 11:16 - 2014-04-04 22:22 - 00017618 _____ () C:\Users\kyle\Downloads\FRST.txt
2014-04-05 11:16 - 2014-04-04 22:21 - 00000000 ____D () C:\FRST
2014-04-05 11:12 - 2014-01-07 00:08 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-05 11:08 - 2014-01-06 19:55 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2823962165-1996140017-1792182403-1001
2014-04-05 11:03 - 2014-04-04 20:48 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 11:02 - 2014-04-05 11:02 - 582763766 _____ () C:\WINDOWS\MEMORY.DMP
2014-04-05 11:02 - 2014-04-05 11:02 - 00284624 _____ () C:\WINDOWS\Minidump\040514-29156-01.dmp
2014-04-05 11:02 - 2014-04-05 11:02 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-05 11:02 - 2012-07-26 03:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-05 11:00 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-05 01:24 - 2014-04-05 01:24 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\winston\Downloads\uSeRiNiT.exe
2014-04-05 01:24 - 2014-04-05 01:22 - 00002184 _____ () C:\Users\kyle\Desktop\Rkill.txt
2014-04-05 01:21 - 2014-04-05 01:21 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\kyle\Downloads\rkill.com
2014-04-05 00:18 - 2014-04-05 00:18 - 00001338 _____ () C:\Users\kyle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware.lnk
2014-04-05 00:18 - 2014-02-08 00:13 - 00000000 ____D () C:\Users\kyle\Documents\human dev
2014-04-04 23:39 - 2014-04-04 22:23 - 00028976 _____ () C:\Users\kye\Downloads\Addition.txt
2014-04-04 22:18 - 2014-04-04 22:18 - 02157056 _____ (Farbar) C:\Users\kyle\Downloads\FRST64.exe
2014-04-04 20:48 - 2014-01-06 20:30 - 00000000 ____D () C:\Users\kyle\AppData\Roaming\Malwarebytes
2014-04-04 20:48 - 2014-01-06 20:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-04 20:47 - 2014-04-04 20:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-04 20:47 - 2014-01-06 20:30 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-04 20:46 - 2014-04-04 20:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\winston\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-04 19:14 - 2014-01-29 14:36 - 00000000 ____D () C:\Users\winston\Documents\psychopathology
2014-04-03 09:51 - 2014-04-04 20:47 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-04 20:47 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-01-06 20:30 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-02 13:11 - 2014-01-06 20:18 - 00000000 ____D () C:\WINDOWS\System32\Tasks\COMODO
2014-04-02 13:11 - 2012-07-26 01:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-02 13:09 - 2014-01-07 04:23 - 00153442 _____ () C:\WINDOWS\system32\Drivers\fvstore.dat
2014-04-02 13:06 - 2014-01-06 20:18 - 00001947 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2014-03-26 22:20 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-25 15:22 - 2013-11-14 15:38 - 00748272 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2014-03-25 15:22 - 2013-11-14 15:38 - 00043216 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2014-03-25 15:22 - 2013-09-24 14:54 - 00127664 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2014-03-25 15:22 - 2013-09-24 14:54 - 00037560 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2014-03-25 15:22 - 2013-09-24 14:54 - 00023168 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2014-03-25 15:22 - 2013-09-24 14:53 - 00453680 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2014-03-25 15:22 - 2013-09-24 14:53 - 00363504 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2014-03-25 15:22 - 2013-09-24 14:53 - 00352984 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2014-03-25 15:22 - 2013-09-24 14:53 - 00284888 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2014-03-25 15:22 - 2013-09-24 14:53 - 00045784 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2014-03-25 15:22 - 2013-09-24 14:53 - 00040664 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll
2014-03-22 03:24 - 2014-01-06 20:01 - 00000000 ____D () C:\Users\winston\AppData\Roaming\Comodo
2014-03-22 00:36 - 2012-09-03 21:32 - 00027922 _____ () C:\WINDOWS\PFRO.log
2014-03-22 00:27 - 2014-03-22 00:27 - 02150392 _____ (Reason Company Software Inc.) C:\Users\winston\Downloads\herdProtectScan_Portable.exe
2014-03-22 00:13 - 2014-03-22 00:13 - 00000000 ____D () C:\Program Files\Reason
2014-03-22 00:12 - 2014-03-22 00:12 - 02163032 _____ (Reason Company Software Inc.) C:\Users\winston\Downloads\herdProtectScan_Setup.exe
2014-03-21 21:50 - 2014-02-25 21:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-21 21:49 - 2014-01-22 16:50 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-03-21 20:32 - 2012-07-26 01:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-20 17:41 - 2012-07-26 03:28 - 00848230 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-20 00:27 - 2014-03-20 00:27 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-03-20 00:27 - 2014-03-20 00:27 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-03-20 00:27 - 2014-02-05 23:14 - 01039096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-03-20 00:27 - 2014-02-05 23:14 - 00423240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-03-20 00:27 - 2014-02-05 23:14 - 00208928 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-03-20 00:27 - 2014-02-05 23:14 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-03-20 00:27 - 2014-02-05 23:14 - 00084816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-03-20 00:27 - 2014-02-05 23:14 - 00079184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-03-20 00:27 - 2014-02-05 23:14 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-03-20 00:27 - 2014-02-05 23:14 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-03-20 00:27 - 2014-02-05 23:13 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-03-20 00:26 - 2014-03-20 00:27 - 00028184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-03-20 00:26 - 2014-03-20 00:26 - 00445304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2014-03-18 22:17 - 2014-01-06 19:50 - 00000000 ____D () C:\Users\kyle\AppData\Local\TOSHIBA
2014-03-18 03:50 - 2014-03-18 03:50 - 00439296 _____ () C:\Users\kyle\Downloads\Lecture+6-Neurodevelopmental+Disorders-2.ppt
2014-03-18 03:48 - 2014-03-18 03:48 - 00549888 _____ () C:\Users\kyle\Downloads\Lecture+7-Mood+disorders.ppt
2014-03-18 03:46 - 2014-03-18 03:46 - 00522752 _____ () C:\Users\kyle\Downloads\Lecture+5-Neurodevelopmental+disorders.ppt
2014-03-18 03:45 - 2014-03-18 03:45 - 00452096 _____ () C:\Users\kyle\Downloads\Lecture+4+Neurocognitive+disorders.ppt
2014-03-18 03:43 - 2014-03-18 03:43 - 00624640 _____ () C:\Users\kyle\Downloads\Lecture+3+Treatment+considerations.ppt
2014-03-11 20:12 - 2014-01-07 00:08 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-18 06:47

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by kyle at 2014-04-05 11:17:24
Running from C:\Users\kyle\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AntiLogger Free version 1.7.2.322 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.7.2.322 - Zemana Ltd.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.6 - Atheros Communications Inc.)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
COMODO Firewall (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 6.3.39949.2976 - COMODO Security Solutions Inc.)
Comodo IceDragon (HKLM-x32\...\Comodo IceDragon) (Version: 26.0.0.2 - COMODO)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 365 Home Premium - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
Norton PC Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.18.15 - Symantec Corporation)
Norton Security Dashboard (HKLM-x32\...\NortonSD) (Version: 1.1.1.9 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 8.6.3.49 - Electronic Arts, Inc.)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.5000 - SRS Labs, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1016 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425.01 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v1.0.0.8 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0013 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.8.7 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points  =========================

20-03-2014 04:25:40 avast! antivirus system restore point
31-03-2014 01:12:51 Scheduled Checkpoint

==================== Hosts content: ==========================

2012-07-26 01:26 - 2012-07-26 01:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0BFFC026-FFC5-4921-BF87-D81AA33E0B37} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {10A0B690-B2D5-4215-8A2E-006E6660374D} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {14C120FD-8833-4DE0-BE9C-1907E2431E39} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-03-31] (COMODO)
Task: {1616236F-7644-4E42-BB0D-CF7C72ECC76F} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {178211A0-F1BC-4BC6-BFA4-1D591814E489} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1EE5723E-975F-4E95-9483-86C05AA30B9E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {253A1F44-947C-469C-98A3-FAD0C4AB191F} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25] (COMODO)
Task: {46DE3683-04D2-4402-A39A-E8B47CF36B99} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {86893E10-313A-4FB6-9AF6-727DF81D95E3} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {8CBCAC39-9281-4DF3-AF26-B438F654870D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-20] (AVAST Software)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {ACF678BE-A0EA-4CB6-AF5C-5E60C6BE6CE6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8F9080E-952A-4E91-8BDA-1E37CBE524F2} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-03-16] (Microsoft Corporation)
Task: {D20452E4-A800-471A-BD77-C3A8ABF515DB} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-03-31] (COMODO)
Task: {DC9CC2C1-1903-4017-9B0D-4255612A3300} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F0315074-29AC-461C-BC2F-9EA1EB1856FC} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-03-16 18:33 - 2014-03-16 18:33 - 08878248 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-03-21 21:48 - 2013-10-31 17:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-22 16:50 - 2014-01-02 18:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-12-19 04:07 - 2013-12-19 04:07 - 01821384 _____ () C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
2012-08-06 09:36 - 2012-08-06 09:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-18 22:38 - 2012-07-18 22:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-18 22:38 - 2012-07-18 22:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-13 23:13 - 2012-08-13 23:13 - 00018344 _____ () C:\Program Files\Toshiba\Teco\TecoMUI.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: TOSHIBA Web Camera - HD
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2014 11:03:53 AM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (04/04/2014 07:26:32 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (04/03/2014 08:43:20 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/03/2014 08:25:30 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (04/02/2014 10:12:13 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (04/02/2014 01:11:58 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (04/02/2014 01:05:05 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (03/31/2014 02:18:56 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (03/30/2014 07:26:32 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (03/29/2014 09:35:38 PM) (Source: Office 2013 Licensing Service) (User: )
Description: Subscription licensing service failed: -1073415161


System errors:
=============
Error: (04/05/2014 11:02:31 AM) (Source: BugCheck) (User: )
Description: 0x00000133 (0x0000000000000000, 0x0000000000000501, 0x0000000000000500, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP040514-29156-01

Error: (04/05/2014 11:02:01 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (04/05/2014 11:02:26 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:58:25 AM on ‎4/‎5/‎2014 was unexpected.

Error: (04/02/2014 01:09:45 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (03/25/2014 02:40:19 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (03/25/2014 02:39:57 PM) (Source: DCOM) (User: thispc)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/25/2014 02:39:24 PM) (Source: DCOM) (User: thispc)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/25/2014 02:32:02 PM) (Source: DCOM) (User: thispc)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/25/2014 02:31:27 PM) (Source: DCOM) (User: thispc)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (03/25/2014 02:21:27 PM) (Source: DCOM) (User: thispc)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-05 11:16:25.145
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-05 11:06:01.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-05 10:58:01.994
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-05 10:49:00.369
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-05 01:16:10.249
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-05 00:45:02.914
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-05 00:18:46.847
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-04 22:46:48.332
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-04 22:38:31.757
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-04 22:31:26.236
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 45%
Total physical RAM: 3980.21 MB
Available physical RAM: 2153.66 MB
Total Pagefile: 8076.21 MB
Available Pagefile: 5591.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:585.71 GB) (Free:544.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Share this post


Link to post
Share on other sites

Hi:

 

Thanks for the log.

 

I'm sorry, however, but we cannot analyze scan logs or work on malware detection/removal in this section of the forum.

 

I see that you have created a new post over in the malware removal section >>HERE<<. :)

That is good.

Please be patient and wait for one of the expert helpers to pick up your post.

It might take a day or so, as it is the weekend, the forum is very busy and most of the expert helpers are volunteers.

In the interim, please do not add replies to it or "bump" it, as doing so might lead to the post being inadvertently overlooked.

 

As for editing posts, you will be able to do that when you get to a post count of 100.

That was necessary because of abuse by prior forum users.

 

Thanks!

 

daledoc1

Share this post


Link to post
Share on other sites

i forgot to add the dds logs to the first post. how do i do so if i can't add replies lol

Share this post


Link to post
Share on other sites

Hi:

 

i forgot to add the dds logs to the first post. how do i do so if i can't add replies lol

 

Please just hold the logs for now and wait for a helper to pick up your post.

If you reply to add them, it will change the reply count from "0".

That will make it appear that you are already being helped.

And it could lead to delay.

 

When your helper picks up your post, he/she will ask you for any additional needed scan logs.

 

Thanks for your patience,

 

daledoc1

Share this post


Link to post
Share on other sites

Hi:

 

 

Please just hold the logs for now and wait for a helper to pick up your post.

If you reply to add them, it will change the reply count from "0".

That will make it appear that you are already being helped.

And it could lead to delay.

 

When your helper picks up your post, he/she will ask you for any additional needed scan logs.

 

Thanks for your patience,

 

daledoc1

ok ill hold off.

can someone tell me the latest database for mwb now? i just tried updating after about 24 hours and it said none were available.

Share this post


Link to post
Share on other sites

ok ill hold off.

can someone tell me the latest database for mwb now? i just tried updating after about 24 hours and it said none were available.

 

2014.04.05.03 for the definitions database, as of the moment.

 

I am still running 1.75 on my box, so I don't know the rootkit database version.

 

Yes, please wait in your other topic for a malware helper to assist you.

 

Thanks.

 

daledoc1

Share this post


Link to post
Share on other sites

that;s weird..last i updated it was 4.05.01 and when i tried updating back when i last posted it said no more updates were available. i just looked though and it says im using 4.05.03 which is the latest...does it update automatically? I have the free premium trial enabled.

Share this post


Link to post
Share on other sites

Hi:

 

Yes, if it is properly configured and working properly with a proper internet connection on an uninfected system, with PREMIUM or the FREE TRIAL, it can/will update automatically, on the set schedule.

The update checks will now occur automatically once, when the program is installed, starting with 2.0.1.

After that, the user needs to schedule the update checks.

Regular database updates are released several times a day (10-12, sometimes more, sometimes less); I think the rootkit databases are updated less often.

 

daledoc1

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.