Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer Won't Finish Any Malware Scan [Closed]

Started by John Foot , Feb 04 2014 08:16 AM

  • This topic is locked This topic is locked

#1
John Foot
Posted 04 February 2014 - 08:16 AM

John Foot

    Member

  • Member
  • PipPip
  • 22 posts
I am in need of some assistance!

I believe there is a zeroaccess rootkit virus in my Recycle.Bin folder (per RKill). My computer will only operate in Safe Mode, and I have to constantly restart the computer because it freezes during a virus scan. I can't get any Malware scanning program to finish; the programs will start the scan process, then freeze after a few minutes. Below is a list of programs I have tried to run and the outcome:

RKill - Worked the first 3 times, now does not complete the scan.
Malwarebytes Anti Rootkit - Will not complete the scan.
Rougue Killer - Will not complete the scan.
OTL - Will not complete the scan.
VIPRE Rescue - Will not complete the scan.
TDSS Killer - Finished scan, but did not find any virus.
ADW Cleaner - Was able to get this to finish 1 time after a few attempts.
Hitman Pro - Was able to get this to finish after a few attempts. Found and removed 2 of the 3 virus's RKill found.

I am not sure what to do next. I would post the OTL log if the program could finish running the scan.
  • 0

Advertisements

#2
Essexboy
Posted 04 February 2014 - 09:10 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What is the operating system and is it 32 or 64 bit ? Do you have a USB drive and another computer you could use
  • 0

#3
John Foot
Posted 04 February 2014 - 09:15 AM

John Foot

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Windows Vista, 64 Bit.

I am using another computer right now to post on this website, and I do have access to a USB (phone), although in safe mode the computer was not recognizing my phone.
  • 0

#4
Essexboy
Posted 04 February 2014 - 09:54 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK that may be a problem as I was going to use the USB to boot the computer and work outside of windows ... Do you have the Vista CD to enable us to run the recovery console ?

Meanwhile lets see if this programme will run

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#5
John Foot
Posted 04 February 2014 - 10:59 AM

John Foot

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
I've tried several times to run FBST, but after a few minutes the program gets "hung up" and freezes(getting stuck at - \AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows). I dont have the Vista CD (I took my computer to work), but I can access the recovery console (system recovery options) by pressing F8 during startup and the computer has the recovery drive (E:).
  • 0

#6
John Foot
Posted 04 February 2014 - 11:33 AM

John Foot

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Also, I do have a USB drive now that my computer will recognize.
  • 0

#7
Essexboy
Posted 04 February 2014 - 12:23 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK copy FRST to the USB. You may not see the following screens but we need to start the recovery console and utilise the command prompt

Click repair my computer
Posted Image

Select your operating system
Posted Image

Select Command prompt
Posted Image

At the command prompt type the following :

notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst64.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
Posted Image
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
  • 0

#8
John Foot
Posted 04 February 2014 - 12:38 PM

John Foot

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Success! I was able to get FRST to finish a scan.

** FRST Scan: **

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Ryan (administrator) on DONNA-LT on 04-02-2014 13:04:44
Running from C:\Users\Ryan\Desktop
Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(WebEx Communications, Inc.) C:\Windows\SysWOW64\atashost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1780520 2009-05-07] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-15] (Intel Corporation)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9577680 2012-11-07] (COMODO)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3216544 2010-06-09] (Dell Inc.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-05-11] (IDT, Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [250192 2009-04-24] (Microsoft Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-04] (CyberLink Corp.)
HKLM-x32\...\Run: [BrMfcWnd] - "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-05] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [103936 2013-07-23] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-320270036-3338473701-3634627357-1001\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-320270036-3338473701-3634627357-1001\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-320270036-3338473701-3634627357-1001\...\Run: [Google Update] - C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-27] (Google Inc.)
HKU\S-1-5-21-320270036-3338473701-3634627357-1001\...\Run: [MusicManager] - C:\Users\Ryan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7380992 2013-11-11] (Google Inc.)
HKU\S-1-5-21-320270036-3338473701-3634627357-1001\...\MountPoints2: {37b45861-cfce-11de-a793-002564626b01} - G:\.\MigWiz\migsetup.exe
HKU\S-1-5-21-320270036-3338473701-3634627357-1001\...\MountPoints2: {37b45864-cfce-11de-a793-002564626b01} - D:\LaunchU3.exe -a
HKU\S-1-5-21-320270036-3338473701-3634627357-1001\...\MountPoints2: {5ae51577-4efa-11e3-aa6c-002564626b01} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-320270036-3338473701-3634627357-1001\...\MountPoints2: {5fc97163-4c3d-11e3-b986-002564626b01} - G:\HTC_Sync_Manager_PC.exe
AppInit_DLLs-x32: C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301264 2012-11-07] (COMODO)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Ryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...ilion&pf=laptop
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://northcarolinastate.scout.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {39AFB353-6476-42DB-8044-C68D41E21480} URL = http://www.bing.com/...ferrer:source?}
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: PE_IE_Helper Class - {0941C58F-E461-4E03-BD7D-44C27392ADE1} - C:\Program Files (x86)\IBM\Lotus Forms\Viewer\4.0\PEhelper.dll (IBM Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
DPF: HKLM-x32 {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/im...r/SysProExe.cab
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell....r/SysProExe.CAB
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: HKLM-x32 {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} https://esis.ncwise..../jinit13128.exe
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\c9utunly.default
FF Homepage: hxxp://www.packpride.com/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ryan\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ryan\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\mfc71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcr71.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmfv.dll (IBM Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Pinterest - C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\c9utunly.default\Extensions\[email protected] [2012-05-20]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\c9utunly.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-02]
FF Extension: Adblock Plus - C:\Users\Ryan\AppData\Roaming\Mozilla\Firefox\Profiles\c9utunly.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-07]
FF Extension: Skype extension for Firefox - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2014-01-17]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

==================== Services (Whitelisted) =================

R2 atashost; C:\Windows\SysWOW64\atashost.exe [20376 2009-03-06] (WebEx Communications, Inc.)
S2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2828408 2012-11-07] (COMODO)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] ()
S2 WebUpdate4; C:\Windows\SysWOW64\WebUpdateSvc4.exe [282896 2011-04-08] (Data Perceptions / PowerProgrammer)
S2 yksvc; C:\Windows\System32\ykx64mpcoinst.dll [382464 2009-05-12] (Marvell)

==================== Drivers (Whitelisted) ====================

S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2009-01-23] (Brother Industries Ltd.)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [584056 2012-11-07] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45872 2012-11-07] (COMODO)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2012-09-28] (LeapFrog)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [94288 2012-11-07] (COMODO)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2014-02-03] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119000 2014-02-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\SysWOW64\drivers\MBAMSwissArmy.sys [41272 2011-07-06] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 OA013Ufd; C:\Windows\System32\DRIVERS\OA013Ufd.sys [159840 2009-03-06] (Creative Technology Ltd.)
S3 OA013Vid; C:\Windows\System32\DRIVERS\OA013Vid.sys [311456 2009-03-09] (Creative Technology Ltd.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-05-20] (Research In Motion Limited)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-04 12:53 - 2014-02-04 12:53 - 00000085 _____ () C:\Windows\wininit.ini
2014-02-04 11:13 - 2014-02-04 13:05 - 00016403 _____ () C:\Users\Ryan\Desktop\FRST.txt
2014-02-04 11:11 - 2014-02-04 11:13 - 00000000 ____D () C:\FRST
2014-02-04 11:10 - 2014-02-04 11:11 - 02080256 _____ (Farbar) C:\Users\Ryan\Desktop\FRST64.exe
2014-02-04 08:00 - 2014-02-04 08:00 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Desktop\rkill64-12710.scr
2014-02-03 22:51 - 2014-02-03 22:52 - 17946224 _____ (SUPERAntiSpyware) C:\Users\Ryan\Downloads\SUPERAntiSpyware.exe
2014-02-03 22:36 - 2014-02-03 22:36 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Desktop\rkill64.scr
2014-02-03 22:34 - 2014-02-03 22:34 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Desktop\rkill.scr
2014-02-03 21:40 - 2014-02-03 21:41 - 00000000 ____D () C:\VIPRERESCUE
2014-02-03 20:34 - 2014-02-03 20:34 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64-9195.exe
2014-02-03 20:28 - 2014-02-03 20:28 - 00027826 _____ () C:\Users\Ryan\Desktop\20140203202819.csv
2014-02-03 20:12 - 2014-02-03 20:12 - 00000000 _____ () C:\Windows\SysWOW64\SBRC.dat
2014-02-03 20:12 - 2013-09-04 13:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
2014-02-03 20:12 - 2013-05-23 07:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2014-02-03 20:11 - 2014-02-03 20:26 - 00218254 _____ () C:\Users\Ryan\Desktop\20140203201157.csv
2014-02-03 20:08 - 2014-02-03 20:10 - 149581824 _____ () C:\Users\Ryan\Desktop\VIPRERescue26090 (1).exe
2014-02-03 19:57 - 2014-02-03 19:57 - 03656092 _____ () C:\Users\Ryan\Downloads\VIPRERescue26090.exe.ysa9pee.partial
2014-02-03 19:42 - 2014-02-03 19:42 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64.exe
2014-02-03 19:26 - 2014-02-03 19:26 - 00602112 _____ (OldTimer Tools) C:\Users\Ryan\Desktop\OTL.exe
2014-02-03 18:46 - 2014-02-04 09:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-03 18:46 - 2014-02-04 09:38 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-03 18:45 - 2014-02-04 09:38 - 00000000 ____D () C:\Users\Ryan\Desktop\mbar
2014-02-03 18:45 - 2014-02-03 18:45 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-03 18:18 - 2014-02-03 18:18 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64-15482.exe
2014-02-03 18:18 - 2014-02-03 18:18 - 00000555 _____ () C:\Users\Ryan\Desktop\iExplore.exe - Shortcut.lnk
2014-02-03 00:04 - 2014-02-03 00:04 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64-30329.exe
2014-02-03 00:01 - 2014-02-03 00:01 - 00003008 _____ () C:\Users\Ryan\Desktop\RKreport[0]_D_02032014_000136.txt
2014-02-03 00:01 - 2014-02-03 00:01 - 00002929 _____ () C:\Users\Ryan\Desktop\RKreport[0]_S_02032014_000108.txt
2014-02-02 23:59 - 2014-02-03 00:01 - 00000000 ____D () C:\Users\Ryan\Desktop\RK_Quarantine
2014-02-02 23:58 - 2014-02-02 23:58 - 03794432 _____ () C:\Users\Ryan\Desktop\RogueKiller.exe
2014-02-02 23:09 - 2014-02-03 20:50 - 00000000 ____D () C:\AdwCleaner
2014-02-02 23:09 - 2014-02-02 23:09 - 01166132 _____ () C:\Users\Ryan\Desktop\AdwCleaner.exe
2014-02-02 22:46 - 2014-02-02 23:07 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-02 22:45 - 2014-02-02 22:46 - 10820032 _____ (SurfRight B.V.) C:\Users\Ryan\Desktop\HitmanPro_x64.exe
2014-02-02 22:33 - 2014-02-02 22:33 - 00000000 ____D () C:\Users\Ryan\Desktop\tdsskiller
2014-02-02 22:08 - 2014-02-02 22:08 - 00000000 ____D () C:\Qoobox
2014-02-02 22:07 - 2014-02-03 22:42 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-02 22:07 - 2014-02-02 22:07 - 00000000 ____D () C:\Windows\erdnt
2014-02-02 22:06 - 2014-02-03 18:24 - 05179684 ____R (Swearware) C:\Users\Ryan\Desktop\ComboFix.exe
2014-02-02 21:02 - 2014-02-02 21:02 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64-27479.exe
2014-02-02 20:07 - 2014-02-02 20:07 - 00270680 _____ () C:\Windows\Minidump\Mini020214-01.dmp
2014-02-02 20:07 - 2014-02-02 20:07 - 00000000 ____D () C:\Windows\Minidump
2014-02-02 20:06 - 2014-02-02 20:06 - 458797391 _____ () C:\Windows\MEMORY.DMP
2014-02-02 17:41 - 2014-02-02 17:41 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Desktop\iExplore64.exe
2014-02-02 17:32 - 2014-02-02 17:32 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore.exe
2014-02-02 17:26 - 2014-02-04 08:00 - 00001462 _____ () C:\Users\Ryan\Desktop\Rkill.txt
2014-02-02 17:02 - 2014-02-04 12:54 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-02 17:02 - 2014-02-04 12:53 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-02 17:01 - 2014-02-02 17:02 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Ryan\Downloads\spybot-2.2.exe
2014-02-01 22:57 - 2014-02-01 22:57 - 00000000 ____D () C:\Users\Donna\AppData\Local\Google
2014-02-01 17:06 - 2014-02-02 16:58 - 00000732 _____ () C:\Users\Ryan\AppData\Local\d3d9caps64.dat
2014-01-19 22:15 - 2014-01-19 22:16 - 00000000 ___RD () C:\Users\Ryan\Google Drive
2014-01-19 22:15 - 2014-01-19 22:15 - 00001505 _____ () C:\Users\Ryan\Desktop\Google Drive.lnk
2014-01-19 22:13 - 2014-02-04 11:02 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 22:13 - 2014-02-02 20:25 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 22:13 - 2014-01-19 22:19 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-19 22:13 - 2014-01-19 22:19 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-19 22:13 - 2014-01-19 22:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-17 12:48 - 2014-01-17 12:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-02-04 13:05 - 2014-02-04 11:13 - 00016403 _____ () C:\Users\Ryan\Desktop\FRST.txt
2014-02-04 12:59 - 2006-11-02 07:46 - 00788942 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-04 12:54 - 2014-02-02 17:02 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-02-04 12:54 - 2012-03-31 20:59 - 00110694 _____ () C:\Windows\PFRO.log
2014-02-04 12:53 - 2014-02-04 12:53 - 00000085 _____ () C:\Windows\wininit.ini
2014-02-04 12:53 - 2014-02-02 17:02 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-04 12:47 - 2009-09-29 10:26 - 01530647 _____ () C:\Windows\WindowsUpdate.log
2014-02-04 11:28 - 2012-02-05 13:30 - 00044457 _____ () C:\Windows\setupact.log
2014-02-04 11:13 - 2014-02-04 11:11 - 00000000 ____D () C:\FRST
2014-02-04 11:11 - 2014-02-04 11:10 - 02080256 _____ (Farbar) C:\Users\Ryan\Desktop\FRST64.exe
2014-02-04 11:02 - 2014-01-19 22:13 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-04 11:02 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-04 11:02 - 2006-11-02 10:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-04 11:02 - 2006-11-02 10:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-04 09:39 - 2014-02-03 18:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-04 09:38 - 2014-02-03 18:46 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-02-04 09:38 - 2014-02-03 18:45 - 00000000 ____D () C:\Users\Ryan\Desktop\mbar
2014-02-04 09:16 - 2009-10-10 18:39 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{8FCCC5AF-4FEE-45BC-9302-23E4DCDCB7DB}.job
2014-02-04 08:00 - 2014-02-04 08:00 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Desktop\rkill64-12710.scr
2014-02-04 08:00 - 2014-02-02 17:26 - 00001462 _____ () C:\Users\Ryan\Desktop\Rkill.txt
2014-02-03 22:52 - 2014-02-03 22:51 - 17946224 _____ (SUPERAntiSpyware) C:\Users\Ryan\Downloads\SUPERAntiSpyware.exe
2014-02-03 22:42 - 2014-02-02 22:07 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-03 22:36 - 2014-02-03 22:36 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Desktop\rkill64.scr
2014-02-03 22:34 - 2014-02-03 22:34 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Desktop\rkill.scr
2014-02-03 21:41 - 2014-02-03 21:40 - 00000000 ____D () C:\VIPRERESCUE
2014-02-03 20:50 - 2014-02-02 23:09 - 00000000 ____D () C:\AdwCleaner
2014-02-03 20:34 - 2014-02-03 20:34 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64-9195.exe
2014-02-03 20:28 - 2014-02-03 20:28 - 00027826 _____ () C:\Users\Ryan\Desktop\20140203202819.csv
2014-02-03 20:26 - 2014-02-03 20:11 - 00218254 _____ () C:\Users\Ryan\Desktop\20140203201157.csv
2014-02-03 20:12 - 2014-02-03 20:12 - 00000000 _____ () C:\Windows\SysWOW64\SBRC.dat
2014-02-03 20:10 - 2014-02-03 20:08 - 149581824 _____ () C:\Users\Ryan\Desktop\VIPRERescue26090 (1).exe
2014-02-03 19:57 - 2014-02-03 19:57 - 03656092 _____ () C:\Users\Ryan\Downloads\VIPRERescue26090.exe.ysa9pee.partial
2014-02-03 19:42 - 2014-02-03 19:42 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64.exe
2014-02-03 19:26 - 2014-02-03 19:26 - 00602112 _____ (OldTimer Tools) C:\Users\Ryan\Desktop\OTL.exe
2014-02-03 18:45 - 2014-02-03 18:45 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-03 18:24 - 2014-02-02 22:06 - 05179684 ____R (Swearware) C:\Users\Ryan\Desktop\ComboFix.exe
2014-02-03 18:18 - 2014-02-03 18:18 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64-15482.exe
2014-02-03 18:18 - 2014-02-03 18:18 - 00000555 _____ () C:\Users\Ryan\Desktop\iExplore.exe - Shortcut.lnk
2014-02-03 00:04 - 2014-02-03 00:04 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64-30329.exe
2014-02-03 00:01 - 2014-02-03 00:01 - 00003008 _____ () C:\Users\Ryan\Desktop\RKreport[0]_D_02032014_000136.txt
2014-02-03 00:01 - 2014-02-03 00:01 - 00002929 _____ () C:\Users\Ryan\Desktop\RKreport[0]_S_02032014_000108.txt
2014-02-03 00:01 - 2014-02-02 23:59 - 00000000 ____D () C:\Users\Ryan\Desktop\RK_Quarantine
2014-02-02 23:58 - 2014-02-02 23:58 - 03794432 _____ () C:\Users\Ryan\Desktop\RogueKiller.exe
2014-02-02 23:09 - 2014-02-02 23:09 - 01166132 _____ () C:\Users\Ryan\Desktop\AdwCleaner.exe
2014-02-02 23:07 - 2014-02-02 22:46 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-02 22:46 - 2014-02-02 22:45 - 10820032 _____ (SurfRight B.V.) C:\Users\Ryan\Desktop\HitmanPro_x64.exe
2014-02-02 22:33 - 2014-02-02 22:33 - 00000000 ____D () C:\Users\Ryan\Desktop\tdsskiller
2014-02-02 22:08 - 2014-02-02 22:08 - 00000000 ____D () C:\Qoobox
2014-02-02 22:07 - 2014-02-02 22:07 - 00000000 ____D () C:\Windows\erdnt
2014-02-02 21:02 - 2014-02-02 21:02 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore64-27479.exe
2014-02-02 20:46 - 2012-05-11 20:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-02 20:41 - 2013-11-27 16:20 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-320270036-3338473701-3634627357-1001UA.job
2014-02-02 20:25 - 2014-01-19 22:13 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-02 20:07 - 2014-02-02 20:07 - 00270680 _____ () C:\Windows\Minidump\Mini020214-01.dmp
2014-02-02 20:07 - 2014-02-02 20:07 - 00000000 ____D () C:\Windows\Minidump
2014-02-02 20:06 - 2014-02-02 20:06 - 458797391 _____ () C:\Windows\MEMORY.DMP
2014-02-02 17:41 - 2014-02-02 17:41 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Desktop\iExplore64.exe
2014-02-02 17:32 - 2014-02-02 17:32 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Ryan\Downloads\iExplore.exe
2014-02-02 17:02 - 2014-02-02 17:01 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Ryan\Downloads\spybot-2.2.exe
2014-02-02 16:58 - 2014-02-01 17:06 - 00000732 _____ () C:\Users\Ryan\AppData\Local\d3d9caps64.dat
2014-02-02 16:47 - 2006-11-02 10:42 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-02 02:24 - 2012-07-07 13:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-02 02:24 - 2009-10-10 18:20 - 00000000 ____D () C:\Users\Donna
2014-02-02 02:24 - 2006-11-02 08:34 - 00000000 ____D () C:\Windows\system32\spool
2014-02-02 02:24 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\registration
2014-02-02 02:24 - 2006-11-02 07:33 - 73924608 _____ () C:\Windows\system32\config\software_previous
2014-02-02 02:22 - 2006-11-02 07:33 - 25165824 _____ () C:\Windows\system32\config\system_previous
2014-02-02 02:06 - 2006-11-02 07:33 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-02-02 02:06 - 2006-11-02 07:33 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2014-02-01 23:26 - 2010-07-24 09:55 - 00000000 ____D () C:\Users\Ryan
2014-02-01 22:57 - 2014-02-01 22:57 - 00000000 ____D () C:\Users\Donna\AppData\Local\Google
2014-02-01 18:33 - 2006-11-02 07:33 - 66322432 _____ () C:\Windows\system32\config\components_previous
2014-02-01 18:33 - 2006-11-02 07:33 - 00262144 _____ () C:\Windows\system32\config\default_previous
2014-01-24 21:41 - 2013-11-27 16:20 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-320270036-3338473701-3634627357-1001Core.job
2014-01-19 22:19 - 2014-01-19 22:13 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-19 22:19 - 2014-01-19 22:13 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-19 22:16 - 2014-01-19 22:15 - 00000000 ___RD () C:\Users\Ryan\Google Drive
2014-01-19 22:15 - 2014-01-19 22:15 - 00001505 _____ () C:\Users\Ryan\Desktop\Google Drive.lnk
2014-01-19 22:14 - 2014-01-19 22:13 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-19 22:14 - 2011-06-09 18:26 - 00000000 ____D () C:\Users\Ryan\AppData\Local\Google
2014-01-19 02:33 - 2009-11-10 20:00 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 13:35 - 2009-09-29 15:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-17 13:34 - 2013-10-31 22:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-17 13:31 - 2006-11-02 07:35 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-17 12:49 - 2014-01-17 12:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-05 02:55 - 2009-12-16 10:55 - 00000366 _____ () C:\Windows\Tasks\Driver Robot.job

Files to move or delete:
====================
C:\Users\Ryan\gotomypc_540.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-04 13:20

==================== End Of Log ============================





** FRST Additional Scan: **

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by Ryan at 2014-02-04 13:18:36
Running from C:\Users\Ryan\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Advanced Audio FX Engine (x32 Version: 1.12.05 - Creative Technology Ltd)
Amazon MP3 Downloader 1.0.17 (x32 Version: 1.0.17 - Amazon Services LLC)
Android SDK Tools (x32 Version: 0.7 - Google Inc.)
Apple Application Support (x32 Version: 2.0.1 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS RT-N12 Wireless Router Utilities (x32 Version: 4.0.5.0 - ASUS)
ASUS Wireless Router RT-N12 Manuals (x32 Version: 1.00.000 - )
AudibleManager (x32 Version: 265291692.-2.2010722555.2010490079 - Audible, Inc.)
Banctec Service Agreement (x32 Version: 2.0.0 - Dell Inc.)
BlackBerry Desktop Software 6.0 (x32 Version: 6.0.0.40 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.0 (x32 Version: 6.0.0.40 - Research In Motion Ltd.) Hidden
Canon Easy-WebPrint EX (x32 Version: - )
Canon IJ Network Scan Utility (x32 Version: - )
Canon IJ Network Tool (x32 Version: - )
Canon MP Navigator EX 3.0 (x32 Version: - )
Canon MP560 series MP Drivers (Version: - )
Canon MP560 series User Registration (x32 Version: - )
Canon Utilities Easy-PhotoPrint EX (x32 Version: - )
Canon Utilities My Printer (x32 Version: - )
Canon Utilities Solution Menu (x32 Version: - )
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
COMODO Internet Security (Version: 4.1.19277.920 - COMODO Group Inc.)
Coupon Printer for Windows (x32 Version: 5.0.0.0 - Coupons.com Incorporated) <==== ATTENTION
Dell DataSafe Online (x32 Version: 1.1.0029 - Dell, Inc.)
Dell Dock (Version: 2.0.0 - Dell)
Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (x32 Version: 1.00.0000 - Dell Inc.)
Dell Touchpad (Version: 13.0.2.0 - Synaptics Incorporated)
Dell Webcam Central (x32 Version: 1.20.10 - Creative Technology Ltd)
DVD Decrypter (Remove Only) (x32 Version: - )
DVD Shrink 3.2 (x32 Version: - DVD Shrink)
GIMP 2.8.4 (Version: 2.8.4 - The GIMP Team)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (x32 Version: - )
HP USB Disk Storage Format Tool (x32 Version: - )
HTC BMP USB Driver (x32 Version: 1.0.5375 - HTC)
HTC Driver Installer (x32 Version: 4.10.0.001 - HTC Corporation)
IBM Forms Viewer 4.0.0 (x32 Version: 8.0.0.0 - IBM)
Integrated Webcam Driver (1.00.04.0310) (Version: 1.00.04.0310 - Creative Technology Ltd.)
Intel® Graphics Media Accelerator Driver (Version: - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 10.5.0.1029 - Intel Corporation)
Intel® Matrix Storage Manager (Version: - Intel Corporation)
IPTInstaller (x32 Version: 4.0.9 - HTC)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 26 (64-bit) (Version: 6.0.260 - Oracle)
Java™ 6 Update 30 (x32 Version: 6.0.300 - Sun Microsystems, Inc.)
Java™ SE Development Kit 6 Update 26 (64-bit) (Version: 1.6.0.260 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
LeapFrog Connect (x32 Version: 5.1.5.17469 - LeapFrog)
LeapFrog Connect (x32 Version: 5.1.5.17469 - LeapFrog) Hidden
LeapFrog Tag Junior Plugin (x32 Version: 5.1.5.17469 - LeapFrog) Hidden
Live! Cam Avatar Creator (x32 Version: 4.6.2303.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 1.62.0.1300 (x32 Version: 1.62.0.1300 - Malwarebytes Corporation)
Marvell Miniport Driver (x32 Version: 10.68.3.3 - Marvell)
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.0.69.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (x32 Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Music Manager (HKCU Version: - Google, Inc.)
Oracle JInitiator 1.3.1.28 (x32 Version: - )
PdaNet for Android 2.45 (x32 Version: - June Fabrics Technology Inc)
PowerDVD DX (x32 Version: 8.2.5024 - Dell Corp.)
Quickset64 (Version: 9.6.21 - Dell Inc.)
QuickTime (x32 Version: 7.70.80.34 - Apple Inc.)
Roxio Burn (x32 Version: 1.01 - Roxio) Hidden
Roxio Creator Audio (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (x32 Version: 10.1 - Roxio)
Roxio Creator DE (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Skype Toolbars (x32 Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
Software Update Wizard (Redist) 4.5 (x32 Version: 4.5 - PowerProgrammer)
Universal Adb Driver (x32 Version: 1.0.0 - ClockworkMod)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin) (x32 Version: - LeapFrog)
WebEx Support Manager for Internet Explorer (x32 Version: 6.5.4917 - WebEx Communications Inc.)
Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (x32 Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Sync (x32 Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Upload Tool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden

==================== Restore Points =========================

04-01-2014 23:43:51 Windows Update
06-01-2014 05:00:03 Scheduled Checkpoint
07-01-2014 05:00:04 Scheduled Checkpoint
08-01-2014 06:11:40 Windows Update
16-01-2014 23:43:03 Windows Update
17-01-2014 18:30:48 Windows Update
19-01-2014 23:48:45 Scheduled Checkpoint
20-01-2014 22:39:14 Windows Update
22-01-2014 05:00:03 Scheduled Checkpoint
23-01-2014 05:00:03 Scheduled Checkpoint
24-01-2014 05:00:03 Scheduled Checkpoint
24-01-2014 06:00:58 Windows Update
25-01-2014 05:00:03 Scheduled Checkpoint
26-01-2014 05:00:05 Scheduled Checkpoint
27-01-2014 05:00:03 Scheduled Checkpoint
27-01-2014 11:49:30 Windows Update
28-01-2014 05:00:04 Scheduled Checkpoint
29-01-2014 05:00:08 Scheduled Checkpoint
30-01-2014 05:00:04 Scheduled Checkpoint
30-01-2014 20:34:48 Windows Update
01-02-2014 05:00:08 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {16E7C247-D970-4FC8-8722-8D3F4AAB5E54} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-320270036-3338473701-3634627357-1001Core => C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-27] (Google Inc.)
Task: {186106FA-8B69-4970-967E-7A7610E848AB} - System32\Tasks\{EEB3E0BB-92C2-457F-A4C0-591CFD624CEF} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {2D9F0665-24A1-478E-AA65-D8C7B7F6669F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19] (Google Inc.)
Task: {2E62BDF5-39E1-4EFE-A4BB-777B2E332A17} - System32\Tasks\{C244A3B5-5CA0-47C3-8B46-18A25B4E09D9} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {3ED1E958-ECC5-4B6C-BA97-B938BE601C82} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {76861ECE-87E2-4DFB-9227-484A0C324B07} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Ryan => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-20] (Microsoft Corporation)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {A1D27F94-3543-45AA-B94F-64DE02A2CD27} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {B2A7ED99-AAC1-4AEE-8903-BF58AA0CD697} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-320270036-3338473701-3634627357-1001UA => C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-27] (Google Inc.)
Task: {B9EF7C7D-341F-4B8E-968A-D2E43E2ABE46} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19] (Google Inc.)
Task: {BF89C9AC-72D9-41FC-93C7-F2953542F6ED} - System32\Tasks\Driver Robot => C:\Program Files (x86)\Driver Robot\1.2.0.5\DriverRobot.exe
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {F1910102-F6EC-4863-B2AF-000724702C68} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Robot.job => C:\Program Files (x86)\Driver Robot\1.2.0.5\DriverRobot.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-320270036-3338473701-3634627357-1001Core.job => C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-320270036-3338473701-3634627357-1001UA.job => C:\Users\Ryan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{8FCCC5AF-4FEE-45BC-9302-23E4DCDCB7DB}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2014 01:02:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2014 01:02:09 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/04/2014 00:55:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2014 00:55:21 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/04/2014 00:52:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2014 00:49:48 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/04/2014 00:30:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2014 00:30:04 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (02/04/2014 00:06:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2014 00:05:54 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (02/04/2014 01:11:38 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/04/2014 01:11:37 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/04/2014 01:11:36 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/04/2014 01:11:35 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/04/2014 01:11:34 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/04/2014 01:11:33 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/04/2014 01:11:32 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/04/2014 01:11:31 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/04/2014 01:11:30 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/04/2014 01:10:29 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.


Microsoft Office Sessions:
=========================
Error: (05/21/2013 00:12:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 114 seconds with 60 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2014-02-04 13:06:18.133
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-04 13:06:17.587
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-04 13:06:17.041
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-04 13:06:16.479
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-04 13:06:15.918
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-04 13:06:15.372
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-04 13:06:14.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-04 13:06:14.249
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-04 13:05:37.869
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-02-04 13:05:37.323
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 3031.57 MB
Available physical RAM: 2194.36 MB
Total Pagefile: 6269.42 MB
Available Pagefile: 5531.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:146.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 7BA3704B)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#9
Essexboy
Posted 04 February 2014 - 01:01 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No apparent malware there

Could you go to the command prompt again please and run the following command

chkdsk c: /r

Wait until it has completed

Then reboot to normal windows and try MBAM agin
  • 0

#10
John Foot
Posted 04 February 2014 - 03:18 PM

John Foot

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
How long is Chkdsk supposed to take? My computer has been stuck at 13% on Stage 4 for a very long time.
  • 0

#11
Essexboy
Posted 04 February 2014 - 03:20 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It can take a while if the disc has corruption and bad sectors on it, which is my current estimation
  • 0

#12
John Foot
Posted 06 February 2014 - 06:58 AM

John Foot

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
I may have a hard drive going bad. During Stage 4, there is a lot of repairing bad sectors. Also, before the computer finishes Stage 4, it will stop and an error screen is shown stating "No Hard Drive Found".
  • 0

#13
Essexboy
Posted 06 February 2014 - 07:44 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Back up your data as soon as possible and then you may need a new hard drive
  • 0

#14
Essexboy
Posted 12 February 2014 - 07:45 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Can't Run Any Antivirus or Malware Removal Programs · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Can't Run Any Antivirus or Malware Removal Programs

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP