smsmasters

Now the question is, can MBAM fix their software so that those with the above issue can have full functionality?

This fix works!

Phantasm and I both have the Killer Network Card e2200 so that is something both systems have in common. I've reinstalled Windows 8.1 on three computers, the computer with the e2200 is the only system having issues with MBAM. Also note that when the same PC was on Windows 7 the same issue existed. The latest version of MBAM is installed on all computers. So to me it seems the issue is with the e2200 and MBAM. @daledoc1 what is your exact killer network card? I assume it's not the e2200.

I experienced the same issue. When malicious website blocking is enabled on a system with a killer network card, websites do not load. This occurs on Windows 7 and 8.1 on a fresh install. QuoteMultiQuote

I experienced the same issue. When malicious website blocking is enabled on a system with a killer network card, websites do not load. This occurs on Windows 7 and 8.1 on a fresh install.

I still have this issue.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Jason (administrator) on I7-4770K-PC on 04-04-2014 12:58:18 Running from C:\Users\Jason\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Creative Technology Ltd) C:\Windows\sysWow64\CtHdaSvc.exe (Ghost Path) C:\Program Files (x86)\GhostPath\resources\bin\win32\ghostpathsrvc\ghostpathsrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe (Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe () C:\Windows\system\HsMgr64.exe () C:\Windows\SysWOW64\HsMgr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (CMedia) C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\ASUSAUDIOCENTER.EXE (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Program Files\Rainlendar2\Rainlendar2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\ibVPN\ibVPN.service.exe (Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe (Microsoft Corporation) C:\Windows\system32\PrintIsolationHost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Cmaudio8788GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788] - C:\Windows\Syswow64\cmicnfgp.dll [8769536 2011-05-12] (C-Media Corporation) HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.) HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation) HKLM\...\Run: [iAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation) HKLM-x32\...\Run: [iJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-24] (CANON INC.) HKLM-x32\...\Run: [sound Blaster Recon3Di SBX Control Panel] - C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [976896 2012-11-28] (Creative Technology Ltd) HKLM-x32\...\Run: [uSB3MON] - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation) HKLM-x32\...\Run: [] - [X] HKLM-x32\...\Run: [iPagCharge] - C:\Program Files (x86)\Transcend\TS-HUB3\Starter.exe [28672 2012-08-23] () HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-57982113-3725250103-3377139025-1001\...\Run: [Rainlendar2] - C:\Program Files\Rainlendar2\Rainlendar2.exe [4402784 2013-11-17] () Startup: C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1F73F94FC7E7CA01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {CDFD4A8C-0461-4A75-B3CC-93B3575DF157} URL = http://www.google.co.uk/search?hl=en&q={searchTerms}&meta= BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058 Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll [127400] () Winsock: Catalog9 02 C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll [127400] () Winsock: Catalog9 03 C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll [127400] () Winsock: Catalog9 04 C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll [127400] () Winsock: Catalog9 05 C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll [127400] () Winsock: Catalog9 16 C:\Program Files (x86)\HMA! Pro VPN\bin\ForceInterfaceLSP.dll [127400] () Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{7AE4F7BD-2819-4BA5-B81C-3DA5C8E6D26C}: [NameServer]208.67.222.222,208.67.220.220 FireFox: ======== FF ProfilePath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\5rhr7rdb.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @vmware.com/vmrc,version=5.1.0.00000 - C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.1\Firefox\np-vmware-vmrc.dll (VMware, Inc.) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF Plugin HKCU: @doubletwist.com/NPPodcast - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll (Adobe Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Extension: Adblock Plus - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\5rhr7rdb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-26] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-12-14] Chrome: ======= CHR HomePage: CHR DefaultSearchKeyword: google.co.uk CHR Extension: (Angry Birds) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-12-14] CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-14] CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-14] CHR Extension: (Session Manager) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2013-12-14] CHR Extension: (Bookmark Sentry (scanner)) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga [2013-12-14] CHR Extension: (Glow) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekmjjakgojplnhahcilegeiklenjbgb [2014-03-26] CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-14] CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-14] CHR Extension: (Google Calendar) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-12-14] CHR Extension: (AdBlock) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-14] CHR Extension: (TinEye Reverse Image Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2013-12-14] CHR Extension: (Social Fixer for Facebook) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2013-12-14] CHR Extension: (Dropbox) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-12-14] CHR Extension: (Show Me Emoji!!) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfaljehflmoakhcfdopplgbieldgknai [2013-12-14] CHR Extension: (Samba Mobile Battery) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nemfbbkoiephopbappajomglbiadblih [2013-12-14] CHR Extension: (Google Wallet) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-14] CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-14] ==================== Services (Whitelisted) ================= S3 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com) R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103936 2013-08-20] (Creative Technology Ltd) S3 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [69632 2008-02-12] () S3 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [69192 2013-10-11] (CHENGDU YIWO Tech Development Co., Ltd) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [166112 2013-09-05] (Futuremark) R2 GhostPathSrvc; C:\Program Files (x86)\GhostPath\resources\bin\win32\ghostpathsrvc\ghostpathsrvc.exe [822486 2013-11-05] (Ghost Path) S3 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation) S3 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2013-11-21] (The OpenVPN Project) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-01] () R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2013-12-09] (Qualcomm Atheros) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC) S3 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2013-09-04] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation) R1 archlp; C:\Windows\System32\drivers\archlp.sys [142848 2010-01-13] () R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () S3 BDA_Capture_220A; C:\Windows\System32\Drivers\BDA_Capture_220A_x64.sys [23296 2007-02-09] (WideViewer Electronics CO., LTD) R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.) R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc) R3 cthda; C:\Windows\System32\drivers\cthda.sys [1049880 2013-08-20] (Creative Technology Ltd) S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2013-12-14] (Digiarty Software, Inc.) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () R0 glchgflt; C:\Windows\System32\DRIVERS\glchgflt.sys [33072 2012-10-05] (Windows ® Win 7 DDK provider) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-11-21] (Intel Corporation) R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [26328 2013-07-23] (Intel Corporation) R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) S3 LGSUsbFilt; C:\Windows\system32\drivers\LGSUsbFilt.Sys [44272 2013-01-17] (Logitech Inc.) S4 LMIRfsClientNP; No ImagePath R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-04] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15416 2009-05-14] () S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.) S3 radpms; C:\Windows\System32\DRIVERS\radpms.sys [14944 2010-12-08] (LogMeIn, Inc.) R3 RTL2831UBDA; C:\Windows\System32\drivers\RTL2831UBDA.sys [116000 2009-08-28] (REALTEK SEMICONDUCTOR Corp.) R3 RTL2831UUSB; C:\Windows\System32\Drivers\RTL2831UUSB.sys [39968 2009-08-28] (REALTEK SEMICONDUCTOR Corp.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 Spyder2; C:\Windows\system32\drivers\Spyder2.sys [15360 2007-01-17] () S3 Spyder3; C:\Windows\system32\drivers\Spyder3.sys [15360 2007-12-12] () S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-11-29] (Oracle Corporation) S3 X-Rite; C:\Windows\system32\drivers\XrUsb64.sys [33600 2007-01-29] (X-Rite, Inc.) S3 zghsdiag; C:\Windows\system32\drivers\zghsdiag.sys [122624 2011-01-13] (ZTE Incorporated) S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (ZTE Incorporated) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz130; \??\C:\Users\Jason\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X] S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X] S3 iscFlash; \??\C:\Users\Jason\AppData\Local\Temp\7zS67DA.tmp\iscflashx64.sys [X] S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X] S3 PCANDIS5; \??\C:\Users\Jason\Desktop\DG834_~1\DG834R~1\PCANDIS5.SYS [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 X6va005; \??\C:\Users\Jason\AppData\Local\Temp\005D280.tmp [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-04 12:58 - 2014-04-04 12:58 - 00028160 _____ () C:\Users\Jason\Desktop\FRST.txt 2014-04-04 12:58 - 2014-04-04 12:58 - 00000000 ____D () C:\FRST 2014-04-04 12:54 - 2014-04-04 12:54 - 00001659 _____ () C:\Users\Jason\Desktop\ESET.txt 2014-04-04 11:14 - 2014-04-04 11:14 - 02347384 _____ (ESET) C:\Users\Jason\Desktop\esetsmartinstaller_enu.exe 2014-04-04 11:09 - 2014-04-04 11:09 - 00001570 _____ () C:\Users\Jason\Desktop\JRT.txt 2014-04-04 10:47 - 2014-04-04 10:47 - 00000000 ____D () C:\Windows\ERUNT 2014-04-04 10:01 - 2014-04-04 10:42 - 00000000 ____D () C:\Users\Jason\Desktop\mbar 2014-04-04 09:52 - 2014-04-04 09:52 - 02157056 _____ (Farbar) C:\Users\Jason\Desktop\FRST64.exe 2014-04-04 09:52 - 2014-04-04 09:52 - 01426178 _____ () C:\Users\Jason\Desktop\AdwCleaner.exe 2014-04-04 09:52 - 2014-04-04 09:52 - 01038974 _____ (Thisisu) C:\Users\Jason\Desktop\JRT.exe 2014-04-04 09:51 - 2014-04-04 09:51 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jason\Desktop\mbar-1.07.0.1009.exe 2014-04-04 09:51 - 2014-04-04 09:51 - 00448512 _____ (OldTimer Tools) C:\Users\Jason\Desktop\TFC.exe 2014-04-04 08:53 - 2014-04-04 08:53 - 00013944 _____ () C:\Users\Jason\Desktop\attach.txt 2014-04-04 08:53 - 2014-04-04 08:53 - 00001254 _____ () C:\Users\Jason\Desktop\etc - Shortcut.lnk 2014-04-04 08:36 - 2014-04-04 08:36 - 00036595 _____ () C:\Users\Jason\Desktop\ComboFix.txt 2014-04-04 08:36 - 2014-04-04 08:36 - 00036595 _____ () C:\ComboFix.txt 2014-04-04 08:29 - 2014-04-04 08:07 - 05193944 ____R (Swearware) C:\Users\Jason\Desktop\ComboFix.exe 2014-04-04 08:16 - 2014-04-04 11:12 - 00000952 _____ () C:\Windows\setupact.log 2014-04-04 08:16 - 2014-04-04 08:34 - 00001074 _____ () C:\Windows\PFRO.log 2014-04-04 08:16 - 2014-04-04 08:16 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-04 08:12 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-04-04 08:12 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-04-04 08:12 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-04-04 08:12 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-04-04 08:12 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-04-04 08:12 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-04-04 08:12 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-04-04 08:12 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-04-04 08:11 - 2014-04-04 08:36 - 00000000 ____D () C:\Qoobox 2014-04-04 08:11 - 2014-04-04 08:16 - 00000000 ____D () C:\Windows\erdnt 2014-04-03 22:08 - 2014-04-03 22:09 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-04-03 22:03 - 2014-04-03 22:03 - 00000000 ____D () C:\Users\Jason\AppData\Local\qb14C088AC.A2 2014-04-03 22:00 - 2014-04-03 22:00 - 00000000 ____D () C:\Users\Jason\AppData\Local\qb14BD8754.2D 2014-03-29 15:14 - 2014-04-04 10:01 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-29 15:14 - 2014-03-29 15:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-03-29 15:14 - 2014-03-29 15:14 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-29 15:14 - 2014-03-05 10:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-29 15:14 - 2014-03-05 10:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-29 14:34 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-03-29 14:33 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-03-29 14:33 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-03-29 14:33 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-03-29 12:40 - 2014-04-04 12:43 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-03-29 11:20 - 2014-03-29 11:20 - 00000000 ____D () C:\Windows\smali_files 2014-03-29 11:19 - 2014-03-29 11:26 - 00000000 ____D () C:\Windows\supercharged 2014-03-29 11:19 - 2014-03-29 11:19 - 00000000 ____D () C:\Windows\patch_this 2014-03-29 10:00 - 2014-03-29 10:00 - 00000000 ____D () C:\Program Files\DxO Labs 2014-03-28 11:57 - 2014-03-28 11:57 - 00000000 ____D () C:\Users\Jason\AppData\Local\Skype 2014-03-26 19:55 - 2014-03-26 19:55 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Oracle 2014-03-26 13:28 - 2014-03-26 13:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-26 13:21 - 2014-03-26 13:30 - 00001449 _____ () C:\Users\Jason\Desktop\coinotron LTC.lnk 2014-03-26 13:15 - 2014-03-26 13:15 - 00000000 ____D () C:\Users\Jason\AppData\Local\Sony 2014-03-26 13:14 - 2014-03-26 13:14 - 00000000 ____D () C:\ProgramData\Sony 2014-03-26 13:14 - 2014-03-26 13:14 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-03-26 13:06 - 2014-03-26 13:11 - 00003002 _____ () C:\Windows\System32\Tasks\SpeedFan 2014-03-26 12:41 - 2014-03-26 12:41 - 00001007 _____ () C:\Users\Jason\Desktop\KeyboardLocker.lnk 2014-03-25 00:44 - 2014-03-26 13:00 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Spotify 2014-03-25 00:44 - 2014-03-25 20:17 - 00000000 ____D () C:\Users\Jason\AppData\Local\Spotify 2014-03-25 00:44 - 2014-03-25 00:44 - 00001806 _____ () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-03-20 15:06 - 2014-03-20 15:07 - 00000000 ____D () C:\Users\Jason\Desktop\Steam 2014-03-19 11:17 - 2014-03-19 13:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-03-18 19:18 - 2014-03-18 19:19 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-18 19:18 - 2014-03-18 19:19 - 00000000 ____D () C:\Program Files\iTunes 2014-03-18 19:18 - 2014-03-18 19:19 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-03-18 19:18 - 2014-03-18 19:18 - 00000000 ____D () C:\Program Files\iPod 2014-03-18 19:17 - 2014-03-18 19:17 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-03-15 10:20 - 2014-03-15 10:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf 2014-03-14 20:45 - 2014-03-14 22:15 - 00045046 _____ () C:\BROM_DLL.log 2014-03-12 10:07 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-12 10:07 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-12 10:07 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-12 10:07 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-12 10:07 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-12 10:07 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-12 10:07 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-12 10:07 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-12 10:07 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-12 10:07 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-12 10:07 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-12 10:07 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-12 10:07 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-12 10:07 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-12 10:07 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-12 10:07 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-12 10:07 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-12 10:07 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-12 10:07 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-12 10:07 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-12 10:07 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-12 10:07 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-12 10:07 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-12 10:07 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-12 10:07 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-12 10:07 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-12 10:07 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-12 10:07 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-12 10:07 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-12 10:07 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-12 10:07 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-12 10:07 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-12 10:07 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-12 10:07 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-12 10:07 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-12 10:07 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-12 10:07 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-12 10:07 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-12 10:07 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-12 10:07 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-12 10:07 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-12 10:07 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-12 10:07 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-12 10:07 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-12 10:07 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-12 10:07 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-12 10:07 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-12 10:07 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-07 14:05 - 2014-03-07 14:05 - 00000132 _____ () C:\Users\Jason\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-03-06 21:08 - 2014-03-06 21:17 - 00000000 ____D () C:\Program Files\WhoCrashed ==================== One Month Modified Files and Folders ======= 2014-04-04 12:58 - 2014-04-04 12:58 - 00028160 _____ () C:\Users\Jason\Desktop\FRST.txt 2014-04-04 12:58 - 2014-04-04 12:58 - 00000000 ____D () C:\FRST 2014-04-04 12:54 - 2014-04-04 12:54 - 00001659 _____ () C:\Users\Jason\Desktop\ESET.txt 2014-04-04 12:43 - 2014-03-29 12:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-04 12:23 - 2010-08-18 12:04 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-04 12:05 - 2013-12-19 02:05 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-04 11:41 - 2011-06-04 18:35 - 00000000 ____D () C:\Users\Jason\.rainlendar2 2014-04-04 11:20 - 2011-06-03 23:26 - 01361680 _____ () C:\Windows\WindowsUpdate.log 2014-04-04 11:18 - 2009-07-14 06:13 - 00803024 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-04 11:17 - 2009-07-14 05:45 - 00020432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-04 11:17 - 2009-07-14 05:45 - 00020432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-04 11:14 - 2014-04-04 11:14 - 02347384 _____ (ESET) C:\Users\Jason\Desktop\esetsmartinstaller_enu.exe 2014-04-04 11:12 - 2014-04-04 08:16 - 00000952 _____ () C:\Windows\setupact.log 2014-04-04 11:12 - 2013-12-13 17:30 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-04-04 11:12 - 2013-09-19 15:42 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-04-04 11:12 - 2013-07-25 11:31 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS 2014-04-04 11:12 - 2013-07-23 13:20 - 00071808 _____ () C:\vpnsrvc.log 2014-04-04 11:12 - 2010-08-18 12:04 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-04 11:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-04 11:11 - 2013-09-18 18:45 - 00000000 ____D () C:\AdwCleaner 2014-04-04 11:09 - 2014-04-04 11:09 - 00001570 _____ () C:\Users\Jason\Desktop\JRT.txt 2014-04-04 10:47 - 2014-04-04 10:47 - 00000000 ____D () C:\Windows\ERUNT 2014-04-04 10:42 - 2014-04-04 10:01 - 00000000 ____D () C:\Users\Jason\Desktop\mbar 2014-04-04 10:42 - 2013-10-22 11:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-04-04 10:01 - 2014-03-29 15:14 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-04 09:52 - 2014-04-04 09:52 - 02157056 _____ (Farbar) C:\Users\Jason\Desktop\FRST64.exe 2014-04-04 09:52 - 2014-04-04 09:52 - 01426178 _____ () C:\Users\Jason\Desktop\AdwCleaner.exe 2014-04-04 09:52 - 2014-04-04 09:52 - 01038974 _____ (Thisisu) C:\Users\Jason\Desktop\JRT.exe 2014-04-04 09:51 - 2014-04-04 09:51 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jason\Desktop\mbar-1.07.0.1009.exe 2014-04-04 09:51 - 2014-04-04 09:51 - 00448512 _____ (OldTimer Tools) C:\Users\Jason\Desktop\TFC.exe 2014-04-04 08:53 - 2014-04-04 08:53 - 00013944 _____ () C:\Users\Jason\Desktop\attach.txt 2014-04-04 08:53 - 2014-04-04 08:53 - 00001254 _____ () C:\Users\Jason\Desktop\etc - Shortcut.lnk 2014-04-04 08:36 - 2014-04-04 08:36 - 00036595 _____ () C:\Users\Jason\Desktop\ComboFix.txt 2014-04-04 08:36 - 2014-04-04 08:36 - 00036595 _____ () C:\ComboFix.txt 2014-04-04 08:36 - 2014-04-04 08:11 - 00000000 ____D () C:\Qoobox 2014-04-04 08:35 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2014-04-04 08:34 - 2014-04-04 08:16 - 00001074 _____ () C:\Windows\PFRO.log 2014-04-04 08:17 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2014-04-04 08:16 - 2014-04-04 08:16 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-04 08:16 - 2014-04-04 08:11 - 00000000 ____D () C:\Windows\erdnt 2014-04-04 08:11 - 2013-09-24 09:47 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-04-04 08:11 - 2013-08-23 19:33 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-04-04 08:07 - 2014-04-04 08:29 - 05193944 ____R (Swearware) C:\Users\Jason\Desktop\ComboFix.exe 2014-04-04 02:00 - 2013-12-14 00:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Adobe 2014-04-03 22:09 - 2014-04-03 22:08 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-04-03 22:03 - 2014-04-03 22:03 - 00000000 ____D () C:\Users\Jason\AppData\Local\qb14C088AC.A2 2014-04-03 22:00 - 2014-04-03 22:00 - 00000000 ____D () C:\Users\Jason\AppData\Local\qb14BD8754.2D 2014-04-03 14:40 - 2014-02-12 13:47 - 00000000 ____D () C:\Program Files (x86)\ibVPN 2014-04-02 22:50 - 2010-03-24 13:25 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\foobar2000 2014-04-02 12:24 - 2013-12-09 01:18 - 00001456 _____ () C:\Users\Jason\AppData\Local\Adobe Save for Web 13.0 Prefs 2014-03-31 21:50 - 2013-08-23 18:58 - 00000000 ____D () C:\ProgramData\Origin 2014-03-31 19:31 - 2013-09-10 14:43 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\VMware 2014-03-31 19:10 - 2013-08-23 18:58 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-03-31 14:51 - 2010-03-24 15:39 - 00000000 ____D () C:\Users\Jason\AppData\Local\NewsBin 2014-03-30 23:15 - 2013-10-31 22:38 - 00000000 ____D () C:\ProgramData\firebird 2014-03-30 23:11 - 2010-06-21 14:10 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Skype 2014-03-30 18:57 - 2010-09-28 18:13 - 00000000 ____D () C:\Users\Jason\.VirtualBox 2014-03-29 15:23 - 2010-03-28 21:31 - 00000000 ____D () C:\Program Files (x86)\Creative 2014-03-29 15:15 - 2014-03-29 15:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-03-29 15:14 - 2014-03-29 15:14 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-29 14:34 - 2010-03-23 22:25 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-03-29 14:21 - 2010-10-30 11:09 - 00000000 ____D () C:\Program Files\CCleaner 2014-03-29 12:53 - 2011-04-07 15:46 - 00000000 ____D () C:\Program Files (x86)\LogMeIn 2014-03-29 12:40 - 2010-03-25 03:20 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Malwarebytes 2014-03-29 11:26 - 2014-03-29 11:19 - 00000000 ____D () C:\Windows\supercharged 2014-03-29 11:20 - 2014-03-29 11:20 - 00000000 ____D () C:\Windows\smali_files 2014-03-29 11:19 - 2014-03-29 11:19 - 00000000 ____D () C:\Windows\patch_this 2014-03-29 10:00 - 2014-03-29 10:00 - 00000000 ____D () C:\Program Files\DxO Labs 2014-03-29 10:00 - 2013-08-26 20:11 - 00000000 ____D () C:\ProgramData\DxO Labs 2014-03-28 12:47 - 2014-03-01 00:32 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Litecoin 2014-03-28 11:57 - 2014-03-28 11:57 - 00000000 ____D () C:\Users\Jason\AppData\Local\Skype 2014-03-28 11:57 - 2012-05-26 16:23 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-28 11:57 - 2010-06-21 14:09 - 00000000 ____D () C:\ProgramData\Skype 2014-03-28 04:18 - 2010-08-18 12:04 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-28 04:18 - 2010-08-18 12:04 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-26 19:59 - 2012-05-27 16:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-26 19:57 - 2012-08-10 20:17 - 00000000 ____D () C:\Program Files\Java 2014-03-26 19:55 - 2014-03-26 19:55 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Oracle 2014-03-26 13:31 - 2010-03-23 22:10 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Apple Computer 2014-03-26 13:30 - 2014-03-26 13:21 - 00001449 _____ () C:\Users\Jason\Desktop\coinotron LTC.lnk 2014-03-26 13:28 - 2014-03-26 13:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-26 13:15 - 2014-03-26 13:15 - 00000000 ____D () C:\Users\Jason\AppData\Local\Sony 2014-03-26 13:14 - 2014-03-26 13:14 - 00000000 ____D () C:\ProgramData\Sony 2014-03-26 13:14 - 2014-03-26 13:14 - 00000000 ____D () C:\Program Files (x86)\Sony 2014-03-26 13:14 - 2010-03-23 22:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-03-26 13:11 - 2014-03-26 13:06 - 00003002 _____ () C:\Windows\System32\Tasks\SpeedFan 2014-03-26 13:00 - 2014-03-25 00:44 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Spotify 2014-03-26 12:53 - 2014-01-25 20:37 - 00000000 ____D () C:\Users\Jason\AppData\Local\Apple 2014-03-26 12:41 - 2014-03-26 12:41 - 00001007 _____ () C:\Users\Jason\Desktop\KeyboardLocker.lnk 2014-03-26 12:41 - 2012-05-23 20:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-03-26 12:41 - 2011-01-26 15:53 - 00002155 _____ () C:\Windows\epplauncher.mif 2014-03-26 12:41 - 2011-01-26 15:52 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-03-26 12:28 - 2014-03-03 19:33 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Credits 2014-03-26 12:28 - 2014-03-01 01:16 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Bitcoin 2014-03-25 20:17 - 2014-03-25 00:44 - 00000000 ____D () C:\Users\Jason\AppData\Local\Spotify 2014-03-25 00:44 - 2014-03-25 00:44 - 00001806 _____ () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-03-21 08:28 - 2013-12-14 01:08 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-03-20 15:07 - 2014-03-20 15:06 - 00000000 ____D () C:\Users\Jason\Desktop\Steam 2014-03-19 13:56 - 2014-03-19 11:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-03-19 13:56 - 2014-02-04 22:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird.bak 2014-03-18 19:19 - 2014-03-18 19:18 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-18 19:19 - 2014-03-18 19:18 - 00000000 ____D () C:\Program Files\iTunes 2014-03-18 19:19 - 2014-03-18 19:18 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-03-18 19:18 - 2014-03-18 19:18 - 00000000 ____D () C:\Program Files\iPod 2014-03-18 19:17 - 2014-03-18 19:17 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-03-18 19:17 - 2014-01-25 20:37 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-03-17 21:12 - 2014-02-21 15:19 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Audacity 2014-03-17 09:51 - 2013-10-05 17:50 - 00000000 ____D () C:\Program Files (x86)\Sense 2014-03-16 14:57 - 2013-09-20 21:39 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-03-15 10:20 - 2014-03-15 10:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf 2014-03-14 22:15 - 2014-03-14 20:45 - 00045046 _____ () C:\BROM_DLL.log 2014-03-12 13:59 - 2013-07-22 17:46 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-12 13:59 - 2013-07-22 17:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-12 13:59 - 2009-07-14 05:45 - 05079784 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-12 13:58 - 2014-03-01 00:41 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Dogecoin 2014-03-12 10:09 - 2013-07-22 18:34 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-12 10:09 - 2010-03-24 13:13 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-12 10:08 - 2010-03-23 22:02 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-12 08:05 - 2014-02-04 23:05 - 05777288 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-03-12 08:05 - 2013-12-19 02:05 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-12 08:05 - 2012-05-23 21:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-12 08:05 - 2011-06-08 23:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-11 10:52 - 2010-10-24 22:25 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys 2014-03-09 14:08 - 2014-02-28 22:56 - 00000133 _____ () C:\Users\Jason\AppData\Local\kKFO2 2014-03-07 14:55 - 2013-12-08 01:43 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\onOne Software 2014-03-07 14:05 - 2014-03-07 14:05 - 00000132 _____ () C:\Users\Jason\AppData\Roaming\Adobe PNG Format CS6 Prefs 2014-03-06 21:17 - 2014-03-06 21:08 - 00000000 ____D () C:\Program Files\WhoCrashed 2014-03-05 21:07 - 2014-03-01 22:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\LottoCoin 2014-03-05 10:26 - 2014-03-29 15:14 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 10:26 - 2014-03-29 15:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys Some content of TEMP: ==================== C:\Users\Jason\AppData\Local\Temp\sfamcc00001.dll C:\Users\Jason\AppData\Local\Temp\sfareca00001.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-30 01:10 ==================== End Of Log ============================ Addition.txt

ESET Online Scanner C:\Program Files (x86)\Bitcoin\bitcoin-qt.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe application C:\Program Files (x86)\Bitcoin\daemon\bitcoind.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe applicationC:\Program Files (x86)\Dogecoin\dogecoin-qt.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe applicationC:\Program Files (x86)\EASEUS\Todo Backup\bin\PxeServer.dll a variant of Win32/TFTPD32.A potentially unsafe applicationC:\Program Files (x86)\EASEUS\Todo Backup\BUILDPE\EaseUS\tb\bin\PxeServer.dll a variant of Win32/TFTPD32.A potentially unsafe applicationC:\Program Files (x86)\Litecoin\litecoin-qt.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe applicationC:\Program Files (x86)\Litecoin\daemon\litecoind.exe a variant of Win32/BitCoinMiner.BJ potentially unsafe applicationE:\Downloads\epm.exe Win32/OpenCandy potentially unsafe applicationE:\Downloads\FreeFileSync_5.21_Windows_Setup.exe Win32/OpenCandy potentially unsafe applicationE:\Downloads\SetupImgBurn_2.5.8.0.exe Win32/OpenCandy potentially unsafe applicationE:\Downloads\tb_free.exe a variant of Win32/TFTPD32.A potentially unsafe application I'm using those cryptocurrency clients if you must know.

ADW Cleaner Log # AdwCleaner v3.023 - Report created 04/04/2014 at 11:11:53# Updated 01/04/2014 by Xplode# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)# Username : Jason - I7-4770K-PC# Running from : C:\Users\Jason\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\WinterSoftFolder Deleted : C:\Users\Jason\AppData\Local\PackageAware ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16521 -\\ Mozilla Firefox v28.0 (en-US) [ File : C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\5rhr7rdb.default\prefs.js ] [ File : C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\kcw4jneo.default\prefs.js ] -\\ Google Chrome v33.0.1750.154 [ File : C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1496 octets] - [18/09/2013 18:52:54]AdwCleaner[R1].txt - [1157 octets] - [31/10/2013 00:57:46]AdwCleaner[R2].txt - [1331 octets] - [04/04/2014 11:10:25]AdwCleaner[s0].txt - [1520 octets] - [18/09/2013 19:01:39]AdwCleaner[s1].txt - [1221 octets] - [31/10/2013 00:58:31]AdwCleaner[s2].txt - [1260 octets] - [04/04/2014 11:11:53] ########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1320 octets] ##########

JRT log JRT.txt

TFC scan done. Malwarebytes Anti-Rootkit found nothing mbar-log-2014-04-04 (10-01-27).txt system-log.txt

My host file contains this: 127.0.0.1 localhost I uninstalled uTorrent now just to make sure too.

Sorry was in a rush, here it is Thank you! ComboFix.txt

Attached is the ComboFix.txt log. I still have the issue with malwarebytes malicious website blocking affecting my internet when it is enabled. ComboFix.txt

2 log files DDS.txt and Attach.txt Please note uTorrent is disabled and not running. attach.txt dds.txt