Cole119

I tried rerunning aswMBR with all of my security software disabled and it still crashed. I downloaded and ran TDSSKiller as per the instructional video you posted and no infection was found. I saw this post on the forums today and it looks like this user was having the same problem as me. He was able to fix it by installing the latest beta version of MBAM. I think it's likely my problem would also be solved by installing the beta.

aswMBR.exe crashes shortly after starting the scan. Here is the contents of the JavaRa log file if you want to see it: JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Tue Apr 29 19:57:00 2014 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124. Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Found and removed: SOFTWARE\JreMetrics Found and removed: SOFTWARE\MozillaPlugins ------------------------------------ Finished reporting.

Sorry about the delay, I was really busy last week. Here's the new FRST log. FRST.txt

Alright I uninstalled all versions of Java. No I did not set those proxies. They were probably set by an extension I installed.

mbar-log.txt: Malwarebytes Anti-Rootkit BETA 1.07.0.1009www.malwarebytes.org Database version: v2014.04.20.05 Windows 8 x64 NTFSInternet Explorer 11.0.9600.17031Cole :: COLE-DESKTOP [administrator] 4/20/2014 11:36:24 AMmbar-log-2014-04-20 (11-36-24).txt Scan type: Quick scanScan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/ShurikenScan options disabled: Objects scanned: 272530Time elapsed: 4 minute(s), 49 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) Physical Sectors Detected: 0(No malicious items detected) (end) system-log.txt: ---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1009 © Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 11.0.9600.17031 File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXEDCPU speed: 3.500000 GHzMemory total: 8525402112, free: 6495653888 Downloaded database version: v2014.04.20.05Downloaded database version: v2014.03.27.01=======================================Initializing...Done!Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...Done!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: 37E03B77 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 716800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 718848 Numsec = 249348096 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 128035676160 bytesSector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-250049680-250069680)...Done!Drive 1Scanning MBR on drive 1...Inspecting partition table:MBR Signature: 55AADisk Signature: 7F15344B Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 3907024896 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 2000398934016 bytesSector size: 512 bytes Done!Scan finished======================================= Removal queue found; removal startedRemoving C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...Removal finished JRT.txt: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 8.1 Pro x64Ran by Cole on Sun 04/20/2014 at 11:44:46.10~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin" ~~~ FireFox Successfully deleted the following from C:\Users\Cole\AppData\Roaming\mozilla\firefox\profiles\ae49i568.default\prefs.js user_pref("extensions.Imagus.sieve", "{\"dereferers\":{\"link\":\"^[^/]{3,70}/\\\\??(hxxps?:[^?#]+\\\\.(?:jpe?g|a?png|gif|bmp|svgz?)).*\",\"ci\":1,\"dc\":1,\"loop\":1,\"to\":\user_pref("extensions.Imagus.tls", "{\"advanced\":false,\"tButton\":false,\"opzoom\":true,\"opimgobj\":true,\"opbgimg\":true,\"opguess\":false,\"opseek\":true,\"opfavi\":true, ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sun 04/20/2014 at 11:47:27.21End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner[s0].txt: # AdwCleaner v3.100 - Report created 20/04/2014 at 11:52:57 # Updated 20/04/2014 by Xplode# Operating System : Windows 8.1 Pro (64 bits)# Username : Cole - COLE-DESKTOP# Running from : C:\Users\Cole\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Package CacheFolder Deleted : C:\Users\Cole\AppData\Local\CrashRpt ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17037 -\\ Mozilla Firefox v27.0.1 (en-US) [ File : C:\Users\Cole\AppData\Roaming\Mozilla\Firefox\Profiles\ae49i568.default\prefs.js ] -\\ Google Chrome v34.0.1847.116 [ File : C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [971 octets] - [20/04/2014 11:49:23]AdwCleaner[s0].txt - [901 octets] - [20/04/2014 11:52:57] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [960 octets] ########## ESET log: no threats found I've attached FRST.txt and Addition.txt since they are too large.FRST.txt Addition.txt

RKill report: Rkill 2.6.5 by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/Copyright 2008-2014 BleepingComputer.comMore Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 04/19/2014 10:52:08 PM in x64 mode.Windows Version: Windows 8.1 Pro Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * E1G60 [Missing Service] Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 04/19/2014 10:52:13 PMExecution time: 0 hours(s), 0 minute(s), and 5 seconds(s) Malwarebytes Scan Report: Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 4/19/2014Scan Time: 11:01:25 PMLogfile: mbam.txtAdministrator: Yes Version: 2.00.1.1004Malware Database: v2014.04.20.01Rootkit Database: v2014.03.27.01License: PremiumMalware Protection: EnabledMalicious Website Protection: DisabledChameleon: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Cole Scan Type: Threat ScanResult: CompletedObjects Scanned: 264936Time Elapsed: 3 min, 20 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledShuriken: EnabledPUP: WarnPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 0(No malicious items detected) Registry Values: 0(No malicious items detected) Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 0(No malicious items detected) Physical Sectors: 0(No malicious items detected) (end) RogueKiller Report: RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 8.1 (6.3.9200 ) 64 bits versionStarted in : Normal modeUser : Cole [Admin rights]Mode : Scan -- Date : 04/19/2014 23:05:36| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 1 ¤¤¤[Cole][sUSP PATH] Telegram.lnk : C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk @C:\Users\Cole\AppData\Roaming\TELEGR~1\Telegram.exe -autostart [-][-] -> FOUND ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤[Address] EAT @explorer.exe (DllCanUnloadNow) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65274C)[Address] EAT @explorer.exe (DllGetClassObject) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B654984)[Address] EAT @explorer.exe (DwmAttachMilContent) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B658180)[Address] EAT @explorer.exe (DwmDefWindowProc) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B652C30)[Address] EAT @explorer.exe (DwmDetachMilContent) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B658180)[Address] EAT @explorer.exe (DwmEnableBlurBehindWindow) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B652A70)[Address] EAT @explorer.exe (DwmEnableComposition) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65C60C)[Address] EAT @explorer.exe (DwmEnableMMCSS) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B653788)[Address] EAT @explorer.exe (DwmExtendFrameIntoClientArea) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B652DC0)[Address] EAT @explorer.exe (DwmFlush) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B6526C0)[Address] EAT @explorer.exe (DwmGetColorizationColor) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65C118)[Address] EAT @explorer.exe (DwmGetCompositionTimingInfo) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B651D40)[Address] EAT @explorer.exe (DwmGetGraphicsStreamClient) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B658180)[Address] EAT @explorer.exe (DwmGetGraphicsStreamTransformHint) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B658180)[Address] EAT @explorer.exe (DwmGetTransportAttributes) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65C8B0)[Address] EAT @explorer.exe (DwmGetWindowAttribute) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B651010)[Address] EAT @explorer.exe (DwmInvalidateIconicBitmaps) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B656308)[Address] EAT @explorer.exe (DwmIsCompositionEnabled) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B6511B0)[Address] EAT @explorer.exe (DwmModifyPreviousDxFrameDuration) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65D050)[Address] EAT @explorer.exe (DwmQueryThumbnailSourceSize) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B656F34)[Address] EAT @explorer.exe (DwmRegisterThumbnail) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B6569A8)[Address] EAT @explorer.exe (DwmRenderGesture) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B657CEC)[Address] EAT @explorer.exe (DwmSetDxFrameDuration) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65D050)[Address] EAT @explorer.exe (DwmSetIconicLivePreviewBitmap) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65D1CC)[Address] EAT @explorer.exe (DwmSetIconicThumbnail) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65D558)[Address] EAT @explorer.exe (DwmSetPresentParameters) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65D050)[Address] EAT @explorer.exe (DwmSetWindowAttribute) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B6510E8)[Address] EAT @explorer.exe (DwmShowContact) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B653A90)[Address] EAT @explorer.exe (DwmTetherContact) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65CB1C)[Address] EAT @explorer.exe (DwmTransitionOwnedWindow) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65DBD8)[Address] EAT @explorer.exe (DwmUnregisterThumbnail) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65677C)[Address] EAT @explorer.exe (DwmUpdateThumbnailProperties) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B653A10)[Address] EAT @explorer.exe (DwmpAllocateSecurityDescriptor) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B652320)[Address] EAT @explorer.exe (DwmpDxGetWindowSharedSurface) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B655FE0)[Address] EAT @explorer.exe (DwmpDxUpdateWindowSharedSurface) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B657710)[Address] EAT @explorer.exe (DwmpDxgiIsThreadDesktopComposited) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B653760)[Address] EAT @explorer.exe (DwmpFreeSecurityDescriptor) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B6522E4)[Address] EAT @explorer.exe (DwmpRenderFlick) : DUI70.dll -> HOOKED (C:\WINDOWS\SYSTEM32\dwmapi.dll @ 0x7B65CE70)[Address] EAT @explorer.exe (AsyncGetClassBits) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B70B0)[Address] EAT @explorer.exe (AsyncInstallDistributionUnit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B7210)[Address] EAT @explorer.exe (BindAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1F90)[Address] EAT @explorer.exe (CDLGetLongPathNameA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B78D0)[Address] EAT @explorer.exe (CDLGetLongPathNameW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B78E8)[Address] EAT @explorer.exe (CORPolicyProvider) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1674)[Address] EAT @explorer.exe (CoGetClassObjectFromURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B73FC)[Address] EAT @explorer.exe (CoInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B7460)[Address] EAT @explorer.exe (CoInternetCanonicalizeIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75865660)[Address] EAT @explorer.exe (CoInternetCombineIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758680A0)[Address] EAT @explorer.exe (CoInternetCombineUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758546A4)[Address] EAT @explorer.exe (CoInternetCombineUrlEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758543C0)[Address] EAT @explorer.exe (CoInternetCompareUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A5280)[Address] EAT @explorer.exe (CoInternetCreateSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75821EE0)[Address] EAT @explorer.exe (CoInternetCreateZoneManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75830810)[Address] EAT @explorer.exe (CoInternetFeatureSettingsChanged) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758E0284)[Address] EAT @explorer.exe (CoInternetGetProtocolFlags) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A537C)[Address] EAT @explorer.exe (CoInternetGetSecurityUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A53D0)[Address] EAT @explorer.exe (CoInternetGetSecurityUrlEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75869CD0)[Address] EAT @explorer.exe (CoInternetGetSession) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75822460)[Address] EAT @explorer.exe (CoInternetIsFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75868DC0)[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758651B8)[Address] EAT @explorer.exe (CoInternetIsFeatureEnabledForUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75861820)[Address] EAT @explorer.exe (CoInternetIsFeatureZoneElevationEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A586C)[Address] EAT @explorer.exe (CoInternetParseIUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758556A8)[Address] EAT @explorer.exe (CoInternetParseUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75831490)[Address] EAT @explorer.exe (CoInternetQueryInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75867C50)[Address] EAT @explorer.exe (CoInternetSetFeatureEnabled) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A5AF4)[Address] EAT @explorer.exe (CompareSecurityIds) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7583D1A4)[Address] EAT @explorer.exe (CompatFlagsFromClsid) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75864044)[Address] EAT @explorer.exe (CopyBindInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B3020)[Address] EAT @explorer.exe (CopyStgMedium) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7582BA0C)[Address] EAT @explorer.exe (CreateAsyncBindCtx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758786C0)[Address] EAT @explorer.exe (CreateAsyncBindCtxEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75863D14)[Address] EAT @explorer.exe (CreateFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758468E0)[Address] EAT @explorer.exe (CreateIUriBuilder) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75823660)[Address] EAT @explorer.exe (CreateURLMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7587CCF4)[Address] EAT @explorer.exe (CreateURLMonikerEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758278D0)[Address] EAT @explorer.exe (CreateURLMonikerEx2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758640F0)[Address] EAT @explorer.exe (CreateUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758216F0)[Address] EAT @explorer.exe (CreateUriFromMultiByteString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1EE4)[Address] EAT @explorer.exe (CreateUriPriv) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1EF8)[Address] EAT @explorer.exe (CreateUriWithFragment) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1F40)[Address] EAT @explorer.exe (DllCanUnloadNow) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75821600)[Address] EAT @explorer.exe (DllGetClassObject) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7586AB3C)[Address] EAT @explorer.exe (DllInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A2458)[Address] EAT @explorer.exe (DllRegisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A2464)[Address] EAT @explorer.exe (DllRegisterServerEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7587E070)[Address] EAT @explorer.exe (DllUnregisterServer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A2470)[Address] EAT @explorer.exe (Extract) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B7F74)[Address] EAT @explorer.exe (FaultInIEFeature) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B8FE8)[Address] EAT @explorer.exe (FileBearsMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75856B60)[Address] EAT @explorer.exe (FindMediaType) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A2E9C)[Address] EAT @explorer.exe (FindMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75846080)[Address] EAT @explorer.exe (FindMimeFromData) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758650BC)[Address] EAT @explorer.exe (GetAddSitesFileUrl) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758E02B0)[Address] EAT @explorer.exe (GetClassFileOrMime) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7587B8EC)[Address] EAT @explorer.exe (GetClassURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A2074)[Address] EAT @explorer.exe (GetComponentIDFromCLSSPEC) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B92E8)[Address] EAT @explorer.exe (GetIDNFlagsForUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7583C7F0)[Address] EAT @explorer.exe (GetIUriPriv) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1F60)[Address] EAT @explorer.exe (GetIUriPriv2) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1F50)[Address] EAT @explorer.exe (GetLabelsFromNamedHost) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758E8B54)[Address] EAT @explorer.exe (GetMarkOfTheWeb) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D9390)[Address] EAT @explorer.exe (GetPortFromUrlScheme) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1E94)[Address] EAT @explorer.exe (GetPropertyFromName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1EA4)[Address] EAT @explorer.exe (GetPropertyName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1EB4)[Address] EAT @explorer.exe (GetSoftwareUpdateInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7587E070)[Address] EAT @explorer.exe (GetUrlmonThreadNotificationHwnd) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7587DEB4)[Address] EAT @explorer.exe (GetZoneFromAlternateDataStreamEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75826D90)[Address] EAT @explorer.exe (HlinkGoBack) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D6E78)[Address] EAT @explorer.exe (HlinkGoForward) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D6F24)[Address] EAT @explorer.exe (HlinkNavigateMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D6FD0)[Address] EAT @explorer.exe (HlinkNavigateString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D7004)[Address] EAT @explorer.exe (HlinkSimpleNavigateToMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D7038)[Address] EAT @explorer.exe (HlinkSimpleNavigateToString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D75E8)[Address] EAT @explorer.exe (IECompatLogCSSFix) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B12FC)[Address] EAT @explorer.exe (IEDllLoader) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A26F0)[Address] EAT @explorer.exe (IEGetUserPrivateNamespaceName) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B3244)[Address] EAT @explorer.exe (IEInstallScope) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B7554)[Address] EAT @explorer.exe (IntlPercentEncodeNormalize) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1F70)[Address] EAT @explorer.exe (IsAsyncMoniker) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758621FC)[Address] EAT @explorer.exe (IsDWORDProperty) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1EC4)[Address] EAT @explorer.exe (IsIntranetAvailable) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758E0668)[Address] EAT @explorer.exe (IsJITInProgress) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7583B328)[Address] EAT @explorer.exe (IsLoggingEnabledA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D855C)[Address] EAT @explorer.exe (IsLoggingEnabledW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D8688)[Address] EAT @explorer.exe (IsStringProperty) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A1ED4)[Address] EAT @explorer.exe (IsValidURL) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75857610)[Address] EAT @explorer.exe (MkParseDisplayNameEx) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758792F0)[Address] EAT @explorer.exe (ObtainUserAgentString) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758ADCE0)[Address] EAT @explorer.exe (PrivateCoInstall) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B7560)[Address] EAT @explorer.exe (QueryAssociations) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7583E9C0)[Address] EAT @explorer.exe (QueryClsidAssociation) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B0A8C)[Address] EAT @explorer.exe (RegisterBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7585F600)[Address] EAT @explorer.exe (RegisterFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75861C6C)[Address] EAT @explorer.exe (RegisterMediaTypeClass) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A20C0)[Address] EAT @explorer.exe (RegisterMediaTypes) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A2210)[Address] EAT @explorer.exe (RegisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75858C54)[Address] EAT @explorer.exe (ReleaseBindInfo) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75827D40)[Address] EAT @explorer.exe (RevokeBindStatusCallback) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7585FBF0)[Address] EAT @explorer.exe (RevokeFormatEnumerator) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A22CC)[Address] EAT @explorer.exe (SetAccessForIEAppContainer) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758B3258)[Address] EAT @explorer.exe (SetSoftwareUpdateAdvertisementState) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7587E070)[Address] EAT @explorer.exe (ShouldDisplayPunycodeForUri) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758ADE50)[Address] EAT @explorer.exe (ShouldShowIntranetWarningSecband) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75863A3C)[Address] EAT @explorer.exe (ShowTrustAlertDialog) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758E0820)[Address] EAT @explorer.exe (URLDownloadA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A5CC4)[Address] EAT @explorer.exe (URLDownloadToCacheFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D7D9C)[Address] EAT @explorer.exe (URLDownloadToCacheFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7584A0C4)[Address] EAT @explorer.exe (URLDownloadToFileA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D7F10)[Address] EAT @explorer.exe (URLDownloadToFileW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7584EFD0)[Address] EAT @explorer.exe (URLDownloadW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A5D78)[Address] EAT @explorer.exe (URLOpenBlockingStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D8058)[Address] EAT @explorer.exe (URLOpenBlockingStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D8138)[Address] EAT @explorer.exe (URLOpenPullStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D821C)[Address] EAT @explorer.exe (URLOpenPullStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D82E0)[Address] EAT @explorer.exe (URLOpenStreamA) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D8408)[Address] EAT @explorer.exe (URLOpenStreamW) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D84D0)[Address] EAT @explorer.exe (UnregisterWebPlatformPermanentSecurityManager) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7587C9B4)[Address] EAT @explorer.exe (UrlMkBuildVersion) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758A2804)[Address] EAT @explorer.exe (UrlMkGetSessionOption) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x75833E60)[Address] EAT @explorer.exe (UrlMkSetSessionOption) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7585D0E4)[Address] EAT @explorer.exe (UrlmonCleanupCurrentThread) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x7584A27C)[Address] EAT @explorer.exe (WriteHitLogging) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D85D0)[Address] EAT @explorer.exe (ZonesReInit) : MrmCoreR.dll -> HOOKED (C:\WINDOWS\system32\urlmon.dll @ 0x758D9C30)[Address] EAT @explorer.exe (DllCanUnloadNow) : d2d1.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x76E01010)[Address] EAT @explorer.exe (DllGetClassObject) : d2d1.dll -> HOOKED (C:\WINDOWS\System32\shacct.dll @ 0x76E01130) ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Samsung SSD 840 PRO Series +++++--- User ---[MBR] 7e110a62d977c7d19e8ad701ad298a23[bSP] 0c2cdea731a783b3a6b043a9166d4679 : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 718848 | Size: 121752 MBUser = LL1 ... OK!User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) TOSHIBA DT01ACA200 +++++--- User ---[MBR] 36f4950392933343a5a26aabb6fb39fb[bSP] 4e8611d4ee0f39f757d0dcf65607740e : Windows 7/8 MBR CodePartition table:0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 MBUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_04192014_230536.txt >>

I followed the advice in the topic you linked and posted in the Malware Removal Support forum here a little over a week ago, but no one responded. I have since disabled the Malicious Website Protection feature of Malwarebytes' Anti-Malware and my computer has not crashed since. I don't know what is going on but all of the evidence I can find seems to point to the Malicious Website Protection as the problem.

I made this post in the Help forum and was ask to post in this forum for assistance. Basically, my computer has been crashing with the error "BAD_POOL_HEADER" ever since I upgraded to Malwarebytes Anti-Malware Premium 2 days ago. Looks like my post was too long after pasting the 2 logs into this post so I just attached the FRST.txt and Addition.txt. I'm fairly certain I'm not infected since I ran a Threat scan this morning and it came up clean. These problems didn't start until I upgraded to Premium 2 days ago. The WhoCrashed program I ran has led me to believe Malwarebytes Web Access Control is causing my crashes somehow, but I can't be sure. FRST.txt Addition.txt

So today my computer crashed again with the error "BAD_POOL_HEADER". After rebooting, I began to experience the same problems as last night again: Malwarebytes would not run at all, etc. Googling the error "BAD_POOL_HEADER" led me to a program called WhoCrashed, which claimed to be able to identify the cause of some Windows crashes. After installing and running WhoCrashed, the following log was produced: As you can see, WhoCrashed is claiming Malwarebytes is causing my crashes, which reflects my experience. I upgraded to Malwarebytes Anti-Malware premium 2 days ago and have been experiencing BSODs each day ever since. After doing some more Googling, I came across this post on another board: http://www.sevenforums.com/bsod-help-support/327764-bsod-when-installing-windows-updates-error-0x019.html. This person is experiencing the same error I am and he also was using Malwarebytes Anti-Malware premium at the time. Any ideas what I can do to fix this issue? In the mean time I think I will just use the free version of Malwarebytes Anti-Malware and see if the problem reoccurs.

Huh. I swear I followed that step by step earlier with no success, but I just did it again and now Malwarebytes is working. Thank you for your help! Any idea what could've caused this in the first place?

And here's Addition.txt: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014Ran by Cole at 2014-04-08 21:39:31Running from C:\Users\Cole\DesktopBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)AI Suite 3 (HKLM-x32\...\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}) (Version: 1.00.56 - ASUSTeK Computer Inc.)Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Marin)BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version: - Zombie, Inc.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version: - Infinity Ward)Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)Daum PotPlayer 1.5.44465 (HKLM-x32\...\PotPlayer) (Version: - )Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)ffdshow v1.3.4515 [2013-06-12] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4515.0 - )GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) HiddenGoogle Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) HiddenHaali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version: - Lightmare Studios)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) HiddenIntel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) HiddeniTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJava SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)Launchy 2.5 (HKLM-x32\...\Launchy_21344213_is1) (Version: - Code Jelly)League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)League of Legends (x32 Version: 3.0.0 - Riot Games) HiddenLeft 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)LINE (HKLM-x32\...\LINE) (Version: 3.5.2.42 - LINE Corporation)Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) HiddenMozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)NVIDIA 3D Vision Controller Driver 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.50 - NVIDIA Corporation)NVIDIA 3D Vision Driver 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.50 - NVIDIA Corporation)NVIDIA Control Panel 337.50 (Version: 337.50 - NVIDIA Corporation) HiddenNVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)NVIDIA Graphics Driver 337.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.50 - NVIDIA Corporation)NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) HiddenNVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) HiddenNVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) HiddenNVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)NVIDIA ShadowPlay 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) HiddenNVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) HiddenNVIDIA Update 12.4.55 (Version: 12.4.55 - NVIDIA Corporation) HiddenNVIDIA Update Core (Version: 12.4.55 - NVIDIA Corporation) HiddenNVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) HiddenOpen Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)Pid (HKLM-x32\...\Steam App 218740) (Version: - Might and Delight)PlayClaw 5 fast codec (HKLM-x32\...\PlayClaw 5 fast codec_is1) (Version: 5 - )PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.61 - Razer Inc)Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.17.22 - Razer Inc.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)RivaTuner Statistics Server 5.4.1 (HKLM-x32\...\RTSS) (Version: 5.4.1 - Unwinder)Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) HiddenSkype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)SmoothVideo Project version 3.1.5 (HKLM-x32\...\SmoothVideo Project_is1) (Version: 3.1.5 - SVP)SolForge (HKLM-x32\...\Steam App 232450) (Version: - Stone Blade Entertainment)Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)Strife (HKLM-x32\...\strife) (Version: 0.0.1 - S2 Games)System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)WildStar (HKLM-x32\...\WildStar) (Version: 1.0.0.6525 - NCSOFT) ==================== Restore Points ========================= 14-03-2014 03:31:55 Razer Drivers Update27-03-2014 15:33:35 Scheduled Checkpoint03-04-2014 16:08:56 Scheduled Checkpoint07-04-2014 17:23:25 Installed DirectX ==================== Hosts content: ========================== 2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTaskTask: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {16886259-6CC4-4C80-9474-39E6617E1032} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)Task: {197ABDCA-05B4-4961-BA2F-4F359D07F80B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulateTask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalanceTask: {68E63782-D87D-4494-9E14-84822CF6E3D9} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play CleanupTask: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance TaskTask: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance TaskTask: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTaskTask: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance WorkTask: {A0B5F5B2-2B08-4B7D-ADEE-6DBD4774762B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-16] (Microsoft Corporation)Task: {A606846F-E5C2-48B8-9A2E-94B7B654F967} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exeTask: {BFBE51F4-A459-4A71-A5BB-E67150724BDA} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2013-08-07] (ASUSTeK Computer Inc.)Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTaskTask: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon SynchronizationTask: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRETask: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-22 17:23 - 2014-03-26 22:11 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll2014-01-22 17:23 - 2013-07-04 07:32 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe2013-12-21 01:13 - 2014-01-30 04:02 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe2013-12-17 20:45 - 2010-04-03 15:05 - 00380928 _____ () C:\Program Files (x86)\Launchy\Launchy.exe2013-05-07 11:26 - 2013-05-07 11:26 - 01302080 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe2013-12-17 18:29 - 2014-04-01 13:31 - 05329400 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\LoLLauncher.exe2013-12-17 18:47 - 2013-12-17 18:47 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\LolClient.exe2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2014-01-22 17:23 - 2014-04-08 20:43 - 00028672 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll2014-01-22 17:23 - 2013-07-04 07:32 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll2013-12-17 19:26 - 2013-08-07 20:11 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll2013-12-17 19:25 - 2013-12-17 19:25 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll2013-12-17 19:26 - 2013-08-07 20:11 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\cpuutil.dll2014-01-16 00:36 - 2014-01-16 00:36 - 00113664 _____ () C:\Program Files (x86)\Naver\LINE\PlayerHelper.dll2014-03-10 21:23 - 2014-03-10 21:23 - 02453352 _____ () C:\Program Files (x86)\Naver\LINE\amp-dll.dll2014-01-10 16:22 - 2013-07-09 23:09 - 01238704 _____ () C:\Program Files (x86)\SVP\LAV\avformat-lav-55.dll2014-01-10 16:22 - 2013-07-09 23:09 - 00288944 _____ () C:\Program Files (x86)\SVP\LAV\avutil-lav-52.dll2014-01-10 16:22 - 2013-07-09 23:09 - 06275760 _____ () C:\Program Files (x86)\SVP\LAV\avcodec-lav-55.dll2014-01-10 16:22 - 2013-07-09 23:09 - 00190640 _____ () C:\Program Files (x86)\SVP\LAV\libbluray.dll2014-01-10 16:22 - 2013-06-12 23:00 - 03502080 _____ () C:\Program Files (x86)\ffdshow\ffdshow.ax2014-01-10 16:22 - 2013-07-09 23:09 - 00150192 _____ () C:\Program Files (x86)\SVP\LAV\avresample-lav-1.dll2013-12-17 20:45 - 2009-12-17 00:13 - 08314880 _____ () C:\Program Files (x86)\Launchy\QtGui4.dll2013-12-17 20:45 - 2009-12-16 23:56 - 00712704 _____ () C:\Program Files (x86)\Launchy\QtNetwork4.dll2013-12-17 20:45 - 2009-12-16 23:54 - 02236416 _____ () C:\Program Files (x86)\Launchy\QtCore4.dll2013-12-17 20:45 - 2009-12-17 02:18 - 00233472 _____ () C:\Program Files (x86)\Launchy\imageformats\qmng4.dll2013-12-17 20:45 - 2010-04-03 15:06 - 00081920 _____ () C:\Program Files (x86)\Launchy\plugins\calcy.dll2013-12-17 20:45 - 2010-04-03 15:05 - 00090112 _____ () C:\Program Files (x86)\Launchy\plugins\controly.dll2013-12-17 20:45 - 2010-04-03 15:06 - 00024064 _____ () C:\Program Files (x86)\Launchy\plugins\gcalc.dll2013-12-17 20:45 - 2010-04-03 15:06 - 00094208 _____ () C:\Program Files (x86)\Launchy\plugins\runner.dll2013-12-17 20:45 - 2010-04-03 15:05 - 00057344 _____ () C:\Program Files (x86)\Launchy\plugins\verby.dll2013-12-17 20:45 - 2010-04-03 15:05 - 00122880 _____ () C:\Program Files (x86)\Launchy\plugins\weby.dll2014-03-15 12:50 - 2014-03-14 20:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll2014-03-15 12:50 - 2014-03-14 20:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll2014-03-15 12:50 - 2014-03-14 20:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll2014-03-15 12:50 - 2014-03-14 20:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll2014-03-15 12:50 - 2014-03-14 20:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll2014-03-15 12:50 - 2014-03-14 20:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll2013-12-17 18:20 - 2013-08-08 14:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll2013-12-17 18:29 - 2014-04-01 13:31 - 00264696 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\RiotLauncher.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (04/08/2014 08:45:23 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x13b4Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (04/08/2014 08:44:56 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x1538Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (04/08/2014 08:42:17 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x6cFaulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (04/08/2014 08:40:35 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x21cFaulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (04/08/2014 08:40:23 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x7d0Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (04/08/2014 08:37:28 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x1b14Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (04/08/2014 08:29:30 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x1578Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (04/08/2014 08:28:59 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.com, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x4d0Faulting application start time: 0xmbam.com0Faulting application path: mbam.com1Faulting module path: mbam.com2Report Id: mbam.com3Faulting package full name: mbam.com4Faulting package-relative application ID: mbam.com5 Error: (04/08/2014 08:28:59 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0xa94Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 Error: (04/08/2014 08:27:11 PM) (Source: Application Error) (User: )Description: Faulting application name: mbam.com, version: 1.0.0.500, time stamp: 0x533d8de2Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1eException code: 0x40000015Fault offset: 0x0008d6fdFaulting process id: 0x1b8cFaulting application start time: 0xmbam.com0Faulting application path: mbam.com1Faulting module path: mbam.com2Report Id: mbam.com3Faulting package full name: mbam.com4Faulting package-relative application ID: mbam.com5 System errors:=============Error: (04/08/2014 08:43:35 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/08/2014 08:43:27 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/08/2014 08:43:20 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (04/08/2014 08:43:20 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (04/08/2014 08:43:17 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/08/2014 08:43:12 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (04/08/2014 08:43:12 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (04/08/2014 08:43:12 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (04/08/2014 08:43:12 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Error: (04/08/2014 08:43:12 PM) (Source: DCOM) (User: COLE-DESKTOP)Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8} Microsoft Office Sessions:=========================Error: (04/08/2014 08:45:23 PM) (Source: Application Error)(User: )Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd13b401cf538cfdf343cdC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll3ba86c85-bf80-11e3-829a-ac220b75f768 Error: (04/08/2014 08:44:56 PM) (Source: Application Error)(User: )Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd153801cf538ced8f2061C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll2b5fb574-bf80-11e3-829a-ac220b75f768 Error: (04/08/2014 08:42:17 PM) (Source: Application Error)(User: )Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd6c01cf538c8e96d6dfC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllcc4f4ec3-bf7f-11e3-8299-956b5464f39c Error: (04/08/2014 08:40:35 PM) (Source: Application Error)(User: )Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd21c01cf538c51e8a0d6C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll8f9c53e7-bf7f-11e3-8299-956b5464f39c Error: (04/08/2014 08:40:23 PM) (Source: Application Error)(User: )Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd7d001cf538c4b101c98C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll88d6e2e6-bf7f-11e3-8299-956b5464f39c Error: (04/08/2014 08:37:28 PM) (Source: Application Error)(User: )Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1b1401cf538be2acbdf6C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll206d341e-bf7f-11e3-8298-ac220b75f768 Error: (04/08/2014 08:29:30 PM) (Source: Application Error)(User: )Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd157801cf538ac57a63abC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll033acdd1-bf7e-11e3-8297-ac220b75f768 Error: (04/08/2014 08:28:59 PM) (Source: Application Error)(User: )Description: mbam.com1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd4d001cf538ab34c2c9ac:\program files (x86)\malwarebytes anti-malware\chameleon\windows\xlwdrplm\mbam.comc:\program files (x86)\malwarebytes anti-malware\chameleon\windows\xlwdrplm\MSVCR100.dllf127bd05-bf7d-11e3-8297-ac220b75f768 Error: (04/08/2014 08:28:59 PM) (Source: Application Error)(User: )Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fda9401cf538ab2f9f077C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllf0bb4d81-bf7d-11e3-8297-ac220b75f768 Error: (04/08/2014 08:27:11 PM) (Source: Application Error)(User: )Description: mbam.com1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1b8c01cf538a72ded360c:\program files (x86)\malwarebytes anti-malware\chameleon\windows\lpwlqaum\mbam.comc:\program files (x86)\malwarebytes anti-malware\chameleon\windows\lpwlqaum\MSVCR100.dllb0c0c36b-bf7d-11e3-8297-ac220b75f768 CodeIntegrity Errors:=================================== Date: 2014-03-17 14:59:14.031 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-03-17 14:59:14.018 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-03-17 14:59:14.000 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-03-17 14:59:13.986 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-03-17 14:59:13.971 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-03-17 14:59:13.952 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-03-17 14:59:13.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-03-17 14:59:13.871 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-03-17 14:59:13.807 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-03-17 14:59:13.792 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Percentage of memory in use: 40%Total physical RAM: 8130.45 MBAvailable physical RAM: 4877.14 MBTotal Pagefile: 16322.45 MBAvailable Pagefile: 12468.39 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.9 GB) (Free:63.49 GB) NTFSDrive d: (Data) (Fixed) (Total:1863.01 GB) (Free:1283.69 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 37E03B77)Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS) ========================================================Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 7F15344B)Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS) ==================== End Of Log ============================

I just ran the Farbar Recovery Scan Tool, here is the FRST.txt contents: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 26 days old and could be outdated)Ran by Cole (administrator) on COLE-DESKTOP on 08-04-2014 21:39:09Running from C:\Users\Cole\DesktopWindows 8.1 Pro (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: Download link for 64-Bit Version: Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe() C:\WINDOWS\SysWOW64\PnkBstrA.exe(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe(Microsoft Corporation) C:\Windows\System32\skydrive.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(LINE Corporation) C:\Program Files (x86)\Naver\LINE\Line.exe() C:\Program Files (x86)\Launchy\Launchy.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\LoLLauncher.exe() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\LolClient.exe(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17031_none_fa50b3979b1bcb4a\TiWorker.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [iAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)HKLM\...\Run: [shadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)HKLM-x32\...\Run: [] - [X]HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)HKU\S-1-5-21-77290270-126606489-4000158115-1001\...\Run: [Line] - C:\Program Files (x86)\Naver\LINE\Line.exe [3906408 2014-03-10] (LINE Corporation)Startup: C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launchy.lnkShortcutTarget: Launchy.lnk -> C:\Program Files (x86)\Launchy\Launchy.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4E7EC74F2116CF01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox:========FF ProfilePath: C:\Users\Cole\AppData\Roaming\Mozilla\Firefox\Profiles\ae49i568.defaultFF NetworkProxy: "backup.ftp", "187.162.253.250"FF NetworkProxy: "backup.ftp_port", 8888FF NetworkProxy: "backup.socks", "187.162.253.250"FF NetworkProxy: "backup.socks_port", 8888FF NetworkProxy: "backup.ssl", "187.162.253.250"FF NetworkProxy: "backup.ssl_port", 8888FF NetworkProxy: "ftp", "187.162.253.250"FF NetworkProxy: "ftp_port", 8888FF NetworkProxy: "http", "187.162.253.250"FF NetworkProxy: "http_port", 8888FF NetworkProxy: "share_proxy_settings", trueFF NetworkProxy: "socks", "187.162.253.250"FF NetworkProxy: "socks_port", 8888FF NetworkProxy: "ssl", "187.162.253.250"FF NetworkProxy: "ssl_port", 8888FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No FileFF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Extension: Print pages to PDF - C:\Users\Cole\AppData\Roaming\Mozilla\Firefox\Profiles\ae49i568.default\Extensions\printPages2Pdf@reinhold.ripper [2014-03-19]FF Extension: LastPass - C:\Users\Cole\AppData\Roaming\Mozilla\Firefox\Profiles\ae49i568.default\Extensions\support@lastpass.com [2014-01-03]FF Extension: FireGestures - C:\Users\Cole\AppData\Roaming\Mozilla\Firefox\Profiles\ae49i568.default\Extensions\firegestures@xuldev.org.xpi [2014-01-15]FF Extension: Stream Browser - C:\Users\Cole\AppData\Roaming\Mozilla\Firefox\Profiles\ae49i568.default\Extensions\jid0-EttocceNlQXTRennnQYJPjmQDvU@jetpack.xpi [2014-01-15]FF Extension: Reddit Enhancement Suite - C:\Users\Cole\AppData\Roaming\Mozilla\Firefox\Profiles\ae49i568.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2014-01-03]FF Extension: No Name - C:\Users\Cole\AppData\Roaming\Mozilla\Firefox\Profiles\ae49i568.default\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2014-01-15]FF Extension: Adblock Plus - C:\Users\Cole\AppData\Roaming\Mozilla\Firefox\Profiles\ae49i568.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-03] Chrome: =======CHR HomePage: CHR DefaultSearchKeyword: bing.comCHR DefaultSearchProvider: BingCHR DefaultSearchURL: http://www.bing.com/search?setmkt=en-US&q={searchTerms}CHR DefaultNewTabURL: CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll ()CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Battlelog Game Launcher) - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No FileCHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)CHR Plugin: (Java Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (NPLastPass) - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll No FileCHR Extension: (Magic Actions for YouTube™) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2014-01-15]CHR Extension: (BetterTTV) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-02-19]CHR Extension: (No Name) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-01-15]CHR Extension: (Google Drive) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-17]CHR Extension: (YouTube) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-17]CHR Extension: (League of Legends stream browser) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmikndlmnfbgjppgganafponieclmjbm [2014-01-15]CHR Extension: (Google Search) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-17]CHR Extension: (Search by Image (by Google)) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-01-15]CHR Extension: (YouTube Title Adder) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddpephnhacfpgcemhioaejgenlgadnnh [2014-01-15]CHR Extension: (Tampermonkey) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-01-15]CHR Extension: (Reddit Hide All) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolbbjhmdpbljphildmkjhjkkodmjeon [2014-01-15]CHR Extension: (LoL Stream Browser) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp [2014-02-25]CHR Extension: (Chrome Office Viewer (Beta)) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2014-01-15]CHR Extension: (AdBlock) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-15]CHR Extension: (Hover Free) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmnnggnaofmhflgomfjfbndngdoogkj [2014-01-18]CHR Extension: (LastPass: Free Password Manager) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-15]CHR Extension: (Chrome to Mobile) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-15]CHR Extension: (Imgur to Gfycat) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnninnhcleaikepmmomfnknbldalnjj [2014-03-28]CHR Extension: (Deathamns) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2014-01-15]CHR Extension: (Chrome Gestures) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\jilaenakogjmgfeegaccpnepomfhbioo [2014-02-15]CHR Extension: (Reddit Enhancement Suite) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-15]CHR Extension: (Google Dictionary (by Google)) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-01-15]CHR Extension: (Google Wallet) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-17]CHR Extension: (Gmail) - C:\Users\Cole\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-17] ==================== Services (Whitelisted) ================= R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-12-17] (ASUSTeK Computer Inc.)R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240584 2012-10-02] (DTS, Inc)R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-01-30] ()R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-02-21] (Razer, Inc.)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()S3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [27392 2013-12-17] (MCCI Corporation)S3 ASUSxpsp; C:\Windows\System32\drivers\ASUSxpsp.sys [28416 2013-12-17] (MCCI Corporation)S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-08-22] (Microsoft Corporation)S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)R1 MpKsl276e0849; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{24BFE1AD-8D8B-471B-A99E-CBAFBB8C0695}\MpKsl276e0849.sys [45352 2014-04-08] (Microsoft Corporation)R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-02-21] (Razer, Inc.)R3 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-08 21:39 - 2014-04-08 21:39 - 00023698 _____ () C:\Users\Cole\Desktop\FRST.txt2014-04-08 21:38 - 2014-04-08 21:39 - 00000000 ____D () C:\FRST2014-04-08 21:14 - 2014-04-08 21:14 - 02157056 _____ (Farbar) C:\Users\Cole\Desktop\FRST64.exe2014-04-08 20:42 - 2014-04-08 20:42 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-04-08 20:42 - 2014-04-08 20:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-08 20:42 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-04-08 20:42 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-04-08 20:42 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-04-08 20:39 - 2014-04-08 20:39 - 00000000 ____D () C:\WINDOWS\pss2014-04-08 20:07 - 2014-04-08 20:07 - 727478769 _____ () C:\WINDOWS\MEMORY.DMP2014-04-08 20:07 - 2014-04-08 20:07 - 00297656 _____ () C:\WINDOWS\Minidump\040814-5328-01.dmp2014-04-08 20:07 - 2014-04-08 20:07 - 00000000 ____D () C:\WINDOWS\Minidump2014-04-07 13:57 - 2014-04-07 13:57 - 00144169 _____ () C:\Users\Cole\Desktop\Untitled5.wma2014-04-07 13:35 - 2014-03-26 17:40 - 00601432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe2014-04-07 13:34 - 2014-03-27 08:45 - 31270856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll2014-04-07 13:34 - 2014-03-27 08:45 - 25257416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll2014-04-07 13:34 - 2014-03-27 08:45 - 23785416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll2014-04-07 13:34 - 2014-03-27 08:45 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll2014-04-07 13:34 - 2014-03-27 08:45 - 17467048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll2014-04-07 13:34 - 2014-03-27 08:45 - 15964736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll2014-04-07 13:34 - 2014-03-27 08:45 - 13158232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys2014-04-07 13:34 - 2014-03-27 08:45 - 11644392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll2014-04-07 13:34 - 2014-03-27 08:45 - 11598560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll2014-04-07 13:34 - 2014-03-27 08:45 - 09734744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll2014-04-07 13:34 - 2014-03-27 08:45 - 09697128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll2014-04-07 13:34 - 2014-03-27 08:45 - 03139928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll2014-04-07 13:34 - 2014-03-27 08:45 - 02949976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll2014-04-07 13:34 - 2014-03-27 08:45 - 02785056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll2014-04-07 13:34 - 2014-03-27 08:45 - 02413344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll2014-04-07 13:34 - 2014-03-27 08:45 - 01890080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433750.dll2014-04-07 13:34 - 2014-03-27 08:45 - 01539416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433750.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00894752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00891168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00864600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00859592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00836544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00491864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00415008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00382240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00354016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00336672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00166568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll2014-04-07 13:34 - 2014-03-27 08:45 - 00146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll2014-04-07 13:23 - 2014-03-21 15:43 - 00040392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys2014-04-07 13:23 - 2014-03-21 15:43 - 00033568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll2014-04-05 01:04 - 2014-04-05 01:10 - 00000000 ____D () C:\Program Files (x86)\MP3Gain2014-04-05 01:04 - 2014-04-05 01:04 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain2014-04-03 14:02 - 2014-04-03 14:02 - 00063349 _____ () C:\Users\Cole\Desktop\Untitled4.wma2014-04-03 14:01 - 2014-04-03 14:01 - 00063349 _____ () C:\Users\Cole\Desktop\Untitled3.wma2014-04-03 14:00 - 2014-04-03 14:01 - 00067839 _____ () C:\Users\Cole\Desktop\Untitled2.wma2014-04-03 13:41 - 2014-04-03 13:41 - 00067839 _____ () C:\Users\Cole\Desktop\Untitled.wma2014-03-30 19:06 - 2014-04-07 13:34 - 00000000 ____D () C:\WINDOWS\LastGood2014-03-30 19:06 - 2013-08-21 12:50 - 03591000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys2014-03-30 19:06 - 2013-08-20 20:17 - 02809048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll2014-03-30 19:06 - 2013-08-20 20:17 - 02585304 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll2014-03-30 19:06 - 2013-08-20 18:48 - 00633381 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT2014-03-30 19:06 - 2013-08-20 18:31 - 00148184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll2014-03-30 19:06 - 2013-08-20 13:51 - 31488000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat2014-03-30 19:06 - 2013-08-20 10:02 - 04848920 _____ (ASUSTeKcomputer.Inc Inc) C:\WINDOWS\system32\RTKSMlfx.dll2014-03-30 19:06 - 2013-08-16 15:46 - 00818008 _____ (ASUSTeKcomputer.Inc Inc) C:\WINDOWS\system32\RTKSMSettingsIPC.dll2014-03-30 19:06 - 2013-08-14 16:36 - 01325312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll2014-03-30 19:06 - 2013-08-13 05:21 - 01019136 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll2014-03-30 19:06 - 2013-08-13 05:21 - 00899328 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll2014-03-30 19:06 - 2013-08-13 05:21 - 00720128 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll2014-03-30 19:06 - 2013-08-13 05:21 - 00244480 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll2014-03-30 19:06 - 2013-08-07 17:41 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll2014-03-30 19:06 - 2013-08-07 17:34 - 00765184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll2014-03-30 19:06 - 2013-08-06 09:47 - 00947248 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll2014-03-30 19:06 - 2013-08-06 04:56 - 06219096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll2014-03-30 19:06 - 2013-08-06 04:56 - 01908568 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll2014-03-30 19:06 - 2013-08-06 04:56 - 00312152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll2014-03-30 19:06 - 2013-08-06 04:56 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll2014-03-30 19:06 - 2013-08-02 20:16 - 01005784 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll2014-03-30 19:06 - 2013-08-01 10:59 - 05694760 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat2014-03-30 19:06 - 2013-07-28 10:48 - 27518208 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll2014-03-30 19:06 - 2013-07-26 14:05 - 00617176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll2014-03-30 19:06 - 2013-07-24 10:07 - 02032896 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll2014-03-30 19:06 - 2013-07-23 15:40 - 03610880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnN64.dll2014-03-30 19:06 - 2013-07-23 15:40 - 02103040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll2014-03-30 19:06 - 2013-07-23 15:39 - 14048512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll2014-03-30 19:06 - 2013-07-23 15:39 - 01916672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll2014-03-30 19:06 - 2013-07-23 15:39 - 00922880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll2014-03-30 19:06 - 2013-07-11 14:15 - 00557880 _____ () C:\WINDOWS\system32\audioLibVc.dll2014-03-30 19:06 - 2013-06-05 21:42 - 00208072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll2014-03-30 19:06 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl2014-03-30 19:06 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll2014-03-30 19:06 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll2014-03-30 19:06 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll2014-03-30 19:06 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll2014-03-30 17:47 - 2014-03-30 17:47 - 00000000 ____D () C:\Program Files\Realtek2014-03-30 17:47 - 2013-10-30 16:31 - 00929080 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll2014-03-30 17:47 - 2013-10-25 10:49 - 05751576 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll2014-03-30 17:47 - 2013-08-14 16:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll2014-03-30 17:47 - 2013-08-14 16:35 - 01084160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll2014-03-30 17:47 - 2013-08-14 16:35 - 00907008 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll2014-03-30 17:47 - 2013-08-14 16:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll2014-03-30 17:47 - 2013-08-05 18:11 - 02743328 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll2014-03-30 17:47 - 2013-07-23 15:39 - 00790272 _____ (Waves Audio Ltd.) C:\WINDOWS\SysWOW64\MaxxAudioAPOShell.dll2014-03-30 17:47 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll2014-03-30 17:47 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll2014-03-30 17:47 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll2014-03-30 17:47 - 2013-06-21 11:01 - 00109848 _____ () C:\WINDOWS\system32\AcpiServiceVnA64.dll2014-03-30 17:47 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll2014-03-30 17:47 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll2014-03-30 17:47 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll2014-03-30 17:47 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll2014-03-30 17:47 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll2014-03-30 17:47 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll2014-03-30 17:47 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll2014-03-30 17:47 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll2014-03-30 17:47 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll2014-03-30 17:47 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll2014-03-30 17:47 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll2014-03-30 17:47 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll2014-03-30 17:47 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll2014-03-30 17:47 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll2014-03-30 17:47 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll2014-03-30 17:47 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll2014-03-30 17:47 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll2014-03-30 17:47 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll2014-03-30 17:47 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll2014-03-30 17:47 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll2014-03-30 17:47 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll2014-03-30 17:47 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll2014-03-30 17:47 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll2014-03-30 17:47 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll2014-03-30 17:47 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll2014-03-30 17:47 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll2014-03-30 17:47 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll2014-03-30 17:47 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll2014-03-30 17:47 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll2014-03-30 17:47 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll2014-03-30 17:47 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll2014-03-30 17:24 - 2014-03-30 17:24 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp2014-03-27 16:31 - 2014-03-27 16:31 - 00000000 ____D () C:\Users\Cole\Desktop\Release2014-03-19 21:51 - 2014-03-19 21:51 - 00054369 _____ () C:\Users\Cole\Desktop\astro line in.wma2014-03-19 20:43 - 2014-03-19 20:43 - 00108249 _____ () C:\Users\Cole\Desktop\astro usb adapter.wma2014-03-19 20:33 - 2014-03-19 20:33 - 00094779 _____ () C:\Users\Cole\Desktop\razer.wma2014-03-19 20:15 - 2014-03-19 20:15 - 00090289 _____ () C:\Users\Cole\Desktop\astro usb.wma2014-03-16 14:36 - 2014-03-16 14:39 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\livestreamer2014-03-16 03:06 - 2014-02-22 08:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe2014-03-16 03:06 - 2014-02-22 07:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe2014-03-12 22:56 - 2014-03-14 03:12 - 00000000 ____D () C:\Program Files (x86)\PlayClaw 52014-03-12 22:56 - 2014-03-12 23:25 - 00020664 _____ () C:\Users\Cole\Documents\PlayClaw.txt2014-03-12 22:56 - 2014-03-12 22:56 - 00000000 ____D () C:\ProgramData\PlayClaw52014-03-12 22:56 - 2014-01-22 16:00 - 00141936 _____ () C:\WINDOWS\system32\tmb2-v64.dll2014-03-12 22:56 - 2014-01-22 16:00 - 00125552 _____ () C:\WINDOWS\SysWOW64\tmb2-v32.dll2014-03-12 12:13 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2014-03-12 12:13 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll2014-03-12 12:13 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2014-03-12 12:13 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe2014-03-12 12:13 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2014-03-12 12:13 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll2014-03-12 12:13 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll2014-03-12 12:13 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2014-03-12 12:13 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2014-03-12 12:13 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll2014-03-12 12:13 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll2014-03-12 12:13 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2014-03-12 12:13 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll2014-03-12 12:13 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll2014-03-12 12:13 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll2014-03-12 12:13 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll2014-03-12 12:13 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll2014-03-12 12:13 - 2013-12-20 06:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi2014-03-12 12:13 - 2013-12-20 06:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe2014-03-12 12:12 - 2014-01-31 12:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys2014-03-12 12:12 - 2014-01-31 12:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll2014-03-12 12:12 - 2014-01-31 12:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll2014-03-12 12:12 - 2014-01-31 09:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll2014-03-12 12:12 - 2014-01-31 05:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll2014-03-12 12:12 - 2014-01-29 05:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll2014-03-12 12:12 - 2014-01-29 04:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe2014-03-12 12:12 - 2014-01-29 04:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll2014-03-12 12:12 - 2014-01-29 04:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll2014-03-12 12:12 - 2014-01-29 04:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys2014-03-12 12:12 - 2014-01-29 03:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll2014-03-12 12:12 - 2014-01-29 03:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe2014-03-12 12:12 - 2014-01-29 03:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll2014-03-12 12:12 - 2014-01-29 02:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll2014-03-12 12:12 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll2014-03-12 12:12 - 2014-01-27 15:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll2014-03-12 12:12 - 2014-01-27 15:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll2014-03-12 12:12 - 2014-01-27 15:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE2014-03-12 12:12 - 2014-01-27 14:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll2014-03-12 12:12 - 2014-01-27 14:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll2014-03-12 12:12 - 2014-01-27 14:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll2014-03-12 12:12 - 2014-01-27 14:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE2014-03-12 12:12 - 2014-01-27 14:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll2014-03-12 12:12 - 2014-01-27 13:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll2014-03-12 12:12 - 2014-01-27 13:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll2014-03-12 12:12 - 2014-01-27 13:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll2014-03-12 12:12 - 2014-01-27 11:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll2014-03-12 12:12 - 2014-01-27 11:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll2014-03-12 12:12 - 2014-01-27 07:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml2014-03-12 12:12 - 2014-01-17 19:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll2014-03-12 12:12 - 2014-01-17 17:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll2014-03-12 12:12 - 2013-12-21 10:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe2014-03-12 12:12 - 2013-12-21 04:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll2014-03-12 12:08 - 2013-10-30 20:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys2014-03-12 12:08 - 2013-10-30 20:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys2014-03-12 12:08 - 2013-10-30 20:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys2014-03-12 12:06 - 2014-02-10 23:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2014-03-12 12:06 - 2014-02-10 22:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll2014-03-12 12:06 - 2014-02-10 22:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll2014-03-10 22:00 - 2014-03-10 22:00 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf2014-03-10 20:43 - 2014-03-10 20:43 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-03-10 20:43 - 2014-03-10 20:43 - 00000000 ____D () C:\Program Files\iTunes2014-03-10 20:43 - 2014-03-10 20:43 - 00000000 ____D () C:\Program Files\iPod2014-03-10 20:43 - 2014-03-10 20:43 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-03-10 13:41 - 2014-03-04 10:35 - 01885472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433523.dll2014-03-10 13:41 - 2014-03-04 10:35 - 01516488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433523.dll ==================== One Month Modified Files and Folders ======= 2014-04-08 21:39 - 2014-04-08 21:39 - 00023698 _____ () C:\Users\Cole\Desktop\FRST.txt2014-04-08 21:39 - 2014-04-08 21:38 - 00000000 ____D () C:\FRST2014-04-08 21:37 - 2014-01-22 17:23 - 01799809 _____ () C:\WINDOWS\WindowsUpdate.log2014-04-08 21:33 - 2013-12-17 20:51 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\Skype2014-04-08 21:14 - 2014-04-08 21:14 - 02157056 _____ (Farbar) C:\Users\Cole\Desktop\FRST64.exe2014-04-08 21:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru2014-04-08 20:58 - 2014-01-27 01:54 - 00227840 ___SH () C:\Users\Cole\Desktop\Thumbs.db2014-04-08 20:54 - 2014-01-15 15:34 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job2014-04-08 20:49 - 2014-01-22 17:29 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-04-08 20:48 - 2013-12-17 16:06 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-77290270-126606489-4000158115-10012014-04-08 20:45 - 2014-01-15 15:34 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-04-08 20:44 - 2014-01-15 15:34 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job2014-04-08 20:43 - 2014-01-22 17:23 - 00000000 ____D () C:\ProgramData\NVIDIA2014-04-08 20:43 - 2013-12-24 16:29 - 00000382 _____ () C:\WINDOWS\Tasks\DriverToolkit Autorun.job2014-04-08 20:43 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT2014-04-08 20:43 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI2014-04-08 20:42 - 2014-04-08 20:42 - 00001110 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-04-08 20:42 - 2014-04-08 20:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-08 20:39 - 2014-04-08 20:39 - 00000000 ____D () C:\WINDOWS\pss2014-04-08 20:30 - 2014-01-22 17:23 - 00010074 _____ () C:\WINDOWS\PFRO.log2014-04-08 20:18 - 2014-01-22 17:26 - 00000000 ____D () C:\Users\Cole2014-04-08 20:15 - 2013-12-17 16:55 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{51BF5463-1F45-43AB-BA44-D0A9B43429AC}2014-04-08 20:07 - 2014-04-08 20:07 - 727478769 _____ () C:\WINDOWS\MEMORY.DMP2014-04-08 20:07 - 2014-04-08 20:07 - 00297656 _____ () C:\WINDOWS\Minidump\040814-5328-01.dmp2014-04-08 20:07 - 2014-04-08 20:07 - 00000000 ____D () C:\WINDOWS\Minidump2014-04-08 14:01 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness2014-04-07 17:47 - 2014-02-15 23:18 - 00000000 ____D () C:\Users\Cole\Documents\Chase Statements2014-04-07 14:15 - 2013-08-22 10:46 - 00310293 _____ () C:\WINDOWS\setupact.log2014-04-07 13:57 - 2014-04-07 13:57 - 00144169 _____ () C:\Users\Cole\Desktop\Untitled5.wma2014-04-07 13:46 - 2014-01-21 16:53 - 01065984 _____ () C:\Users\Cole\AppData\Local\file__0.localstorage2014-04-07 13:35 - 2014-01-22 17:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation2014-04-07 13:34 - 2014-03-30 19:06 - 00000000 ____D () C:\WINDOWS\LastGood2014-04-07 13:23 - 2014-01-22 17:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation2014-04-07 13:23 - 2013-12-17 19:34 - 00000000 ____D () C:\Users\Cole\AppData\Local\NVIDIA Corporation2014-04-07 02:25 - 2013-12-19 02:28 - 00000000 ____D () C:\ProgramData\Origin2014-04-05 01:10 - 2014-04-05 01:04 - 00000000 ____D () C:\Program Files (x86)\MP3Gain2014-04-05 01:04 - 2014-04-05 01:04 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain2014-04-04 13:52 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF2014-04-04 02:21 - 2014-01-09 18:12 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server2014-04-03 14:02 - 2014-04-03 14:02 - 00063349 _____ () C:\Users\Cole\Desktop\Untitled4.wma2014-04-03 14:01 - 2014-04-03 14:01 - 00063349 _____ () C:\Users\Cole\Desktop\Untitled3.wma2014-04-03 14:01 - 2014-04-03 14:00 - 00067839 _____ () C:\Users\Cole\Desktop\Untitled2.wma2014-04-03 13:41 - 2014-04-03 13:41 - 00067839 _____ () C:\Users\Cole\Desktop\Untitled.wma2014-04-03 09:51 - 2014-04-08 20:42 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-04-03 09:51 - 2014-04-08 20:42 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys2014-04-03 09:50 - 2014-04-08 20:42 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys2014-04-02 09:27 - 2013-12-17 19:33 - 01225920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll2014-04-02 09:27 - 2013-12-17 19:33 - 01081112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll2014-04-02 00:52 - 2014-01-09 18:12 - 00000000 ____D () C:\Program Files (x86)\EVGA Precision X2014-03-31 23:03 - 2014-01-15 00:53 - 00000000 ____D () C:\Program Files (x86)\Opera2014-03-30 19:06 - 2014-01-22 17:23 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM2014-03-30 19:06 - 2013-12-17 18:22 - 00000000 ____D () C:\Program Files (x86)\Realtek2014-03-30 17:49 - 2014-01-15 15:34 - 00003892 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA2014-03-30 17:49 - 2014-01-15 15:34 - 00003656 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore2014-03-30 17:47 - 2014-03-30 17:47 - 00000000 ____D () C:\Program Files\Realtek2014-03-30 17:28 - 2013-12-21 19:30 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\Malwarebytes2014-03-30 17:28 - 2013-12-17 20:47 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-03-30 17:24 - 2014-03-30 17:24 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp2014-03-28 14:42 - 2014-02-07 15:10 - 00007597 _____ () C:\Users\Cole\AppData\Local\Resmon.ResmonCfg2014-03-27 16:31 - 2014-03-27 16:31 - 00000000 ____D () C:\Users\Cole\Desktop\Release2014-03-27 08:45 - 2014-04-07 13:34 - 31270856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll2014-03-27 08:45 - 2014-04-07 13:34 - 25257416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll2014-03-27 08:45 - 2014-04-07 13:34 - 23785416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll2014-03-27 08:45 - 2014-04-07 13:34 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll2014-03-27 08:45 - 2014-04-07 13:34 - 17467048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll2014-03-27 08:45 - 2014-04-07 13:34 - 15964736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll2014-03-27 08:45 - 2014-04-07 13:34 - 13158232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys2014-03-27 08:45 - 2014-04-07 13:34 - 11644392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll2014-03-27 08:45 - 2014-04-07 13:34 - 11598560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll2014-03-27 08:45 - 2014-04-07 13:34 - 09734744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll2014-03-27 08:45 - 2014-04-07 13:34 - 09697128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll2014-03-27 08:45 - 2014-04-07 13:34 - 03139928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll2014-03-27 08:45 - 2014-04-07 13:34 - 02949976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll2014-03-27 08:45 - 2014-04-07 13:34 - 02785056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll2014-03-27 08:45 - 2014-04-07 13:34 - 02413344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll2014-03-27 08:45 - 2014-04-07 13:34 - 01890080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433750.dll2014-03-27 08:45 - 2014-04-07 13:34 - 01539416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433750.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00894752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00891168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00864600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00859592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00836544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00491864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00415008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00382240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00354016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00336672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00166568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll2014-03-27 08:45 - 2014-04-07 13:34 - 00146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll2014-03-27 08:45 - 2014-01-08 21:33 - 18493952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll2014-03-27 08:45 - 2014-01-08 21:33 - 14422856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll2014-03-27 08:45 - 2014-01-08 21:33 - 03106688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll2014-03-27 08:45 - 2014-01-08 21:33 - 02728160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll2014-03-27 08:45 - 2014-01-08 21:33 - 00952440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll2014-03-27 08:45 - 2014-01-08 21:33 - 00026011 _____ () C:\WINDOWS\system32\nvinfo.pb2014-03-27 08:45 - 2013-12-17 16:08 - 00060248 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll2014-03-27 08:45 - 2013-12-17 16:08 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll2014-03-26 22:11 - 2014-01-22 17:23 - 06768584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll2014-03-26 22:11 - 2014-01-22 17:23 - 03512664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll2014-03-26 22:11 - 2014-01-22 17:23 - 00927520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe2014-03-26 22:11 - 2014-01-22 17:23 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll2014-03-26 22:11 - 2014-01-22 17:23 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll2014-03-26 17:40 - 2014-04-07 13:35 - 00601432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe2014-03-24 06:31 - 2014-01-22 17:23 - 03683457 _____ () C:\WINDOWS\system32\nvcoproc.bin2014-03-21 15:43 - 2014-04-07 13:23 - 00040392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys2014-03-21 15:43 - 2014-04-07 13:23 - 00033568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll2014-03-21 15:43 - 2013-12-17 19:33 - 00037320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll2014-03-21 01:22 - 2013-12-22 04:20 - 00000000 ____D () C:\Users\Cole\AppData\Local\Paint.NET2014-03-19 21:51 - 2014-03-19 21:51 - 00054369 _____ () C:\Users\Cole\Desktop\astro line in.wma2014-03-19 20:43 - 2014-03-19 20:43 - 00108249 _____ () C:\Users\Cole\Desktop\astro usb adapter.wma2014-03-19 20:33 - 2014-03-19 20:33 - 00094779 _____ () C:\Users\Cole\Desktop\razer.wma2014-03-19 20:15 - 2014-03-19 20:15 - 00090289 _____ () C:\Users\Cole\Desktop\astro usb.wma2014-03-16 14:44 - 2013-12-18 14:44 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\vlc2014-03-16 14:39 - 2014-03-16 14:36 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\livestreamer2014-03-16 03:07 - 2013-12-17 16:35 - 00000000 ____D () C:\WINDOWS\system32\MRT2014-03-16 03:06 - 2013-12-17 16:35 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe2014-03-14 17:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache2014-03-14 03:12 - 2014-03-12 22:56 - 00000000 ____D () C:\Program Files (x86)\PlayClaw 52014-03-13 23:31 - 2013-12-17 21:21 - 00000000 ____D () C:\WINDOWS\Razer Core2014-03-12 23:25 - 2014-03-12 22:56 - 00020664 _____ () C:\Users\Cole\Documents\PlayClaw.txt2014-03-12 22:56 - 2014-03-12 22:56 - 00000000 ____D () C:\ProgramData\PlayClaw52014-03-12 17:57 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM2014-03-12 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-03-12 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools2014-03-12 14:17 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender2014-03-12 14:17 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender2014-03-12 14:17 - 2013-08-22 10:44 - 00362568 _____ () C:\WINDOWS\system32\FNTCACHE.DAT2014-03-12 12:13 - 2014-02-14 22:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight2014-03-12 12:13 - 2014-02-14 22:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight2014-03-11 17:05 - 2013-12-17 20:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-03-11 00:00 - 2014-02-14 02:17 - 00000000 ____D () C:\Users\Cole\Documents\Respawn2014-03-10 22:26 - 2013-12-17 20:47 - 00000000 ____D () C:\Users\Cole\AppData\Roaming\Apple Computer2014-03-10 22:00 - 2014-03-10 22:00 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf2014-03-10 20:43 - 2014-03-10 20:43 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF692014-03-10 20:43 - 2014-03-10 20:43 - 00000000 ____D () C:\Program Files\iTunes2014-03-10 20:43 - 2014-03-10 20:43 - 00000000 ____D () C:\Program Files\iPod2014-03-10 20:43 - 2014-03-10 20:43 - 00000000 ____D () C:\Program Files (x86)\iTunes2014-03-10 20:42 - 2013-12-17 20:47 - 00000000 ____D () C:\ProgramData\Apple2014-03-10 13:40 - 2013-12-17 19:39 - 00000000 ____D () C:\NVIDIA Files to move or delete:====================C:\Users\Cole\jagex_cl_runescape_LIVE.datC:\Users\Cole\random.dat Some content of TEMP:====================C:\Users\Cole\AppData\Local\Temp\gface_swap.exeC:\Users\Cole\AppData\Local\Temp\nvSCPAPI.dllC:\Users\Cole\AppData\Local\Temp\nvSCPAPI64.dllC:\Users\Cole\AppData\Local\Temp\nvStInst.exeC:\Users\Cole\AppData\Local\Temp\vlc-2.1.3-win32.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys[2014-03-12 12:12] - [2014-01-31 12:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02 LastRegBack: 2014-04-05 12:35 ==================== End Of Log ============================

Yesterday, I upgraded to Malwarebytes Premium. Today, my computer randomly rebooted, and I noticed afterwards that Malwarebytes did not start up with Windows. I checked the Event Viewer and noticed that Malwarebytes was crashing while trying to launch. If I double-clicked on the Malwarebytes shortcut on my desktop, nothing would happen. So I followed the cleaning guide to remove Malwarebytes and attempt to reinstall it. During installation, I received numerous errors, one of which I have attached a picture of. However, Malwarebytes still installed onto my computer. But, like before, it will not run. I then booted up into safe mode and tried running it, and an error window popped up, which I have also attached a screenshot of. While in safemode, I tried cleaning and reinstalling Malwarebytes, with no luck. What is going on?