If there is anything wrong with my computer, thanks for the help! If not, thanks anyways!
*My FRST scan did not come with an addition note on my desktop, is there anyway to find out where it went? Thanks
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.51.2
Run by Eric at 21:19:20 on 2014-06-04
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.16267.13100 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE
C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\msiexec.exe
E:\League\RADS\system\rads_user_kernel.exe
E:\League\RADS\projects\lol_launcher\releases\0.0.0.209\deploy\LoLLauncher.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Spotify Web Helper] "C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Akamai NetSession Interface] "C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
dRunOnce: [osk.exe] osk.exe
StartupFolder: C:\Users\Eric\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\GIGABY~1.LNK - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~4\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~4\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Trusted Zone: aeriagames.com
Trusted Zone: aeriagames.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{62C529AC-BC63-42C5-850C-2BD80E4FAAD4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{62C529AC-BC63-42C5-850C-2BD80E4FAAD4}\14355535 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{62C529AC-BC63-42C5-850C-2BD80E4FAAD4}\35E6F677D616E6370235F657C6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{62C529AC-BC63-42C5-850C-2BD80E4FAAD4}\A4A5940363 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CDA85CDD-85A1-402C-9B51-56717BF694D8} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{CDA85CDD-85A1-402C-9B51-56717BF694D8}\A4A5940363 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\zk6ohs48.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=U018&ocid=U018DHP&dt=062913
FF - plugin: C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-4-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-4-11 1764992]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-9-24 94208]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-6-5 49152]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 hxsyol;hxsyol;E:\Aura\AuraKingdom\avital\hxsy64.sys [2014-2-19 86352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-22 111616]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-6-2 342528]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 133928]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2013-6-2 1142376]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-6 1255736]
S4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;E:\Tribes Ascend\HiPatchService.exe [2013-6-4 9216]
S4 RalinkRegistryWriter;RalinkRegistryWriter;C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe [2012-4-30 377088]
S4 RalinkRegistryWriter64;RalinkRegistryWriter64;C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [2012-4-30 455424]
S4 RealtekSE;RealtekSE;C:\Program Files (x86)\ASUS\PCE-N10 WLAN Card Utilities\RtlService.exe [2013-6-2 36864]
.
=============== Created Last 30 ================
.
2014-06-04 21:40:17 10702536 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9284663-D049-474E-BC24-DBC17BD6820A}\mpengine.dll
2014-06-02 22:43:34 10702536 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-26 04:13:14 -------- d-----w- C:\ProgramData\Nexon
2014-05-26 04:00:16 -------- d-----w- C:\ProgramData\NexonUS
2014-05-25 00:45:27 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9DEAAEFB-0246-4341-B4F3-0367A4959184}\gapaengine.dll
2014-05-23 08:45:33 965232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuuc52.dll
2014-05-23 08:45:33 1266800 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuin52.dll
2014-05-23 08:45:33 10594416 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icudt52.dll
2014-05-19 15:34:43 -------- d-----w- C:\Users\Eric\AppData\Local\Blizzard Entertainment
2014-05-16 18:20:33 -------- d-----w- C:\Program Files (x86)\Pando Networks
2014-05-16 03:26:53 -------- d-----w- C:\Program Files (x86)\ESET
2014-05-16 03:25:26 -------- d-sh--w- C:\Users\Eric\AppData\Local\EmieUserList
2014-05-16 03:25:26 -------- d-sh--w- C:\Users\Eric\AppData\Local\EmieSiteList
2014-05-15 07:06:41 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-15 07:06:41 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-14 03:55:31 -------- d-----w- C:\Users\Eric\AppData\Roaming\Curse
2014-05-08 13:48:42 227704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-05-06 07:00:34 -------- d-s---w- C:\Windows\System32\CompatTel
.
==================== Find3M ====================
.
2014-05-31 01:47:58 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-05-31 00:21:00 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-05-31 00:21:00 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-03-11 13:52:30 133928 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-03-09 22:23:29 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
.
============= FINISH: 21:19:27.43 ===============
ATtach:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 6/2/2013 4:41:27 PM
System Uptime: 6/4/2014 9:10:14 PM (0 hours ago)
.
Motherboard: ASRock | | Z77 Extreme4
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz | CPUSocket | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 1.032 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 1863 GiB total, 1457.529 GiB free.
F: is FIXED (NTFS) - 1397 GiB total, 1260.892 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_1E311849&REV_04\3&11583659&0&A0
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_8086&DEV_1E31&SUBSYS_1E311849&REV_04\3&11583659&0&A0
Service:
.
Class GUID:
Description: Universal Serial Bus (USB) Controller
Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_10421849&REV_00\4&37A73C8A&0&00E7
Manufacturer:
Name: Universal Serial Bus (USB) Controller
PNP Device ID: PCI\VEN_1B21&DEV_1042&SUBSYS_10421849&REV_00\4&37A73C8A&0&00E7
Service:
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Device ID: PCI\VEN_10EC&DEV_8176&SUBSYS_84B51043&REV_01\4&10C350E0&0&00E0
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
PNP Device ID: PCI\VEN_10EC&DEV_8176&SUBSYS_84B51043&REV_01\4&10C350E0&0&00E0
Service: RTL8192Ce
.
Class GUID:
Description: Ethernet Controller
Device ID: PCI\VEN_14E4&DEV_16B1&SUBSYS_96B11849&REV_10\4&2B8260C3&0&00E4
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_14E4&DEV_16B1&SUBSYS_96B11849&REV_10\4&2B8260C3&0&00E4
Service:
.
==== System Restore Points ===================
.
RP302: 6/4/2014 9:11:48 PM - Installed League of Legends
RP303: 6/4/2014 9:12:09 PM - Installed DirectX
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
A Virus Named TOM
AC3Filter 2.5b
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.07)
Aeria Ignite
Akamai NetSession Interface
AMD Accelerated Video Transcoding
AMD Catalyst Control Center
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Media Foundation Decoders
AMD Wireless Display v3.0
Application Profiles
ARMA 2 Operation Arrowhead Uninstall
ArmA 2 Uninstall
Arma 3 Alpha
Arma: Cold War Assault
ASPCA Reminder by We-Care.com v4.1.22.1
ASUS PCE-N10 WLAN Card Utilities & Driver
Aura Kingdom
Bastion
Battlefield 2
Battlefield 4™
Battlelog Web Plugins
BattlEye for OA Uninstall
BioShock
Blacklight: Retribution
Brütal Legend
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Company of Heroes 2
Convert Audio Free FLAC to MP3 version 1.0
Counter-Strike
Counter-Strike: Global Offensive
Crysis 2 Maximum Edition
Day of Defeat
DayZ Commander
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Diablo III
Dota 2
DragonNest
Dust: An Elysian Tail
Eets Munchies
ESET Online Scanner v3
EVE Online (remove only)
EVEMon
Fallout 3 - Game of the Year Edition
FEZ
FTL version 1.03.3
GIGABYTE OC_GURU II
GOM Player
Google Chrome
Google Update Helper
Guild Wars 2
GunZ 2: The Second Duel
Hawken
Hi-Rez Studios Authenticate and Update Service
InfoSeeker
Intel(R) Processor Graphics
Java 7 Update 51
Java Auto Updater
League of Legends
Left 4 Dead 2
LIMBO
Mark of the Ninja
MechWarrior Online
Microsoft .NET Framework 4.5.1
Microsoft Access MUI (English) 2013
Microsoft Access Setup Metadata MUI (English) 2013
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft DCF MUI (English) 2013
Microsoft Excel MUI (English) 2013
Microsoft Groove MUI (English) 2013
Microsoft InfoPath MUI (English) 2013
Microsoft Lync MUI (English) 2013
Microsoft Office 32-bit Components 2013
Microsoft Office OSM MUI (English) 2013
Microsoft Office OSM UX MUI (English) 2013
Microsoft Office Professional Plus 2013
Microsoft Office Proofing (English) 2013
Microsoft Office Proofing Tools 2013 - English
Microsoft Office Proofing Tools 2013 - Español
Microsoft Office Shared 32-bit MUI (English) 2013
Microsoft Office Shared MUI (English) 2013
Microsoft Office Shared Setup Metadata MUI (English) 2013
Microsoft OneNote MUI (English) 2013
Microsoft Outlook MUI (English) 2013
Microsoft PowerPoint MUI (English) 2013
Microsoft Publisher MUI (English) 2013
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft Word MUI (English) 2013
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0 Refresh
Mirror's Edge
Mozilla Firefox 29.0.1 (x86 en-US)
Mozilla Maintenance Service
Mumble 1.2.5
NETGEAR WNDA4100 Genie
Nexon Game Manager
Nihilumbra
Notepad++
NVIDIA PhysX
NyxLauncherIS
Open Broadcaster Software
Origin
osu!
Outils de vérification linguistique 2013 de Microsoft Office - Français
Path of Exile
Portal 2
PunkBuster Services
Ragnarok Online 2
Rising Storm/Red Orchestra 2 Multiplayer
Samsung Data Migration
Samsung SSD Magician
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2013 (KB2878316) 64-Bit Edition
Security Update for Microsoft Office 2013 (KB2880463) 64-Bit Edition
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition
Skype Click to Call
Skype™ 6.16
Spotify
Star Conflict
Starbound
StarCraft II
Steam
Team Fortress 2
TeamSpeak 3 Client
Thomas Was Alone
Tomb Raider
Tribes Ascend
Trine 2
TrueCrypt
Tweaking.com - Registry Backup
Update for Microsoft Excel 2013 (KB2880475) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2880980) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition
Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition
Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition
Update for Microsoft Office 2013 (KB2880482) 64-Bit Edition
Update for Microsoft OneDrive for Business (KB2880480) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2878315) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition
Update for Microsoft Word 2013 (KB2880455) 64-Bit Edition
Ventrilo Client for Windows x64
VLC media player 2.0.7
Warframe
World of Tanks
XSplit Broadcaster
.
==== Event Viewer Messages From Past Week ========
.
6/4/2014 9:11:23 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
6/4/2014 6:18:12 PM, Error: volsnap [35] - The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
6/4/2014 5:30:02 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer TENG-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{62C529AC-BC63-42C5-850C-2BD80E4FAAD4}. The master browser is stopping or an election is being forced.
6/2/2014 1:16:02 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
5/31/2014 2:24:37 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
5/31/2014 2:24:37 AM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/31/2014 1:15:19 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
5/28/2014 8:34:59 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume FreeAgent Drive.
5/28/2014 8:04:27 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041790, 0xfffffa80086ebf00, 0x000000000000ffff, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 052814-32713-01.
.
==== End Of File ===========================
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Eric (administrator) on ERIC-PC on 04-06-2014 21:20:55
Running from C:\Users\Eric\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE
(Akamai Technologies, Inc.) C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() E:\League\RADS\system\rads_user_kernel.exe
() E:\League\RADS\projects\lol_launcher\releases\0.0.0.209\deploy\LoLLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [osk.exe] - C:\Windows\system32\osk.exe [692736 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3290706055-244381115-3958062109-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-3290706055-244381115-3958062109-1000\...\Run: [Spotify Web Helper] => C:\Users\Eric\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-15] (Spotify Ltd)
HKU\S-1-5-21-3290706055-244381115-3958062109-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Eric\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3290706055-244381115-3958062109-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3290706055-244381115-3958062109-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3290706055-244381115-3958062109-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA4100 Genie.lnk
ShortcutTarget: NETGEAR WNDA4100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE (NETGEAR)
Startup: C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk
ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=U018&ocid=U018DHP&dt=062913
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7B82EAFF7A5FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Eric\AppData\Roaming\Mozilla\Firefox\Profiles\zk6ohs48.default
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=U018&ocid=U018DHP&dt=062913
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @softnyxNpruntime - E:\SoftnyxGame\SoftnyxGame\NyxLauncherIS\npSoftnyx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Sad Panda) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-01-05]
CHR Extension: (Adblock Plus) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-25]
CHR Extension: (AdBlock) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-05]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-05]
CHR Extension: (Skype Click to Call) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-06]
CHR Extension: (Google Wallet) - C:\Users\Eric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Eric\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
==================== Services (Whitelisted) =================
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-05] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S4 HiPatchService; E:\Tribes Ascend\HiPatchService.exe [9216 2013-07-17] (Hi-Rez Studios)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-09] ()
S4 RalinkRegistryWriter; C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe [377088 2012-04-30] (Ralink Technology, Corp.)
S4 RalinkRegistryWriter64; C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [455424 2012-04-30] (Ralink Technology, Corp.)
S4 RealtekSE; C:\Program Files (x86)\ASUS\PCE-N10 WLAN Card Utilities\RtlService.exe [36864 2011-06-23] (Realtek)
==================== Drivers (Whitelisted) ====================
S3 hxsyol; E:\Aura\AuraKingdom\avital\hxsy64.sys [86352 2013-11-26] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GunBod; \??\E:\SoftnyxGame\GunBoundIS\avital\gunbod64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-04 21:20 - 2014-06-04 21:20 - 00015201 _____ () C:\Users\Eric\Desktop\FRST.txt
2014-06-04 21:19 - 2014-06-04 21:19 - 00017803 _____ () C:\Users\Eric\Desktop\dds.txt
2014-06-04 21:19 - 2014-06-04 21:19 - 00011779 _____ () C:\Users\Eric\Desktop\attach.txt
2014-06-04 21:19 - 2014-06-04 21:19 - 00000000 ____D () C:\Users\Eric\Desktop\FRST-OlderVersion
2014-06-04 21:11 - 2014-06-04 21:11 - 00001335 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-04 21:11 - 2014-06-04 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-04 20:50 - 2014-06-04 20:50 - 32259000 _____ (Riot Games) C:\Users\Eric\Downloads\LeagueofLegends_OC1_Installer_06_11_13.exe
2014-06-03 21:22 - 2014-06-03 21:29 - 2377778874 _____ (Igor Pavlov) C:\Users\Eric\Downloads\cRO-Full-06-24-2013.exe
2014-06-03 16:23 - 2014-06-03 16:23 - 00003162 _____ () C:\Windows\System32\Tasks\{FE14E0C6-81E2-45E8-9070-07C8B575F3C4}
2014-06-02 20:55 - 2014-06-02 20:55 - 00042246 _____ () C:\Users\Eric\Downloads\mouse-freedom.zip
2014-05-31 04:12 - 2014-05-31 04:20 - 1741947307 _____ () C:\Users\Eric\Downloads\FableRO Full 25.05.2014.rar
2014-05-31 02:21 - 2014-05-31 02:21 - 00001109 _____ () C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2014-05-31 02:21 - 2014-05-31 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-05-30 21:44 - 2014-05-30 21:44 - 02247960 _____ () C:\Users\Eric\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-05-28 08:04 - 2014-05-28 08:04 - 00279688 _____ () C:\Windows\Minidump\052814-32713-01.dmp
2014-05-28 08:03 - 2014-05-28 08:03 - 840520614 ____N () C:\Windows\MEMORY.DMP
2014-05-26 00:13 - 2014-05-26 00:13 - 00000000 ____D () C:\ProgramData\Nexon
2014-05-26 00:07 - 2014-05-26 00:43 - 00000000 ____D () C:\Users\Eric\Documents\DragonNest
2014-05-26 00:01 - 2014-05-26 00:01 - 00000180 _____ () C:\Users\Public\Desktop\DragonNest.url
2014-05-26 00:01 - 2014-05-26 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-05-26 00:00 - 2014-05-26 00:00 - 00000000 ____D () C:\ProgramData\NexonUS
2014-05-25 23:44 - 2014-05-25 23:44 - 00000177 _____ () C:\console.log
2014-05-25 23:30 - 2014-05-25 23:30 - 02130728 _____ (Reloaded Technologies) C:\Users\Eric\Downloads\DragonNest_Downloader.exe
2014-05-23 05:56 - 2014-05-23 05:56 - 00231208 _____ (Premium Installer ) C:\Users\Eric\Downloads\flashplayerpro_Setup.exe
2014-05-23 03:08 - 2014-05-23 03:08 - 00279688 _____ () C:\Windows\Minidump\052314-18096-01.dmp
2014-05-23 02:10 - 2014-05-23 02:10 - 00279688 _____ () C:\Windows\Minidump\052314-18470-01.dmp
2014-05-23 01:16 - 2014-05-23 01:16 - 00279688 _____ () C:\Windows\Minidump\052314-28797-01.dmp
2014-05-23 01:13 - 2014-05-23 01:13 - 00279688 _____ () C:\Windows\Minidump\052314-32479-01.dmp
2014-05-19 11:34 - 2014-05-19 11:34 - 00000000 ____D () C:\Users\Eric\AppData\Local\Blizzard Entertainment
2014-05-19 11:01 - 2014-05-19 11:01 - 54085656 _____ (Blizzard Entertainment) C:\Users\Eric\Downloads\StarCraft-II-Setup-enUS (2).exe
2014-05-18 23:42 - 2014-05-18 23:42 - 00279688 _____ () C:\Windows\Minidump\051814-17534-01.dmp
2014-05-18 05:15 - 2014-05-18 05:15 - 00000221 _____ () C:\Users\Eric\Desktop\Arma Cold War Assault.url
2014-05-16 14:20 - 2014-05-16 14:20 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-05-16 14:19 - 2014-05-16 14:19 - 32229024 _____ (Riot Games) C:\Users\Eric\Downloads\LeagueofLegends_NA_Installer_05_07_13 (2).exe
2014-05-15 23:26 - 2014-05-15 23:26 - 02347384 _____ (ESET) C:\Users\Eric\Downloads\esetsmartinstaller_enu.exe
2014-05-15 23:26 - 2014-05-15 23:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-15 23:25 - 2014-05-15 23:25 - 00000000 __SHD () C:\Users\Eric\AppData\Local\EmieUserList
2014-05-15 23:25 - 2014-05-15 23:25 - 00000000 __SHD () C:\Users\Eric\AppData\Local\EmieSiteList
2014-05-15 23:21 - 2014-05-15 23:21 - 01325827 _____ () C:\Users\Eric\Downloads\adwcleaner_3.208 (1).exe
2014-05-15 23:18 - 2014-05-15 23:18 - 01325827 _____ () C:\Users\Eric\Downloads\adwcleaner_3.208.exe
2014-05-15 03:06 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:06 - 2014-05-06 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:06 - 2014-05-05 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:06 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:06 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 13:31 - 2014-05-14 13:31 - 00005933 _____ () C:\Users\Eric\Downloads\LOL_OPGG_Observer_1380671410.bat
2014-05-14 05:21 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 05:21 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 05:21 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 05:21 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 05:21 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 05:21 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 05:21 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 05:21 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 05:21 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 05:21 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 05:21 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 05:21 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 05:21 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 05:21 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 05:21 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 05:21 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 05:21 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 05:21 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 05:21 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 05:21 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 05:21 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 05:21 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 05:21 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 05:21 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 05:21 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 05:21 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 05:21 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 05:21 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 05:21 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 05:21 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 05:21 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 05:21 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 05:21 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 05:21 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 23:55 - 2014-05-13 23:55 - 37756608 _____ (Curse) C:\Users\Eric\Downloads\CurseClientSetup.exe
2014-05-13 23:55 - 2014-05-13 23:55 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Curse
2014-05-06 03:00 - 2014-05-15 03:23 - 00000000 ___SD () C:\Windows\system32\CompatTel
==================== One Month Modified Files and Folders =======
2014-06-04 21:20 - 2014-06-04 21:20 - 00015201 _____ () C:\Users\Eric\Desktop\FRST.txt
2014-06-04 21:20 - 2014-04-28 13:46 - 00000000 ____D () C:\FRST
2014-06-04 21:20 - 2013-06-02 16:41 - 00000000 ____D () C:\Users\Eric\AppData\Local\Temp
2014-06-04 21:19 - 2014-06-04 21:19 - 00017803 _____ () C:\Users\Eric\Desktop\dds.txt
2014-06-04 21:19 - 2014-06-04 21:19 - 00011779 _____ () C:\Users\Eric\Desktop\attach.txt
2014-06-04 21:19 - 2014-06-04 21:19 - 00000000 ____D () C:\Users\Eric\Desktop\FRST-OlderVersion
2014-06-04 21:19 - 2014-04-28 13:46 - 02068992 _____ (Farbar) C:\Users\Eric\Desktop\FRST64.exe
2014-06-04 21:17 - 2009-07-14 00:45 - 00020688 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 21:17 - 2009-07-14 00:45 - 00020688 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 21:16 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 21:13 - 2013-06-02 21:27 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Skype
2014-06-04 21:13 - 2013-06-02 16:21 - 01929465 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 21:12 - 2014-03-01 03:17 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-06-04 21:11 - 2014-06-04 21:11 - 00001335 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-04 21:11 - 2014-06-04 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-04 21:11 - 2013-10-14 20:53 - 00000000 __SHD () C:\AI_RecycleBin
2014-06-04 21:11 - 2013-06-02 21:09 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-06-04 21:10 - 2013-07-28 01:00 - 00028087 _____ () C:\Windows\setupact.log
2014-06-04 21:10 - 2013-06-03 00:59 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-04 21:10 - 2013-06-02 05:00 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 21:10 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 20:52 - 2013-06-02 21:07 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Riot Games
2014-06-04 20:50 - 2014-06-04 20:50 - 32259000 _____ (Riot Games) C:\Users\Eric\Downloads\LeagueofLegends_OC1_Installer_06_11_13.exe
2014-06-04 20:41 - 2013-06-04 18:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 20:26 - 2013-06-02 05:00 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-03 21:43 - 2013-06-02 22:14 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Spotify
2014-06-03 21:29 - 2014-06-03 21:22 - 2377778874 _____ (Igor Pavlov) C:\Users\Eric\Downloads\cRO-Full-06-24-2013.exe
2014-06-03 17:24 - 2013-06-02 22:15 - 00000000 ____D () C:\Users\Eric\AppData\Local\Spotify
2014-06-03 16:23 - 2014-06-03 16:23 - 00003162 _____ () C:\Windows\System32\Tasks\{FE14E0C6-81E2-45E8-9070-07C8B575F3C4}
2014-06-02 20:55 - 2014-06-02 20:55 - 00042246 _____ () C:\Users\Eric\Downloads\mouse-freedom.zip
2014-05-31 04:20 - 2014-05-31 04:12 - 1741947307 _____ () C:\Users\Eric\Downloads\FableRO Full 25.05.2014.rar
2014-05-31 02:24 - 2013-07-29 16:45 - 00205454 _____ () C:\Windows\PFRO.log
2014-05-31 02:24 - 2013-06-03 16:27 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-05-31 02:23 - 2013-06-03 03:55 - 00000000 ____D () C:\ProgramData\Origin
2014-05-31 02:21 - 2014-05-31 02:21 - 00001109 _____ () C:\Users\Public\Desktop\XSplit Broadcaster.lnk
2014-05-31 02:21 - 2014-05-31 02:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-05-31 02:17 - 2013-06-23 21:45 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-05-30 21:47 - 2013-06-03 07:04 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-30 21:44 - 2014-05-30 21:44 - 02247960 _____ () C:\Users\Eric\Downloads\battlelog-web-plugins_2.4.0_141.exe
2014-05-30 21:44 - 2013-06-03 03:55 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-30 20:21 - 2013-06-03 16:28 - 00280792 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-30 20:21 - 2013-06-03 07:04 - 00280792 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-28 18:41 - 2013-06-02 16:41 - 00000000 ___RD () C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 08:04 - 2014-05-28 08:04 - 00279688 _____ () C:\Windows\Minidump\052814-32713-01.dmp
2014-05-28 08:04 - 2013-06-20 13:02 - 00000000 ____D () C:\Windows\Minidump
2014-05-28 08:03 - 2014-05-28 08:03 - 840520614 ____N () C:\Windows\MEMORY.DMP
2014-05-26 19:31 - 2013-06-26 19:17 - 00000000 ____D () C:\Users\Eric\AppData\Local\Arma 3
2014-05-26 00:43 - 2014-05-26 00:07 - 00000000 ____D () C:\Users\Eric\Documents\DragonNest
2014-05-26 00:13 - 2014-05-26 00:13 - 00000000 ____D () C:\ProgramData\Nexon
2014-05-26 00:01 - 2014-05-26 00:01 - 00000180 _____ () C:\Users\Public\Desktop\DragonNest.url
2014-05-26 00:01 - 2014-05-26 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-05-26 00:00 - 2014-05-26 00:00 - 00000000 ____D () C:\ProgramData\NexonUS
2014-05-25 23:44 - 2014-05-25 23:44 - 00000177 _____ () C:\console.log
2014-05-25 23:30 - 2014-05-25 23:30 - 02130728 _____ (Reloaded Technologies) C:\Users\Eric\Downloads\DragonNest_Downloader.exe
2014-05-23 05:56 - 2014-05-23 05:56 - 00231208 _____ (Premium Installer ) C:\Users\Eric\Downloads\flashplayerpro_Setup.exe
2014-05-23 04:46 - 2013-06-04 18:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-23 04:45 - 2013-11-28 17:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-23 03:08 - 2014-05-23 03:08 - 00279688 _____ () C:\Windows\Minidump\052314-18096-01.dmp
2014-05-23 02:10 - 2014-05-23 02:10 - 00279688 _____ () C:\Windows\Minidump\052314-18470-01.dmp
2014-05-23 01:17 - 2013-06-02 05:10 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-23 01:16 - 2014-05-23 01:16 - 00279688 _____ () C:\Windows\Minidump\052314-28797-01.dmp
2014-05-23 01:13 - 2014-05-23 01:13 - 00279688 _____ () C:\Windows\Minidump\052314-32479-01.dmp
2014-05-22 22:44 - 2013-06-02 21:27 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-22 22:44 - 2013-06-02 21:27 - 00000000 ____D () C:\ProgramData\Skype
2014-05-19 11:34 - 2014-05-19 11:34 - 00000000 ____D () C:\Users\Eric\AppData\Local\Blizzard Entertainment
2014-05-19 11:05 - 2013-06-03 19:31 - 00000000 ____D () C:\Users\Eric\Documents\StarCraft II
2014-05-19 11:02 - 2013-06-03 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-05-19 11:01 - 2014-05-19 11:01 - 54085656 _____ (Blizzard Entertainment) C:\Users\Eric\Downloads\StarCraft-II-Setup-enUS (2).exe
2014-05-18 23:42 - 2014-05-18 23:42 - 00279688 _____ () C:\Windows\Minidump\051814-17534-01.dmp
2014-05-18 05:15 - 2014-05-18 05:15 - 00000221 _____ () C:\Users\Eric\Desktop\Arma Cold War Assault.url
2014-05-18 03:01 - 2013-09-16 12:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-18 03:00 - 2013-09-16 12:44 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-05-16 14:20 - 2014-05-16 14:20 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-05-16 14:19 - 2014-05-16 14:19 - 32229024 _____ (Riot Games) C:\Users\Eric\Downloads\LeagueofLegends_NA_Installer_05_07_13 (2).exe
2014-05-15 23:26 - 2014-05-15 23:26 - 02347384 _____ (ESET) C:\Users\Eric\Downloads\esetsmartinstaller_enu.exe
2014-05-15 23:26 - 2014-05-15 23:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-15 23:25 - 2014-05-15 23:25 - 00000000 __SHD () C:\Users\Eric\AppData\Local\EmieUserList
2014-05-15 23:25 - 2014-05-15 23:25 - 00000000 __SHD () C:\Users\Eric\AppData\Local\EmieSiteList
2014-05-15 23:21 - 2014-05-15 23:21 - 01325827 _____ () C:\Users\Eric\Downloads\adwcleaner_3.208 (1).exe
2014-05-15 23:20 - 2014-04-28 13:38 - 00000000 ____D () C:\AdwCleaner
2014-05-15 23:18 - 2014-05-15 23:18 - 01325827 _____ () C:\Users\Eric\Downloads\adwcleaner_3.208.exe
2014-05-15 19:29 - 2013-06-02 16:41 - 00000000 ___RD () C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 03:51 - 2014-02-12 04:45 - 00000000 ____D () C:\Windows\rescache
2014-05-15 03:23 - 2014-05-06 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 03:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 03:04 - 2014-04-20 20:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 03:03 - 2014-04-20 20:54 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 03:00 - 2009-07-13 22:34 - 00000670 _____ () C:\Windows\win.ini
2014-05-14 13:31 - 2014-05-14 13:31 - 00005933 _____ () C:\Users\Eric\Downloads\LOL_OPGG_Observer_1380671410.bat
2014-05-13 23:55 - 2014-05-13 23:55 - 37756608 _____ (Curse) C:\Users\Eric\Downloads\CurseClientSetup.exe
2014-05-13 23:55 - 2014-05-13 23:55 - 00000000 ____D () C:\Users\Eric\AppData\Roaming\Curse
2014-05-09 03:21 - 2013-06-02 05:00 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 03:21 - 2013-06-02 05:00 - 00003638 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 02:14 - 2014-05-14 05:21 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 02:11 - 2014-05-14 05:21 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 23:19 - 2013-06-02 14:14 - 00111520 _____ () C:\Users\Eric\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-06 03:20 - 2009-07-14 00:45 - 00443304 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-06 03:04 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-06 03:02 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-06 00:40 - 2014-05-15 03:06 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 00:17 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 23:25 - 2014-05-15 03:06 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 23:07 - 2014-05-15 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 23:00 - 2014-05-15 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-05 22:10 - 2014-05-15 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
Some content of TEMP:
====================
C:\Users\Eric\AppData\Local\Temp\NGMDll.dll
C:\Users\Eric\AppData\Local\Temp\NGMResource.dll
C:\Users\Eric\AppData\Local\Temp\Quarantine.exe
C:\Users\Eric\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Eric\AppData\Local\Temp\unicows.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-29 03:07
==================== End Of Log ============================