1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

cookie issue

Discussion in 'Windows 7' started by brandonabe, Oct 14, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. brandonabe

    brandonabe Thread Starter

    Joined:
    Oct 14, 2013
    Messages:
    8
    Hi there,

    I built a new computer recently, Running windows 7 for the first time, and everything was fine for a bit, but for the past month, after browsing for about 10 minutes, youtube will no longer load videos and most web sites will not load. I get the following error in youtube, "an error occurred, please try again later" and on a web site a generic, "this page is unavailable." I usually use firefox, but it happens in any browser. My drivers, my browsers are all up to date. I've discovered that emptying my cookies and my cache will fix the problem for another 10 minutes or so, but thats it, and obviously clearing my cookies is a pain, cause I enjoy my cookies...

    If anyone can help that would be great, I cant for the life of me figure out what could be happening and I've looked all over the internet.
     
  2. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Lets see what this scan will find, you may have some Adware in there.

    Click on this link to download : ADWCleaner Click on the Download Now button and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and double click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.

    [​IMG]
     
  3. brandonabe

    brandonabe Thread Starter

    Joined:
    Oct 14, 2013
    Messages:
    8
    Tried it, didnt find any adware and the problem continues...
     
  4. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please post the log.
     
  5. brandonabe

    brandonabe Thread Starter

    Joined:
    Oct 14, 2013
    Messages:
    8
    # AdwCleaner v3.007 - Report created 14/10/2013 at 10:05:19
    # Updated 09/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Brandon Abeling - BRANDONABELING
    # Running from : C:\Users\Brandon Abeling\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\Windows\System32\roboot64.exe
    Folder Found C:\Users\Brandon Abeling\AppData\Roaming\Search Protection

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
    Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16720


    -\\ Mozilla Firefox v24.0 (en-US)

    [ File : C:\Users\Brandon Abeling\AppData\Roaming\Mozilla\Firefox\Profiles\xn570ura.default\prefs.js ]


    -\\ Google Chrome v30.0.1599.69

    [ File : C:\Users\Brandon Abeling\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [1756 octets] - [14/10/2013 10:05:19]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1816 octets] ##########


    Deleted everything it recommended
     
  6. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    That log only shows the scan result, following my instructions you need to use the Clean button after this scan was done and then post the log produced after the system has rebooted.

    You said in post 3 it did not find any Adware, but the log shows it did. The Adware needs to be removed with the Clean scan to see if it will improve anything.

    There are other scans we can run, but I first need to be sure you have removed the Adware found. Please follow the instructions again, run the scan, use the Clean button and post the log produced after the PC has rebooted. At that point please check if the problem still exists and let me know, we can then move on.

    Do you have a registry cleaner, if so stop using it and uninstall it, using registry cleaners is not recommended and they can often do more harm than good. ADWCleaner found a file that could be part of a registry cleaner which needs to be removed.
     
  7. brandonabe

    brandonabe Thread Starter

    Joined:
    Oct 14, 2013
    Messages:
    8
    Sorry about that, copied the wrong log, heres the correct one.

    # AdwCleaner v3.007 - Report created 14/10/2013 at 10:07:57
    # Updated 09/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Brandon Abeling - BRANDONABELING
    # Running from : C:\Users\Brandon Abeling\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Users\Brandon Abeling\AppData\Roaming\Search Protection
    File Deleted : C:\Windows\System32\roboot64.exe

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16720


    -\\ Mozilla Firefox v24.0 (en-US)

    [ File : C:\Users\Brandon Abeling\AppData\Roaming\Mozilla\Firefox\Profiles\xn570ura.default\prefs.js ]


    -\\ Google Chrome v30.0.1599.69

    [ File : C:\Users\Brandon Abeling\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [1904 octets] - [14/10/2013 10:05:19]
    AdwCleaner[S0].txt - [1730 octets] - [14/10/2013 10:07:57]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1790 octets] ##########


    I do not have a registry cleaner
     
  8. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    This file C:\Windows\System32\roboot64.exe gives results that would indicate it is from a registry cleaner/optimizer with the names Systweak Advanced System Optimizer, Dr Cleanup, Winzip Registry Optimizer, Fast Again PC Booster or Systweak Regclean Pro. Do any of those names ring any bells?

    Some of the scans I may ask you to run will have no effect on the problem without further action being taken so please do not disregard the procedure just because the scan has had no effect as you did with ADWCleaner. I need to examine the logs in order to help you track down the problem.

    Please run these scans and post all the logs.

    SCAN 1
    Please run ADWCleaner again and post the new log after using the Clean button.


    SCAN 2
    Please download Farbar Recovery Scan Tool (FRST) and save it to your desktop. Do not get tempted to download Regclean Pro.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes another log (Addition.txt). Please also copy and paste that into your reply.



    SCAN 3
    Please download RKill
    There are three buttons to choose from with different names on, select the first one and save it to your desktop.


    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7, right-click on it and select Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
    • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
    • If the tool does not run from any of the links provided, please let me know.

    SCAN 4
    DO NOT reboot, download Malwarebytes from here if you do not already have it: Malwarebytes. Install the program, run it and let it update. If you already have Malwarebytes launch the program.

    • Select Perform full scan and click on the Scan button. When the scan completes click on Show Results.
    • If the scan does not find any infections the log will appear as soon as it completes, please Copy & Paste it into your next reply.
    • If items are detected it will stay on the Scanner window and you will see Objects detected: 1 (the number may be higher).
    • Click on Show Results and put a check mark next to all the items displayed in the list by clicking on each one in turn <--- very important, then click on Remove Selected.
    • The log will appear, Copy & Paste it into your next post.
    • Click on OK and close the window.
     
  9. brandonabe

    brandonabe Thread Starter

    Joined:
    Oct 14, 2013
    Messages:
    8
    None of those program names ring a bell but I checked to make sure, they're not on my computer. Here is the first scan results again, reran. Still one item. Doing the next one now.




    # AdwCleaner v3.008 - Report created 18/10/2013 at 01:19:06
    # Updated 17/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Brandon Abeling - BRANDONABELING
    # Running from : C:\Users\Brandon Abeling\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16720


    -\\ Mozilla Firefox v24.0 (en-US)

    [ File : C:\Users\Brandon Abeling\AppData\Roaming\Mozilla\Firefox\Profiles\xn570ura.default\prefs.js ]



    -\\ Google Chrome v30.0.1599.101

    [ File : C:\Users\Brandon Abeling\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [1904 octets] - [14/10/2013 10:05:19]
    AdwCleaner[R1].txt - [1064 octets] - [16/10/2013 00:11:56]
    AdwCleaner[R2].txt - [1125 octets] - [18/10/2013 01:18:44]
    AdwCleaner[S0].txt - [1874 octets] - [14/10/2013 10:07:57]
    AdwCleaner[S1].txt - [1047 octets] - [18/10/2013 01:19:06]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1107 octets] ##########
     
  10. brandonabe

    brandonabe Thread Starter

    Joined:
    Oct 14, 2013
    Messages:
    8
    Here is the 2nd scan from Farbar

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
    Ran by Brandon Abeling (administrator) on BRANDONABELING on 18-10-2013 01:37:13
    Running from C:\Users\Brandon Abeling\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Valve Corporation) C:\Games\Steam\Steam.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
    () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
    (Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
    (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6963272 2013-01-15] (Realtek Semiconductor)
    HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1382568 2013-09-16] (Trend Micro Inc.)
    HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [216928 2013-08-29] (Trend Micro Inc.)
    HKCU\...\Run: [SearchProtection] - "C:\Users\Brandon Abeling\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
    HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-08-06] (Google Inc.)
    HKCU\...\Run: [Steam] - C:\Games\Steam\Steam.exe [1813928 2013-10-08] (Valve Corporation)
    MountPoints2: {08132f71-ff80-11e2-9959-806e6f6e6963} - D:\SETUP.EXE
    HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-01-14] (Intel Corporation)
    HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
    HKLM-x32\...\Run: [IntelSBA] - C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4277000 2012-11-08] (Intel Corporation)
    HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [507016 2012-12-21] (MSI)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
    HKLM-x32\...\Run: [jswtrayutil] - "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe"
    HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    SearchScopes: HKCU - {2DAEA3F2-86F4-4451-84F2-99875D9530AC} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=617686&p={searchTerms}
    BHO: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
    BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
    BHO-x32: TmIEPlugInBHO Class - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: TmBpIeBHO Class - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
    Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
    Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
    Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

    FireFox:
    ========
    FF ProfilePath: C:\Users\Brandon Abeling\AppData\Roaming\Mozilla\Firefox\Profiles\xn570ura.default
    FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=617686&p=
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Extension: mytube - C:\Users\Brandon Abeling\AppData\Roaming\Mozilla\Firefox\Profiles\xn570ura.default\Extensions\[email protected]
    FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
    FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
    FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension
    FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
    FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
    FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\
    FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\

    Chrome:
    =======
    CHR HomePage: hxxp://www.google.com
    CHR RestoreOnStartup: "hxxp://www.google.com"
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
    CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
    CHR Extension: (Google Docs) - C:\Users\BRANDO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
    CHR Extension: (Google Drive) - C:\Users\BRANDO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
    CHR Extension: (YouTube) - C:\Users\BRANDO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
    CHR Extension: (TrendMicro BEP Extension) - C:\Users\BRANDO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1137_0
    CHR Extension: (Google Search) - C:\Users\BRANDO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
    CHR Extension: (Chrome In-App Payments service) - C:\Users\BRANDO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
    CHR Extension: (Gmail) - C:\Users\BRANDO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
    CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\chrome_tmbep.crx
    CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\chrome_tmbep.crx

    ==================== Services (Whitelisted) =================

    R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2649840 2013-03-01] (Blue Coat Systems, Inc.)
    R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] ()
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
    R2 intelsba; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [50440 2012-11-08] (Intel Corporation)
    R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
    R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [144008 2012-12-21] (MSI)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
    R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [66872 2013-10-08] ()
    R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] ()
    R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [x]

    ==================== Drivers (Whitelisted) ====================

    R2 bckd; C:\Windows\System32\drivers\bckd.sys [127216 2013-03-01] (Blue Coat Systems, Inc.)
    R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
    R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
    R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
    R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
    R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
    R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
    R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
    S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [378368 2009-06-10] (Realtek)
    R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [109072 2013-09-04] (Trend Micro Inc.)
    R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [175528 2013-09-04] (Trend Micro Inc.)
    R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [46392 2012-08-23] (Trend Micro Inc.)
    R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [77184 2013-09-04] (Trend Micro Inc.)
    R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2012-05-02] (Trend Micro Inc.)
    R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-10-18] ()
    S3 MSICDSetup; \??\D:\CDriver64.sys [x]
    S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-10-18 01:37 - 2013-10-18 01:37 - 01954124 _____ (Farbar) C:\Users\Brandon Abeling\Downloads\FRST64.exe
    2013-10-18 01:37 - 2013-10-18 01:37 - 00000000 ____D C:\FRST
    2013-10-18 01:21 - 2013-10-18 01:21 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
    2013-10-18 01:18 - 2013-10-18 01:18 - 01050644 _____ C:\Users\Brandon Abeling\Downloads\AdwCleaner.exe
    2013-10-16 20:59 - 2013-10-16 20:59 - 00000207 _____ C:\Users\Brandon Abeling\Desktop\Total War SHOGUN 2.url
    2013-10-16 20:09 - 2013-10-16 20:09 - 00000000 ____D C:\ProgramData\Oracle
    2013-10-16 20:08 - 2013-10-16 20:08 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
    2013-10-16 20:08 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-10-16 20:08 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2013-10-16 20:08 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-10-16 20:08 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-10-14 10:04 - 2013-10-18 01:19 - 00000000 ____D C:\AdwCleaner
    2013-10-13 21:01 - 2013-10-13 21:40 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\P90X.Xtreme.Workout.Series.COMPLETE PACK.DVDrip.Xvid-SCP
    2013-10-12 20:47 - 2013-08-20 06:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
    2013-10-12 20:47 - 2013-08-20 06:32 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
    2013-10-12 20:47 - 2013-08-20 06:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
    2013-10-12 20:46 - 2013-10-12 20:46 - 22321072 _____ (NVIDIA Corporation) C:\Users\Brandon Abeling\Downloads\GeForce_Experience_v1.6.1.0.exe
    2013-10-12 18:25 - 2013-10-12 18:25 - 09855637 _____ C:\Users\Brandon Abeling\Downloads\sr-tws2fots3-Mbb.rar
    2013-10-12 17:36 - 2013-10-12 17:36 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2013-10-11 09:17 - 2013-09-04 05:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2013-10-11 09:17 - 2013-09-04 05:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2013-10-11 09:17 - 2013-09-04 05:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2013-10-11 09:17 - 2013-09-04 05:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2013-10-11 09:17 - 2013-09-04 05:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2013-10-11 09:17 - 2013-09-04 05:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2013-10-11 09:17 - 2013-09-04 05:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2013-10-10 03:39 - 2013-10-12 19:10 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\GameSpy
    2013-10-10 03:39 - 2013-10-10 03:39 - 00000103 _____ C:\Users\Brandon Abeling\AppData\Local\fusioncache.dat
    2013-10-10 03:14 - 2013-09-22 16:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-10-10 03:14 - 2013-09-22 16:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-10-10 03:14 - 2013-09-22 16:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-10-10 03:14 - 2013-09-22 15:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-10-10 03:14 - 2013-09-22 15:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-10-10 03:14 - 2013-09-22 15:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-10-10 03:14 - 2013-09-22 15:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-10-10 03:14 - 2013-09-22 15:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-10-10 03:14 - 2013-09-20 20:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-10-10 03:14 - 2013-09-20 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-10-10 03:14 - 2013-09-20 19:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-10-10 03:14 - 2013-09-20 19:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-10-10 00:08 - 2013-10-10 00:47 - 00000000 ____D C:\Users\Brandon Abeling\Documents\RCT3
    2013-10-10 00:08 - 2013-10-10 00:08 - 00001128 _____ C:\Users\Brandon Abeling\Desktop\RCT3plus.lnk
    2013-10-10 00:08 - 2013-10-10 00:08 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Atari
    2013-10-09 23:16 - 2013-10-09 23:16 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Leadertech
    2013-10-09 23:16 - 2002-02-27 18:50 - 00197120 _____ C:\Windows\patchw32.dll
    2013-10-09 22:37 - 2013-09-13 18:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2013-10-09 22:37 - 2013-09-07 19:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2013-10-09 22:37 - 2013-09-07 19:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
    2013-10-09 22:37 - 2013-09-07 19:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
    2013-10-09 22:37 - 2013-08-28 19:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2013-10-09 22:37 - 2013-08-28 19:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2013-10-09 22:37 - 2013-08-27 18:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2013-10-09 22:37 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
    2013-10-09 22:37 - 2013-07-12 03:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
    2013-10-09 22:37 - 2013-07-04 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
    2013-10-09 22:37 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2013-10-09 22:37 - 2013-07-04 05:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
    2013-10-09 22:37 - 2013-07-04 04:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2013-10-09 22:37 - 2013-07-04 04:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2013-10-09 22:37 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2013-10-09 22:37 - 2013-07-04 03:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2013-10-09 22:37 - 2013-07-02 21:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
    2013-10-09 22:37 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
    2013-10-09 22:37 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
    2013-10-09 22:37 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
    2013-10-09 22:37 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2013-10-09 22:37 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2013-10-09 22:37 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2013-10-09 22:37 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2013-10-09 22:37 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2013-10-09 22:37 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2013-10-09 22:37 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2013-10-09 22:37 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2013-10-09 22:37 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2013-10-09 22:37 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2013-10-09 22:36 - 2013-08-28 19:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2013-10-09 22:36 - 2013-08-28 19:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
    2013-10-09 22:36 - 2013-08-28 19:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2013-10-09 22:36 - 2013-08-28 18:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2013-10-09 22:36 - 2013-08-28 18:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2013-10-09 22:36 - 2013-08-28 18:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2013-10-09 22:36 - 2013-08-28 18:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2013-10-09 22:36 - 2013-08-28 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2013-10-09 22:36 - 2013-08-28 18:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2013-10-09 22:36 - 2013-08-28 17:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2013-10-09 22:36 - 2013-08-28 17:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2013-10-09 22:36 - 2013-08-28 17:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2013-10-09 22:36 - 2013-08-28 17:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2013-10-09 22:36 - 2013-08-27 18:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
    2013-10-09 22:36 - 2013-08-01 05:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2013-10-09 22:36 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2013-10-09 22:36 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2013-10-09 00:21 - 2013-10-09 00:21 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\Trend Micro
    2013-10-09 00:08 - 2013-10-09 23:34 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Roller Coaster Tycoon 3 with Soaked! & Wild!, Keygen, & NoCD patch
    2013-10-08 01:41 - 2013-10-08 01:41 - 00000000 __RHD C:\Users\Brandon Abeling\AppData\Roaming\SecuROM
    2013-10-08 01:38 - 2013-10-08 01:38 - 00669184 _____ C:\Windows\SysWOW64\pbsvc.exe
    2013-10-08 01:38 - 2013-10-08 01:38 - 00103736 _____ C:\Windows\SysWOW64\PnkBstrB.exe
    2013-10-08 01:38 - 2013-10-08 01:38 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe
    2013-10-05 23:52 - 2013-10-05 23:52 - 00000000 ___RD C:\Users\Brandon Abeling\AppData\Roaming\Brother
    2013-10-02 00:45 - 2013-10-02 00:45 - 00002707 _____ C:\Users\Brandon Abeling\Downloads\invite.ics
    2013-09-30 17:50 - 2013-09-30 17:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-09-30 00:48 - 2013-09-30 00:53 - 00000000 ____D C:\Users\Brandon Abeling\Documents\Witcher 2
    2013-09-30 00:48 - 2013-09-30 00:48 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\The Witcher 2
    2013-09-29 23:43 - 2013-09-29 23:43 - 00001762 _____ C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk
    2013-09-29 22:36 - 2013-09-29 22:46 - 00000000 ____D C:\Users\Brandon Abeling\Documents\Bully Scholarship Edition
    2013-09-28 23:35 - 2013-09-28 23:35 - 00000000 ____D C:\Users\Brandon Abeling\Documents\SH3
    2013-09-28 23:29 - 2013-10-18 01:24 - 00003112 _____ C:\Windows\System32\Tasks\RDReminder
    2013-09-28 23:23 - 2013-09-29 05:55 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\The.Witcher.2.Assassins.of.Kings.Enhanced.Edition-SKIDROW
    2013-09-28 23:02 - 2013-09-29 00:32 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Call.of.Juarez.Gunslinger-RELOADED
    2013-09-28 22:26 - 2013-09-28 22:38 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Sins.of.a.Solar.Empire.Rebellion-RELOADED
    2013-09-28 22:21 - 2013-10-15 02:04 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Crysis
    2013-09-28 22:05 - 2013-09-28 22:07 - 158282489 _____ (Subset Games ) C:\Users\Brandon Abeling\Downloads\FTL_v1.03.3_Install.exe
    2013-09-24 22:30 - 2013-09-24 22:41 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Apple Computer
    2013-09-24 22:30 - 2013-09-24 22:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
    2013-09-24 22:30 - 2013-09-24 22:30 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\Apple Computer
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\ProgramData\Apple Computer
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\Program Files\iTunes
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\Program Files\iPod
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\Program Files (x86)\iTunes
    2013-09-24 22:29 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
    2013-09-24 22:23 - 2013-09-24 22:23 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\Apple
    2013-09-24 22:23 - 2013-09-24 22:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
    2013-09-24 22:22 - 2013-09-24 22:22 - 00000000 ____D C:\ProgramData\Apple
    2013-09-24 22:22 - 2013-09-24 22:22 - 00000000 ____D C:\Program Files\Common Files\Apple
    2013-09-24 22:22 - 2013-09-24 22:22 - 00000000 ____D C:\Program Files\Bonjour
    2013-09-24 22:22 - 2013-09-24 22:22 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2013-09-24 22:21 - 2013-09-24 22:21 - 97176400 _____ (Apple Inc.) C:\Users\Brandon Abeling\Downloads\iTunes64Setup.exe
    2013-09-23 00:08 - 2013-09-23 00:08 - 00008019 _____ C:\Windows\system32\lvcoinst.log
    2013-09-23 00:08 - 2013-09-23 00:08 - 00000000 ____D C:\Program Files\Common Files\logishrd
    2013-09-19 23:34 - 2013-09-19 23:34 - 00003044 _____ C:\Windows\System32\Tasks\{C9C52F05-6DD5-43AE-A82C-E7E083F02F41}
    2013-09-19 23:34 - 2013-09-19 23:34 - 00003044 _____ C:\Windows\System32\Tasks\{5EF0A7DD-EFEB-4DB8-99B2-3370E4789CF3}
    2013-09-18 16:34 - 2013-09-18 16:34 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Anfields 8.8 Mod Pack v1.3a
    2013-09-18 16:16 - 2013-09-18 16:16 - 31920164 _____ C:\Users\Brandon Abeling\Downloads\Anfields 8.8 Mod Pack v1.3a.rar

    ==================== One Month Modified Files and Folders =======

    2013-10-18 01:37 - 2013-10-18 01:37 - 01954124 _____ (Farbar) C:\Users\Brandon Abeling\Downloads\FRST64.exe
    2013-10-18 01:37 - 2013-10-18 01:37 - 00000000 ____D C:\FRST
    2013-10-18 01:29 - 2009-07-13 21:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-10-18 01:29 - 2009-07-13 21:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-10-18 01:25 - 2013-08-07 09:52 - 01661999 _____ C:\Windows\WindowsUpdate.log
    2013-10-18 01:24 - 2013-09-28 23:29 - 00003112 _____ C:\Windows\System32\Tasks\RDReminder
    2013-10-18 01:21 - 2013-10-18 01:21 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
    2013-10-18 01:21 - 2013-08-06 19:28 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
    2013-10-18 01:21 - 2013-08-06 19:21 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-10-18 01:21 - 2009-07-13 21:51 - 00026030 _____ C:\Windows\setupact.log
    2013-10-18 01:20 - 2013-08-06 20:02 - 00000000 ____D C:\ProgramData\NVIDIA
    2013-10-18 01:20 - 2010-11-20 20:47 - 00012384 _____ C:\Windows\PFRO.log
    2013-10-18 01:20 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-10-18 01:19 - 2013-10-14 10:04 - 00000000 ____D C:\AdwCleaner
    2013-10-18 01:18 - 2013-10-18 01:18 - 01050644 _____ C:\Users\Brandon Abeling\Downloads\AdwCleaner.exe
    2013-10-18 01:09 - 2013-08-06 20:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-10-18 00:40 - 2013-08-06 19:21 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-10-16 23:25 - 2013-08-20 23:24 - 00000296 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
    2013-10-16 22:43 - 2013-08-06 19:50 - 00170992 _____ C:\Windows\DirectX.log
    2013-10-16 20:59 - 2013-10-16 20:59 - 00000207 _____ C:\Users\Brandon Abeling\Desktop\Total War SHOGUN 2.url
    2013-10-16 20:09 - 2013-10-16 20:09 - 00000000 ____D C:\ProgramData\Oracle
    2013-10-16 20:08 - 2013-10-16 20:08 - 00004746 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
    2013-10-16 20:08 - 2013-09-09 18:31 - 00000000 ____D C:\Program Files (x86)\Java
    2013-10-15 23:37 - 2013-08-06 19:22 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2013-10-15 02:04 - 2013-09-28 22:21 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Crysis
    2013-10-14 10:07 - 2013-08-08 12:19 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\uTorrent
    2013-10-13 21:40 - 2013-10-13 21:01 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\P90X.Xtreme.Workout.Series.COMPLETE PACK.DVDrip.Xvid-SCP
    2013-10-13 20:11 - 2013-08-19 21:34 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\CrashDumps
    2013-10-13 18:25 - 2013-08-06 19:46 - 00000000 ____D C:\Games
    2013-10-12 23:24 - 2013-08-20 23:24 - 00000312 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
    2013-10-12 20:50 - 2009-07-13 21:45 - 00299248 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-10-12 20:47 - 2013-08-06 20:00 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2013-10-12 20:47 - 2013-08-06 19:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2013-10-12 20:46 - 2013-10-12 20:46 - 22321072 _____ (NVIDIA Corporation) C:\Users\Brandon Abeling\Downloads\GeForce_Experience_v1.6.1.0.exe
    2013-10-12 20:42 - 2013-08-08 20:26 - 00000000 ____D C:\ProgramData\WarThunder
    2013-10-12 20:42 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\LiveKernelReports
    2013-10-12 19:45 - 2013-08-06 19:24 - 00063912 _____ C:\Users\Brandon Abeling\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-10-12 19:10 - 2013-10-10 03:39 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\GameSpy
    2013-10-12 18:25 - 2013-10-12 18:25 - 09855637 _____ C:\Users\Brandon Abeling\Downloads\sr-tws2fots3-Mbb.rar
    2013-10-12 17:36 - 2013-10-12 17:36 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2013-10-12 17:33 - 2013-08-06 19:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2013-10-12 03:22 - 2009-07-13 22:13 - 00793234 _____ C:\Windows\system32\PerfStringBackup.INI
    2013-10-12 03:18 - 2013-08-23 23:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2013-10-10 08:51 - 2013-08-23 23:14 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\Mozilla
    2013-10-10 08:49 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
    2013-10-10 03:39 - 2013-10-10 03:39 - 00000103 _____ C:\Users\Brandon Abeling\AppData\Local\fusioncache.dat
    2013-10-10 03:39 - 2013-08-06 19:12 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\VirtualStore
    2013-10-10 03:38 - 2013-08-06 19:35 - 00000258 __RSH C:\ProgramData\ntuser.pol
    2013-10-10 03:38 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2013-10-10 03:13 - 2013-08-06 19:19 - 00786958 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2013-10-10 03:09 - 2013-08-15 04:05 - 00000000 ____D C:\Windows\system32\MRT
    2013-10-10 03:07 - 2013-08-15 04:05 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2013-10-10 00:47 - 2013-10-10 00:08 - 00000000 ____D C:\Users\Brandon Abeling\Documents\RCT3
    2013-10-10 00:08 - 2013-10-10 00:08 - 00001128 _____ C:\Users\Brandon Abeling\Desktop\RCT3plus.lnk
    2013-10-10 00:08 - 2013-10-10 00:08 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Atari
    2013-10-10 00:07 - 2013-08-13 00:05 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Skype
    2013-10-09 23:34 - 2013-10-09 00:08 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Roller Coaster Tycoon 3 with Soaked! & Wild!, Keygen, & NoCD patch
    2013-10-09 23:16 - 2013-10-09 23:16 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Leadertech
    2013-10-09 11:07 - 2013-08-14 15:10 - 00000000 ____D C:\Program Files\Blue Coat K9 Web Protection
    2013-10-09 00:21 - 2013-10-09 00:21 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\Trend Micro
    2013-10-09 00:21 - 2013-08-06 19:34 - 00000000 ____D C:\ProgramData\Trend Micro
    2013-10-09 00:15 - 2013-09-13 01:17 - 00234544 _____ C:\Windows\RegBootClean64.exe
    2013-10-09 00:09 - 2013-08-06 20:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-10-09 00:09 - 2013-08-06 20:34 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-10-09 00:09 - 2013-08-06 20:34 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2013-10-08 07:50 - 2013-10-16 20:08 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-10-08 07:46 - 2013-10-16 20:08 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2013-10-08 07:46 - 2013-10-16 20:08 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-10-08 07:46 - 2013-10-16 20:08 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-10-08 01:43 - 2013-08-08 20:25 - 00000000 ____D C:\Users\Brandon Abeling\Documents\My Games
    2013-10-08 01:41 - 2013-10-08 01:41 - 00000000 __RHD C:\Users\Brandon Abeling\AppData\Roaming\SecuROM
    2013-10-08 01:40 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\Registration
    2013-10-08 01:38 - 2013-10-08 01:38 - 00669184 _____ C:\Windows\SysWOW64\pbsvc.exe
    2013-10-08 01:38 - 2013-10-08 01:38 - 00103736 _____ C:\Windows\SysWOW64\PnkBstrB.exe
    2013-10-08 01:38 - 2013-10-08 01:38 - 00066872 _____ C:\Windows\SysWOW64\PnkBstrA.exe
    2013-10-07 22:35 - 2013-08-06 19:21 - 00003912 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2013-10-07 22:35 - 2013-08-06 19:21 - 00003660 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2013-10-05 23:52 - 2013-10-05 23:52 - 00000000 ___RD C:\Users\Brandon Abeling\AppData\Roaming\Brother
    2013-10-02 00:45 - 2013-10-02 00:45 - 00002707 _____ C:\Users\Brandon Abeling\Downloads\invite.ics
    2013-09-30 17:50 - 2013-09-30 17:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-09-30 00:53 - 2013-09-30 00:48 - 00000000 ____D C:\Users\Brandon Abeling\Documents\Witcher 2
    2013-09-30 00:48 - 2013-09-30 00:48 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\The Witcher 2
    2013-09-29 23:43 - 2013-09-29 23:43 - 00001762 _____ C:\Users\Public\Desktop\The Witcher 2 - Assassins of Kings Enhanced Edition.lnk
    2013-09-29 22:46 - 2013-09-29 22:36 - 00000000 ____D C:\Users\Brandon Abeling\Documents\Bully Scholarship Edition
    2013-09-29 05:55 - 2013-09-28 23:23 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\The.Witcher.2.Assassins.of.Kings.Enhanced.Edition-SKIDROW
    2013-09-29 00:32 - 2013-09-28 23:02 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Call.of.Juarez.Gunslinger-RELOADED
    2013-09-28 23:35 - 2013-09-28 23:35 - 00000000 ____D C:\Users\Brandon Abeling\Documents\SH3
    2013-09-28 23:35 - 2013-09-06 01:52 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
    2013-09-28 22:38 - 2013-09-28 22:26 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Sins.of.a.Solar.Empire.Rebellion-RELOADED
    2013-09-28 22:07 - 2013-09-28 22:05 - 158282489 _____ (Subset Games ) C:\Users\Brandon Abeling\Downloads\FTL_v1.03.3_Install.exe
    2013-09-24 22:41 - 2013-09-24 22:30 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Roaming\Apple Computer
    2013-09-24 22:30 - 2013-09-24 22:30 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
    2013-09-24 22:30 - 2013-09-24 22:30 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\Apple Computer
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\ProgramData\Apple Computer
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\Program Files\iTunes
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\Program Files\iPod
    2013-09-24 22:29 - 2013-09-24 22:29 - 00000000 ____D C:\Program Files (x86)\iTunes
    2013-09-24 22:23 - 2013-09-24 22:23 - 00000000 ____D C:\Users\Brandon Abeling\AppData\Local\Apple
    2013-09-24 22:23 - 2013-09-24 22:23 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
    2013-09-24 22:22 - 2013-09-24 22:22 - 00000000 ____D C:\ProgramData\Apple
    2013-09-24 22:22 - 2013-09-24 22:22 - 00000000 ____D C:\Program Files\Common Files\Apple
    2013-09-24 22:22 - 2013-09-24 22:22 - 00000000 ____D C:\Program Files\Bonjour
    2013-09-24 22:22 - 2013-09-24 22:22 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2013-09-24 22:21 - 2013-09-24 22:21 - 97176400 _____ (Apple Inc.) C:\Users\Brandon Abeling\Downloads\iTunes64Setup.exe
    2013-09-23 12:06 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
    2013-09-23 00:08 - 2013-09-23 00:08 - 00008019 _____ C:\Windows\system32\lvcoinst.log
    2013-09-23 00:08 - 2013-09-23 00:08 - 00000000 ____D C:\Program Files\Common Files\logishrd
    2013-09-22 16:28 - 2013-10-10 03:14 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-09-22 16:28 - 2013-10-10 03:14 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-09-22 16:27 - 2013-10-10 03:14 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-09-22 15:55 - 2013-10-10 03:14 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-09-22 15:55 - 2013-10-10 03:14 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-09-22 15:55 - 2013-10-10 03:14 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-09-22 15:54 - 2013-10-10 03:14 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-09-22 15:54 - 2013-10-10 03:14 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-09-20 20:38 - 2013-10-10 03:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-09-20 20:30 - 2013-10-10 03:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-09-20 19:48 - 2013-10-10 03:14 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-09-20 19:39 - 2013-10-10 03:14 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-09-19 23:34 - 2013-09-19 23:34 - 00003044 _____ C:\Windows\System32\Tasks\{C9C52F05-6DD5-43AE-A82C-E7E083F02F41}
    2013-09-19 23:34 - 2013-09-19 23:34 - 00003044 _____ C:\Windows\System32\Tasks\{5EF0A7DD-EFEB-4DB8-99B2-3370E4789CF3}
    2013-09-18 16:34 - 2013-09-18 16:34 - 00000000 ____D C:\Users\Brandon Abeling\Downloads\Anfields 8.8 Mod Pack v1.3a
    2013-09-18 16:16 - 2013-09-18 16:16 - 31920164 _____ C:\Users\Brandon Abeling\Downloads\Anfields 8.8 Mod Pack v1.3a.rar

    Some content of TEMP:
    ====================
    C:\Users\Brandon Abeling\AppData\Local\Temp\973867.exe
    C:\Users\Brandon Abeling\AppData\Local\Temp\devcon64.exe
    C:\Users\Brandon Abeling\AppData\Local\Temp\drm_dialogs.dll
    C:\Users\Brandon Abeling\AppData\Local\Temp\drm_dyndata_7340014.dll
    C:\Users\Brandon Abeling\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
    C:\Users\Brandon Abeling\AppData\Local\Temp\k9-webprotection-4.4.268.exe
    C:\Users\Brandon Abeling\AppData\Local\Temp\Quarantine.exe
    C:\Users\Brandon Abeling\AppData\Local\Temp\VCdControlTool.exe
    C:\Users\Brandon Abeling\AppData\Local\Temp\_isD7D7.exe
    C:\Users\Brandon Abeling\AppData\Local\Temp\_isE5A1.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-10-11 01:20

    ==================== End Of Log ============================



    Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
    Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
    Apple Application Support (x32 Version: 2.3.6)
    Apple Mobile Device Support (Version: 7.0.0.117)
    Apple Software Update (x32 Version: 2.1.3.127)
    Blue Coat K9 Web Protection (Version: 4.4.268)
    Bonjour (Version: 3.0.0.10)
    Call of Juarez Gunslinger (c) Ubisoft version 1 (x32 Version: 1)
    Company of Heroes (x32 Version: 1.0.0.78)
    Dll-Files Fixer (x32 Version: 1.0)
    Dokan Library 0.6.0 (x32)
    Europa Universalis IV Demo (x32)
    EVGA OC Scanner X 3.2.0 (64-bit)
    EVGA Precision X 3.0.3 (x32 Version: 3.0.3)
    EVGA SLI Enhancement Patch (x32 Version: 1.0.4.32)
    Google Chrome (x32 Version: 30.0.1599.101)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
    Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
    Intel(R) Control Center (x32 Version: 1.2.1.1010)
    Intel(R) Management Engine Components (x32 Version: 8.1.30.1349)
    Intel(R) Small Business Advantage (x32 Version: 1.1.27.5565)
    Intel(R) Smart Connect Technology 3.0 x64 (Version: 3.0.41.1571)
    Intel(R) Update Manager (x32 Version: 1.0.0.34813)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.5.235)
    Intel® Trusted Connect Service Client (Version: 1.27.757.1)
    iTunes (Version: 11.1.0.126)
    Java 7 Update 45 (x32 Version: 7.0.450)
    Java Auto Updater (x32 Version: 2.1.9.8)
    Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Word 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
    Microsoft Word 2010 (x32 Version: 14.0.4763.1000)
    Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0)
    Mozilla Maintenance Service (x32 Version: 24.0)
    NETGEAR WNA1100 N150 Wireless USB Adapter (x32 Version: 1.0.0.133)
    NVIDIA 3D Vision Controller Driver 306.38 (Version: 306.38)
    NVIDIA 3D Vision Driver 311.06 (Version: 311.06)
    NVIDIA Control Panel 311.06 (Version: 311.06)
    NVIDIA Graphics Driver 311.06 (Version: 311.06)
    NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
    NVIDIA Install Application (Version: 2.1002.133.902)
    NVIDIA PhysX (x32 Version: 9.12.0807)
    NVIDIA PhysX System Software 9.12.0807 (Version: 9.12.0807)
    NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
    NVIDIA Update 1.11.3 (Version: 1.11.3)
    NVIDIA Update Components (Version: 8.3.14)
    NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
    PunkBuster Services (x32 Version: 0.986)
    RCT3 Soaked (x32 Version: 1.00.000)
    Realtek Ethernet Controller Driver (x32 Version: 7.67.1226.2012)
    Realtek High Definition Audio Driver (x32 Version: 6.0.1.6823)
    RollerCoaster Tycoon® 3 (x32 Version: 1.00.000)
    Search Protection (HKCU Version: 7.3.0.3)
    SHIELD Streaming (Version: 1.05.28)
    Skype&#8482; 6.7 (x32 Version: 6.7.102)
    Steam (x32 Version: 1.0.0.0)
    Super-Charger (x32 Version: 1.2.016)
    TeamSpeak 3 Client (Version: 3.0.11)
    The Witcher 2 - Assassins of Kings Enhanced Edition (x32)
    Torchlight II (c) Runic Games version 1 (x32 Version: 1)
    Total War: SHOGUN 2 (x32)
    Trend Micro Titanium (Version: 6.00)
    Trend Micro Titanium Internet Security (Version: 6.0)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
    Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
    Uplay (x32 Version: 2.0)
    VirtualCloneDrive (x32)
    War Thunder Launcher 1.0.1.265 (x32)
    Winki (x32 Version: 3.2.126)
    World of Tanks - Common Test (x32)
    World of Tanks (x32)
    WoT Hitbox Installer version 1.87 (x32 Version: 1.87)
    XCOM: Enemy Unknown (x32)

    ==================== Restore Points =========================

    16-10-2013 06:30:59 Windows Update
    17-10-2013 03:07:50 Installed Java 7 Update 45
    17-10-2013 05:41:37 Installed DirectX
    17-10-2013 05:44:15 Installed Microsoft Visual C++ 2005 Redistributable
    17-10-2013 05:44:57 Installed Microsoft Visual C++ 2005 Redistributable

    ==================== Hosts content: ==========================

    2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {0A83A50B-0A46-4893-9BBD-C01A904F90B4} - System32\Tasks\{C9C52F05-6DD5-43AE-A82C-E7E083F02F41} => C:\Users\Brandon Abeling\Downloads\ILLUSION Sexy Beach 3 ENG~\infinst.exe
    Task: {39953EFB-17A3-49D6-9CD2-AE5E8F114159} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com
    Task: {3A030101-7620-430A-9416-F730F79FE20D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
    Task: {3FB5F102-1047-4921-9F40-106A9CB857BC} - System32\Tasks\{5EF0A7DD-EFEB-4DB8-99B2-3370E4789CF3} => C:\Users\Brandon Abeling\Downloads\ILLUSION Sexy Beach 3 ENG~\infinst.exe
    Task: {5CB9B895-FFEF-4572-A33E-29DCD1CDCDE0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
    Task: {72E3D1BD-6F2E-4BEA-8C0B-6D4B4EC6ED0A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {79CD38B3-1BB7-4204-8FBE-0F7FB61E8822} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com
    Task: {8A27B232-7454-44CA-AA14-3026761CDE3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-06] (Google Inc.)
    Task: {A83D824D-4699-4E41-AC6F-C05F7FF818D7} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-08-06 19:34 - 2012-05-02 12:27 - 00049664 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
    2013-08-06 19:34 - 2012-05-02 12:24 - 00064512 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
    2013-08-21 14:18 - 2013-08-21 15:18 - 00687104 _____ () C:\Games\Steam\SDL2.dll
    2013-09-06 12:55 - 2013-10-08 19:19 - 01121704 _____ () C:\Games\Steam\bin\chromehtml.DLL
    2013-08-07 11:31 - 2013-09-10 15:20 - 20625832 _____ () C:\Games\Steam\bin\libcef.dll
    2013-06-14 15:49 - 2013-06-14 16:49 - 01100800 _____ () C:\Games\Steam\bin\avcodec-53.dll
    2013-06-14 15:49 - 2013-06-14 16:49 - 00124416 _____ () C:\Games\Steam\bin\avutil-51.dll
    2013-06-14 15:49 - 2013-06-14 16:49 - 00192000 _____ () C:\Games\Steam\bin\avformat-53.dll
    2013-08-14 10:20 - 2009-08-28 16:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
    2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-08-14 10:20 - 2010-03-10 14:50 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
    2013-08-06 19:26 - 2012-11-08 15:53 - 00215304 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\System.ComponentModel.Composition.dll
    2013-08-06 19:26 - 2012-11-08 15:52 - 00051464 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\Interop.TaskScheduler.dll
    2013-08-06 19:26 - 2012-11-08 15:52 - 00030472 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\ProcessPrivileges.dll
    2013-08-06 19:26 - 2012-11-08 15:52 - 00215304 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\System.ComponentModel.Composition.dll
    2013-08-06 19:26 - 2012-11-08 15:52 - 00051464 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.TaskScheduler.dll
    2013-08-06 19:26 - 2012-11-08 15:52 - 00076040 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.WUApiLib.dll
    2013-08-06 19:23 - 2013-01-14 11:25 - 01200088 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2013-09-30 17:50 - 2013-09-30 17:50 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========


    ==================== Safe Mode (whitelisted) ===================


    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (10/18/2013 01:22:13 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (10/17/2013 11:38:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
    Description: Failed extract of third-party root list from auto update cab at: <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: The data is invalid.
    .

    Error: (10/17/2013 03:04:03 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 13073

    Error: (10/17/2013 03:04:03 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 13073

    Error: (10/17/2013 03:04:03 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/17/2013 03:04:02 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 12059

    Error: (10/17/2013 03:04:02 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 12059

    Error: (10/17/2013 03:04:02 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/17/2013 03:04:01 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11061

    Error: (10/17/2013 03:04:01 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 11061


    System errors:
    =============
    Error: (10/12/2013 03:22:32 AM) (Source: Service Control Manager) (User: )
    Description: The Intel(R) Small Business Advantage service failed to start due to the following error:
    %%1053

    Error: (10/12/2013 03:22:32 AM) (Source: Service Control Manager) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Small Business Advantage service to connect.

    Error: (10/12/2013 03:21:17 AM) (Source: Service Control Manager) (User: )
    Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
    %%1069

    Error: (10/12/2013 03:21:17 AM) (Source: Service Control Manager) (User: )
    Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
    %%1330

    To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

    Error: (10/12/2013 03:20:56 AM) (Source: Service Control Manager) (User: )
    Description: The Steam Client Service service failed to start due to the following error:
    %%1053

    Error: (10/12/2013 03:20:56 AM) (Source: Service Control Manager) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

    Error: (10/10/2013 03:41:02 AM) (Source: Service Control Manager) (User: )
    Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
    %%1069

    Error: (10/10/2013 03:41:02 AM) (Source: Service Control Manager) (User: )
    Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
    %%1330

    To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

    Error: (10/10/2013 03:41:01 AM) (Source: Service Control Manager) (User: )
    Description: The Intel(R) Small Business Advantage service failed to start due to the following error:
    %%1053

    Error: (10/10/2013 03:41:01 AM) (Source: Service Control Manager) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Small Business Advantage service to connect.


    Microsoft Office Sessions:
    =========================
    Error: (10/18/2013 01:22:13 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (10/17/2013 11:38:10 PM) (Source: Microsoft-Windows-CAPI2)(User: )
    Description: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThe data is invalid.

    Error: (10/17/2013 03:04:03 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 13073

    Error: (10/17/2013 03:04:03 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 13073

    Error: (10/17/2013 03:04:03 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/17/2013 03:04:02 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 12059

    Error: (10/17/2013 03:04:02 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 12059

    Error: (10/17/2013 03:04:02 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (10/17/2013 03:04:01 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 11061

    Error: (10/17/2013 03:04:01 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 11061


    ==================== Memory info ===========================

    Percentage of memory in use: 25%
    Total physical RAM: 8121.64 MB
    Available physical RAM: 6035.21 MB
    Total Pagefile: 16241.45 MB
    Available Pagefile: 13949.47 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:465.66 GB) (Free:173.33 GB) NTFS
    Drive d: (Shogun2 Disc 1) (CDROM) (Total:7.26 GB) (Free:0 GB) UDF

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 79AA2623)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  11. brandonabe

    brandonabe Thread Starter

    Joined:
    Oct 14, 2013
    Messages:
    8
    Rkill log


    Rkill 2.6.2 by Lawrence Abrams (Grinler)
    http://www.bleepingcomputer.com/
    Copyright 2008-2013 BleepingComputer.com
    More Information about Rkill can be found at this link:
    http://www.bleepingcomputer.com/forums/topic308364.html

    Program started at: 10/18/2013 01:51:37 AM in x64 mode.
    Windows Version: Windows 7 Home Premium Service Pack 1

    Checking for Windows services to stop:

    * No malware services found to stop.

    Checking for processes to terminate:

    * No malware processes found to kill.

    Checking Registry for malware related settings:

    * No issues found in the Registry.

    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

    Performing miscellaneous checks:

    * No issues found.

    Checking Windows Service Integrity:

    * No issues found.

    Searching for Missing Digital Signatures:

    * No issues found.

    Checking HOSTS File:

    * No issues found.

    Program finished at: 10/18/2013 01:51:44 AM
    Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)
     
  12. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    All the above logs are clean and no sign of any prominent errors in the events log.

    One thing I can see though is an item of software you said you didn't have, a registry cleaner/optimizer: Dll-Files Fixer (x32 Version: 1.0). This program claims to fix registry errors and repair .dll files. You should never rely on any third party software to make any changes to your registry or to fix/replace .dll files, it is asking for trouble. I would highly recommend that you uninstall this software.

    Please tell me when this software was installed and if it coincides with the time you started to have problems with your PC's performance. Can you recall any changes you made, new hardware/software around the time the trouble started.

    We should run a check on your system files:


    System File Checker

    • Click on Start and type cmd in the search box. Right click on cmd in the popup menu and select Run as Administrator.
    • Another box will open, at the Command Prompt, type sfc /scannow and press Enter. (Note the gap between the c and the /)
    • Let the check run to completion. DO NOT reboot the PC or close the cmd window.
    • Copy & Paste the following command at the Command Prompt and press Enter:

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt

    • This will place a file on your desktop called sfcdetails.txt which contains the results of the scan.
    • Copy and Paste the contents of the file into your next post.
     
  13. brandonabe

    brandonabe Thread Starter

    Joined:
    Oct 14, 2013
    Messages:
    8
    Looks like Malware Bytes found something


    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.10.18.04

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16721
    Brandon Abeling :: BRANDONABELING [administrator]

    10/18/2013 2:01:18 AM
    mbam-log-2013-10-18 (02-01-18).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 424947
    Time elapsed: 57 minute(s), 1 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 2
    C:\Users\Brandon Abeling\AppData\Local\Temp\973867.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
    C:\Users\Brandon Abeling\Downloads\77ZipSetup.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.

    (end)
     
  14. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    All Malwarebytes found was a couple of items of Adware, please respond to post 12.
     
  15. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1110631

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice