Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows Validation Fails


  • Please log in to reply

#1
Braind

Braind

    Member

  • Member
  • PipPipPip
  • 246 posts

I have Windows 7 Home Premium. I was out of town for 2 days. When I returned home, my PC would give me a pop up message from MIcrosoft saying that my MIcrosoft software is not genuine when ever I boot up. 

I suspect this was caused by malware, so I ran a Full scan using Norton 360. This only found 4 tracking cookies and these were taken care of, but the problem still persists.

Even worse, when I tried to use System Restore, it could not find a back up restore point, so that is not an option.

 

How can I fix this?


Edited by Braind, 27 April 2014 - 12:07 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,019 posts
  • MVP
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    Please download Farbar Recovery Scan Tool and save it to your Desktop. 
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
     
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
  •  
     
     
    Download OTL from
    and Save it to your desktop.
     
    Copy the text in the code box:
     
    DRIVES
    nnetsvcs
    %SYSTEMDRIVE%\*.exe
    %systemroot%\assembly\GAC_32\*.ini
    %systemroot%\assembly\GAC_64\*.ini
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %ALLUSERSPROFILE%\Application Data\*.exe
    %APPDATA%\*.
    /md5start
    rsvpsp.dll
    pnrpnsp.dll 
    nwprovau.dll
    nlaapi.dll
    napinsp.dll
    mswsock.dll
    winrnr.dll
    wshelper.dll
    services.exe
    atapi.sys
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    csrss.exe
    PrintIsolationHost.exe
    consrv.dll
    user32.dll
    /md5stop
    C:\Windows\assembly\tmp\U\*.* /s
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %ProgramFiles%\WINDOWS NT\*.* /s
    %systemroot%\system32\drivers\*.sys /lockedfiles
    CREATERESTOREPOINT
    
     
    Run OTL (Vista or Win 7 => right click and Run As Administrator)
     
    Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes
     
    Select the All option in the Extra Registry group then Run Scan.
     
    You should get two logs.  Please copy and paste both of them.
     
     
     

     
    Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
     
    Reboot. 
     
    Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
    sfc  /scannow
     
    (This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
     
    Copy the next two lines:
     
    findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
    notepad \windows\logs\cbs\junk.txt 
     
    Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
    Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
     
     
    1. Please download the Event Viewer Tool by Vino Rosso
    and save it to your Desktop:
    2. Right-click VEW.exe and Run AS Administrator
    3. Under 'Select log to query', select:
     
    * System
    4. Under 'Select type to list', select:
    * Error
    * Warning
     
     
    Then use the 'Number of events' as follows:
     
     
    1. Click the radio button for 'Number of events'
    Type 20 in the 1 to 20 box
    Then click the Run button.
    Notepad will open with the output log.
     
     
    Please post the Output log in your next reply then repeat but select Application.
     

    • 0

    #3
    Braind

    Braind

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 246 posts

    OTL failed. It froze during its scan of my Mozilla files.

    Event Viewer tool also failed (both scans). I received this error message:

    Run-time error '-2147319779(8002801d)':

    Automation error

    Library not registered.


    • 0

    #4
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    Just skip OTL for now.


    • 0

    #5
    Braind

    Braind

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 246 posts

    Adw Cleaner logs:

     

    # AdwCleaner v3.010 - Report created 22/10/2013 at 20:00:00
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Brain - BRAIN-HP
    # Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\END
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Askcom.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Search_Results.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\user.js
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\my-web-search.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\safesearch.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\user.js
    File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
    Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
    Folder Found C:\Program Files (x86)\Conduit
    Folder Found C:\Program Files (x86)\Ilivid
    Folder Found C:\ProgramData\AGI
    Folder Found C:\ProgramData\Ask
    Folder Found C:\ProgramData\boost_interprocess
    Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
    Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
    Folder Found C:\Users\Brain\AppData\Local\Conduit
    Folder Found C:\Users\Brain\AppData\Local\Ilivid Player
    Folder Found C:\Users\Brain\AppData\Local\PackageAware
    Folder Found C:\Users\Brain\AppData\LocalLow\AGI
    Folder Found C:\Users\Brain\AppData\LocalLow\AskToolbar
    Folder Found C:\Users\Brain\AppData\LocalLow\boost_interprocess
    Folder Found C:\Users\Brain\AppData\LocalLow\Conduit
    Folder Found C:\Users\Brain\AppData\Roaming\DriverCure
    Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\FCTB
    Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411
    Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\FCTB
    Folder Found C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AGI
    Key Found : HKCU\Software\APN
    Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\Freecause
    Key Found : HKCU\Software\AppDataLow\Software\smartbar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\ilivid
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\AGI
    Key Found : [x64] HKCU\Software\APN
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\ilivid
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : HKLM\Software\AGI
    Key Found : HKLM\Software\APN
    Key Found : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Key Found : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
    Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    Key Found : HKLM\SOFTWARE\Classes\ilivid
    Key Found : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
    Key Found : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
    Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
    Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3279411
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\Freeze.com
    Key Found : HKLM\Software\ilivid
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16384


    -\\ Mozilla Firefox v25.0 (en-US)

    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]

    Line Found : user_pref("browser.search.selectedEngine", "WebSearch+");
    Line Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.DNSCatch", false);
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.FirstLaunchShown", true);
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.LastDate", 11);
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.customNewTab", false);
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.processAddrBar", false);
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.session", "655C325042A0172D76DAB1DA81D628318BFC42279EA1656A024CCFCF53A9FC57E839A3BC247FC8FE76279B28350855883B51F86F4C4DA0EB3D5CCDBF3C8EF6B5020D1AC4[...]
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.tb_lang", "en");
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.user_id", "43524957");
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.disablecuidinject", "1");
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.lastcheck", "Fri%20Nov%2011%202011%2006%3A41%3A51%20GMT-0600%20%28Central%20Standard%20Time%29");
    Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.yahooSearch", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "newbalance.com%7Cdreamboybondage%7CEscort%2520Passport%25209500ix%2520reviews%7Cbest%2520radar%2520dectector%7CVibram%252[...]
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 24);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 24);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1340583642804");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.revision", "48");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "67211771");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "86ee0c055615ec56fa099db6db215e55dd3e5f84");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_ID2cid2798503", "USMI0229");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_IDcid2798503", "53154");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_name2cid2798503", "Detroit%2C%20MI");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_namecid2798503", "Oak%20Creek%2C%20WI%20%2853154%29");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_unitscid2798503", "F");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
    Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
    Line Found : user_pref("smartbar.originalHomepage", "hxxp://www.dogpile.com/dogpile/ws/index");

    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]

    Line Found : user_pref("CT3279411.FF19Solved", "true");
    Line Found : user_pref("CT3279411.UserID", "UN14915692952109325");
    Line Found : user_pref("CT3279411.browser.search.defaultthis.engineName", "true");
    Line Found : user_pref("CT3279411.fullUserID", "UN14915692952109325.IN.20130804175222");
    Line Found : user_pref("CT3279411.installDate", "04/08/2013 17:52:22");
    Line Found : user_pref("CT3279411.installSessionId", "{067FC4A7-FB13-4B3A-AB3F-47FB1B385EE0}");
    Line Found : user_pref("CT3279411.installSp", "TRUE");
    Line Found : user_pref("CT3279411.installerVersion", "1.5.4.5");
    Line Found : user_pref("CT3279411.keyword", "true");
    Line Found : user_pref("CT3279411.originalHomepage", "hxxp://www.dogpile.com/info.dogpl.t5.1/search/home");
    Line Found : user_pref("CT3279411.originalSearchAddressUrl", "hxxp://websearch.shopathome.com?user_id={72b7d82c-93f4-4717-8c51-12620c6fba3e}&q=");
    Line Found : user_pref("CT3279411.originalSearchEngine", "Web Search");
    Line Found : user_pref("CT3279411.originalSearchEngineName", "");
    Line Found : user_pref("CT3279411.searchRevert", "false");
    Line Found : user_pref("CT3279411.searchUserMode", "2");
    Line Found : user_pref("CT3279411.smartbar.homepage", "true");
    Line Found : user_pref("CT3279411.versionFromInstaller", "10.16.9.6");
    Line Found : user_pref("CT3279411.xpeMode", "0");
    Line Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
    Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://websearch.shopathome.com?user_id={72b7d82c-93f4-4717-8c51-12620c6fba3e}&q=");
    Line Found : user_pref("browser.search.defaultenginename", "appbario12 Customized Web Search");
    Line Found : user_pref("browser.search.defaultthis.engineName", "appbario12 Customized Web Search");
    Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=3&q={searchTerms}");
    Line Found : user_pref("browser.search.selectedEngine", "appbario12 Customized Web Search");
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=1DA20B39-4406-47DB-BA95-B19B6A1CED40&n=77fcde6f&p2=^AFA^xdm163^YY^us&si=250652");
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.initialized", true);
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.contextKey", "");
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.installDate", "2013060719");
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerId", "^AFA^xdm163^YY^us");
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerSubId", "250652");
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.success", true);
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.toolbarId", "1DA20B39-4406-47DB-BA95-B19B6A1CED40");
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.lastActivePing", "1370649621040");
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.options.defaultSearch", false);
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.options.homePageEnabled", false);
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.options.keywordEnabled", false);
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.options.tabEnabled", false);
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.searchHistory", "great clips");
    Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.weather.location", "53201");
    Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "chrome%2520download%7Chxxp%253A//www.youtube.com/watch%253Fv%253DY2O1VQU30To%7CCharlie%2520Hofheimer%2520shirtless%7C%7CW[...]
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 22);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 25);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1382479937811");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.Uninstall", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeInstallSaved", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.homepage", "hxxp%3A//www.dogpile.com/");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.search", "Google");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "79119657");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "292661090311f397bfaaa4680f50622e4c205d4c");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
    Line Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&SearchSource=2&CUI=UN14915692952109325&UM=2&q=");
    Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3279411");
    Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource[...]
    Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&SearchSource=2&CUI=UN14915692952109325&UM=2&q=");
    Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3279411");
    Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3279411");
    Line Found : user_pref("smartbar.machineId", "HUSRM0EXRRTHC68ORYXUCUQ/HNYWZK6HQHS6EBSOVJWJWM6W7A4UQZ9/NVLVMXYSRY0P2XUVIJLQPKWIGBTB5W");
    Line Found : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=13");

    -\\ Google Chrome v30.0.1599.101

    [ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Found : urls_to_restore_on_startup

    *************************

    AdwCleaner[R0].txt - [24421 octets] - [22/10/2013 20:00:00]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24482 octets] ##########
     

     

    # AdwCleaner v3.010 - Report created 22/10/2013 at 20:15:41
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Brain - BRAIN-HP
    # Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\END
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Askcom.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Search_Results.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\user.js
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\my-web-search.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\safesearch.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\user.js
    File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
    Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
    Folder Found C:\Program Files (x86)\Conduit
    Folder Found C:\Program Files (x86)\Ilivid
    Folder Found C:\ProgramData\AGI
    Folder Found C:\ProgramData\Ask
    Folder Found C:\ProgramData\boost_interprocess
    Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
    Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
    Folder Found C:\Users\Brain\AppData\Local\Conduit
    Folder Found C:\Users\Brain\AppData\Local\Ilivid Player
    Folder Found C:\Users\Brain\AppData\Local\PackageAware
    Folder Found C:\Users\Brain\AppData\LocalLow\AGI
    Folder Found C:\Users\Brain\AppData\LocalLow\AskToolbar
    Folder Found C:\Users\Brain\AppData\LocalLow\boost_interprocess
    Folder Found C:\Users\Brain\AppData\LocalLow\Conduit
    Folder Found C:\Users\Brain\AppData\Roaming\DriverCure
    Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\FCTB
    Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411
    Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\FCTB
    Folder Found C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AGI
    Key Found : HKCU\Software\APN
    Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Found : HKCU\Software\AppDataLow\Software\Freecause
    Key Found : HKCU\Software\AppDataLow\Software\smartbar
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\ilivid
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKCU\Software\Softonic
    Key Found : [x64] HKCU\Software\AGI
    Key Found : [x64] HKCU\Software\APN
    Key Found : [x64] HKCU\Software\Conduit
    Key Found : [x64] HKCU\Software\ilivid
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : [x64] HKCU\Software\Softonic
    Key Found : HKLM\Software\AGI
    Key Found : HKLM\Software\APN
    Key Found : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Key Found : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
    Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    Key Found : HKLM\SOFTWARE\Classes\ilivid
    Key Found : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
    Key Found : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
    Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
    Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3279411
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    Key Found : HKLM\Software\Conduit
    Key Found : HKLM\Software\Freeze.com
    Key Found : HKLM\Software\ilivid
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
    Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16384


    -\\ Mozilla Firefox v25.0 (en-US)

    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]


    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]


    -\\ Google Chrome v30.0.1599.101

    [ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [24663 octets] - [22/10/2013 20:00:00]
    AdwCleaner[R1].txt - [11196 octets] - [22/10/2013 20:15:41]
    AdwCleaner[S0].txt - [25734 octets] - [22/10/2013 20:12:13]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [11318 octets] ##########
     

     

    # AdwCleaner v3.010 - Report created 22/10/2013 at 21:28:14
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Brain - BRAIN-HP
    # Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
    File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
    Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
    Folder Found C:\Users\Brain\AppData\Local\PackageAware
    Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AGI
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : [x64] HKCU\Software\AGI
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    Key Found : HKLM\Software\AGI
    Key Found : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Found : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
    Key Found : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
    Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16384


    -\\ Mozilla Firefox v25.0 (en-US)

    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]


    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]


    -\\ Google Chrome v30.0.1599.101

    [ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [24663 octets] - [22/10/2013 20:00:00]
    AdwCleaner[R1].txt - [11499 octets] - [22/10/2013 20:15:41]
    AdwCleaner[R2].txt - [5548 octets] - [22/10/2013 21:28:14]
    AdwCleaner[S0].txt - [25734 octets] - [22/10/2013 20:12:13]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [5669 octets] ##########
     

     

    # AdwCleaner v3.204 - Report created 27/04/2014 at 15:27:42
    # Updated 26/04/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Brain - BRAIN-HP
    # Running from : C:\Users\Brain\Downloads\AdwCleaner(1).exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Found : C:\END
    File Found : C:\Windows\System32\Tasks\Driver Booster Update
    Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\Extensions\[email protected]
    Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected]
    Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\FCTB
    Folder Found : C:\Windows\SysWOW64\AI_RecycleBin

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : HKCU64\Software\Conduit
    Key Found : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
    Key Found : HKLM\SOFTWARE\Classes\driverscanner
    Key Found : HKLM\Software\Uniblue
    Key Found : HKLM64\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17041


    -\\ Mozilla Firefox v29.0 (en-US)

    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]


    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]

    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "dogpile.com%7CJava%25201.6.0%7C%2520https%253A//www.dropbox.com/s/07e51gdzcwbq0ym/HRTicker%252520Information.pdf%7Cbuxton[...]
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 27);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 27);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowAfterUpdatePage", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1398470821876");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.Uninstall", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeInstallSaved", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.homepage", "chrome%3A//branding/locale/browserconfig.properties");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.search", "Google");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "79119657");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "292661090311f397bfaaa4680f50622e4c205d4c");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
    Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);

    -\\ Google Chrome v36.0.1951.5

    [ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]
     

     

    # AdwCleaner v3.010 - Report created 22/10/2013 at 20:12:13
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Brain - BRAIN-HP
    # Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    [x] Not Deleted : C:\ProgramData\AGI
    [x] Not Deleted : C:\ProgramData\Ask
    [x] Not Deleted : C:\ProgramData\boost_interprocess
    [x] Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
    [x] Not Deleted : C:\Program Files (x86)\Conduit
    [x] Not Deleted : C:\Program Files (x86)\Ilivid
    [x] Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
    [x] Not Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
    [x] Not Deleted : C:\Users\Brain\AppData\Local\Conduit
    [x] Not Deleted : C:\Users\Brain\AppData\Local\Ilivid Player
    [x] Not Deleted : C:\Users\Brain\AppData\Local\PackageAware
    [x] Not Deleted : C:\Users\Brain\AppData\LocalLow\AGI
    [x] Not Deleted : C:\Users\Brain\AppData\LocalLow\AskToolbar
    [x] Not Deleted : C:\Users\Brain\AppData\LocalLow\boost_interprocess
    [x] Not Deleted : C:\Users\Brain\AppData\LocalLow\Conduit
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\DriverCure
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\FCTB
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\FCTB
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
    [x] Not Deleted : C:\END
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Askcom.xml
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\my-web-search.xml
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\safesearch.xml
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Search_Results.xml
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\user.js
    [x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\user.js
    [x] Not Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    [x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
    [x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
    [x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
    [x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
    [x] Not Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
    [x] Not Deleted : HKLM\SOFTWARE\Classes\ilivid
    [x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
    [x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
    [x] Not Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279411
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASAPI32
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASMANCS
    [x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    [x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    [x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    [x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    [x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    [x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    [x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    [x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    [x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    [x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    [x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    [x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    [x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    [x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    [x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    [x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    [x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    [x] Not Deleted : HKCU\Software\AGI
    [x] Not Deleted : HKCU\Software\APN
    [x] Not Deleted : HKCU\Software\Conduit
    [x] Not Deleted : HKCU\Software\ilivid
    [x] Not Deleted : HKCU\Software\Softonic
    [x] Not Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
    [x] Not Deleted : HKCU\Software\AppDataLow\Software\Conduit
    [x] Not Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    [x] Not Deleted : HKCU\Software\AppDataLow\Software\Freecause
    [x] Not Deleted : HKCU\Software\AppDataLow\Software\smartbar
    [x] Not Deleted : HKLM\Software\AGI
    [x] Not Deleted : HKLM\Software\APN
    [x] Not Deleted : HKLM\Software\Conduit
    [x] Not Deleted : HKLM\Software\Freeze.com
    [x] Not Deleted : HKLM\Software\ilivid
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
    [x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
    [x] Not Deleted : [x64] HKCU\Software\AGI
    [x] Not Deleted : [x64] HKCU\Software\APN
    [x] Not Deleted : [x64] HKCU\Software\Conduit
    [x] Not Deleted : [x64] HKCU\Software\ilivid
    [x] Not Deleted : [x64] HKCU\Software\Softonic
    [x] Not Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
    [x] Not Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
    [x] Not Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16384


    -\\ Mozilla Firefox v25.0 (en-US)

    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]

    Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch+");
    Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.DNSCatch", false);
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.FirstLaunchShown", true);
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.LastDate", 11);
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.customNewTab", false);
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.processAddrBar", false);
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.session", "655C325042A0172D76DAB1DA81D628318BFC42279EA1656A024CCFCF53A9FC57E839A3BC247FC8FE76279B28350855883B51F86F4C4DA0EB3D5CCDBF3C8EF6B5020D1AC4[...]
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.tb_lang", "en");
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.user_id", "43524957");
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.disablecuidinject", "1");
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.lastcheck", "Fri%20Nov%2011%202011%2006%3A41%3A51%20GMT-0600%20%28Central%20Standard%20Time%29");
    Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.yahooSearch", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "newbalance.com%7Cdreamboybondage%7CEscort%2520Passport%25209500ix%2520reviews%7Cbest%2520radar%2520dectector%7CVibram%252[...]
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 24);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 24);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1340583642804");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.revision", "48");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "67211771");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "86ee0c055615ec56fa099db6db215e55dd3e5f84");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_ID2cid2798503", "USMI0229");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_IDcid2798503", "53154");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_name2cid2798503", "Detroit%2C%20MI");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_namecid2798503", "Oak%20Creek%2C%20WI%20%2853154%29");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_unitscid2798503", "F");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
    Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
    Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.dogpile.com/dogpile/ws/index");

    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]

    Line Deleted : user_pref("CT3279411.FF19Solved", "true");
    Line Deleted : user_pref("CT3279411.UserID", "UN14915692952109325");
    Line Deleted : user_pref("CT3279411.browser.search.defaultthis.engineName", "true");
    Line Deleted : user_pref("CT3279411.fullUserID", "UN14915692952109325.IN.20130804175222");
    Line Deleted : user_pref("CT3279411.installDate", "04/08/2013 17:52:22");
    Line Deleted : user_pref("CT3279411.installSessionId", "{067FC4A7-FB13-4B3A-AB3F-47FB1B385EE0}");
    Line Deleted : user_pref("CT3279411.installSp", "TRUE");
    Line Deleted : user_pref("CT3279411.installerVersion", "1.5.4.5");
    Line Deleted : user_pref("CT3279411.keyword", "true");
    Line Deleted : user_pref("CT3279411.originalHomepage", "hxxp://www.dogpile.com/info.dogpl.t5.1/search/home");
    Line Deleted : user_pref("CT3279411.originalSearchAddressUrl", "hxxp://websearch.shopathome.com?user_id={72b7d82c-93f4-4717-8c51-12620c6fba3e}&q=");
    Line Deleted : user_pref("CT3279411.originalSearchEngine", "Web Search");
    Line Deleted : user_pref("CT3279411.originalSearchEngineName", "");
    Line Deleted : user_pref("CT3279411.searchRevert", "false");
    Line Deleted : user_pref("CT3279411.searchUserMode", "2");
    Line Deleted : user_pref("CT3279411.smartbar.homepage", "true");
    Line Deleted : user_pref("CT3279411.versionFromInstaller", "10.16.9.6");
    Line Deleted : user_pref("CT3279411.xpeMode", "0");
    Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
    Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://websearch.shopathome.com?user_id={72b7d82c-93f4-4717-8c51-12620c6fba3e}&q=");
    Line Deleted : user_pref("browser.search.defaultenginename", "appbario12 Customized Web Search");
    Line Deleted : user_pref("browser.search.defaultthis.engineName", "appbario12 Customized Web Search");
    Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=3&q={searchTerms}");
    Line Deleted : user_pref("browser.search.selectedEngine", "appbario12 Customized Web Search");
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=1DA20B39-4406-47DB-BA95-B19B6A1CED40&n=77fcde6f&p2=^AFA^xdm163^YY^us&si=250652");
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.initialized", true);
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.contextKey", "");
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.installDate", "2013060719");
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerId", "^AFA^xdm163^YY^us");
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerSubId", "250652");
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.success", true);
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.toolbarId", "1DA20B39-4406-47DB-BA95-B19B6A1CED40");
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.lastActivePing", "1370649621040");
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.defaultSearch", false);
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.homePageEnabled", false);
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.keywordEnabled", false);
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.tabEnabled", false);
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.searchHistory", "great clips");
    Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.weather.location", "53201");
    Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "chrome%2520download%7Chxxp%253A//www.youtube.com/watch%253Fv%253DY2O1VQU30To%7CCharlie%2520Hofheimer%2520shirtless%7C%7CW[...]
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 22);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 25);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1382479937811");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.Uninstall", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeInstallSaved", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.homepage", "hxxp%3A//www.dogpile.com/");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.search", "Google");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "79119657");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "292661090311f397bfaaa4680f50622e4c205d4c");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
    Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
    Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&SearchSource=2&CUI=UN14915692952109325&UM=2&q=");
    Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3279411");
    Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource[...]
    Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&SearchSource=2&CUI=UN14915692952109325&UM=2&q=");
    Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3279411");
    Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3279411");
    Line Deleted : user_pref("smartbar.machineId", "HUSRM0EXRRTHC68ORYXUCUQ/HNYWZK6HQHS6EBSOVJWJWM6W7A4UQZ9/NVLVMXYSRY0P2XUVIJLQPKWIGBTB5W");
    Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=13");

    -\\ Google Chrome v30.0.1599.101

    [ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted : urls_to_restore_on_startup

    *************************

    AdwCleaner[R0].txt - [24663 octets] - [22/10/2013 20:00:00]
    AdwCleaner[S0].txt - [25492 octets] - [22/10/2013 20:12:13]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25553 octets] ##########
     

     

    # AdwCleaner v3.010 - Report created 22/10/2013 at 21:28:46
    # Updated 20/10/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Brain - BRAIN-HP
    # Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Users\Brain\AppData\Local\PackageAware
    Folder Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411
    Folder Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
    File Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
    File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Deleted : HKCU\Software\AGI
    Key Deleted : HKLM\Software\AGI
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
    Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
    Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
    Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16384


    -\\ Mozilla Firefox v25.0 (en-US)

    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]


    [ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]


    -\\ Google Chrome v30.0.1599.101

    [ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [24663 octets] - [22/10/2013 20:00:00]
    AdwCleaner[R1].txt - [11499 octets] - [22/10/2013 20:15:41]
    AdwCleaner[R2].txt - [5817 octets] - [22/10/2013 21:28:14]
    AdwCleaner[S0].txt - [25734 octets] - [22/10/2013 20:12:13]
    AdwCleaner[S1].txt - [5515 octets] - [22/10/2013 21:28:46]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5575 octets] ##########
     

     

    Junkware Removal Tool Log:

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Brain on Sun 04/27/2014 at 15:59:30.82
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}



    ~~~ Files

    Successfully deleted: [File] "C:\end"



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\Brain\appdata\locallow\boost_interprocess"
    Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
    Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



    ~~~ FireFox

    Successfully deleted: [Folder] C:\Users\Brain\AppData\Roaming\mozilla\firefox\profiles\x1ft5x1x.default-1340583930802\fctb
    Successfully deleted the following from C:\Users\Brain\AppData\Roaming\mozilla\firefox\profiles\esuzx5jl.default\prefs.js

    user_pref("extensions.sahtb.url.merchants.data", "<?xml version=\"1.0\" ?><MerchantSettings><v n=\"177\" /><GlobalSuppresses><s u=\".7eer.net\" g=\"1\" i=\"1853\" /><s u=\".ca
    Successfully deleted the following from C:\Users\Brain\AppData\Roaming\mozilla\firefox\profiles\x1ft5x1x.default-1340583930802\prefs.js

    user_pref("browser.startup.homepage", "hxxp://www.dogpile.com/");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "dogpile.com%7CJava%25201.6.0%7C%2520hxxps%253A//www.dropbox.com/s/07e51gdzcwbq0ym/HRTicker%25252
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 27);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 27);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1398470821876");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.Uninstall", false);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeInstallSaved", true);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.homepage", "chrome%3A//branding/locale/browserconfig.properties");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.search", "Google");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "79119657");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "292661090311f397bfaaa4680f50622e4c205d4c");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
    user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
    Emptied folder: C:\Users\Brain\AppData\Roaming\mozilla\firefox\profiles\x1ft5x1x.default-1340583930802\minidumps [28 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 04/27/2014 at 16:05:35.99
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     

    Farbar Recovery Scan Tool log (only one log was produced):

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
    Ran by Brain (administrator) on BRAIN-HP on 27-04-2014 16:14:45
    Running from C:\Users\Brain\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
    (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Microsoft Corporation) C:\Windows\System32\vds.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (Akamai Technologies, Inc.) C:\Users\Brain\AppData\Local\Akamai\netsession_win.exe
    (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
    (Dropbox, Inc.) C:\Users\Brain\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Akamai Technologies, Inc.) C:\Users\Brain\AppData\Local\Akamai\netsession_win.exe
    (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
    (Repkasoft) C:\Program Files (x86)\YoWindow\yowindow.exe
    (CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
    () C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Condusiv Technologies) C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Farbar) C:\Users\Brain\Downloads\FRST64(1).exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [CheckIt Diagnostics 8] => C:\Program Files\Smith Micro\CheckIt Diagnostics 8\cd8ctf.exe [54088 2010-05-11] (Smith Micro)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-27] (Realtek Semiconductor)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe [70728 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
    HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe [1372232 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
    HKLM-x32\...\Run: [EaseUs TB Tray Agent] => C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [253512 2013-09-04] ()
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
    HKLM-x32\...\Run: [BFHP] => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
    HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
    HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
    HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
    HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-14] (SUPERAntiSpyware)
    HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
    HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Brain\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [Google Update] => C:\Users\Brain\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.)
    HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-03-18] (Siber Systems)
    Startup: C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Brain\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk
    ShortcutTarget: YoWindow.lnk -> C:\Program Files (x86)\YoWindow\yowindow.exe (Repkasoft)

    ==================== Internet (Whitelisted) ====================

    SearchScopes: HKLM - {C46296C9-9FB6-4509-8294-68FA8F44E6DB} URL = http://www.amazon.co...s={searchTerms}
    SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
    SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {C46296C9-9FB6-4509-8294-68FA8F44E6DB} URL =
    SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
    BHO: No Name - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -  No File
    BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
    BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
    BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
    BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
    BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    BHO-x32: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM - No Name - {eec0f710-38b5-4aba-99bf-ec87564a4e13} -  No File
    Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
    Toolbar: HKLM-x32 - No Name - {8A936F47-6B90-4537-A1BC-6F369A203D47} -  No File
    Toolbar: HKLM-x32 - Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
    Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    FireFox:
    ========
    FF ProfilePath: C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802
    FF NewTab: about:blank
    FF Keyword.URL: hxxp://www.dogpile.com/info.dogpl.fctb.prefer/search/web?fcoid=417&fcop=topnav&fpid=27&q=
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_199.dll ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_199.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
    FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
    FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
    FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Brain\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Brain\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Brain\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Brain\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Brain\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)
    FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Brain\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Brain\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Brain\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
    FF SearchPlugin: C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\dogpile.xml
    FF Extension: Разпознаване на устройство Logitech - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2012-09-05]
    FF Extension: DoNotTrackMe - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2013-08-24]
    FF Extension: Xmarks - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2014-01-10]
    FF Extension: MaskMe - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2014-04-06]
    FF Extension: Lavasoft Search Plugin - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2013-01-06]
    FF Extension: BeFrugal.com Toolbar - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2014-03-15]
    FF Extension: No Name - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\staged [2014-04-27]
    FF Extension: Ghostery - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2013-08-24]
    FF Extension: Searchonymous - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2014-02-11]
    FF Extension: Personas Plus - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2012-06-24]
    FF Extension: Test Pilot - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2012-06-24]
    FF Extension: PDF Download - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2014-04-10]
    FF Extension: Dogpile Toolbar - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{9a94d785-2979-44e9-b331-9e09d0cc7cff}.xpi [2012-06-24]
    FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\
    FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ []
    FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-22]
    FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
    FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
    FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
    FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-01-30]
    FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
    FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
    FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
    FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-03-18]

    Chrome:
    =======
    CHR Extension: (Google Docs) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-22]
    CHR Extension: (Google Drive) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-22]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-02-25]
    CHR Extension: (YouTube) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-22]
    CHR Extension: (Google Search) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-22]
    CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-10-22]
    CHR Extension: (Assassin's Creed III) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\geadmffjboclimmeiaimcafapjaefnfn [2013-10-22]
    CHR Extension: (Advanced Extensions) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\knchccdpckooledklhnooegnniofcfip [2013-10-22]
    CHR Extension: (Norton Identity Protection) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-01-30]
    CHR Extension: (Google Wallet) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09]
    CHR Extension: (Buffer) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2013-10-22]
    CHR Extension: (Readability) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2013-10-22]
    CHR Extension: (Gmail) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-22]
    CHR Extension: (RoboForm) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-03-20]
    CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-17]
    CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-18]
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Services (Whitelisted) =================

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
    R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
    R2 Diskeeper; C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe [2721656 2012-07-27] (Condusiv Technologies)
    R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
    S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-07-25] (Google)
    R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
    S4 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [107576 2010-11-17] ()
    R2 HPSLPSVC; C:\Users\Brain\AppData\Local\Temp\7zS0078\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.)
    R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
    S4 NSL; C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe [130000 2010-11-23] (Symantec Corporation)
    S4 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2013-07-19] (Alcatel-Lucent)
    S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-03-08] (Realtek Semiconductor)

    ==================== Drivers (Whitelisted) ====================

    R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-18] (Symantec Corporation)
    R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
    S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
    R3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [52048 2012-06-18] (Condusiv Technologies)
    R0 DKTLFSMF; C:\Windows\System32\drivers\DKTLFSMF.sys [106832 2012-07-09] (Condusiv Technologies)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-30] (Symantec Corporation)
    R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] ()
    S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
    R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-06] (GFI Software)
    S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
    R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140427.002\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-03-08] (Intel Corporation)
    R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140426.001\ENG64.SYS [126040 2014-01-30] (Symantec Corporation)
    R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140426.001\EX64.SYS [2099288 2014-01-30] (Symantec Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
    R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
    R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-30] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
    S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-11] (Microsoft Corporation)
    S3 veebeampol; C:\Windows\System32\DRIVERS\veebeampol.sys [14952 2010-11-29] (Veebeam Corporation)
    S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
    S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
    S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
    S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-04-27 16:14 - 2014-04-27 16:14 - 00030270 _____ () C:\Users\Brain\Downloads\FRST.txt
    2014-04-27 16:13 - 2014-04-27 16:13 - 02061824 _____ (Farbar) C:\Users\Brain\Downloads\FRST64(1).exe
    2014-04-27 16:05 - 2014-04-27 16:05 - 00004716 _____ () C:\Users\Brain\Desktop\JRT.txt
    2014-04-27 15:58 - 2014-04-27 15:59 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(5).exe
    2014-04-27 15:54 - 2014-04-27 15:54 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(4).exe
    2014-04-27 15:52 - 2014-04-27 15:52 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(3).exe
    2014-04-27 15:40 - 2014-04-27 15:40 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(2).exe
    2014-04-27 15:36 - 2014-04-27 15:36 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(1).exe
    2014-04-27 15:22 - 2014-04-27 15:22 - 01329501 _____ () C:\Users\Brain\Downloads\AdwCleaner(1).exe
    2014-04-27 14:02 - 2014-04-27 14:18 - 00000000 ____D () C:\Users\Brain\Documents\WI State Jobs Exam Answers
    2014-04-27 13:20 - 2014-04-27 13:22 - 156995584 _____ () C:\Users\Brain\Downloads\VIPRERescue28624.exe
    2014-04-27 03:07 - 2014-04-27 03:07 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
    2014-04-27 03:07 - 2014-04-27 03:07 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
    2014-04-27 03:06 - 2014-04-27 03:06 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
    2014-04-27 03:06 - 2014-04-27 03:06 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
    2014-04-27 03:06 - 2014-04-27 03:06 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 00110080 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 00094208 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
    2014-04-27 00:18 - 2014-04-27 00:18 - 00002626 _____ () C:\Users\Brain\Downloads\legitcheck (1).hta
    2014-04-27 00:17 - 2014-04-27 00:17 - 00002626 _____ () C:\Users\Brain\Downloads\legitcheck.hta
    2014-04-27 00:07 - 2014-04-27 00:07 - 00159144 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\WindowsActivationUpdate.exe
    2014-04-26 23:58 - 2014-04-26 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
    2014-04-26 23:57 - 2014-04-26 23:57 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
    2014-04-26 23:55 - 2014-04-26 23:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-04-26 23:55 - 2014-04-13 21:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-04-26 23:55 - 2014-04-13 21:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-04-25 21:58 - 2014-04-25 21:58 - 04745984 _____ (Piriform Ltd) C:\Users\Brain\Downloads\ccsetup413.exe
    2014-04-25 15:26 - 2014-04-25 15:26 - 00000000 __SHD () C:\Users\Brain\AppData\Local\EmieUserList
    2014-04-25 15:26 - 2014-04-25 15:26 - 00000000 __SHD () C:\Users\Brain\AppData\Local\EmieSiteList
    2014-04-24 05:47 - 2014-04-24 05:47 - 00001609 _____ () C:\Users\Brain\Desktop\DivX Movies.lnk
    2014-04-24 05:47 - 2014-04-24 05:47 - 00001085 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
    2014-04-24 05:47 - 2014-04-24 05:47 - 00001020 _____ () C:\Users\Public\Desktop\DivX Player.lnk
    2014-04-24 05:45 - 2014-04-24 05:46 - 57134496 _____ (DivX, LLC) C:\Users\Brain\Downloads\DivXInstaller(7).exe
    2014-04-23 18:04 - 2014-04-23 18:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-04-22 17:50 - 2014-04-22 17:50 - 00000000 ____D () C:\Users\dub_cm_auto
    2014-04-22 17:30 - 2014-04-27 15:56 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-649025149-514020257-970770016-1000
    2014-04-22 17:30 - 2014-04-27 15:56 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-649025149-514020257-970770016-1000
    2014-04-21 19:18 - 2014-04-21 19:22 - 157642752 _____ () C:\Users\Brain\Downloads\VIPRERescue28456.exe
    2014-04-20 20:51 - 2014-04-20 20:55 - 328121408 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(90).exe
    2014-04-20 20:47 - 2014-04-20 20:50 - 328121408 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(89).exe
    2014-04-17 18:58 - 2014-04-17 18:58 - 00003138 _____ () C:\Windows\System32\Tasks\{FD33FB71-6A13-4E4F-B4FB-234C52B190CA}
    2014-04-17 18:57 - 2014-04-17 18:57 - 01239752 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\wlsetup-web(10).exe
    2014-04-17 17:46 - 2014-04-17 17:46 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2014-04-17 17:46 - 2014-04-17 17:46 - 00000000 ____D () C:\Windows\en
    2014-04-17 17:44 - 2014-04-17 17:44 - 00000380 _____ () C:\Windows\DirectX.log
    2014-04-17 17:38 - 2014-04-17 17:44 - 01239752 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\wlsetup-web(9).exe
    2014-04-16 21:59 - 2014-03-06 05:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-04-16 21:59 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-04-16 21:59 - 2014-03-06 04:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-04-16 21:59 - 2014-03-06 04:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-04-16 21:59 - 2014-03-06 03:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-04-16 21:59 - 2014-03-06 03:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-04-16 21:59 - 2014-03-06 03:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-04-16 21:59 - 2014-03-06 03:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-04-16 21:59 - 2014-03-06 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-04-16 21:59 - 2014-03-06 03:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-04-16 21:59 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-04-16 21:59 - 2014-03-06 03:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-04-16 21:59 - 2014-03-06 03:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-04-16 21:59 - 2014-03-06 03:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-04-16 21:59 - 2014-03-06 03:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-04-16 21:59 - 2014-03-06 03:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-04-16 21:59 - 2014-03-06 03:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-04-16 21:59 - 2014-03-06 03:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-04-16 21:59 - 2014-03-06 03:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-04-16 21:59 - 2014-03-06 03:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-04-16 21:59 - 2014-03-06 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-04-16 21:59 - 2014-03-06 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-04-16 21:59 - 2014-03-06 02:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-04-16 21:59 - 2014-03-06 02:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-04-16 21:59 - 2014-03-06 02:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-04-16 21:59 - 2014-03-06 02:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-04-16 21:59 - 2014-03-06 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-04-16 21:59 - 2014-03-06 02:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-04-16 21:59 - 2014-03-06 02:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-04-16 21:59 - 2014-03-06 02:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-04-16 21:59 - 2014-03-06 02:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-04-16 21:59 - 2014-03-06 02:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-04-16 21:59 - 2014-03-06 02:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-04-16 21:59 - 2014-03-06 02:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-04-16 21:59 - 2014-03-06 02:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-04-16 21:59 - 2014-03-06 02:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-04-16 21:59 - 2014-03-06 02:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-04-16 21:59 - 2014-03-06 02:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-04-16 21:59 - 2014-03-06 01:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-04-16 21:59 - 2014-03-06 01:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-04-16 21:59 - 2014-03-06 01:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-04-16 21:59 - 2014-03-06 01:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-04-16 21:59 - 2014-03-06 01:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-04-16 21:59 - 2014-03-06 00:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-04-16 21:59 - 2014-03-06 00:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-04-16 21:59 - 2014-03-06 00:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-04-16 21:59 - 2014-03-06 00:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-04-16 21:59 - 2014-03-06 00:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-04-16 19:09 - 2014-04-16 19:09 - 00003132 _____ () C:\Windows\System32\Tasks\{15648CDD-6F78-4EE8-9474-B8786FE391D9}
    2014-04-16 19:08 - 2014-04-16 19:09 - 18129696 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(7).exe
    2014-04-16 19:07 - 2014-04-16 19:07 - 00884688 _____ (Google Inc.) C:\Users\Brain\Downloads\ChromeSetup (2).exe
    2014-04-16 18:53 - 2014-04-16 18:53 - 34705408 _____ () C:\Users\Brain\Downloads\gsync(4).msi
    2014-04-16 18:49 - 2014-04-16 18:49 - 34131368 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jre-8u5-windows-x64.exe
    2014-04-15 22:02 - 2014-04-15 22:02 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
    2014-04-14 19:49 - 2014-04-14 19:51 - 157085696 _____ () C:\Users\Brain\Downloads\VIPRERescue28214.exe
    2014-04-13 21:07 - 2014-04-13 21:11 - 326825496 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(88).exe
    2014-04-13 19:06 - 2014-04-20 20:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-04-13 19:06 - 2014-04-13 19:06 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-04-13 19:06 - 2014-04-13 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-04-13 19:06 - 2014-04-13 19:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-04-13 19:06 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-04-13 19:06 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-04-09 20:20 - 2014-04-09 20:20 - 34705408 _____ () C:\Users\Brain\Downloads\gsync(3).msi
    2014-04-09 18:22 - 2014-04-09 18:22 - 00692320 _____ () C:\Users\Brain\Downloads\pmmig.exe
    2014-04-09 18:19 - 2014-04-24 05:47 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
    2014-04-09 18:19 - 2014-04-09 18:19 - 21252080 _____ (Moonchild Productions) C:\Users\Brain\Downloads\palemoon-24.4.2 x86 (32-bit)-installer.exe
    2014-04-09 18:19 - 2014-04-09 18:19 - 00001082 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
    2014-04-09 18:19 - 2014-04-09 18:19 - 00001070 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
    2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Moonchild Productions
    2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Users\Brain\AppData\Local\Moonchild Productions
    2014-04-09 18:17 - 2014-04-09 18:17 - 00003132 _____ () C:\Windows\System32\Tasks\{79DC43F3-7CB7-40FC-82E6-4B0A11F310C4}
    2014-04-09 18:16 - 2014-04-09 18:16 - 00798896 _____ () C:\Users\Brain\Downloads\palemoon-websetup.exe
    2014-04-09 18:01 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2014-04-09 18:01 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2014-04-09 18:01 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2014-04-09 18:01 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2014-04-09 18:01 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2014-04-09 18:01 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2014-04-09 18:01 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2014-04-09 18:01 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2014-04-09 18:01 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2014-04-09 18:01 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2014-04-09 18:01 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2014-04-09 18:01 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
    2014-04-09 18:01 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2014-04-09 18:01 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2014-04-09 18:01 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
    2014-04-09 18:01 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
    2014-04-09 18:01 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-04-09 17:59 - 2014-04-09 17:59 - 18130312 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(6).exe
    2014-04-07 20:58 - 2014-04-07 20:58 - 11841536 _____ () C:\Users\Brain\Downloads\easypdf60-setup64.msi
    2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCL easyPDF Printer 6
    2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files\Common Files\BCL Technologies
    2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files\BCL Technologies
    2014-04-07 20:36 - 2014-04-07 20:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-04-07 20:36 - 2014-04-07 20:36 - 00001981 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
    2014-04-07 19:48 - 2014-04-07 19:48 - 00000000 ____D () C:\ProgramData\PDFC
    2014-04-07 19:38 - 2014-04-07 19:38 - 00050688 _____ (Atribune.org) C:\Users\Brain\Downloads\ATF-Cleaner(3).exe
    2014-04-07 07:02 - 2014-04-17 07:03 - 00003820 _____ () C:\Windows\System32\Tasks\SetupManager
    2014-04-06 19:48 - 2014-04-06 19:50 - 156749824 _____ () C:\Users\Brain\Downloads\VIPRERescue28076.exe
    2014-04-06 18:35 - 2014-04-06 18:39 - 324216336 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(87).exe
    2014-04-02 19:20 - 2014-04-02 19:20 - 00001227 _____ () C:\Users\Brain\Desktop\Should I Remove It.lnk
    2014-04-02 19:20 - 2014-04-02 19:20 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
    2014-04-02 19:20 - 2014-04-02 19:20 - 00000000 ____D () C:\Program Files (x86)\Reason
    2014-04-01 21:27 - 2014-04-27 15:31 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-649025149-514020257-970770016-1000
    2014-04-01 21:27 - 2014-04-27 15:31 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-649025149-514020257-970770016-1000
    2014-04-01 17:47 - 2014-04-01 17:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-04-01 17:47 - 2014-04-01 17:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-04-01 17:47 - 2014-04-01 17:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-04-01 17:47 - 2014-04-01 17:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-04-01 17:47 - 2014-04-01 17:47 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-04-01 17:45 - 2014-04-01 17:45 - 00921000 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jxpiinstall(3).exe
    2014-04-01 17:43 - 2014-04-01 17:44 - 34121112 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jre-8-windows-x64(1).exe
    2014-03-31 21:41 - 2014-03-31 21:41 - 00058568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sirenacm.dll
    2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
    2014-03-30 20:19 - 2014-03-30 20:23 - 323110024 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(86).exe
    2014-03-30 18:23 - 2014-04-27 15:55 - 00024276 _____ () C:\Windows\setupact.log
    2014-03-30 18:23 - 2014-03-30 18:23 - 00000000 _____ () C:\Windows\setuperr.log
    2014-03-29 12:43 - 2014-03-29 12:43 - 00003132 _____ () C:\Windows\System32\Tasks\{E3BCC3C7-8251-4246-95D4-98DC990BBF4F}
    2014-03-29 12:42 - 2014-03-29 12:43 - 18160600 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(5).exe

    ==================== One Month Modified Files and Folders =======

    2014-04-27 16:15 - 2014-04-27 16:14 - 00030270 _____ () C:\Users\Brain\Downloads\FRST.txt
    2014-04-27 16:14 - 2013-10-21 22:22 - 00000000 ____D () C:\FRST
    2014-04-27 16:13 - 2014-04-27 16:13 - 02061824 _____ (Farbar) C:\Users\Brain\Downloads\FRST64(1).exe
    2014-04-27 16:11 - 2014-03-15 16:01 - 00000206 _____ () C:\Users\Brain\myextension_debug.log
    2014-04-27 16:05 - 2014-04-27 16:05 - 00004716 _____ () C:\Users\Brain\Desktop\JRT.txt
    2014-04-27 16:03 - 2009-07-13 23:45 - 00024608 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-04-27 16:03 - 2009-07-13 23:45 - 00024608 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-04-27 15:59 - 2014-04-27 15:58 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(5).exe
    2014-04-27 15:59 - 2011-07-15 01:01 - 01889727 _____ () C:\Windows\WindowsUpdate.log
    2014-04-27 15:56 - 2014-04-22 17:30 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-649025149-514020257-970770016-1000
    2014-04-27 15:56 - 2014-04-22 17:30 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-649025149-514020257-970770016-1000
    2014-04-27 15:56 - 2013-11-24 18:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-04-27 15:56 - 2013-10-28 04:25 - 00000000 ___RD () C:\Users\Brain\Dropbox
    2014-04-27 15:56 - 2013-10-28 04:23 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Dropbox
    2014-04-27 15:55 - 2014-03-30 18:23 - 00024276 _____ () C:\Windows\setupact.log
    2014-04-27 15:55 - 2014-01-17 18:55 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForBrain.job
    2014-04-27 15:55 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-04-27 15:54 - 2014-04-27 15:54 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(4).exe
    2014-04-27 15:53 - 2014-01-19 04:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-04-27 15:52 - 2014-04-27 15:52 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(3).exe
    2014-04-27 15:40 - 2014-04-27 15:40 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(2).exe
    2014-04-27 15:36 - 2014-04-27 15:36 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(1).exe
    2014-04-27 15:35 - 2014-01-17 18:55 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBrain
    2014-04-27 15:31 - 2014-04-01 21:27 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-649025149-514020257-970770016-1000
    2014-04-27 15:31 - 2014-04-01 21:27 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-649025149-514020257-970770016-1000
    2014-04-27 15:29 - 2013-12-07 15:13 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-649025149-514020257-970770016-1000UA.job
    2014-04-27 15:27 - 2013-10-22 19:59 - 00000000 ____D () C:\AdwCleaner
    2014-04-27 15:22 - 2014-04-27 15:22 - 01329501 _____ () C:\Users\Brain\Downloads\AdwCleaner(1).exe
    2014-04-27 15:21 - 2013-11-24 18:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-04-27 15:20 - 2011-07-24 01:01 - 00000000 ____D () C:\Users\Brain\Documents\Outlook Files
    2014-04-27 14:27 - 2011-07-23 21:18 - 00000000 ____D () C:\VIPRERESCUE
    2014-04-27 14:18 - 2014-04-27 14:02 - 00000000 ____D () C:\Users\Brain\Documents\WI State Jobs Exam Answers
    2014-04-27 14:12 - 2013-07-02 18:07 - 00000000 ____D () C:\Users\Brain\Documents\Latest Resumes
    2014-04-27 14:05 - 2009-07-14 00:13 - 00786538 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-04-27 13:22 - 2014-04-27 13:20 - 156995584 _____ () C:\Users\Brain\Downloads\VIPRERescue28624.exe
    2014-04-27 03:07 - 2014-04-27 03:07 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
    2014-04-27 03:07 - 2014-04-27 03:07 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
    2014-04-27 03:07 - 2011-07-15 00:55 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
    2014-04-27 03:07 - 2011-07-15 00:53 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
    2014-04-27 03:06 - 2014-04-27 03:06 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
    2014-04-27 03:06 - 2014-04-27 03:06 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
    2014-04-27 03:06 - 2014-04-27 03:06 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 00110080 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
    2014-04-27 03:06 - 2014-04-27 03:06 - 00094208 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
    2014-04-27 02:28 - 2014-02-26 12:50 - 00035282 _____ () C:\Windows\PFRO.log
    2014-04-27 00:18 - 2014-04-27 00:18 - 00002626 _____ () C:\Users\Brain\Downloads\legitcheck (1).hta
    2014-04-27 00:17 - 2014-04-27 00:17 - 00002626 _____ () C:\Users\Brain\Downloads\legitcheck.hta
    2014-04-27 00:07 - 2014-04-27 00:07 - 00159144 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\WindowsActivationUpdate.exe
    2014-04-26 23:58 - 2014-04-26 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
    2014-04-26 23:58 - 2013-06-14 02:37 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
    2014-04-26 23:58 - 2013-06-14 02:37 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
    2014-04-26 23:58 - 2012-12-23 19:21 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
    2014-04-26 23:58 - 2011-07-23 03:20 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
    2014-04-26 23:58 - 2011-07-23 03:16 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
    2014-04-26 23:57 - 2014-04-26 23:57 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
    2014-04-26 23:55 - 2014-04-26 23:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-04-25 21:58 - 2014-04-25 21:58 - 04745984 _____ (Piriform Ltd) C:\Users\Brain\Downloads\ccsetup413.exe
    2014-04-25 21:58 - 2014-01-25 15:46 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2014-04-25 21:58 - 2011-07-24 22:12 - 00000000 ____D () C:\Program Files\CCleaner
    2014-04-25 17:29 - 2011-07-22 19:07 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2014-04-25 17:28 - 2011-10-28 19:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2014-04-25 15:26 - 2014-04-25 15:26 - 00000000 __SHD () C:\Users\Brain\AppData\Local\EmieUserList
    2014-04-25 15:26 - 2014-04-25 15:26 - 00000000 __SHD () C:\Users\Brain\AppData\Local\EmieSiteList
    2014-04-25 13:56 - 2014-01-07 19:53 - 00000000 ____D () C:\Users\Brain\AppData\Local\Akamai
    2014-04-25 13:54 - 2012-04-27 23:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-04-24 05:47 - 2014-04-24 05:47 - 00001609 _____ () C:\Users\Brain\Desktop\DivX Movies.lnk
    2014-04-24 05:47 - 2014-04-24 05:47 - 00001085 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
    2014-04-24 05:47 - 2014-04-24 05:47 - 00001020 _____ () C:\Users\Public\Desktop\DivX Player.lnk
    2014-04-24 05:47 - 2014-04-09 18:19 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
    2014-04-24 05:47 - 2013-09-06 07:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
    2014-04-24 05:47 - 2012-05-13 16:57 - 00000000 ____D () C:\Program Files (x86)\DivX
    2014-04-24 05:47 - 2012-05-13 16:56 - 00000000 ____D () C:\ProgramData\DivX
    2014-04-24 05:46 - 2014-04-24 05:45 - 57134496 _____ (DivX, LLC) C:\Users\Brain\Downloads\DivXInstaller(7).exe
    2014-04-23 18:04 - 2014-04-23 18:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-04-22 17:50 - 2014-04-22 17:50 - 00000000 ____D () C:\Users\dub_cm_auto
    2014-04-21 21:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
    2014-04-21 19:22 - 2014-04-21 19:18 - 157642752 _____ () C:\Users\Brain\Downloads\VIPRERescue28456.exe
    2014-04-20 20:55 - 2014-04-20 20:51 - 328121408 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(90).exe
    2014-04-20 20:50 - 2014-04-20 20:47 - 328121408 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(89).exe
    2014-04-20 20:10 - 2014-04-13 19:06 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-04-17 18:58 - 2014-04-17 18:58 - 00003138 _____ () C:\Windows\System32\Tasks\{FD33FB71-6A13-4E4F-B4FB-234C52B190CA}
    2014-04-17 18:57 - 2014-04-17 18:57 - 01239752 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\wlsetup-web(10).exe
    2014-04-17 17:46 - 2014-04-17 17:46 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2014-04-17 17:46 - 2014-04-17 17:46 - 00000000 ____D () C:\Windows\en
    2014-04-17 17:46 - 2014-02-22 04:22 - 00000000 ____D () C:\Users\Brain\Tracing
    2014-04-17 17:46 - 2011-07-15 01:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2014-04-17 17:45 - 2014-02-22 04:15 - 00002448 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2014-04-17 17:45 - 2014-02-22 04:15 - 00001420 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2014-04-17 17:45 - 2014-02-22 04:15 - 00001336 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2014-04-17 17:45 - 2013-08-09 23:22 - 00000000 ____D () C:\Program Files\Windows Live
    2014-04-17 17:45 - 2011-07-15 01:15 - 00000000 ____D () C:\Program Files (x86)\Windows Live
    2014-04-17 17:44 - 2014-04-17 17:44 - 00000380 _____ () C:\Windows\DirectX.log
    2014-04-17 17:44 - 2014-04-17 17:38 - 01239752 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\wlsetup-web(9).exe
    2014-04-17 17:44 - 2014-02-22 04:14 - 00002174 _____ () C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
    2014-04-17 07:03 - 2014-04-07 07:02 - 00003820 _____ () C:\Windows\System32\Tasks\SetupManager
    2014-04-16 22:01 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-04-16 19:09 - 2014-04-16 19:09 - 00003132 _____ () C:\Windows\System32\Tasks\{15648CDD-6F78-4EE8-9474-B8786FE391D9}
    2014-04-16 19:09 - 2014-04-16 19:08 - 18129696 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(7).exe
    2014-04-16 19:07 - 2014-04-16 19:07 - 00884688 _____ (Google Inc.) C:\Users\Brain\Downloads\ChromeSetup (2).exe
    2014-04-16 18:54 - 2012-11-29 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2014-04-16 18:53 - 2014-04-16 18:53 - 34705408 _____ () C:\Users\Brain\Downloads\gsync(4).msi
    2014-04-16 18:52 - 2014-01-19 04:16 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
    2014-04-16 18:52 - 2014-01-19 04:16 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
    2014-04-16 18:52 - 2014-01-19 04:16 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
    2014-04-16 18:52 - 2014-01-19 04:16 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
    2014-04-16 18:52 - 2014-01-19 04:16 - 00000000 ____D () C:\Program Files\Java
    2014-04-16 18:49 - 2014-04-16 18:49 - 34131368 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jre-8u5-windows-x64.exe
    2014-04-15 22:02 - 2014-04-15 22:02 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
    2014-04-15 19:53 - 2014-01-19 04:26 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-04-15 19:53 - 2014-01-19 04:26 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-04-15 19:53 - 2014-01-19 04:26 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-04-14 19:51 - 2014-04-14 19:49 - 157085696 _____ () C:\Users\Brain\Downloads\VIPRERescue28214.exe
    2014-04-13 21:24 - 2014-04-26 23:55 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-04-13 21:19 - 2014-04-26 23:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-04-13 21:11 - 2014-04-13 21:07 - 326825496 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(88).exe
    2014-04-13 20:50 - 2011-02-11 12:00 - 00000000 ____D () C:\Windows\Panther
    2014-04-13 19:06 - 2014-04-13 19:06 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-04-13 19:06 - 2014-04-13 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-04-13 19:06 - 2014-04-13 19:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-04-13 19:06 - 2011-07-30 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2014-04-13 19:06 - 2011-07-23 18:57 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Malwarebytes
    2014-04-13 19:06 - 2011-07-23 18:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-04-09 22:24 - 2013-11-06 23:24 - 00000342 _____ () C:\Windows\Tasks\HPCeeScheduleForBRAIN-HP$.job
    2014-04-09 22:24 - 2012-12-02 16:41 - 00003218 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBRAIN-HP$
    2014-04-09 20:20 - 2014-04-09 20:20 - 34705408 _____ () C:\Users\Brain\Downloads\gsync(3).msi
    2014-04-09 18:27 - 2011-07-21 22:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-04-09 18:26 - 2013-07-28 21:16 - 00000000 ____D () C:\Windows\system32\MRT
    2014-04-09 18:24 - 2011-07-21 23:40 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-04-09 18:22 - 2014-04-09 18:22 - 00692320 _____ () C:\Users\Brain\Downloads\pmmig.exe
    2014-04-09 18:19 - 2014-04-09 18:19 - 21252080 _____ (Moonchild Productions) C:\Users\Brain\Downloads\palemoon-24.4.2 x86 (32-bit)-installer.exe
    2014-04-09 18:19 - 2014-04-09 18:19 - 00001082 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
    2014-04-09 18:19 - 2014-04-09 18:19 - 00001070 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
    2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Moonchild Productions
    2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Users\Brain\AppData\Local\Moonchild Productions
    2014-04-09 18:17 - 2014-04-09 18:17 - 00003132 _____ () C:\Windows\System32\Tasks\{79DC43F3-7CB7-40FC-82E6-4B0A11F310C4}
    2014-04-09 18:16 - 2014-04-09 18:16 - 00798896 _____ () C:\Users\Brain\Downloads\palemoon-websetup.exe
    2014-04-09 17:59 - 2014-04-09 17:59 - 18130312 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(6).exe
    2014-04-07 20:58 - 2014-04-07 20:58 - 11841536 _____ () C:\Users\Brain\Downloads\easypdf60-setup64.msi
    2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCL easyPDF Printer 6
    2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files\Common Files\BCL Technologies
    2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files\BCL Technologies
    2014-04-07 20:36 - 2014-04-07 20:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-04-07 20:36 - 2014-04-07 20:36 - 00001981 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
    2014-04-07 20:36 - 2012-06-27 20:57 - 00000000 ____D () C:\ProgramData\Adobe
    2014-04-07 20:35 - 2013-02-15 15:04 - 00000000 ____D () C:\Users\Brain\AppData\Local\Adobe
    2014-04-07 20:15 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    2014-04-07 19:48 - 2014-04-07 19:48 - 00000000 ____D () C:\ProgramData\PDFC
    2014-04-07 19:38 - 2014-04-07 19:38 - 00050688 _____ (Atribune.org) C:\Users\Brain\Downloads\ATF-Cleaner(3).exe
    2014-04-06 19:50 - 2014-04-06 19:48 - 156749824 _____ () C:\Users\Brain\Downloads\VIPRERescue28076.exe
    2014-04-06 18:42 - 2011-08-27 22:28 - 00000000 ____D () C:\Users\Brain\AppData\Local\CrashDumps
    2014-04-06 18:39 - 2014-04-06 18:35 - 324216336 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(87).exe
    2014-04-05 12:45 - 2013-07-05 16:21 - 00000000 ____D () C:\Users\Brain\Documents\Personal and Confidential
    2014-04-03 09:51 - 2014-04-13 19:06 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-04-03 09:51 - 2014-04-13 19:06 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-04-03 09:50 - 2011-07-23 18:57 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-04-02 19:20 - 2014-04-02 19:20 - 00001227 _____ () C:\Users\Brain\Desktop\Should I Remove It.lnk
    2014-04-02 19:20 - 2014-04-02 19:20 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
    2014-04-02 19:20 - 2014-04-02 19:20 - 00000000 ____D () C:\Program Files (x86)\Reason
    2014-04-01 17:47 - 2014-04-01 17:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-04-01 17:47 - 2014-04-01 17:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-04-01 17:47 - 2014-04-01 17:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-04-01 17:47 - 2014-04-01 17:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-04-01 17:47 - 2014-04-01 17:47 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-04-01 17:47 - 2013-10-16 17:19 - 00000000 ____D () C:\ProgramData\Oracle
    2014-04-01 17:45 - 2014-04-01 17:45 - 00921000 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jxpiinstall(3).exe
    2014-04-01 17:44 - 2014-04-01 17:43 - 34121112 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jre-8-windows-x64(1).exe
    2014-03-31 21:41 - 2014-03-31 21:41 - 00058568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sirenacm.dll
    2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
    2014-03-30 20:23 - 2014-03-30 20:19 - 323110024 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(86).exe
    2014-03-30 18:23 - 2014-03-30 18:23 - 00000000 _____ () C:\Windows\setuperr.log
    2014-03-30 14:55 - 2013-12-07 15:13 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-649025149-514020257-970770016-1000Core.job
    2014-03-30 05:24 - 2012-01-05 19:15 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-649025149-514020257-970770016-1000UA
    2014-03-30 05:24 - 2012-01-05 19:15 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-649025149-514020257-970770016-1000Core
    2014-03-29 18:00 - 2009-07-14 00:08 - 00032596 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-03-29 12:43 - 2014-03-29 12:43 - 00003132 _____ () C:\Windows\System32\Tasks\{E3BCC3C7-8251-4246-95D4-98DC990BBF4F}
    2014-03-29 12:43 - 2014-03-29 12:42 - 18160600 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(5).exe

    Some content of TEMP:
    ====================
    C:\Users\Brain\AppData\Local\Temp\Quarantine.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-04-20 23:59

    ==================== End Of Log ============================

     

     

    sfc scan log: scan fixed everything, but my access was denied when I tried to open the log.

     

     


    • 0

    #6
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    no need to look at the log if sfc is happy.  Do need for you to do the last part where you clear the alarms and run vew


    • 0

    #7
    Braind

    Braind

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 246 posts

    Event Viewer tool also failed (both scans). I received this error message:

    Run-time error '-2147319779(8002801d)':

    Automation error

    Library not registered.


    • 0

    #8
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    Make sure you right click on vew and Run As Admin.  Were you able to clear the Events OK?

     

    If it still won't work then try a disk check:

     

    . Double-click My Computer, and then right-click the hard disk that you want to check. C:
    2. Click Properties, and then click Tools.
    3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
    4. Check both boxes and then click Start.
    You will receive the following message:
    The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
    Click Yes to schedule the disk check,  reboot.  It will take an hour or two for the check to run.  If that doesn't help then try Windows Repair All in One:
     
     
    Download it and save it then run it.
     
    You can skip to step 4 or 5 where it gives you the same picture as in the above link.
     
    Make sure all of these are checked before hitting Start:
     
    Reset Registry Permissions
    Reset File Permissions
    Register System Files
    Repair WMI
    Repair Windows Firewall
    Repair Internet Explorer
    Repair MDAC & MS Jet
    Repair Hosts File
    Remove Policies Set By Infections
    Repair Icons
    Repair Winsock & DNS Cache
    Remove Temp Files
    Repair Proxy Settings
    Unhide Non System Files
    Repair Windows Updates
    Repair CD/DVD Missing/Not Working
     
    Reboot when done and run VEW again as before.

    • 0

    #9
    Braind

    Braind

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 246 posts

    Thanks.I will finish this tomorrow after I return home from work  - 5 PM CDT. I'll then send you the results.

    Thanks again and good night.


    • 0

    #10
    Braind

    Braind

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 246 posts

    I tried all your suggestions and I still get a run error when trying to run VEW. Very frustrating! Thanks for your help. Do you have any other suggestions?


    • 0

    Advertisements


    #11
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP
    Please download minitoolbox
    http://www.bleepingc...ad/minitoolbox/  save it to your desktop and run it.
     
    Checkmark the following checkboxes:


    •  



    • Flush DNS



    • Report IE Proxy Settings



    • Reset IE Proxy Settings



    • Report FF Proxy Settings



    • Reset FF Proxy Settings



    • List content of Hosts



    • List IP configuration



    • List Winsock Entries



    • List last 10 Event Viewer Errors



    • List Installed Programs



    • List Devices



    • List Users, Partitions and Memory size.



    • List Minidump Files

     
    Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
     
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
     
     
     

    • 0

    #12
    Braind

    Braind

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 246 posts

    MiniToolBox by Farbar  Version: 23-01-2014
    Ran by Brain (administrator) on 28-04-2014 at 20:37:44
    Running from "C:\Users\Brain\Downloads"
    Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========================= IE Proxy Settings: ==============================

    Proxy is not enabled.
    No Proxy Server is set.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    ========================= FF Proxy Settings: ==============================


    "Reset FF Proxy Settings": Firefox Proxy settings were reset.

    ========================= Hosts content: =================================




    127.0.0.1       localhost

    ========================= IP Configuration: ================================

    Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


    # ----------------------------------
    # IPv4 Configuration
    # ----------------------------------
    pushd interface ipv4

    reset


    popd
    # End of IPv4 configuration



    Windows IP Configuration

       Host Name . . . . . . . . . . . . : Brain-HP
       Primary Dns Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : gateway.2wire.net

    Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . : gateway.2wire.net
       Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
       Physical Address. . . . . . . . . : E0-69-95-DA-E3-8E
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::79f8:c9bb:1aa1:615f%13(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Monday, April 28, 2014 8:05:42 PM
       Lease Expires . . . . . . . . . . : Tuesday, April 29, 2014 8:05:43 PM
       Default Gateway . . . . . . . . . : 192.168.1.254
       DHCP Server . . . . . . . . . . . : 192.168.1.254
       DHCPv6 IAID . . . . . . . . . . . : 283142549
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-B1-A2-91-E0-69-95-DA-E3-8E
       DNS Servers . . . . . . . . . . . : 192.168.1.254
       NetBIOS over Tcpip. . . . . . . . : Enabled

    Tunnel adapter isatap.gateway.2wire.net:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : gateway.2wire.net
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 9:

       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft 6to4 Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 12:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3c14:3bc4:9c50:a757(Preferred)
       Link-local IPv6 Address . . . . . : fe80::3c14:3bc4:9c50:a757%12(Preferred)
       Default Gateway . . . . . . . . . : ::
       NetBIOS over Tcpip. . . . . . . . : Disabled
    Server:  homeportal
    Address:  192.168.1.254

    Name:    google.com
    Addresses:  2607:f8b0:4009:802::1003
          74.125.225.72
          74.125.225.78
          74.125.225.71
          74.125.225.66
          74.125.225.70
          74.125.225.65
          74.125.225.68
          74.125.225.73
          74.125.225.64
          74.125.225.69
          74.125.225.67


    Pinging google.com [74.125.225.66] with 32 bytes of data:
    Reply from 74.125.225.66: bytes=32 time=32ms TTL=55
    Reply from 74.125.225.66: bytes=32 time=32ms TTL=55

    Ping statistics for 74.125.225.66:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 32ms, Maximum = 32ms, Average = 32ms
    Server:  homeportal
    Address:  192.168.1.254

    Name:    yahoo.com
    Addresses:  98.138.253.109
          98.139.183.24
          206.190.36.45


    Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
    Reply from 98.138.253.109: bytes=32 time=65ms TTL=51
    Reply from 98.138.253.109: bytes=32 time=67ms TTL=51

    Ping statistics for 98.138.253.109:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 65ms, Maximum = 67ms, Average = 66ms

    Pinging 127.0.0.1 with 32 bytes of data:
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
    Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

    Ping statistics for 127.0.0.1:
        Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
        Minimum = 0ms, Maximum = 0ms, Average = 0ms
    ===========================================================================
    Interface List
     13...e0 69 95 da e3 8e ......Realtek PCIe GBE Family Controller
      1...........................Software Loopback Interface 1
     14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
     11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
     12...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
    ===========================================================================

    IPv4 Route Table
    ===========================================================================
    Active Routes:
    Network Destination        Netmask          Gateway       Interface  Metric
              0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.65     20
            127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
            127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
      127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
          192.168.1.0    255.255.255.0         On-link      192.168.1.65    276
         192.168.1.65  255.255.255.255         On-link      192.168.1.65    276
        192.168.1.255  255.255.255.255         On-link      192.168.1.65    276
            224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
            224.0.0.0        240.0.0.0         On-link      192.168.1.65    276
      255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      255.255.255.255  255.255.255.255         On-link      192.168.1.65    276
    ===========================================================================
    Persistent Routes:
      None

    IPv6 Route Table
    ===========================================================================
    Active Routes:
     If Metric Network Destination      Gateway
     12     58 ::/0                     On-link
      1    306 ::1/128                  On-link
     12     58 2001::/32                On-link
     12    306 2001:0:9d38:6ab8:3c14:3bc4:9c50:a757/128
                                        On-link
     13    276 fe80::/64                On-link
     12    306 fe80::/64                On-link
     12    306 fe80::3c14:3bc4:9c50:a757/128
                                        On-link
     13    276 fe80::79f8:c9bb:1aa1:615f/128
                                        On-link
      1    306 ff00::/8                 On-link
     12    306 ff00::/8                 On-link
     13    276 ff00::/8                 On-link
    ===========================================================================
    Persistent Routes:
      None
    ========================= Winsock entries =====================================

    Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
    Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
    Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
    Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
    Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
    Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
    Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
    x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
    x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
    x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
    x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
    x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
    x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
    x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
    x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
    x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (04/28/2014 08:06:40 PM) (Source: .NET Runtime Optimization Service) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

    Error: (04/28/2014 08:06:40 PM) (Source: .NET Runtime Optimization Service) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

    Error: (04/28/2014 07:57:30 PM) (Source: WinMgmt) (User: )
    Description: 0x8004401eC:\PROGRAM FILES\DISKEEPER CORPORATION\DISKEEPER\DKDECOUPLEDPROVIDER.MOF

    Error: (04/28/2014 07:57:27 PM) (Source: WinMgmt) (User: )
    Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL

    Error: (04/28/2014 07:57:20 PM) (Source: WinMgmt) (User: )
    Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

    Error: (04/28/2014 07:48:02 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: An internal inconsistency was detected in trying
    to contact shadow copy service writers.  The Registry Writer failed to respond to a query
    from VSS. Check to see that the Event Service and Volume Shadow Copy Service
    are operating properly, and please check the Application event log for any other events.


    Operation:
       Gathering Writer Data
       Executing Asynchronous Operation

    Context:
       Execution Context: Requestor
       Current State: GatherWriterMetadata

    Error: (04/28/2014 07:47:58 PM) (Source: System Restore) (User: )
    Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = Tweaking.com - Windows Repair; Error = 0x80042318).

    Error: (04/28/2014 07:47:58 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: An internal inconsistency was detected in trying
    to contact shadow copy service writers.  The Registry Writer failed to respond to a query
    from VSS. Check to see that the Event Service and Volume Shadow Copy Service
    are operating properly, and please check the Application event log for any other events.


    Operation:
       Gathering Writer Data
       Executing Asynchronous Operation

    Context:
       Execution Context: Requestor
       Current State: GatherWriterMetadata

    Error: (04/28/2014 07:43:52 PM) (Source: .NET Runtime Optimization Service) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

    Error: (04/28/2014 07:43:52 PM) (Source: .NET Runtime Optimization Service) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


    System errors:
    =============
    Error: (04/28/2014 08:11:17 PM) (Source: WMPNetworkSvc) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x8002801d'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

    Error: (04/28/2014 08:06:43 PM) (Source: VDS Basic Provider) (User: )
    Description: Unexpected failure. Error code: [email protected]

    Error: (04/28/2014 08:05:41 PM) (Source: EventLog) (User: )
    Description: The previous system shutdown at 8:03:19 PM on ?4/?28/?2014 was unexpected.

    Error: (04/28/2014 08:02:48 PM) (Source: DCOM) (User: )
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

    Error: (04/28/2014 07:59:49 PM) (Source: WMPNetworkSvc) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x8002801d'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

    Error: (04/28/2014 07:47:49 PM) (Source: WMPNetworkSvc) (User: )
    Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x8002801d'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

    Error: (04/28/2014 07:46:26 PM) (Source: Service Control Manager) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

    Error: (04/28/2014 07:43:55 PM) (Source: VDS Basic Provider) (User: )
    Description: Unexpected failure. Error code: [email protected]

    Error: (04/28/2014 07:43:55 PM) (Source: VDS Basic Provider) (User: )
    Description: Unexpected failure. Error code: [email protected]

    Error: (04/28/2014 07:42:34 PM) (Source: EventLog) (User: )
    Description: The previous system shutdown at 7:41:22 PM on ?4/?28/?2014 was unexpected.


    Microsoft Office Sessions:
    =========================
    Error: (04/28/2014 08:06:40 PM) (Source: .NET Runtime Optimization Service)(User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

    Error: (04/28/2014 08:06:40 PM) (Source: .NET Runtime Optimization Service)(User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

    Error: (04/28/2014 07:57:30 PM) (Source: WinMgmt)(User: )
    Description: 0x8004401eC:\PROGRAM FILES\DISKEEPER CORPORATION\DISKEEPER\DKDECOUPLEDPROVIDER.MOF

    Error: (04/28/2014 07:57:27 PM) (Source: WinMgmt)(User: )
    Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL

    Error: (04/28/2014 07:57:20 PM) (Source: WinMgmt)(User: )
    Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

    Error: (04/28/2014 07:48:02 PM) (Source: VSS)(User: )
    Description: Operation:
       Gathering Writer Data
       Executing Asynchronous Operation

    Context:
       Execution Context: Requestor
       Current State: GatherWriterMetadata

    Error: (04/28/2014 07:47:58 PM) (Source: System Restore)(User: )
    Description: C:\Windows\system32\wbem\wmiprvse.exeTweaking.com - Windows Repair0x80042318

    Error: (04/28/2014 07:47:58 PM) (Source: VSS)(User: )
    Description: Operation:
       Gathering Writer Data
       Executing Asynchronous Operation

    Context:
       Execution Context: Requestor
       Current State: GatherWriterMetadata

    Error: (04/28/2014 07:43:52 PM) (Source: .NET Runtime Optimization Service)(User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

    Error: (04/28/2014 07:43:52 PM) (Source: .NET Runtime Optimization Service)(User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


    CodeIntegrity Errors:
    ===================================
      Date: 2013-01-29 21:07:06.202
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-01-29 20:59:33.700
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-01-29 20:50:25.738
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-01-29 20:35:00.004
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-01-29 20:20:27.325
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-01-29 19:27:28.922
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-01-29 19:15:43.086
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-01-29 19:03:58.431
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-01-29 18:48:50.744
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.

      Date: 2013-01-29 18:27:05.731
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2013\active virus control\Avc3_00175_005\avcuf64.dll because the set of per-page image hashes could not be found on the system.


    =========================== Installed Programs ============================

    Acronis True Image Personal (Version: 13.0.1264)
    Adobe AIR (Version: 13.0.0.95)
    Adobe Flash Player 13 ActiveX (Version: 13.0.0.199)
    Adobe Flash Player 13 Plugin (Version: 13.0.0.199)
    Adobe Reader XI (11.0.06) (Version: 11.0.06)
    Akamai NetSession Interface
    Apple Application Support (Version: 3.0.1)
    Apple Mobile Device Support (Version: 7.1.1.3)
    Apple Software Update (Version: 2.1.3.127)
    ATI Stream SDK v2 Developer (Version: 2.2.0.0)
    AVG SafeGuard toolbar (Version: 18.1.0.443)
    BCL easyPDF Printer 6 (Version: 6.3.17)
    Bing Desktop (Version: 1.3.174.0)
    Blio (Version: 2.2.6699)
    Bonjour (Version: 3.0.0.10)
    Catalina Savings Printer (Version: 1.0.0)
    ccc-utility64 (Version: 2010.1123.1002.17926)
    CCleaner (Version: 4.13)
    CheckIt Diagnostics 8 (Version: 8.0.2.677)
    Coupon Printer for Windows (Version: 5.0.0.4)
    Cubby (Version: 1.0.0.12237)
    D3DX10 (Version: 15.4.2368.0902)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    DetectorTools (Version: 1.11.6)
    Diskeeper 12 Professional (Version: 16.0.1017.64)
    DivX Setup (Version: 2.6.3.22)
    Do Not Track Plus Add-on (64bit) 2.2.2.1022 (Version: 2.2.2.1022)
    Do Not Track Plus Add-on 1.0.5289.0208 (Version: 1.0.5289.0208)
    Driver Booster (Version: 1.3)
    Dropbox (Version: 2.4.11)
    EaseUS Todo Backup Free 6.5 (Version: 6.5)
    eReg (Version: 1.20.138.34)
    erLT (Version: 1.20.0137)
    Facebook Messenger 2.1.4814.0 (Version: 2.1.4814.0)
    FileHippo.com Update Checker
    Google Chrome (Version: 36.0.1951.5)
    Google Desktop (Version: 5.9.1005.12335)
    Google Drive (Version: 1.15.6464.228)
    Google Talk Plugin (Version: 5.2.4.18058)
    Google Update Helper (Version: 1.3.23.9)
    Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000)
    HP Auto (Version: 1.0.12935.3667)
    HP Client Services (Version: 1.1.12938.3539)
    HP Customer Experience Enhancements (Version: 6.0.1.8)
    HP LinkUp (Version: 2.01.026)
    HP MediaSmart/TouchSmart Netflix (Version: 1.0.6.0)
    HP MovieStore (Version: 1.0.045)
    HP Odometer (Version: 2.10.0000)
    HP Officejet 6500 E710a-f Basic Device Software (Version: 22.50.231.0)
    HP Officejet 6500 E710a-f Help (Version: 140.0.2.2)
    HP Officejet 6500 E710a-f Product Improvement Study (Version: 22.50.231.0)
    HP Photo Creations (Version: 1.0.0.9572)
    HP Power Assistant (Version: 1.1.1.6)
    HP Product Detection (Version: 11.14.0001)
    HP Setup (Version: 8.6.4530.3651)
    HP Setup Manager (Version: 1.1.13253.3682)
    HP Support Assistant (Version: 7.4.45.4)
    HP Support Information (Version: 10.1.1000)
    HP Update (Version: 5.002.006.003)
    HP Vision Hardware Diagnostics (Version: 2.5.0.0)
    HPDiagnosticAlert (Version: 1.00.0000)
    Hulu Desktop (Version: 0.9.13)
    I.R.I.S. OCR (Version: 12.3.4.0)
    iCloud (Version: 3.1.0.40)
    Intel® Management Engine Components (Version: 7.0.0.1144)
    iTunes (Version: 11.1.5.5)
    Java 7 Update 51 (64-bit) (Version: 7.0.510)
    Java 7 Update 51 (Version: 7.0.510)
    Java 8 Update 5 (64-bit) (Version: 8.0.50)
    Java Auto Updater (Version: 2.8.05.13)
    Junk Mail filter update (Version: 16.4.3528.0331)
    Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
    Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
    Marketsplash Print Software (Version: 1.0.1.31)
    Marketsplash Shortcuts (Version: 1.0.1.7)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000)
    Microsoft Mouse and Keyboard Center (Version: 2.3.188.0)
    Microsoft Office 2010 (Version: 14.0.4763.1000)
    Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Home and Business 2010 (Version: 14.0.7015.1000)
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
    Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Outlook Connector (Version: 14.0.6123.5001)
    Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
    Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
    Microsoft OneDrive (Version: 17.0.4035.0328)
    Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
    Microsoft Silverlight (Version: 5.1.30214.0)
    Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
    Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
    Movie Maker (Version: 16.4.3528.0331)
    Mozilla Firefox 29.0 (x86 en-US) (Version: 29.0)
    Mozilla Maintenance Service (Version: 29.0)
    MSVCRT (Version: 15.4.2862.0708)
    MSVCRT_amd64 (Version: 15.4.2862.0708)
    MSVCRT110 (Version: 16.4.1108.0727)
    MSVCRT110_amd64 (Version: 16.4.1109.0912)
    MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
    MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
    Norton 360 (Version: 21.2.0.38)
    Pale Moon 24.4.2 (x86 en-US) (Version: 24.4.2)
    Photo Gallery (Version: 16.4.3528.0331)
    PlayReady PC Runtime amd64 (Version: 1.3.0)
    PlayReady PC Runtime x86 (Version: 1.3.0)
    QuickTime 7 (Version: 7.75.80.95)
    RealDownloader (Version: 1.3.3)
    RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
    RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
    RealPlayer (Version: 16.0.3)
    Realtek High Definition Audio Driver (Version: 6.0.1.7183)
    RealUpgrade 1.1 (Version: 1.1.0)
    Reimage Repair (Version: 1.6.5.7)
    Revo Uninstaller Pro 3.0.8 (Version: 3.0.8)
    RoboForm 7-9-5-7 (All Users) (Version: 7-9-5-7)
    RoxioNow Player (Version: 1.9.5.103)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
    Should I Remove It (Version: 1.0.4)
    Skype™ 6.14 (Version: 6.14.104)
    SpywareBlaster 5.0 (Version: 5.0.0)
    SUPERAntiSpyware (Version: 5.7.1014)
    Tweaking.com - Windows Repair (All in One) (Version: 2.6.3)
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
    Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
    uRex DVD Ripper Platinum
    VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
    Windows Driver Package - ESCORT Inc. (WinUSB) MyDeviceClass  (05/21/2013 ) (Version: 05/21/2013 )
    Windows Driver Package - ESCORT, Inc. (usbser) Ports  (01/15/2013 1.0.0.0) (Version: 01/15/2013 1.0.0.0)
    Windows Driver Package - ESCORT, Inc. (usbser) Ports  (04/24/2013 1.0.0.0) (Version: 04/24/2013 1.0.0.0)
    Windows Driver Package - Escort, Inc. (usbser) Ports  (07/28/2010 1.0.0.0) (Version: 07/28/2010 1.0.0.0)
    Windows Driver Package - Escort, Inc. (usbser) Ports  (11/09/2012 1.0.0.0) (Version: 11/09/2012 1.0.0.0)
    Windows Live Communications Platform (Version: 16.4.3528.0331)
    Windows Live Essentials (Version: 16.4.3528.0331)
    Windows Live Family Safety (Version: 16.4.3528.0331)
    Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
    Windows Live Installer (Version: 16.4.3528.0331)
    Windows Live Mail (Version: 16.4.3528.0331)
    Windows Live Messenger (Version: 16.4.3528.0331)
    Windows Live MIME IFilter (Version: 16.4.3528.0331)
    Windows Live Photo Common (Version: 16.4.3528.0331)
    Windows Live PIMT Platform (Version: 16.4.3528.0331)
    Windows Live SOXE (Version: 16.4.3528.0331)
    Windows Live SOXE Definitions (Version: 16.4.3528.0331)
    Windows Live UX Platform (Version: 16.4.3528.0331)
    Windows Live UX Platform Language Pack (Version: 16.4.3528.0331)
    Windows Live Writer (Version: 16.4.3528.0331)
    Windows Live Writer Resources (Version: 16.4.3528.0331)
    Windows Media Player 64-bit Plug-in Fix
    Windows Media Player Firefox Plugin (Version: 1.0.0.8)
    Windows Media Player Plus! 2.1 (Version: 2.1)
    WinX Blu-ray Decrypter 3.0.0
    YoWindow (Version: 3)
    Zinio Reader 4 (Version: 4.0.3184)

    ========================= Devices: ================================

    Name: Generic- SD/MMC USB Device
    Description: Disk drive
    Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard disk drives)
    Service: disk

    Name: SASDIFSV
    Description: SASDIFSV
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SASDIFSV

    Name: NAVEX15
    Description: NAVEX15
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NAVEX15

    Name: HTTP
    Description: HTTP
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: HTTP

    Name: Hitachi HDS721010CLA332
    Description: Disk drive
    Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard disk drives)
    Service: disk

    Name: NetIO Legacy TDI Support Driver
    Description: NetIO Legacy TDI Support Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: tdx

    Name: WAN Miniport (SSTP)
    Description: WAN Miniport (SSTP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasSstp

    Name: SASKUTIL
    Description: SASKUTIL
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SASKUTIL

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 2 - 1C12
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 2 - 1C12
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
    Description: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C2D
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbehci

    Name: NDIS System Driver
    Description: NDIS System Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDIS

    Name: Hardware Policy Driver
    Description: Hardware Policy Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: hwpolicy

    Name: I:\
    Description: SM/xD-Picture   
    Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Manufacturer: Generic-
    Service: WUDFRd

    Name: N360 Settings Manager
    Description: N360 Settings Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ccSet_N360

    Name: Terminal Server Keyboard Driver
    Description: Terminal Server Keyboard Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: TermDD

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: NDIS Usermode I/O Protocol
    Description: NDIS Usermode I/O Protocol
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Ndisuio

    Name: IDSVia64
    Description: IDSVia64
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: IDSVia64

    Name: VgaSave
    Description: VgaSave
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: VgaSave

    Name: Generic- SM/xD-Picture USB Device
    Description: Disk drive
    Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard disk drives)
    Service: disk

    Name: Microsoft Hardware USB Keyboard
    Description: Microsoft Hardware USB Keyboard
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service: HidUsb

    Name: Terminal Server Mouse Driver
    Description: Terminal Server Mouse Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: TermDD

    Name: Programmable interrupt controller
    Description: Programmable interrupt controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: NDProxy
    Description: NDProxy
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NDProxy

    Name: AMD Radeon HD 6450
    Description: AMD Radeon HD 6450
    Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
    Manufacturer: Advanced Micro Devices, Inc.
    Service: amdkmdap

    Name: Plug and Play Software Device Enumerator
    Description: Plug and Play Software Device Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: swenum

    Name: KSecDD
    Description: KSecDD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: KSecDD

    Name: Dynamic Volume Manager
    Description: Dynamic Volume Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: volmgrx

    Name: AMD High Definition Audio Device
    Description: AMD High Definition Audio Device
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Advanced Micro Devices
    Service: AtiHDAudioService

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 3 - 1C14
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 3 - 1C14
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: Intel® Management Engine Interface
    Description: Intel® Management Engine Interface
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: MEIx64

    Name: Common Log (CLFS)
    Description: Common Log (CLFS)
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: CLFS

    Name: SBRE
    Description: SBRE
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SBRE

    Name: UMBus Root Bus Enumerator
    Description: UMBus Root Bus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: umbus

    Name: System timer
    Description: System timer
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: KSecPkg
    Description: KSecPkg
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: KSecPkg

    Name: Storage volumes
    Description: Storage volumes
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: volsnap

    Name: CNG
    Description: CNG
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: CNG

    Name: ACPI Fixed Feature Button
    Description: ACPI Fixed Feature Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Microsoft Virtual Drive Enumerator Driver
    Description: Microsoft Virtual Drive Enumerator Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: vdrvroot

    Name: HID-compliant device
    Description: HID-compliant device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: (Standard system devices)
    Service:

    Name: High precision event timer
    Description: High precision event timer
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: NETBT
    Description: NETBT
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NetBT

    Name: Virtual WiFi Filter Driver
    Description: Virtual WiFi Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: vwififlt

    Name: Volume Manager
    Description: Volume Manager
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: volmgr

    Name: Compaq Dfw
    Description: Compaq Dfw
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: CpqDfw

    Name: HID-compliant consumer control device
    Description: HID-compliant consumer control device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service:

    Name: High Definition Audio Controller
    Description: High Definition Audio Controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: HDAudBus

    Name: Security Driver
    Description: Security Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: secdrv

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 4 - 1C16
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 4 - 1C16
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: Intel® Core™ i5-2400S CPU @ 2.50GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm

    Name: Intel® H61 Express Chipset Family LPC Interface Controller - 1C5C
    Description: Intel® H61 Express Chipset Family LPC Interface Controller - 1C5C
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: msisadrv

    Name: Link-Layer Topology Discovery Mapper I/O Driver
    Description: Link-Layer Topology Discovery Mapper I/O Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: lltdio

    Name: Direct memory access controller
    Description: Direct memory access controller
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Realtek High Definition Audio
    Description: Realtek High Definition Audio
    Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek
    Service: IntcAzAudAddService

    Name: Remote Access IPv6 ARP Driver
    Description: Remote Access IPv6 ARP Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wanarpv6

    Name: cpuz134
    Description: cpuz134
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: cpuz134

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: Security Processor Loader Driver
    Description: Security Processor Loader Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: spldr

    Name: H:\
    Description: Compact Flash   
    Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Manufacturer: Generic-
    Service: WUDFRd

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: EUBKMON
    Description: EUBKMON
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: EUBKMON

    Name: System speaker
    Description: System speaker
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: USB Mass Storage Device
    Description: USB Mass Storage Device
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Compatible USB storage device
    Service: USBSTOR

    Name: Kernel Mode Driver Frameworks service
    Description: Kernel Mode Driver Frameworks service
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Wdf01000

    Name: Microsoft Hardware USB Mouse
    Description: Microsoft Hardware USB Mouse
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service: HidUsb

    Name: Mount Point Manager
    Description: Mount Point Manager
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mountmgr

    Name: Realtek PCIe GBE Family Controller
    Description: Realtek PCIe GBE Family Controller
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek
    Service: RTL8167

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 5 - 1C18
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 5 - 1C18
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: EUDSKACS
    Description: EUDSKACS
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: EUDSKACS

    Name: Microsoft 6to4 Adapter
    Description: Microsoft 6to4 Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: PCI bus
    Description: PCI bus
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: pci

    Name: NSI proxy service driver.
    Description: NSI proxy service driver.
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: nsiproxy

    Name: System Attribute Cache
    Description: System Attribute Cache
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: discache

    Name: WFP Lightweight Filter
    Description: WFP Lightweight Filter
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: WfpLwf

    Name: Symantec Real Time Storage Protection (PEL) x64
    Description: Symantec Real Time Storage Protection (PEL) x64
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SRTSPX

    Name: UMBus Enumerator
    Description: UMBus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: umbus

    Name: System CMOS/real time clock
    Description: System CMOS/real time clock
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Microsoft ISATAP Adapter
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: Windows Firewall Authorization Driver
    Description: Windows Firewall Authorization Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: mpsdrv

    Name: EUFDDISK
    Description: EUFDDISK
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: EUFDDISK

    Name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
    Description: Windows Socket 2.0 Non-IFS Service Provider Support Environment
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: ws2ifsl

    Name: Intel® Core™ i5-2400S CPU @ 2.50GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm

    Name: Microsoft ISATAP Adapter #2
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: System board
    Description: System board
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Null
    Description: Null
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Null

    Name: UMBus Enumerator
    Description: UMBus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: umbus

    Name: Telemetry File System Mini Filter Driver
    Description: Telemetry File System Mini Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: DKTLFSMF

    Name: Microsoft Teredo Tunneling Adapter
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel

    Name: 2nd Generation Intel® Core™ Processor Family DRAM Controller - 0100
    Description: 2nd Generation Intel® Core™ Processor Family DRAM Controller - 0100
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:

    Name: User Mode Driver Frameworks Platform Driver
    Description: User Mode Driver Frameworks Platform Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: WudfPf

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 6 - 1C1A
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 6 - 1C1A
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: System board
    Description: System board
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Performance Counters for Windows Driver
    Description: Performance Counters for Windows Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: pcw

    Name: ACPI x64-based PC
    Description: ACPI x64-based PC
    Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard computers)
    Service: \Driver\ACPI_HAL

    Name: System board
    Description: System board
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: J:\
    Description: MS/MS-Pro       
    Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Manufacturer: Generic-
    Service: WUDFRd

    Name: Microsoft System Management BIOS Driver
    Description: Microsoft System Management BIOS Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service: mssmbios

    Name: LDDM Graphics Subsystem
    Description: LDDM Graphics Subsystem
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: DXGKrnl

    Name: Microsoft USB Dual Receiver Wireless Mouse (Mouse and Keyboard Center)
    Description: Microsoft USB Dual Receiver Wireless Mouse (Mouse and Keyboard Center)
    Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: mouhid

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: PEAUTH
    Description: PEAUTH
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: PEAUTH

    Name: Acronis Backup Archive Explorer
    Description: Acronis Backup Archive Explorer
    Class Guid: {1860459d-4692-4825-b761-44a725991050}
    Manufacturer: Acronis, Inc.
    Service: timounter

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Generic USB Hub
    Description: Generic USB Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Generic USB Hub)
    Service: usbhub

    Name: WAN Miniport (IKEv2)
    Description: WAN Miniport (IKEv2)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasAgileVpn

    Name: Symantec Data Store
    Description: Symantec Data Store
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SymDS

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: Symantec Eraser Control driver
    Description: Symantec Eraser Control driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: eeCtrl

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Xeon E3-1200/2nd Generation Intel® Core™ Processor Family PCI Express Root Port - 0101
    Description: Xeon E3-1200/2nd Generation Intel® Core™ Processor Family PCI Express Root Port - 0101
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: USB Root Hub
    Description: USB Root Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Standard USB Host Controller)
    Service: usbhub

    Name: Intel® 6 Series/C200 Series Chipset Family High Definition Audio - 1C20
    Description: Intel® 6 Series/C200 Series Chipset Family High Definition Audio - 1C20
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: HDAudBus

    Name: QoS Packet Scheduler
    Description: QoS Packet Scheduler
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Psched

    Name: File as Volume Driver
    Description: File as Volume Driver
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: blbdrive

    Name: Motherboard resources
    Description: Motherboard resources
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Intel® Core™ i5-2400S CPU @ 2.50GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm

    Name: WAN Miniport (L2TP)
    Description: WAN Miniport (L2TP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: Rasl2tp

    Name: Generic USB Hub
    Description: Generic USB Hub
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: (Generic USB Hub)
    Service: usbhub

    Name: Generic- Compact Flash USB Device
    Description: Disk drive
    Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard disk drives)
    Service: disk

    Name: Composite Bus Enumerator
    Description: Composite Bus Enumerator
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: CompositeBus

    Name: Numeric data processor
    Description: Numeric data processor
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: SymEvent
    Description: SymEvent
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SymEvent

    Name: Bitlocker Drive Encryption Filter Driver
    Description: Bitlocker Drive Encryption Filter Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: fvevol

    Name: WAN Miniport (Network Monitor)
    Description: WAN Miniport (Network Monitor)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan

    Name: Microsoft Mouse and Keyboard Detection Driver (USB)
    Description: Microsoft Mouse and Keyboard Detection Driver (USB)
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Microsoft
    Service: usbccgp

    Name: Ancillary Function Driver for Winsock
    Description: Ancillary Function Driver for Winsock
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: AFD

    Name: RDPCDD
    Description: RDPCDD
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPCDD

    Name: msisadrv
    Description: msisadrv
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: msisadrv

    Name: ACPI Power Button
    Description: ACPI Power Button
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard system devices)
    Service:

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: Intel® Desktop/Workstation/Server Express Chipset SATA AHCI Controller
    Description: Intel® Desktop/Workstation/Server Express Chipset SATA AHCI Controller
    Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: iaStor

    Name: gfiark
    Description: gfiark
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: gfiark

    Name: Intel® 6 Series/C200 Series Chipset Family SMBus Controller - 1C22
    Description: Intel® 6 Series/C200 Series Chipset Family SMBus Controller - 1C22
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service:

    Name: Symantec Iron Driver
    Description: Symantec Iron Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SymIRON

    Name: WAN Miniport (IP)
    Description: WAN Miniport (IP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan

    Name: amdkmdag
    Description: amdkmdag
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: amdkmdag

    Name: Microsoft ACPI-Compliant System
    Description: Microsoft ACPI-Compliant System
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: ACPI

    Name: G:\
    Description: SD/MMC          
    Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Manufacturer: Generic-
    Service: WUDFRd

    Name: RDP Encoder Mirror Driver
    Description: RDP Encoder Mirror Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPENCDD

    Name: Generic volume
    Description: Generic volume
    Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
    Manufacturer: Microsoft
    Service: volsnap

    Name: gfibto
    Description: gfibto
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: gfibto

    Name: hp CDDVDW TS-H653T
    Description: CD-ROM Drive
    Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard CD-ROM drives)
    Service: cdrom

    Name: Generic- MS/MS-Pro USB Device
    Description: Disk drive
    Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
    Manufacturer: (Standard disk drives)
    Service: disk

    Name: Symantec Network Security WFP Driver
    Description: Symantec Network Security WFP Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: SymNetS

    Name: WAN Miniport (IPv6)
    Description: WAN Miniport (IPv6)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: NdisWan

    Name: ASUS PA246
    Description: ASUS PA246
    Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
    Manufacturer: ASUS
    Service: monitor

    Name: avgtp
    Description: avgtp
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: avgtp

    Name: Reflector Display Driver used to gain access to graphics data
    Description: Reflector Display Driver used to gain access to graphics data
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: RDPREFMP

    Name: NativeWiFi Filter
    Description: NativeWiFi Filter
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NativeWifiP

    Name: Intel® Core™ i5-2400S CPU @ 2.50GHz
    Description: Intel Processor
    Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
    Manufacturer: Intel
    Service: intelppm

    Name: gfiutil
    Description: gfiutil
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: gfiutil

    Name: TCP/IP Protocol Driver
    Description: TCP/IP Protocol Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Tcpip

    Name: WAN Miniport (PPPOE)
    Description: WAN Miniport (PPPOE)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: RasPppoe

    Name: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 1 - 1C10
    Description: Intel® 6 Series/C200 Series Chipset Family PCI Express Root Port 1 - 1C10
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel
    Service: pci

    Name: HID-compliant consumer control device
    Description: HID-compliant consumer control device
    Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
    Manufacturer: Microsoft
    Service:

    Name: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
    Description: Intel® 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
    Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
    Manufacturer: Intel
    Service: usbehci

    Name: Beep
    Description: Beep
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: Beep

    Name: Link-Layer Topology Discovery Responder
    Description: Link-Layer Topology Discovery Responder
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: rspndr

    Name: NAVENG
    Description: NAVENG
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: NAVENG

    Name: TCP/IP Registry Compatibility
    Description: TCP/IP Registry Compatibility
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: tcpipreg

    Name: WAN Miniport (PPTP)
    Description: WAN Miniport (PPTP)
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: PptpMiniport

    Name: BHDrvx64
    Description: BHDrvx64
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: BHDrvx64

    Name: Microsoft USB Dual Receiver Wireless Keyboard (Mouse and Keyboard Center)
    Description: Microsoft USB Dual Receiver Wireless Keyboard (Mouse and Keyboard Center)
    Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: kbdhid


    ========================= Memory info: ===================================

    Percentage of memory in use: 30%
    Total physical RAM: 6126.53 MB
    Available physical RAM: 4257.86 MB
    Total Pagefile: 12251.24 MB
    Available Pagefile: 10054.68 MB
    Total Virtual: 4095.88 MB
    Available Virtual: 3968.63 MB

    ========================= Partitions: =====================================

    1 Drive c: (OS) (Fixed) (Total:848.86 GB) (Free:686.63 GB) NTFS
    2 Drive d: (HP_RECOVERY) (Fixed) (Total:11.25 GB) (Free:9.56 GB) NTFS

    ========================= Users: ========================================

    User accounts for \\BRAIN-HP

    Administrator            Brain                    Guest                    

    ========================= Minidump Files ==================================

    No minidump file found


    **** End of log ****
     


    • 0

    #13
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator.  Then type 

    winmgmt  /verifyrepository 

    and hit Enter.  What does it say?  It should say:  WMI repository is consistent


    • 0

    #14
    Braind

    Braind

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 246 posts

    It does say WMI repository is consistent.


    • 0

    #15
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,019 posts
    • MVP

    You could try the update to the validation:

     

    http://support.microsoft.com/kb/971033 

     

    You need:  Update for Windows 7 for x64-based Systems (KB971033)


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP