Adw Cleaner logs:
# AdwCleaner v3.010 - Report created 22/10/2013 at 20:00:00
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brain - BRAIN-HP
# Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Askcom.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Search_Results.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\user.js
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\my-web-search.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\safesearch.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\user.js
File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Ilivid
Folder Found C:\ProgramData\AGI
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
Folder Found C:\Users\Brain\AppData\Local\Conduit
Folder Found C:\Users\Brain\AppData\Local\Ilivid Player
Folder Found C:\Users\Brain\AppData\Local\PackageAware
Folder Found C:\Users\Brain\AppData\LocalLow\AGI
Folder Found C:\Users\Brain\AppData\LocalLow\AskToolbar
Folder Found C:\Users\Brain\AppData\LocalLow\boost_interprocess
Folder Found C:\Users\Brain\AppData\LocalLow\Conduit
Folder Found C:\Users\Brain\AppData\Roaming\DriverCure
Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\FCTB
Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411
Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\FCTB
Folder Found C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AGI
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\AGI
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\Software\AGI
Key Found : HKLM\Software\APN
Key Found : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\ilivid
Key Found : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Found : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3279411
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\Software\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16384
-\\ Mozilla Firefox v25.0 (en-US)
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]
Line Found : user_pref("browser.search.selectedEngine", "WebSearch+");
Line Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.DNSCatch", false);
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.FirstLaunchShown", true);
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.LastDate", 11);
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.customNewTab", false);
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.processAddrBar", false);
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.session", "655C325042A0172D76DAB1DA81D628318BFC42279EA1656A024CCFCF53A9FC57E839A3BC247FC8FE76279B28350855883B51F86F4C4DA0EB3D5CCDBF3C8EF6B5020D1AC4[...]
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.tb_lang", "en");
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.user_id", "43524957");
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.disablecuidinject", "1");
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.lastcheck", "Fri%20Nov%2011%202011%2006%3A41%3A51%20GMT-0600%20%28Central%20Standard%20Time%29");
Line Found : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.yahooSearch", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "newbalance.com%7Cdreamboybondage%7CEscort%2520Passport%25209500ix%2520reviews%7Cbest%2520radar%2520dectector%7CVibram%252[...]
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 24);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 24);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1340583642804");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.revision", "48");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "67211771");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "86ee0c055615ec56fa099db6db215e55dd3e5f84");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_ID2cid2798503", "USMI0229");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_IDcid2798503", "53154");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_name2cid2798503", "Detroit%2C%20MI");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_namecid2798503", "Oak%20Creek%2C%20WI%20%2853154%29");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_unitscid2798503", "F");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
Line Found : user_pref("smartbar.originalHomepage", "hxxp://www.dogpile.com/dogpile/ws/index");
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]
Line Found : user_pref("CT3279411.FF19Solved", "true");
Line Found : user_pref("CT3279411.UserID", "UN14915692952109325");
Line Found : user_pref("CT3279411.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3279411.fullUserID", "UN14915692952109325.IN.20130804175222");
Line Found : user_pref("CT3279411.installDate", "04/08/2013 17:52:22");
Line Found : user_pref("CT3279411.installSessionId", "{067FC4A7-FB13-4B3A-AB3F-47FB1B385EE0}");
Line Found : user_pref("CT3279411.installSp", "TRUE");
Line Found : user_pref("CT3279411.installerVersion", "1.5.4.5");
Line Found : user_pref("CT3279411.keyword", "true");
Line Found : user_pref("CT3279411.originalHomepage", "hxxp://www.dogpile.com/info.dogpl.t5.1/search/home");
Line Found : user_pref("CT3279411.originalSearchAddressUrl", "hxxp://websearch.shopathome.com?user_id={72b7d82c-93f4-4717-8c51-12620c6fba3e}&q=");
Line Found : user_pref("CT3279411.originalSearchEngine", "Web Search");
Line Found : user_pref("CT3279411.originalSearchEngineName", "");
Line Found : user_pref("CT3279411.searchRevert", "false");
Line Found : user_pref("CT3279411.searchUserMode", "2");
Line Found : user_pref("CT3279411.smartbar.homepage", "true");
Line Found : user_pref("CT3279411.versionFromInstaller", "10.16.9.6");
Line Found : user_pref("CT3279411.xpeMode", "0");
Line Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://websearch.shopathome.com?user_id={72b7d82c-93f4-4717-8c51-12620c6fba3e}&q=");
Line Found : user_pref("browser.search.defaultenginename", "appbario12 Customized Web Search");
Line Found : user_pref("browser.search.defaultthis.engineName", "appbario12 Customized Web Search");
Line Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=3&q={searchTerms}");
Line Found : user_pref("browser.search.selectedEngine", "appbario12 Customized Web Search");
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=1DA20B39-4406-47DB-BA95-B19B6A1CED40&n=77fcde6f&p2=^AFA^xdm163^YY^us&si=250652");
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.initialized", true);
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.contextKey", "");
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.installDate", "2013060719");
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerId", "^AFA^xdm163^YY^us");
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerSubId", "250652");
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.success", true);
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.toolbarId", "1DA20B39-4406-47DB-BA95-B19B6A1CED40");
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.lastActivePing", "1370649621040");
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.options.defaultSearch", false);
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.options.homePageEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.options.keywordEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.options.tabEnabled", false);
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.searchHistory", "great clips");
Line Found : user_pref("extensions.toolbar.mindspark._5zMembers_.weather.location", "53201");
Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "chrome%2520download%7Chxxp%253A//www.youtube.com/watch%253Fv%253DY2O1VQU30To%7CCharlie%2520Hofheimer%2520shirtless%7C%7CW[...]
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 22);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 25);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1382479937811");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.Uninstall", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeInstallSaved", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.homepage", "hxxp%3A//www.dogpile.com/");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.search", "Google");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "79119657");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "292661090311f397bfaaa4680f50622e4c205d4c");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
Line Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&SearchSource=2&CUI=UN14915692952109325&UM=2&q=");
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3279411");
Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource[...]
Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&SearchSource=2&CUI=UN14915692952109325&UM=2&q=");
Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3279411");
Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3279411");
Line Found : user_pref("smartbar.machineId", "HUSRM0EXRRTHC68ORYXUCUQ/HNYWZK6HQHS6EBSOVJWJWM6W7A4UQZ9/NVLVMXYSRY0P2XUVIJLQPKWIGBTB5W");
Line Found : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=13");
-\\ Google Chrome v30.0.1599.101
[ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [24421 octets] - [22/10/2013 20:00:00]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [24482 octets] ##########
# AdwCleaner v3.010 - Report created 22/10/2013 at 20:15:41
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brain - BRAIN-HP
# Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Askcom.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Search_Results.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\user.js
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\my-web-search.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\safesearch.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\user.js
File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Ilivid
Folder Found C:\ProgramData\AGI
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
Folder Found C:\Users\Brain\AppData\Local\Conduit
Folder Found C:\Users\Brain\AppData\Local\Ilivid Player
Folder Found C:\Users\Brain\AppData\Local\PackageAware
Folder Found C:\Users\Brain\AppData\LocalLow\AGI
Folder Found C:\Users\Brain\AppData\LocalLow\AskToolbar
Folder Found C:\Users\Brain\AppData\LocalLow\boost_interprocess
Folder Found C:\Users\Brain\AppData\LocalLow\Conduit
Folder Found C:\Users\Brain\AppData\Roaming\DriverCure
Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\FCTB
Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411
Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\FCTB
Folder Found C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AGI
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\AGI
Key Found : [x64] HKCU\Software\APN
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\Software\AGI
Key Found : HKLM\Software\APN
Key Found : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\ilivid
Key Found : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Found : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Found : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3279411
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\Software\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16384
-\\ Mozilla Firefox v25.0 (en-US)
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]
-\\ Google Chrome v30.0.1599.101
[ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [24663 octets] - [22/10/2013 20:00:00]
AdwCleaner[R1].txt - [11196 octets] - [22/10/2013 20:15:41]
AdwCleaner[S0].txt - [25734 octets] - [22/10/2013 20:12:13]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [11318 octets] ##########
# AdwCleaner v3.010 - Report created 22/10/2013 at 21:28:14
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brain - BRAIN-HP
# Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
Folder Found C:\Users\Brain\AppData\Local\PackageAware
Folder Found C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AGI
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : [x64] HKCU\Software\AGI
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKLM\Software\AGI
Key Found : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Found : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16384
-\\ Mozilla Firefox v25.0 (en-US)
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]
-\\ Google Chrome v30.0.1599.101
[ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [24663 octets] - [22/10/2013 20:00:00]
AdwCleaner[R1].txt - [11499 octets] - [22/10/2013 20:15:41]
AdwCleaner[R2].txt - [5548 octets] - [22/10/2013 21:28:14]
AdwCleaner[S0].txt - [25734 octets] - [22/10/2013 20:12:13]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [5669 octets] ##########
# AdwCleaner v3.204 - Report created 27/04/2014 at 15:27:42
# Updated 26/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brain - BRAIN-HP
# Running from : C:\Users\Brain\Downloads\AdwCleaner(1).exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Windows\System32\Tasks\Driver Booster Update
Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\Extensions\[email protected]
Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected]
Folder Found : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\FCTB
Folder Found : C:\Windows\SysWOW64\AI_RecycleBin
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU64\Software\Conduit
Key Found : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\Software\Uniblue
Key Found : HKLM64\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0 (en-US)
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "dogpile.com%7CJava%25201.6.0%7C%2520https%253A//www.dropbox.com/s/07e51gdzcwbq0ym/HRTicker%252520Information.pdf%7Cbuxton[...]
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 27);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 27);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowAfterUpdatePage", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1398470821876");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.Uninstall", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeInstallSaved", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.homepage", "chrome%3A//branding/locale/browserconfig.properties");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.search", "Google");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "79119657");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "292661090311f397bfaaa4680f50622e4c205d4c");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
Line Found : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
-\\ Google Chrome v36.0.1951.5
[ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]
# AdwCleaner v3.010 - Report created 22/10/2013 at 20:12:13
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brain - BRAIN-HP
# Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[x] Not Deleted : C:\ProgramData\AGI
[x] Not Deleted : C:\ProgramData\Ask
[x] Not Deleted : C:\ProgramData\boost_interprocess
[x] Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
[x] Not Deleted : C:\Program Files (x86)\Conduit
[x] Not Deleted : C:\Program Files (x86)\Ilivid
[x] Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
[x] Not Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[x] Not Deleted : C:\Users\Brain\AppData\Local\Conduit
[x] Not Deleted : C:\Users\Brain\AppData\Local\Ilivid Player
[x] Not Deleted : C:\Users\Brain\AppData\Local\PackageAware
[x] Not Deleted : C:\Users\Brain\AppData\LocalLow\AGI
[x] Not Deleted : C:\Users\Brain\AppData\LocalLow\AskToolbar
[x] Not Deleted : C:\Users\Brain\AppData\LocalLow\boost_interprocess
[x] Not Deleted : C:\Users\Brain\AppData\LocalLow\Conduit
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\DriverCure
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\FCTB
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\FCTB
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
[x] Not Deleted : C:\END
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Askcom.xml
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\my-web-search.xml
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\safesearch.xml
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\searchplugins\Search_Results.xml
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\user.js
[x] Not Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\user.js
[x] Not Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
[x] Not Deleted : HKLM\SOFTWARE\Classes\ilivid
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
[x] Not Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3279411
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASAPI32
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-media-player-plus_RASMANCS
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
[x] Not Deleted : HKCU\Software\AGI
[x] Not Deleted : HKCU\Software\APN
[x] Not Deleted : HKCU\Software\Conduit
[x] Not Deleted : HKCU\Software\ilivid
[x] Not Deleted : HKCU\Software\Softonic
[x] Not Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
[x] Not Deleted : HKCU\Software\AppDataLow\Software\Conduit
[x] Not Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[x] Not Deleted : HKCU\Software\AppDataLow\Software\Freecause
[x] Not Deleted : HKCU\Software\AppDataLow\Software\smartbar
[x] Not Deleted : HKLM\Software\AGI
[x] Not Deleted : HKLM\Software\APN
[x] Not Deleted : HKLM\Software\Conduit
[x] Not Deleted : HKLM\Software\Freeze.com
[x] Not Deleted : HKLM\Software\ilivid
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
[x] Not Deleted : [x64] HKCU\Software\AGI
[x] Not Deleted : [x64] HKCU\Software\APN
[x] Not Deleted : [x64] HKCU\Software\Conduit
[x] Not Deleted : [x64] HKCU\Software\ilivid
[x] Not Deleted : [x64] HKCU\Software\Softonic
[x] Not Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
[x] Not Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
[x] Not Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16384
-\\ Mozilla Firefox v25.0 (en-US)
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]
Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch+");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.DNSCatch", false);
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.FirstLaunchShown", true);
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.LastDate", 11);
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.customNewTab", false);
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.processAddrBar", false);
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.session", "655C325042A0172D76DAB1DA81D628318BFC42279EA1656A024CCFCF53A9FC57E839A3BC247FC8FE76279B28350855883B51F86F4C4DA0EB3D5CCDBF3C8EF6B5020D1AC4[...]
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.tb_lang", "en");
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.user_id", "43524957");
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.disablecuidinject", "1");
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.vars.lastcheck", "Fri%20Nov%2011%202011%2006%3A41%3A51%20GMT-0600%20%28Central%20Standard%20Time%29");
Line Deleted : user_pref("freecause6cbc25b00a5211df8a390800200c9a66.yahooSearch", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "newbalance.com%7Cdreamboybondage%7CEscort%2520Passport%25209500ix%2520reviews%7Cbest%2520radar%2520dectector%7CVibram%252[...]
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 24);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 24);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1340583642804");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.revision", "48");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "67211771");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "86ee0c055615ec56fa099db6db215e55dd3e5f84");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_ID2cid2798503", "USMI0229");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_IDcid2798503", "53154");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_name2cid2798503", "Detroit%2C%20MI");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_location_namecid2798503", "Oak%20Creek%2C%20WI%20%2853154%29");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.weather_unitscid2798503", "F");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://www.dogpile.com/dogpile/ws/index");
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]
Line Deleted : user_pref("CT3279411.FF19Solved", "true");
Line Deleted : user_pref("CT3279411.UserID", "UN14915692952109325");
Line Deleted : user_pref("CT3279411.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3279411.fullUserID", "UN14915692952109325.IN.20130804175222");
Line Deleted : user_pref("CT3279411.installDate", "04/08/2013 17:52:22");
Line Deleted : user_pref("CT3279411.installSessionId", "{067FC4A7-FB13-4B3A-AB3F-47FB1B385EE0}");
Line Deleted : user_pref("CT3279411.installSp", "TRUE");
Line Deleted : user_pref("CT3279411.installerVersion", "1.5.4.5");
Line Deleted : user_pref("CT3279411.keyword", "true");
Line Deleted : user_pref("CT3279411.originalHomepage", "hxxp://www.dogpile.com/info.dogpl.t5.1/search/home");
Line Deleted : user_pref("CT3279411.originalSearchAddressUrl", "hxxp://websearch.shopathome.com?user_id={72b7d82c-93f4-4717-8c51-12620c6fba3e}&q=");
Line Deleted : user_pref("CT3279411.originalSearchEngine", "Web Search");
Line Deleted : user_pref("CT3279411.originalSearchEngineName", "");
Line Deleted : user_pref("CT3279411.searchRevert", "false");
Line Deleted : user_pref("CT3279411.searchUserMode", "2");
Line Deleted : user_pref("CT3279411.smartbar.homepage", "true");
Line Deleted : user_pref("CT3279411.versionFromInstaller", "10.16.9.6");
Line Deleted : user_pref("CT3279411.xpeMode", "0");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN14915692952109325&UM=2&UP=SP477F5151-5953-44BA-8283-01CF3F4BFBB1");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://websearch.shopathome.com?user_id={72b7d82c-93f4-4717-8c51-12620c6fba3e}&q=");
Line Deleted : user_pref("browser.search.defaultenginename", "appbario12 Customized Web Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "appbario12 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("browser.search.selectedEngine", "appbario12 Customized Web Search");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=1DA20B39-4406-47DB-BA95-B19B6A1CED40&n=77fcde6f&p2=^AFA^xdm163^YY^us&si=250652");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.installDate", "2013060719");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerId", "^AFA^xdm163^YY^us");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.partnerSubId", "250652");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.installation.toolbarId", "1DA20B39-4406-47DB-BA95-B19B6A1CED40");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.lastActivePing", "1370649621040");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.defaultSearch", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.homePageEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.keywordEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.options.tabEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.searchHistory", "great clips");
Line Deleted : user_pref("extensions.toolbar.mindspark._5zMembers_.weather.location", "53201");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "chrome%2520download%7Chxxp%253A//www.youtube.com/watch%253Fv%253DY2O1VQU30To%7CCharlie%2520Hofheimer%2520shirtless%7C%7CW[...]
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 22);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 25);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1382479937811");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.Uninstall", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeInstallSaved", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.homepage", "hxxp%3A//www.dogpile.com/");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.search", "Google");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "79119657");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "292661090311f397bfaaa4680f50622e4c205d4c");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
Line Deleted : user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&SearchSource=2&CUI=UN14915692952109325&UM=2&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3279411");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3279411&SearchSource=2&CUI=UN14915692952109325&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3279411");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3279411");
Line Deleted : user_pref("smartbar.machineId", "HUSRM0EXRRTHC68ORYXUCUQ/HNYWZK6HQHS6EBSOVJWJWM6W7A4UQZ9/NVLVMXYSRY0P2XUVIJLQPKWIGBTB5W");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3279411&CUI=UN14915692952109325&UM=2&SearchSource=13");
-\\ Google Chrome v30.0.1599.101
[ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [24663 octets] - [22/10/2013 20:00:00]
AdwCleaner[S0].txt - [25492 octets] - [22/10/2013 20:12:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25553 octets] ##########
# AdwCleaner v3.010 - Report created 22/10/2013 at 21:28:46
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brain - BRAIN-HP
# Running from : C:\Users\Brain\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Brain\AppData\Local\PackageAware
Folder Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\CT3279411
Folder Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{465fcfbb-47a4-4866-a5d5-d12f9a77da00}
File Deleted : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\web-search.xml
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87A0B80B-5BA7-4CB0-9553-105D68777D60}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKCU\Software\AGI
Key Deleted : HKLM\Software\AGI
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16384
-\\ Mozilla Firefox v25.0 (en-US)
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\esuzx5jl.default\prefs.js ]
[ File : C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\prefs.js ]
-\\ Google Chrome v30.0.1599.101
[ File : C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [24663 octets] - [22/10/2013 20:00:00]
AdwCleaner[R1].txt - [11499 octets] - [22/10/2013 20:15:41]
AdwCleaner[R2].txt - [5817 octets] - [22/10/2013 21:28:14]
AdwCleaner[S0].txt - [25734 octets] - [22/10/2013 20:12:13]
AdwCleaner[S1].txt - [5515 octets] - [22/10/2013 21:28:46]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5575 octets] ##########
Junkware Removal Tool Log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Brain on Sun 04/27/2014 at 15:59:30.82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
~~~ Files
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Brain\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Brain\AppData\Roaming\mozilla\firefox\profiles\x1ft5x1x.default-1340583930802\fctb
Successfully deleted the following from C:\Users\Brain\AppData\Roaming\mozilla\firefox\profiles\esuzx5jl.default\prefs.js
user_pref("extensions.sahtb.url.merchants.data", "<?xml version=\"1.0\" ?><MerchantSettings><v n=\"177\" /><GlobalSuppresses><s u=\".7eer.net\" g=\"1\" i=\"1853\" /><s u=\".ca
Successfully deleted the following from C:\Users\Brain\AppData\Roaming\mozilla\firefox\profiles\x1ft5x1x.default-1340583930802\prefs.js
user_pref("browser.startup.homepage", "hxxp://www.dogpile.com/");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.2798485.KeywordHistory", "dogpile.com%7CJava%25201.6.0%7C%2520hxxps%253A//www.dropbox.com/s/07e51gdzcwbq0ym/HRTicker%25252
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.AutoSearchEventData", "auto%20search");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ClearCacheDate", 27);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DNSCatch", true);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DisplayEULA", false);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.DnsCatchEventData", "dns%20catch");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.FirstLaunchShown", true);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.LoadLayoutDate.60241", 27);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.NewTabSearchEventData", "tab%20search");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.ShowRecommendedOptions", false);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.StateReportDate", "1398470821876");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.TopRightSearchEventData", "top%20right%20search");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.Uninstall", false);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeInstallSaved", true);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.homepage", "chrome%3A//branding/locale/browserconfig.properties");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.beforeinstall.search", "Google");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.customNewTab", true);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.helpUsImprove", true);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.hideOthers", false);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.processAddrBar", true);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.restoreSearch", false);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.searchHistory", true);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.showFirstLaunchOptions", false);
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tb_lang", "en");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.tool_id", "60241");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_id", "79119657");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_key", "292661090311f397bfaaa4680f50622e4c205d4c");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_layouts", "60241");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.user_lnames", "Dogpile%20Toolbar");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.xml_service_url", "64e3a27980eeceb34248bc3e680b4e63");
user_pref("freecause9a94d785297944e9b3319e09d0cc7cff.yahooSearch", true);
Emptied folder: C:\Users\Brain\AppData\Roaming\mozilla\firefox\profiles\x1ft5x1x.default-1340583930802\minidumps [28 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 04/27/2014 at 16:05:35.99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Farbar Recovery Scan Tool log (only one log was produced):
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
Ran by Brain (administrator) on BRAIN-HP on 27-04-2014 16:14:45
Running from C:\Users\Brain\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Akamai Technologies, Inc.) C:\Users\Brain\AppData\Local\Akamai\netsession_win.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Dropbox, Inc.) C:\Users\Brain\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Brain\AppData\Local\Akamai\netsession_win.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe
(Repkasoft) C:\Program Files (x86)\YoWindow\yowindow.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe
() C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Brain\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CheckIt Diagnostics 8] => C:\Program Files\Smith Micro\CheckIt Diagnostics 8\cd8ctf.exe [54088 2010-05-11] (Smith Micro)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-04-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EaseUs Watch] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe [70728 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs Tray] => C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe [1372232 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUs TB Tray Agent] => C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [253512 2013-09-04] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [BFHP] => C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-14] (SUPERAntiSpyware)
HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Brain\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [Google Update] => C:\Users\Brain\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.)
HKU\S-1-5-21-649025149-514020257-970770016-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-03-18] (Siber Systems)
Startup: C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Brain\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk
ShortcutTarget: YoWindow.lnk -> C:\Program Files (x86)\YoWindow\yowindow.exe (Repkasoft)
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM - {C46296C9-9FB6-4509-8294-68FA8F44E6DB} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {C46296C9-9FB6-4509-8294-68FA8F44E6DB} URL =
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: No Name - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - No File
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - No Name - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - No Name - {8A936F47-6B90-4537-A1BC-6F369A203D47} - No File
Toolbar: HKLM-x32 - Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802
FF NewTab: about:blank
FF Keyword.URL: hxxp://www.dogpile.com/info.dogpl.fctb.prefer/search/web?fcoid=417&fcop=topnav&fpid=27&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_199.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_199.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Brain\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Brain\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Brain\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Brain\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Brain\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Brain\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Brain\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Brain\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\searchplugins\dogpile.xml
FF Extension: Разпознаване на устройство Logitech - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2012-09-05]
FF Extension: DoNotTrackMe - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2013-08-24]
FF Extension: Xmarks - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2014-01-10]
FF Extension: MaskMe - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2014-04-06]
FF Extension: Lavasoft Search Plugin - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack [2013-01-06]
FF Extension: BeFrugal.com Toolbar - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2014-03-15]
FF Extension: No Name - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\staged [2014-04-27]
FF Extension: Ghostery - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2013-08-24]
FF Extension: Searchonymous - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2014-02-11]
FF Extension: Personas Plus - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2012-06-24]
FF Extension: Test Pilot - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\[email protected] [2012-06-24]
FF Extension: PDF Download - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2014-04-10]
FF Extension: Dogpile Toolbar - C:\Users\Brain\AppData\Roaming\Mozilla\Firefox\Profiles\x1ft5x1x.default-1340583930802\Extensions\{9a94d785-2979-44e9-b331-9e09d0cc7cff}.xpi [2012-06-24]
FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\
FF Extension: Norton Safe Web Lite Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ []
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-22]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-01-30]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-03-18]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-22]
CHR Extension: (Google Drive) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-02-25]
CHR Extension: (YouTube) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-22]
CHR Extension: (Google Search) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-22]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2013-10-22]
CHR Extension: (Assassin's Creed III) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\geadmffjboclimmeiaimcafapjaefnfn [2013-10-22]
CHR Extension: (Advanced Extensions) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\knchccdpckooledklhnooegnniofcfip [2013-10-22]
CHR Extension: (Norton Identity Protection) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09]
CHR Extension: (Buffer) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2013-10-22]
CHR Extension: (Readability) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2013-10-22]
CHR Extension: (Gmail) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-22]
CHR Extension: (RoboForm) - C:\Users\Brain\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-03-20]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-17]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-27] (Microsoft Corp.)
R2 Diskeeper; C:\Program Files\Condusiv Technologies\Diskeeper\DkService.exe [2721656 2012-07-27] (Condusiv Technologies)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36936 2013-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-07-25] (Google)
R2 Guard Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-09-04] (CHENGDU YIWO Tech Development Co., Ltd)
S4 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [107576 2010-11-17] ()
R2 HPSLPSVC; C:\Users\Brain\AppData\Local\Temp\7zS0078\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
S4 NSL; C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe [130000 2010-11-23] (Symantec Corporation)
S4 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [460288 2013-07-19] (Alcatel-Lucent)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-03-08] (Realtek Semiconductor)
==================== Drivers (Whitelisted) ====================
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
R3 DKRtWrt; C:\Windows\System32\DRIVERS\DKRtWrt.sys [52048 2012-06-18] (Condusiv Technologies)
R0 DKTLFSMF; C:\Windows\System32\drivers\DKTLFSMF.sys [106832 2012-07-09] (Condusiv Technologies)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-30] (Symantec Corporation)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2013-09-04] ()
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-06] (GFI Software)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140427.002\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-03-08] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140426.001\ENG64.SYS [126040 2014-01-30] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140426.001\EX64.SYS [2099288 2014-01-30] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [19968 2013-02-11] (Microsoft Corporation)
S3 veebeampol; C:\Windows\System32\DRIVERS\veebeampol.sys [14952 2010-11-29] (Veebeam Corporation)
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-27 16:14 - 2014-04-27 16:14 - 00030270 _____ () C:\Users\Brain\Downloads\FRST.txt
2014-04-27 16:13 - 2014-04-27 16:13 - 02061824 _____ (Farbar) C:\Users\Brain\Downloads\FRST64(1).exe
2014-04-27 16:05 - 2014-04-27 16:05 - 00004716 _____ () C:\Users\Brain\Desktop\JRT.txt
2014-04-27 15:58 - 2014-04-27 15:59 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(5).exe
2014-04-27 15:54 - 2014-04-27 15:54 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(4).exe
2014-04-27 15:52 - 2014-04-27 15:52 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(3).exe
2014-04-27 15:40 - 2014-04-27 15:40 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(2).exe
2014-04-27 15:36 - 2014-04-27 15:36 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(1).exe
2014-04-27 15:22 - 2014-04-27 15:22 - 01329501 _____ () C:\Users\Brain\Downloads\AdwCleaner(1).exe
2014-04-27 14:02 - 2014-04-27 14:18 - 00000000 ____D () C:\Users\Brain\Documents\WI State Jobs Exam Answers
2014-04-27 13:20 - 2014-04-27 13:22 - 156995584 _____ () C:\Users\Brain\Downloads\VIPRERescue28624.exe
2014-04-27 03:07 - 2014-04-27 03:07 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-27 03:07 - 2014-04-27 03:07 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-04-27 03:06 - 2014-04-27 03:06 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-27 03:06 - 2014-04-27 03:06 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-27 03:06 - 2014-04-27 03:06 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 00110080 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 00094208 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2014-04-27 00:18 - 2014-04-27 00:18 - 00002626 _____ () C:\Users\Brain\Downloads\legitcheck (1).hta
2014-04-27 00:17 - 2014-04-27 00:17 - 00002626 _____ () C:\Users\Brain\Downloads\legitcheck.hta
2014-04-27 00:07 - 2014-04-27 00:07 - 00159144 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\WindowsActivationUpdate.exe
2014-04-26 23:58 - 2014-04-26 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-04-26 23:57 - 2014-04-26 23:57 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-04-26 23:55 - 2014-04-26 23:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-26 23:55 - 2014-04-13 21:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-26 23:55 - 2014-04-13 21:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-25 21:58 - 2014-04-25 21:58 - 04745984 _____ (Piriform Ltd) C:\Users\Brain\Downloads\ccsetup413.exe
2014-04-25 15:26 - 2014-04-25 15:26 - 00000000 __SHD () C:\Users\Brain\AppData\Local\EmieUserList
2014-04-25 15:26 - 2014-04-25 15:26 - 00000000 __SHD () C:\Users\Brain\AppData\Local\EmieSiteList
2014-04-24 05:47 - 2014-04-24 05:47 - 00001609 _____ () C:\Users\Brain\Desktop\DivX Movies.lnk
2014-04-24 05:47 - 2014-04-24 05:47 - 00001085 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-04-24 05:47 - 2014-04-24 05:47 - 00001020 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-04-24 05:45 - 2014-04-24 05:46 - 57134496 _____ (DivX, LLC) C:\Users\Brain\Downloads\DivXInstaller(7).exe
2014-04-23 18:04 - 2014-04-23 18:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 17:50 - 2014-04-22 17:50 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 17:30 - 2014-04-27 15:56 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-649025149-514020257-970770016-1000
2014-04-22 17:30 - 2014-04-27 15:56 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-649025149-514020257-970770016-1000
2014-04-21 19:18 - 2014-04-21 19:22 - 157642752 _____ () C:\Users\Brain\Downloads\VIPRERescue28456.exe
2014-04-20 20:51 - 2014-04-20 20:55 - 328121408 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(90).exe
2014-04-20 20:47 - 2014-04-20 20:50 - 328121408 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(89).exe
2014-04-17 18:58 - 2014-04-17 18:58 - 00003138 _____ () C:\Windows\System32\Tasks\{FD33FB71-6A13-4E4F-B4FB-234C52B190CA}
2014-04-17 18:57 - 2014-04-17 18:57 - 01239752 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\wlsetup-web(10).exe
2014-04-17 17:46 - 2014-04-17 17:46 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-17 17:46 - 2014-04-17 17:46 - 00000000 ____D () C:\Windows\en
2014-04-17 17:44 - 2014-04-17 17:44 - 00000380 _____ () C:\Windows\DirectX.log
2014-04-17 17:38 - 2014-04-17 17:44 - 01239752 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\wlsetup-web(9).exe
2014-04-16 21:59 - 2014-03-06 05:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-16 21:59 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-16 21:59 - 2014-03-06 04:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-16 21:59 - 2014-03-06 04:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-16 21:59 - 2014-03-06 03:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-16 21:59 - 2014-03-06 03:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-16 21:59 - 2014-03-06 03:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-16 21:59 - 2014-03-06 03:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-16 21:59 - 2014-03-06 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-16 21:59 - 2014-03-06 03:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-16 21:59 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-16 21:59 - 2014-03-06 03:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-16 21:59 - 2014-03-06 03:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-16 21:59 - 2014-03-06 03:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-16 21:59 - 2014-03-06 03:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-16 21:59 - 2014-03-06 03:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-16 21:59 - 2014-03-06 03:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-16 21:59 - 2014-03-06 03:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-16 21:59 - 2014-03-06 03:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-16 21:59 - 2014-03-06 03:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-16 21:59 - 2014-03-06 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-16 21:59 - 2014-03-06 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-16 21:59 - 2014-03-06 02:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-16 21:59 - 2014-03-06 02:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-16 21:59 - 2014-03-06 02:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-16 21:59 - 2014-03-06 02:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-16 21:59 - 2014-03-06 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-16 21:59 - 2014-03-06 02:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-16 21:59 - 2014-03-06 02:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-16 21:59 - 2014-03-06 02:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-16 21:59 - 2014-03-06 02:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-16 21:59 - 2014-03-06 02:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-16 21:59 - 2014-03-06 02:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-16 21:59 - 2014-03-06 02:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-16 21:59 - 2014-03-06 02:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-16 21:59 - 2014-03-06 02:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-16 21:59 - 2014-03-06 02:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-16 21:59 - 2014-03-06 02:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-16 21:59 - 2014-03-06 01:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-16 21:59 - 2014-03-06 01:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-16 21:59 - 2014-03-06 01:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-16 21:59 - 2014-03-06 01:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-16 21:59 - 2014-03-06 01:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-16 21:59 - 2014-03-06 00:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 21:59 - 2014-03-06 00:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-16 21:59 - 2014-03-06 00:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-16 21:59 - 2014-03-06 00:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-16 21:59 - 2014-03-06 00:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 19:09 - 2014-04-16 19:09 - 00003132 _____ () C:\Windows\System32\Tasks\{15648CDD-6F78-4EE8-9474-B8786FE391D9}
2014-04-16 19:08 - 2014-04-16 19:09 - 18129696 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(7).exe
2014-04-16 19:07 - 2014-04-16 19:07 - 00884688 _____ (Google Inc.) C:\Users\Brain\Downloads\ChromeSetup (2).exe
2014-04-16 18:53 - 2014-04-16 18:53 - 34705408 _____ () C:\Users\Brain\Downloads\gsync(4).msi
2014-04-16 18:49 - 2014-04-16 18:49 - 34131368 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jre-8u5-windows-x64.exe
2014-04-15 22:02 - 2014-04-15 22:02 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2014-04-14 19:49 - 2014-04-14 19:51 - 157085696 _____ () C:\Users\Brain\Downloads\VIPRERescue28214.exe
2014-04-13 21:07 - 2014-04-13 21:11 - 326825496 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(88).exe
2014-04-13 19:06 - 2014-04-20 20:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-13 19:06 - 2014-04-13 19:06 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-13 19:06 - 2014-04-13 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-13 19:06 - 2014-04-13 19:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 19:06 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-13 19:06 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-09 20:20 - 2014-04-09 20:20 - 34705408 _____ () C:\Users\Brain\Downloads\gsync(3).msi
2014-04-09 18:22 - 2014-04-09 18:22 - 00692320 _____ () C:\Users\Brain\Downloads\pmmig.exe
2014-04-09 18:19 - 2014-04-24 05:47 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
2014-04-09 18:19 - 2014-04-09 18:19 - 21252080 _____ (Moonchild Productions) C:\Users\Brain\Downloads\palemoon-24.4.2 x86 (32-bit)-installer.exe
2014-04-09 18:19 - 2014-04-09 18:19 - 00001082 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
2014-04-09 18:19 - 2014-04-09 18:19 - 00001070 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Moonchild Productions
2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Users\Brain\AppData\Local\Moonchild Productions
2014-04-09 18:17 - 2014-04-09 18:17 - 00003132 _____ () C:\Windows\System32\Tasks\{79DC43F3-7CB7-40FC-82E6-4B0A11F310C4}
2014-04-09 18:16 - 2014-04-09 18:16 - 00798896 _____ () C:\Users\Brain\Downloads\palemoon-websetup.exe
2014-04-09 18:01 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 18:01 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 18:01 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 18:01 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 18:01 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 18:01 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 18:01 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 18:01 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 18:01 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 18:01 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 18:01 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 18:01 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 18:01 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 18:01 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 18:01 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 18:01 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 18:01 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 17:59 - 2014-04-09 17:59 - 18130312 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(6).exe
2014-04-07 20:58 - 2014-04-07 20:58 - 11841536 _____ () C:\Users\Brain\Downloads\easypdf60-setup64.msi
2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCL easyPDF Printer 6
2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files\Common Files\BCL Technologies
2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-04-07 20:36 - 2014-04-07 20:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-07 20:36 - 2014-04-07 20:36 - 00001981 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-07 19:48 - 2014-04-07 19:48 - 00000000 ____D () C:\ProgramData\PDFC
2014-04-07 19:38 - 2014-04-07 19:38 - 00050688 _____ (Atribune.org) C:\Users\Brain\Downloads\ATF-Cleaner(3).exe
2014-04-07 07:02 - 2014-04-17 07:03 - 00003820 _____ () C:\Windows\System32\Tasks\SetupManager
2014-04-06 19:48 - 2014-04-06 19:50 - 156749824 _____ () C:\Users\Brain\Downloads\VIPRERescue28076.exe
2014-04-06 18:35 - 2014-04-06 18:39 - 324216336 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(87).exe
2014-04-02 19:20 - 2014-04-02 19:20 - 00001227 _____ () C:\Users\Brain\Desktop\Should I Remove It.lnk
2014-04-02 19:20 - 2014-04-02 19:20 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2014-04-02 19:20 - 2014-04-02 19:20 - 00000000 ____D () C:\Program Files (x86)\Reason
2014-04-01 21:27 - 2014-04-27 15:31 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-649025149-514020257-970770016-1000
2014-04-01 21:27 - 2014-04-27 15:31 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-649025149-514020257-970770016-1000
2014-04-01 17:47 - 2014-04-01 17:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-01 17:47 - 2014-04-01 17:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-01 17:47 - 2014-04-01 17:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-01 17:47 - 2014-04-01 17:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-01 17:47 - 2014-04-01 17:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-01 17:45 - 2014-04-01 17:45 - 00921000 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jxpiinstall(3).exe
2014-04-01 17:43 - 2014-04-01 17:44 - 34121112 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jre-8-windows-x64(1).exe
2014-03-31 21:41 - 2014-03-31 21:41 - 00058568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sirenacm.dll
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-30 20:19 - 2014-03-30 20:23 - 323110024 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(86).exe
2014-03-30 18:23 - 2014-04-27 15:55 - 00024276 _____ () C:\Windows\setupact.log
2014-03-30 18:23 - 2014-03-30 18:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-29 12:43 - 2014-03-29 12:43 - 00003132 _____ () C:\Windows\System32\Tasks\{E3BCC3C7-8251-4246-95D4-98DC990BBF4F}
2014-03-29 12:42 - 2014-03-29 12:43 - 18160600 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(5).exe
==================== One Month Modified Files and Folders =======
2014-04-27 16:15 - 2014-04-27 16:14 - 00030270 _____ () C:\Users\Brain\Downloads\FRST.txt
2014-04-27 16:14 - 2013-10-21 22:22 - 00000000 ____D () C:\FRST
2014-04-27 16:13 - 2014-04-27 16:13 - 02061824 _____ (Farbar) C:\Users\Brain\Downloads\FRST64(1).exe
2014-04-27 16:11 - 2014-03-15 16:01 - 00000206 _____ () C:\Users\Brain\myextension_debug.log
2014-04-27 16:05 - 2014-04-27 16:05 - 00004716 _____ () C:\Users\Brain\Desktop\JRT.txt
2014-04-27 16:03 - 2009-07-13 23:45 - 00024608 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-27 16:03 - 2009-07-13 23:45 - 00024608 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-27 15:59 - 2014-04-27 15:58 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(5).exe
2014-04-27 15:59 - 2011-07-15 01:01 - 01889727 _____ () C:\Windows\WindowsUpdate.log
2014-04-27 15:56 - 2014-04-22 17:30 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-649025149-514020257-970770016-1000
2014-04-27 15:56 - 2014-04-22 17:30 - 00003228 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-649025149-514020257-970770016-1000
2014-04-27 15:56 - 2013-11-24 18:04 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 15:56 - 2013-10-28 04:25 - 00000000 ___RD () C:\Users\Brain\Dropbox
2014-04-27 15:56 - 2013-10-28 04:23 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Dropbox
2014-04-27 15:55 - 2014-03-30 18:23 - 00024276 _____ () C:\Windows\setupact.log
2014-04-27 15:55 - 2014-01-17 18:55 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForBrain.job
2014-04-27 15:55 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-27 15:54 - 2014-04-27 15:54 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(4).exe
2014-04-27 15:53 - 2014-01-19 04:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-27 15:52 - 2014-04-27 15:52 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(3).exe
2014-04-27 15:40 - 2014-04-27 15:40 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(2).exe
2014-04-27 15:36 - 2014-04-27 15:36 - 01016261 _____ (Thisisu) C:\Users\Brain\Downloads\JRT(1).exe
2014-04-27 15:35 - 2014-01-17 18:55 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBrain
2014-04-27 15:31 - 2014-04-01 21:27 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-649025149-514020257-970770016-1000
2014-04-27 15:31 - 2014-04-01 21:27 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-649025149-514020257-970770016-1000
2014-04-27 15:29 - 2013-12-07 15:13 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-649025149-514020257-970770016-1000UA.job
2014-04-27 15:27 - 2013-10-22 19:59 - 00000000 ____D () C:\AdwCleaner
2014-04-27 15:22 - 2014-04-27 15:22 - 01329501 _____ () C:\Users\Brain\Downloads\AdwCleaner(1).exe
2014-04-27 15:21 - 2013-11-24 18:04 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-27 15:20 - 2011-07-24 01:01 - 00000000 ____D () C:\Users\Brain\Documents\Outlook Files
2014-04-27 14:27 - 2011-07-23 21:18 - 00000000 ____D () C:\VIPRERESCUE
2014-04-27 14:18 - 2014-04-27 14:02 - 00000000 ____D () C:\Users\Brain\Documents\WI State Jobs Exam Answers
2014-04-27 14:12 - 2013-07-02 18:07 - 00000000 ____D () C:\Users\Brain\Documents\Latest Resumes
2014-04-27 14:05 - 2009-07-14 00:13 - 00786538 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-27 13:22 - 2014-04-27 13:20 - 156995584 _____ () C:\Users\Brain\Downloads\VIPRERescue28624.exe
2014-04-27 03:07 - 2014-04-27 03:07 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-04-27 03:07 - 2014-04-27 03:07 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-04-27 03:07 - 2011-07-15 00:55 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-04-27 03:07 - 2011-07-15 00:53 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-04-27 03:06 - 2014-04-27 03:06 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-04-27 03:06 - 2014-04-27 03:06 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-04-27 03:06 - 2014-04-27 03:06 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 00110080 _____ (TODO: <Company name>) C:\Windows\system32\DelayAPO.dll
2014-04-27 03:06 - 2014-04-27 03:06 - 00094208 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2014-04-27 02:28 - 2014-02-26 12:50 - 00035282 _____ () C:\Windows\PFRO.log
2014-04-27 00:18 - 2014-04-27 00:18 - 00002626 _____ () C:\Users\Brain\Downloads\legitcheck (1).hta
2014-04-27 00:17 - 2014-04-27 00:17 - 00002626 _____ () C:\Users\Brain\Downloads\legitcheck.hta
2014-04-27 00:07 - 2014-04-27 00:07 - 00159144 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\WindowsActivationUpdate.exe
2014-04-26 23:58 - 2014-04-26 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-04-26 23:58 - 2013-06-14 02:37 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-04-26 23:58 - 2013-06-14 02:37 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-04-26 23:58 - 2012-12-23 19:21 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-04-26 23:58 - 2011-07-23 03:20 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-04-26 23:58 - 2011-07-23 03:16 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-04-26 23:57 - 2014-04-26 23:57 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-04-26 23:55 - 2014-04-26 23:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 21:58 - 2014-04-25 21:58 - 04745984 _____ (Piriform Ltd) C:\Users\Brain\Downloads\ccsetup413.exe
2014-04-25 21:58 - 2014-01-25 15:46 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-25 21:58 - 2011-07-24 22:12 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-25 17:29 - 2011-07-22 19:07 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-25 17:28 - 2011-10-28 19:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-25 15:26 - 2014-04-25 15:26 - 00000000 __SHD () C:\Users\Brain\AppData\Local\EmieUserList
2014-04-25 15:26 - 2014-04-25 15:26 - 00000000 __SHD () C:\Users\Brain\AppData\Local\EmieSiteList
2014-04-25 13:56 - 2014-01-07 19:53 - 00000000 ____D () C:\Users\Brain\AppData\Local\Akamai
2014-04-25 13:54 - 2012-04-27 23:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-24 05:47 - 2014-04-24 05:47 - 00001609 _____ () C:\Users\Brain\Desktop\DivX Movies.lnk
2014-04-24 05:47 - 2014-04-24 05:47 - 00001085 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-04-24 05:47 - 2014-04-24 05:47 - 00001020 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-04-24 05:47 - 2014-04-09 18:19 - 00000000 ____D () C:\Program Files (x86)\Pale Moon
2014-04-24 05:47 - 2013-09-06 07:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-04-24 05:47 - 2012-05-13 16:57 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-04-24 05:47 - 2012-05-13 16:56 - 00000000 ____D () C:\ProgramData\DivX
2014-04-24 05:46 - 2014-04-24 05:45 - 57134496 _____ (DivX, LLC) C:\Users\Brain\Downloads\DivXInstaller(7).exe
2014-04-23 18:04 - 2014-04-23 18:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 17:50 - 2014-04-22 17:50 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-21 21:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-04-21 19:22 - 2014-04-21 19:18 - 157642752 _____ () C:\Users\Brain\Downloads\VIPRERescue28456.exe
2014-04-20 20:55 - 2014-04-20 20:51 - 328121408 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(90).exe
2014-04-20 20:50 - 2014-04-20 20:47 - 328121408 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(89).exe
2014-04-20 20:10 - 2014-04-13 19:06 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-17 18:58 - 2014-04-17 18:58 - 00003138 _____ () C:\Windows\System32\Tasks\{FD33FB71-6A13-4E4F-B4FB-234C52B190CA}
2014-04-17 18:57 - 2014-04-17 18:57 - 01239752 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\wlsetup-web(10).exe
2014-04-17 17:46 - 2014-04-17 17:46 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-04-17 17:46 - 2014-04-17 17:46 - 00000000 ____D () C:\Windows\en
2014-04-17 17:46 - 2014-02-22 04:22 - 00000000 ____D () C:\Users\Brain\Tracing
2014-04-17 17:46 - 2011-07-15 01:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-04-17 17:45 - 2014-02-22 04:15 - 00002448 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-04-17 17:45 - 2014-02-22 04:15 - 00001420 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-04-17 17:45 - 2014-02-22 04:15 - 00001336 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-04-17 17:45 - 2013-08-09 23:22 - 00000000 ____D () C:\Program Files\Windows Live
2014-04-17 17:45 - 2011-07-15 01:15 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-04-17 17:44 - 2014-04-17 17:44 - 00000380 _____ () C:\Windows\DirectX.log
2014-04-17 17:44 - 2014-04-17 17:38 - 01239752 _____ (Microsoft Corporation) C:\Users\Brain\Downloads\wlsetup-web(9).exe
2014-04-17 17:44 - 2014-02-22 04:14 - 00002174 _____ () C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-04-17 07:03 - 2014-04-07 07:02 - 00003820 _____ () C:\Windows\System32\Tasks\SetupManager
2014-04-16 22:01 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-16 19:09 - 2014-04-16 19:09 - 00003132 _____ () C:\Windows\System32\Tasks\{15648CDD-6F78-4EE8-9474-B8786FE391D9}
2014-04-16 19:09 - 2014-04-16 19:08 - 18129696 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(7).exe
2014-04-16 19:07 - 2014-04-16 19:07 - 00884688 _____ (Google Inc.) C:\Users\Brain\Downloads\ChromeSetup (2).exe
2014-04-16 18:54 - 2012-11-29 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-04-16 18:53 - 2014-04-16 18:53 - 34705408 _____ () C:\Users\Brain\Downloads\gsync(4).msi
2014-04-16 18:52 - 2014-01-19 04:16 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-16 18:52 - 2014-01-19 04:16 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-16 18:52 - 2014-01-19 04:16 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-16 18:52 - 2014-01-19 04:16 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-16 18:52 - 2014-01-19 04:16 - 00000000 ____D () C:\Program Files\Java
2014-04-16 18:49 - 2014-04-16 18:49 - 34131368 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jre-8u5-windows-x64.exe
2014-04-15 22:02 - 2014-04-15 22:02 - 00354656 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2014-04-15 19:53 - 2014-01-19 04:26 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-15 19:53 - 2014-01-19 04:26 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-15 19:53 - 2014-01-19 04:26 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-14 19:51 - 2014-04-14 19:49 - 157085696 _____ () C:\Users\Brain\Downloads\VIPRERescue28214.exe
2014-04-13 21:24 - 2014-04-26 23:55 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-13 21:19 - 2014-04-26 23:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 21:11 - 2014-04-13 21:07 - 326825496 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(88).exe
2014-04-13 20:50 - 2011-02-11 12:00 - 00000000 ____D () C:\Windows\Panther
2014-04-13 19:06 - 2014-04-13 19:06 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-13 19:06 - 2014-04-13 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-13 19:06 - 2014-04-13 19:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-13 19:06 - 2011-07-30 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-13 19:06 - 2011-07-23 18:57 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Malwarebytes
2014-04-13 19:06 - 2011-07-23 18:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 22:24 - 2013-11-06 23:24 - 00000342 _____ () C:\Windows\Tasks\HPCeeScheduleForBRAIN-HP$.job
2014-04-09 22:24 - 2012-12-02 16:41 - 00003218 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBRAIN-HP$
2014-04-09 20:20 - 2014-04-09 20:20 - 34705408 _____ () C:\Users\Brain\Downloads\gsync(3).msi
2014-04-09 18:27 - 2011-07-21 22:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 18:26 - 2013-07-28 21:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 18:24 - 2011-07-21 23:40 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 18:22 - 2014-04-09 18:22 - 00692320 _____ () C:\Users\Brain\Downloads\pmmig.exe
2014-04-09 18:19 - 2014-04-09 18:19 - 21252080 _____ (Moonchild Productions) C:\Users\Brain\Downloads\palemoon-24.4.2 x86 (32-bit)-installer.exe
2014-04-09 18:19 - 2014-04-09 18:19 - 00001082 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk
2014-04-09 18:19 - 2014-04-09 18:19 - 00001070 _____ () C:\Users\Public\Desktop\Pale Moon.lnk
2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Moonchild Productions
2014-04-09 18:19 - 2014-04-09 18:19 - 00000000 ____D () C:\Users\Brain\AppData\Local\Moonchild Productions
2014-04-09 18:17 - 2014-04-09 18:17 - 00003132 _____ () C:\Windows\System32\Tasks\{79DC43F3-7CB7-40FC-82E6-4B0A11F310C4}
2014-04-09 18:16 - 2014-04-09 18:16 - 00798896 _____ () C:\Users\Brain\Downloads\palemoon-websetup.exe
2014-04-09 17:59 - 2014-04-09 17:59 - 18130312 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(6).exe
2014-04-07 20:58 - 2014-04-07 20:58 - 11841536 _____ () C:\Users\Brain\Downloads\easypdf60-setup64.msi
2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCL easyPDF Printer 6
2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files\Common Files\BCL Technologies
2014-04-07 20:58 - 2014-04-07 20:58 - 00000000 ____D () C:\Program Files\BCL Technologies
2014-04-07 20:36 - 2014-04-07 20:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-04-07 20:36 - 2014-04-07 20:36 - 00001981 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-07 20:36 - 2012-06-27 20:57 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-07 20:35 - 2013-02-15 15:04 - 00000000 ____D () C:\Users\Brain\AppData\Local\Adobe
2014-04-07 20:15 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-07 19:48 - 2014-04-07 19:48 - 00000000 ____D () C:\ProgramData\PDFC
2014-04-07 19:38 - 2014-04-07 19:38 - 00050688 _____ (Atribune.org) C:\Users\Brain\Downloads\ATF-Cleaner(3).exe
2014-04-06 19:50 - 2014-04-06 19:48 - 156749824 _____ () C:\Users\Brain\Downloads\VIPRERescue28076.exe
2014-04-06 18:42 - 2011-08-27 22:28 - 00000000 ____D () C:\Users\Brain\AppData\Local\CrashDumps
2014-04-06 18:39 - 2014-04-06 18:35 - 324216336 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(87).exe
2014-04-05 12:45 - 2013-07-05 16:21 - 00000000 ____D () C:\Users\Brain\Documents\Personal and Confidential
2014-04-03 09:51 - 2014-04-13 19:06 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-13 19:06 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2011-07-23 18:57 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 19:20 - 2014-04-02 19:20 - 00001227 _____ () C:\Users\Brain\Desktop\Should I Remove It.lnk
2014-04-02 19:20 - 2014-04-02 19:20 - 00000000 ____D () C:\Users\Brain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Should I Remove It
2014-04-02 19:20 - 2014-04-02 19:20 - 00000000 ____D () C:\Program Files (x86)\Reason
2014-04-01 17:47 - 2014-04-01 17:47 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-01 17:47 - 2014-04-01 17:47 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-01 17:47 - 2014-04-01 17:47 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-01 17:47 - 2014-04-01 17:47 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-01 17:47 - 2014-04-01 17:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-01 17:47 - 2013-10-16 17:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-01 17:45 - 2014-04-01 17:45 - 00921000 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jxpiinstall(3).exe
2014-04-01 17:44 - 2014-04-01 17:43 - 34121112 _____ (Oracle Corporation) C:\Users\Brain\Downloads\jre-8-windows-x64(1).exe
2014-03-31 21:41 - 2014-03-31 21:41 - 00058568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sirenacm.dll
2014-03-31 21:34 - 2014-03-31 21:34 - 00322248 _____ (Microsoft Corporation) C:\Windows\WLXPGSS.SCR
2014-03-30 20:23 - 2014-03-30 20:19 - 323110024 _____ (Norman Shark AS) C:\Users\Brain\Downloads\Norman_Malware_Cleaner(86).exe
2014-03-30 18:23 - 2014-03-30 18:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-30 14:55 - 2013-12-07 15:13 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-649025149-514020257-970770016-1000Core.job
2014-03-30 05:24 - 2012-01-05 19:15 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-649025149-514020257-970770016-1000UA
2014-03-30 05:24 - 2012-01-05 19:15 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-649025149-514020257-970770016-1000Core
2014-03-29 18:00 - 2009-07-14 00:08 - 00032596 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-29 12:43 - 2014-03-29 12:43 - 00003132 _____ () C:\Windows\System32\Tasks\{E3BCC3C7-8251-4246-95D4-98DC990BBF4F}
2014-03-29 12:43 - 2014-03-29 12:42 - 18160600 _____ (Adobe Systems Inc.) C:\Users\Brain\Downloads\air13_win(5).exe
Some content of TEMP:
====================
C:\Users\Brain\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-20 23:59
==================== End Of Log ============================
sfc scan log: scan fixed everything, but my access was denied when I tried to open the log.