WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Can't Get Rid of Web Bar on Desk Top [Solved]

Started by tcdollar , Oct 24 2014 12:16 PM

This topic is locked

24 replies to this topic

#1 tcdollar

Authentic Member

Authentic Member
47 posts

Posted 24 October 2014 - 12:16 PM

Hi -

I've been trying to clean up my friend's laptop for the last few days and seem to have been able to remove at least one Trojan Horse and several Ad-, Spy-, and Mal- ware issues. But when I run scans, they still find some files that are some kind of threat, but not major ones. But I just cannot figure out how to remove" Web Bar" from the Control Panel program files, or get it off of the desk-top screen.

Please find the reports below that your instructions ask for :

aswMBR version 1.0.1.2161 Copyright© 2014 AVAST Software
Run date: 2014-10-24 12:26:40
-----------------------------
12:26:40.382    OS Version: Windows x64 6.1.7601 Service Pack 1
12:26:40.382    Number of processors: 2 586 0x2505
12:26:40.383    ComputerName: JOEY-HP UserName: Joey
12:26:44.591    Initialize success
12:26:44.763    VM: initialized successfully
12:26:44.778    VM: Intel CPU virtualization not supported
12:26:44.825    supported disk I/O iaStor.sys
12:29:00.378    AVAST engine defs: 14102400
12:30:13.246    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:30:13.261    Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 305245MB BusType: 3
12:30:13.792    Disk 0 MBR read successfully I/O
12:30:13.792    Disk 0 MBR scan
12:30:13.807    Disk 0 unknown MBR code
12:30:13.839    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
12:30:13.885    Disk 0 default boot code
12:30:13.917    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       288334 MB offset 409600
12:30:13.963    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        16607 MB offset 590917632
12:30:14.026    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0      103 MB offset 624928768
12:30:14.556    Disk 0 scanning C:\Windows\system32\drivers
12:30:40.967    Service scanning
12:31:29.577    Modules scanning
12:31:29.577    Disk 0 trace - called modules:
12:31:29.655    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:31:29.655    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80032ea640]
12:31:29.670    3 CLASSPNP.SYS[fffff88001b2243f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800316e050]
12:31:33.071    AVAST engine scan C:\Windows
12:31:38.703    AVAST engine scan C:\Windows\system32
12:39:31.172    AVAST engine scan C:\Windows\system32\drivers
12:40:03.185    AVAST engine scan C:\Users\Joey
12:50:51.007    AVAST engine scan C:\ProgramData
12:57:36.744    Disk 0 statistics 4283929/26/0 @ 1.95 MB/s
12:57:36.744    Scan finished successfully
13:43:33.612    Disk 0 MBR has been saved successfully to "C:\Users\Joey\Desktop\MBR.dat"
13:43:33.628    The log file has been saved successfully to "C:\Users\Joey\Desktop\aswMBR.txt"

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Joey (administrator) on JOEY-HP on 24-10-2014 13:49:39
Running from C:\Users\Joey\Downloads
Loaded Profile: Joey (Available profiles: Joey)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
(Web Bar Media) C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\Joey\AppData\Local\Temp\isdkW6yXmnQE\ISightHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Users\Joey\Downloads\aswMBR.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2012-01-21] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2011-06-10] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [GamingWonderland EPM Support] => "C:\PROGRA~2\GAMING~2\bar\2.bin\gtmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Desktop Software] => C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe [1025320 2009-04-24] (SupportSoft, Inc.)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Google Update] => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-06] (Google Inc.)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [WebBar] => C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe [195056 2014-08-18] (Web Bar Media)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\MountPoints2: {02a13231-0600-11e0-b4df-60eb69498f01} - F:\LaunchU3.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-23] (Microsoft Corporation)
Startup: C:\Users\Joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD646EB295FEDCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zone.msn.com/en-us/home
SearchScopes: HKLM - {2205B49A-8B6A-4880-B761-96C17A282331} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {FB72AB47-FCB7-4F9D-9292-31EBF79F7AF7} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {2205B49A-8B6A-4880-B761-96C17A282331} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - {5BF486E2-20C5-4DB9-AF4C-431948759845} URL =
SearchScopes: HKCU - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL =
SearchScopes: HKCU - {FB72AB47-FCB7-4F9D-9292-31EBF79F7AF7} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Toolbar BHO -> {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} -> C:\PROGRA~2\GAMING~2\bar\2.bin\gtbar.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - HeadlineAlley - {8f61e414-ea79-4559-8bb6-61d956f70306} - C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29bar.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {8F61E414-EA79-4559-8BB6-61D956F70306} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/...tz.cab99160.cab
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
Tcpip\Parameters: [DhcpNameServer] 216.218.93.165 216.218.93.38

FireFox:
========
FF ProfilePath: C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\186yjm9e.default
FF NewTab: https://us.search.ya...031,0,IE11,9284
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: https://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.SmileyCentral_1v.com/Plugin -> C:\Program Files (x86)\SmileyCentral_1vEI\Installr\2.bin\NP1vEISB.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (SmileyCentral Installer Plugin Stub) - C:\Program Files (x86)\SmileyCentral_1vEI\Installr\2.bin\NP1vEISB.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (MixiDJ V36) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\efofpgodgejpmjgbpjdblepalcommejk [2013-06-27]
CHR Extension: (Google Wallet) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [efofpgodgejpmjgbpjdblepalcommejk] - C:\Users\Joey\AppData\Local\CRE\efofpgodgejpmjgbpjdblepalcommejk.crx []
CHR HKLM-x32\...\Chrome\Extension: [efofpgodgejpmjgbpjdblepalcommejk] - C:\Users\Joey\AppData\Local\CRE\efofpgodgejpmjgbpjdblepalcommejk.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [270616 2014-07-02] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 cpuz134; \??\C:\Users\Joey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U3 aswMBR; \??\C:\Users\Joey\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Joey\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 13:49 - 2014-10-24 13:50 - 00022815 _____ () C:\Users\Joey\Downloads\FRST.txt
2014-10-24 13:47 - 2014-10-24 13:49 - 00001429 _____ () C:\Users\Joey\Desktop\FRST64 - Shortcut.lnk
2014-10-24 13:46 - 2014-10-24 13:49 - 00000000 ____D () C:\FRST
2014-10-24 13:45 - 2014-10-24 13:45 - 02112000 _____ (Farbar) C:\Users\Joey\Downloads\FRST64.exe
2014-10-24 13:43 - 2014-10-24 13:43 - 00002245 _____ () C:\Users\Joey\Desktop\aswMBR.txt
2014-10-24 13:43 - 2014-10-24 13:43 - 00000512 _____ () C:\Users\Joey\Desktop\MBR.dat
2014-10-24 12:26 - 2014-10-24 12:26 - 00001429 _____ () C:\Users\Joey\Desktop\aswMBR - Shortcut.lnk
2014-10-24 12:25 - 2014-10-24 12:25 - 05192704 _____ (AVAST Software) C:\Users\Joey\Downloads\aswMBR.exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-10-24 11:51 - 2014-10-24 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-10-24 11:50 - 2014-10-24 11:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_NuidFltr_01011.Wdf
2014-10-24 11:49 - 2014-10-24 11:49 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-10-24 11:41 - 2014-10-24 11:51 - 00000000 ____D () C:\Windows\LastGood
2014-10-24 11:41 - 2014-10-24 11:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-10-24 11:28 - 2014-10-24 11:30 - 00000000 ____D () C:\Users\Joey\Desktop\New folder
2014-10-22 15:14 - 2014-10-24 12:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-22 15:10 - 2014-10-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-22 15:10 - 2014-10-22 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-22 15:10 - 2014-10-22 15:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-22 15:10 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-22 15:10 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-22 15:10 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-22 14:13 - 2014-10-22 14:13 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Joey\Downloads\mbam-clean-2.1.1.1001.exe
2014-10-22 14:02 - 2014-10-22 14:03 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Joey\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-10-22 13:34 - 2014-10-22 13:34 - 00000000 ____D () C:\ProgramData\F-Secure
2014-10-22 13:14 - 2014-10-22 13:14 - 00000501 _____ () C:\Windows\wininit.ini
2014-10-22 12:35 - 2014-10-22 12:35 - 00000000 _____ () C:\Windows\SysWOW64\sho34B9.tmp
2014-10-22 12:00 - 2014-10-22 13:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-22 12:00 - 2014-10-22 12:09 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-22 12:00 - 2014-10-22 12:00 - 00001351 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-22 12:00 - 2014-10-22 12:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-22 12:00 - 2014-10-22 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-22 12:00 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-10-22 11:58 - 2014-10-22 11:59 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Joey\Downloads\spybot-2.4.exe
2014-10-22 11:48 - 2014-10-22 11:48 - 00014298 _____ () C:\Users\Joey\Downloads\DevDiag.txt
2014-10-22 11:47 - 2014-10-22 11:47 - 00032804 _____ (jpshortstuff) C:\Users\Joey\Downloads\DevDiag.exe
2014-10-22 11:43 - 2014-10-22 11:43 - 00036864 _____ (Appleoddity) C:\Users\Joey\Downloads\JavaMSIFix.exe
2014-10-21 19:09 - 2014-10-21 19:09 - 04161313 _____ () C:\Users\Joey\Downloads\tdsskiller.zip
2014-10-21 19:07 - 2014-10-21 19:07 - 00000000 ____D () C:\Users\Joey\Documents\tdsskiller
2014-10-21 18:51 - 2014-10-21 18:51 - 01962496 _____ () C:\Users\Joey\Downloads\adwcleaner_4.001.exe
2014-10-21 18:34 - 2014-10-21 18:56 - 00000000 ____D () C:\AdwCleaner
2014-10-21 17:05 - 2014-10-21 17:05 - 00000000 ____D () C:\Windows\ERUNT
2014-10-21 17:02 - 2014-10-21 17:02 - 01705755 _____ (Thisisu) C:\Users\Joey\Downloads\JRT.exe
2014-10-21 16:56 - 2014-10-21 16:56 - 00050688 _____ (Atribune.org) C:\Users\Joey\Downloads\ATF_Cleaner.exe
2014-10-21 14:38 - 2014-10-21 14:38 - 04211416 _____ (http://www.maxuninstaller.com/ ) C:\Users\Joey\Downloads\MUninstaller_2014_Setup(1).exe
2014-10-21 12:56 - 2014-10-21 12:52 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-21 12:56 - 2014-10-21 12:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-21 12:56 - 2014-10-21 12:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-21 12:54 - 2014-10-21 12:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-21 12:52 - 2014-10-21 12:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-21 12:52 - 2014-10-21 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-21 10:05 - 2014-10-21 10:05 - 00000925 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\TuneUp Software
2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\AVG2015
2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-21 10:04 - 2014-10-21 10:06 - 00000000 ____D () C:\ProgramData\AVG2015
2014-10-21 10:04 - 2014-10-21 10:04 - 00000000 ___HD () C:\$AVG
2014-10-21 10:03 - 2014-10-21 10:03 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-21 09:57 - 2014-10-24 11:17 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-21 09:57 - 2014-10-21 10:13 - 00000000 ____D () C:\Users\Joey\AppData\Local\Avg2015
2014-10-21 09:57 - 2014-10-21 09:57 - 00000000 ____D () C:\Users\Joey\AppData\Local\MFAData
2014-10-21 09:56 - 2014-10-21 09:56 - 04579176 _____ (AVG Technologies) C:\Users\Joey\Downloads\avg_free_stb_all_2015_5315_cnet.exe
2014-10-18 15:17 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 15:01 - 2014-10-18 15:01 - 00000000 ____D () C:\Users\Joey\AppData\Local\IsolatedStorage
2014-10-16 12:05 - 2014-10-16 12:05 - 00000000 _____ () C:\autoexec.bat
2014-10-16 12:04 - 2014-10-22 15:38 - 00000400 ____H () C:\Windows\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe.job
2014-10-16 12:04 - 2014-10-16 12:04 - 00003030 _____ () C:\Windows\System32\Tasks\KeepMySettingsX
2014-10-16 12:04 - 2014-10-16 12:04 - 00002574 _____ () C:\Windows\System32\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe
2014-10-16 12:02 - 2014-10-18 17:51 - 00000000 ____D () C:\Windows\DF2339B7C3C24663B47AF7AA76E4F47F.TMP
2014-10-16 12:02 - 2014-10-18 17:36 - 00000000 ____D () C:\ProgramData\InstallSightSDK
2014-10-16 12:01 - 2014-10-21 10:30 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\KeepMySettingsX
2014-10-16 12:01 - 2014-10-18 17:36 - 00000000 ____D () C:\Users\Joey\AppData\Local\WebBar
2014-10-16 07:17 - 2014-10-16 07:17 - 00000000 _____ () C:\Windows\SysWOW64\sho4394.tmp
2014-10-15 07:29 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:28 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:28 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:28 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:28 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:28 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:28 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:28 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:28 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:28 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:28 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:28 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:28 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:28 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:28 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:28 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:28 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:28 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:28 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:28 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:28 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:28 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:28 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:28 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:28 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:28 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:28 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:28 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:28 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:28 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:28 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:28 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:28 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:28 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:28 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:28 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:28 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:28 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:28 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:28 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:28 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:28 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:28 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:28 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:28 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:28 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:28 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:28 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:28 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:28 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:28 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:28 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:28 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:28 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:28 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:28 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:28 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:28 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:28 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:28 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:28 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 07:28 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 07:28 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 07:28 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 07:28 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 07:28 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 07:28 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 07:28 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 07:28 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 07:28 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 07:28 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 07:28 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 07:28 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 07:28 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 07:28 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 07:28 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 07:28 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 07:28 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 07:28 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 07:28 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 07:28 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 07:28 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 07:28 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 07:28 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 07:28 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 07:28 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 07:28 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 07:28 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:28 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:28 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 07:28 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 07:28 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 07:28 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 07:28 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 07:28 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 07:27 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:27 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:27 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:27 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 07:27 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:27 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 07:27 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:27 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:27 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 07:27 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:27 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:27 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-01 07:07 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 07:07 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 08:32 - 2014-10-18 17:49 - 00148282 _____ () C:\Windows\system32\ScanResults.xml
2014-09-29 08:27 - 2014-10-18 17:29 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-09-24 06:58 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 06:58 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 13:39 - 2014-03-31 19:10 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC1E528D-422F-4927-B871-EC8439B76B3C}
2014-10-24 13:25 - 2012-10-19 18:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-24 13:24 - 2011-08-18 19:14 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-24 13:14 - 2012-08-06 11:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA.job
2014-10-24 12:41 - 2010-08-20 04:21 - 01190438 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 12:26 - 2009-07-13 22:34 - 00000513 _____ () C:\Windows\win.ini
2014-10-24 11:51 - 2012-08-03 19:20 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-10-24 11:51 - 2012-08-03 19:20 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-10-24 11:51 - 2009-07-14 00:51 - 00110713 _____ () C:\Windows\setupact.log
2014-10-24 11:43 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-24 11:43 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-24 11:24 - 2011-08-18 19:14 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-24 11:15 - 2012-08-06 11:47 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core.job
2014-10-22 15:37 - 2010-11-26 21:37 - 01651448 _____ () C:\Windows\PFRO.log
2014-10-22 15:37 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-22 15:36 - 2014-04-06 19:49 - 00000000 ____D () C:\Users\Joey\AppData\Local\TB
2014-10-22 14:19 - 2011-01-31 09:22 - 00000000 ____D () C:\Users\Joey\AppData\Local\CrashDumps
2014-10-22 14:17 - 2009-07-14 01:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-21 13:39 - 2010-07-10 23:12 - 00000000 ____D () C:\ProgramData\Temp
2014-10-21 12:56 - 2014-08-08 17:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-21 12:52 - 2010-07-11 00:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-21 12:37 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-10-21 10:47 - 2013-05-18 13:49 - 00000000 ____D () C:\temp
2014-10-21 09:24 - 2012-06-13 19:31 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-10-21 09:24 - 2010-08-20 04:37 - 00000000 ____D () C:\Program Files (x86)\HP Games
2014-10-21 09:24 - 2010-08-20 04:36 - 00000000 ____D () C:\ProgramData\WildTangent
2014-10-21 09:24 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-21 09:23 - 2010-11-26 15:32 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\WildTangent
2014-10-21 09:02 - 2012-04-21 15:10 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-10-21 08:39 - 2014-09-02 12:41 - 00000000 ____D () C:\ProgramData\c12f2f613465db07
2014-10-21 08:17 - 2010-08-20 04:35 - 00000000 ____D () C:\ProgramData\Norton
2014-10-20 21:24 - 2014-06-29 11:21 - 00000591 _____ () C:\Users\Joey\AppData\Roaming\Microsoft\Windows\Start Menu\How much for 911 to go digital - The Item Local News.website
2014-10-20 13:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-18 17:57 - 2009-07-14 00:45 - 00419976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 17:28 - 2010-11-26 14:46 - 00000000 ____D () C:\Users\Joey
2014-10-18 17:25 - 2014-05-06 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-18 17:24 - 2010-08-20 04:33 - 00000000 ____D () C:\ProgramData\CinemaNow
2014-10-18 17:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-18 17:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-18 17:23 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-18 17:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-10-16 12:04 - 2010-11-26 15:00 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\Adobe
2014-10-16 06:42 - 2011-08-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 06:28 - 2013-07-16 06:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 06:20 - 2013-04-01 17:30 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-13 08:12 - 2013-12-12 21:02 - 00003072 _____ () C:\Windows\SysWOW64\Cache.db
2014-10-12 15:38 - 2014-08-30 15:34 - 00000055 _____ () C:\Users\Joey\AppData\Roaming\mbam.context.scan
2014-10-08 07:58 - 2012-06-16 11:59 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForJoey.job
2014-10-08 07:58 - 2011-07-23 12:18 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJoey
2014-10-08 07:58 - 2011-06-10 17:26 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJOEY-HP$
2014-10-08 07:58 - 2011-06-10 17:26 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job
2014-10-02 15:53 - 2011-01-29 23:37 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-24 16:36 - 2013-04-01 17:25 - 00000000 ____D () C:\Users\Joey\AppData\Local\Windows Live

Some content of TEMP:
====================
C:\Users\Joey\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-21 06:25

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Joey at 2014-10-24 13:50:43
Running from C:\Users\Joey\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Comcast Desktop Software (v1.2.1) (HKLM-x32\...\{118C3943-1683-42EF-824D-C22E70DB42E7}) (Version: 24 - Comcast)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1616 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.4217 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2511 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (x32 Version: 82.0.188.000 - Hewlett-Packard) Hidden
GamingWonderland Internet Explorer Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HeadlineAlley Internet Explorer Toolbar (HKLM-x32\...\HeadlineAlley_29bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{5E25081D-9CB4-4B17-AD2B-8DF2DC335E85}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
iCloud (HKLM\...\{D1829BE5-F305-4576-9593-C66FC7E0B008}) (Version: 1.0.2.17 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeepMySettingsX (HKLM-x32\...\KeepMySettingsX) (Version: - InstallX, LLC) <==== ATTENTION
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MediaBar (HKLM-x32\...\BearShare MediaBar) (Version: 2.0.0.93720 - Musiclab, LLC) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30120 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0329 - REALTEK Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage)
Roxio CinemaNow 2.0 (x32 Version: 1.0.278 - Hewlett-Packard) Hidden
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Scan (x32 Version: 8.1.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
Toolbox (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web Bar 2.0.5343.21616 (HKCU\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 2.0.5343.21616 - Web Bar Media)
WebReg (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

18-10-2014 21:09:26 Restore Operation
18-10-2014 21:40:01 Made by Registry Mechanic
18-10-2014 21:41:08 Windows Update
18-10-2014 21:49:58 Removed SpyHunter
20-10-2014 12:40:21 Windows Backup
21-10-2014 01:09:50 Made by Registry Mechanic
21-10-2014 13:21:38 Removed Norton Online Backup
21-10-2014 13:22:27 Removed Norton Online Backup
21-10-2014 13:59:35 Installed AVG 2015
21-10-2014 14:00:25 Removed AVG 2015
21-10-2014 14:03:37 Installed AVG 2015
21-10-2014 14:04:00 Installed AVG 2015
22-10-2014 15:45:29 JavaMSIFix
22-10-2014 18:24:35 JavaMSIFix
22-10-2014 18:45:05 Windows Update
24-10-2014 15:44:56 DCInstallRestorePoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03B4B85F-9080-42EA-8DF5-24F983820CED} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {1B563FFA-B213-4C85-AE47-3C21165207AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
Task: {1B93AA3B-8A3E-4800-BDF3-3F25A3302F36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {1C578182-8F08-4D9D-8CF8-2CA0E80EA8D3} - System32\Tasks\HPCeeScheduleForJoey => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {1EDF4FFB-1764-4CF4-BD53-F10F12F5163A} - System32\Tasks\HPCeeScheduleForJOEY-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {30A29AAB-1E1D-40AF-9E2A-B9BA4C113DEA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {35A72398-4A87-41CB-ACF1-77EABBE49C84} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {44A50243-20BD-4DDC-B53E-7E0C383CC42B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {45AA0DE3-78C2-45E4-9608-B4C86E7E9FA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {4982C457-54A8-4EA8-B4FC-88798259C349} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {51443AD6-23FB-437A-B977-EBB91776FE32} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {67203623-4015-4AA0-8CBD-570AD5A2C8AD} - System32\Tasks\KeepMySettingsX => C:\Users\Joey\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
Task: {80536698-6568-42F2-BE10-E2133E4F637C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {91EAAFA3-E1BE-409B-85CD-68FC824E40C0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B08B0710-D51A-4BE0-BEBF-683020C97E47} - System32\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe => C:\Users\Joey\AppData\Local\Temp\qs_100e2750\mediaplayer\VideoBuzz_installer.exe <==== ATTENTION
Task: {B5450CFA-0404-4E89-BE6E-FA68793CAF3C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.)
Task: {BF50918A-34C1-47CC-BBFB-C94A6D7CE0C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {CAF4017D-C689-46C9-9810-5E85F56664DE} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {D06C066A-4246-4FCA-9B33-432044B34CF3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.)
Task: {D235E143-2178-49A5-9A73-B32879257315} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3851006659-123458156-2832309802-1001
Task: {ED6FE846-D31E-4BC3-805F-3DC9C269CC02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {EF501002-9025-43A4-9F2D-B97E8D7DCCA1} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {F3BFB125-EE39-46E4-AF32-34AC21F2FBCE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F515BB5A-A469-40F3-8134-0D35CB316C46} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe.job => C:\Users\Joey\AppData\Local\Temp\qs_100e2750\mediaplayer\VideoBuzz_installer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJoey.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-10-16 12:01 - 2014-06-19 16:09 - 00813568 _____ () C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\ISightSDK_x64.dll
2014-10-22 15:40 - 2014-10-22 15:40 - 00003072 _____ () C:\Users\Joey\AppData\Local\Temp\isdkW6yXmnQE\ISightHost.exe
2014-10-22 15:40 - 2014-06-19 16:09 - 00813568 _____ () C:\Users\Joey\AppData\Local\Temp\isdkW6yXmnQE\ISightSDK.DLL
2010-06-18 19:26 - 2010-06-18 19:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-06-18 19:26 - 2010-06-18 19:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 19:26 - 2010-06-18 19:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-22 12:00 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-22 12:00 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-22 12:00 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-22 12:00 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-22 12:00 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2014-08-08 17:41 - 2014-08-08 17:41 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3851006659-123458156-2832309802-500 - Administrator - Disabled)
Guest (S-1-5-21-3851006659-123458156-2832309802-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3851006659-123458156-2832309802-1002 - Limited - Enabled)
Joey (S-1-5-21-3851006659-123458156-2832309802-1001 - Administrator - Enabled) => C:\Users\Joey

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 00:26:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:26:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:04:35 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:04:35 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:04:06 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:04:06 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:03:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:03:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:01:29 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:01:29 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

System errors:
=============
Error: (10/24/2014 01:24:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (10/22/2014 03:41:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2

Error: (10/22/2014 03:38:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (10/22/2014 03:38:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (10/22/2014 03:36:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:36:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:36:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:34:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:34:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:34:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (10/24/2014 00:26:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:26:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:04:35 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:04:35 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:04:06 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:04:06 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:03:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:03:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:01:29 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:01:29 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

==================== Memory info ===========================

Processor: Intel® Pentium® CPU P6100 @ 2.00GHz
Percentage of memory in use: 70%
Total physical RAM: 2933.86 MB
Available physical RAM: 859.19 MB
Total Pagefile: 5865.9 MB
Available Pagefile: 2754.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:281.58 GB) (Free:208.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.22 GB) (Free:2.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 880AFEC3)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

Advertisements

Register to Remove

#2 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 25 October 2014 - 12:16 PM

:welcome:

Lets do this as I see multiple adware and malware programs listed

First see if you can go into Program and Features in the Control Panel and uninstall Web bar

-AdwCleaner-by Xplode

Click on this link to download : ADWCleaner

Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

Do not click on any links in the top Advertisment.

Close all open programs and internet browsers.

Double click on AdwCleaner.exe to run the tool.

Click on Scan.

After the scan is complete click on "Clean"

Confirm each time with Ok.

Your computer will be rebooted automatically. A text file will open after the restart.

Please post the content of that logfile with your next reply.

You can find the logfile at C:\AdwCleaner[S1].txt as well.

===============================================================================

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

===============================================================================

Download Malwarebytes' Anti-Malware to your desktop.

Windows XP : Double click on the icon to run it.

Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

On the Dashboard click on Update Now

Go to the Setting Tab

Under Setting go to Detection and Protection

Under PUP and PUM make sure both are set to show Treat Detections as Malware

Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked

Then on the Dashboard click on Scan

Make sure to select THREAT SCAN

Then click on Scan

When the scan is finished and the log pops up...select Copy to Clipboard

Please paste the log back into this thread for review

Exit Malwarebytes

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#3 tcdollar

Authentic Member

Authentic Member
47 posts

Posted 25 October 2014 - 12:33 PM

Hi Ken545 -

I had been trying to uninstall "Web Bar" from Program and Features in the Control Panel - but it gives me an error message saying that

" ............WebBar\unins000.dat does not exist. Cannot uninstall "

But I'll go and take care of the other instructions you've listed, and get back to you when they finish .

Thank you so much for your response and your help !

#4 tcdollar

Authentic Member

Authentic Member
47 posts

Posted 25 October 2014 - 02:35 PM

Hope I got everything you asked for and did them correctly, here are the reports :

# AdwCleaner v4.001 - Report created 25/10/2014 at 14:47:50
# DB v2014-10-23.2
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Joey - JOEY-HP
# Running from : C:\Users\Joey\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v31.0 (x86 en-US)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [20026 octets] - [21/10/2014 18:36:26]
AdwCleaner[R1].txt - [19798 octets] - [21/10/2014 18:51:40]
AdwCleaner[R2].txt - [948 octets] - [25/10/2014 14:38:42]
AdwCleaner[R3].txt - [1007 octets] - [25/10/2014 14:45:28]
AdwCleaner[S0].txt - [19604 octets] - [21/10/2014 18:56:41]
AdwCleaner[S1].txt - [923 octets] - [25/10/2014 14:47:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [982 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Home Premium x64
Ran by Joey on Sat 10/25/2014 at 15:06:23.21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\Joey\AppData\Roaming\mozilla\firefox\profiles\186yjm9e.default\prefs.js

user_pref("CT3298572_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1376683566888,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("extensions.3Cgcs.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1|
user_pref("extensions.GnF9axv94aMo.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com
user_pref("extensions.YR07cXKNXc.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\"
user_pref("extensions.dynconff.cache.d11vdn9ox0j18d.cloudfront.net.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"pu
user_pref("extensions.dynconff.cache.d1ui18tz1fx59z.cloudfront.net.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"pu
user_pref("extensions.dynconff.cache.parks.livepositively.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puConfi
user_pref("extensions.dynconff.cache.search.aol.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1134_1169_1146_1183_1263_1348_1420\"><content id=\"puConfi
user_pref("extensions.dynconff.cache.www.blueskycabinrentals.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puCo
user_pref("extensions.dynconff.cache.www.fullvideoplayer.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puConfig
user_pref("extensions.dynconff.cache.www.gastateparks.org.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puConfig_20
user_pref("extensions.dynconff.cache.www.search.ask.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1477_1164_1169_1146_1263_1348_1420\"><content id=\"DEALAddC
user_pref("extensions.dynconff.cache.www.visitnc.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puConfig_2052A3D

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 10/25/2014 at 15:12:38.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/25/2014
Scan Time: 4:00:16 PM
Logfile:
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.10.25.05
Rootkit Database: v2014.10.22.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Joey

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 330209
Time Elapsed: 11 min, 15 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

#5 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 25 October 2014 - 03:35 PM

Go ahead and run a new scan with FRST, be sure to checkmark Additions and post both logs please

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#6 tcdollar

Authentic Member

Authentic Member
47 posts

Posted 26 October 2014 - 07:51 AM

Thank you again, Ken545 ! Here are the log reports:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2014
Ran by Joey (administrator) on JOEY-HP on 26-10-2014 09:13:11
Running from C:\Users\Joey\Desktop
Loaded Profile: Joey (Available profiles: Joey)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
(Web Bar Media) C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Joey\AppData\Local\Temp\isdk9nkg6Hge\ISightHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2012-01-21] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2011-06-10] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [GamingWonderland EPM Support] => "C:\PROGRA~2\GAMING~2\bar\2.bin\gtmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Desktop Software] => C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe [1025320 2009-04-24] (SupportSoft, Inc.)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Google Update] => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-06] (Google Inc.)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [WebBar] => C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe [195056 2014-08-18] (Web Bar Media)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\MountPoints2: {02a13231-0600-11e0-b4df-60eb69498f01} - F:\LaunchU3.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-23] (Microsoft Corporation)
Startup: C:\Users\Joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD646EB295FEDCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zone.msn.com/en-us/home
SearchScopes: HKLM - {2205B49A-8B6A-4880-B761-96C17A282331} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {FB72AB47-FCB7-4F9D-9292-31EBF79F7AF7} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {2205B49A-8B6A-4880-B761-96C17A282331} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - {5BF486E2-20C5-4DB9-AF4C-431948759845} URL =
SearchScopes: HKCU - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL =
SearchScopes: HKCU - {FB72AB47-FCB7-4F9D-9292-31EBF79F7AF7} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Toolbar BHO -> {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} -> C:\PROGRA~2\GAMING~2\bar\2.bin\gtbar.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - HeadlineAlley - {8f61e414-ea79-4559-8bb6-61d956f70306} - C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29bar.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {8F61E414-EA79-4559-8BB6-61D956F70306} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/...tz.cab99160.cab
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
Tcpip\Parameters: [DhcpNameServer] 216.218.93.165 216.218.93.38

FireFox:
========
FF ProfilePath: C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\186yjm9e.default
FF NewTab: https://us.search.ya...031,0,IE11,9284
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: https://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.SmileyCentral_1v.com/Plugin -> C:\Program Files (x86)\SmileyCentral_1vEI\Installr\2.bin\NP1vEISB.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (SmileyCentral Installer Plugin Stub) - C:\Program Files (x86)\SmileyCentral_1vEI\Installr\2.bin\NP1vEISB.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (MixiDJ V36) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\efofpgodgejpmjgbpjdblepalcommejk [2013-06-27]
CHR Extension: (Google Wallet) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [efofpgodgejpmjgbpjdblepalcommejk] - C:\Users\Joey\AppData\Local\CRE\efofpgodgejpmjgbpjdblepalcommejk.crx []
CHR HKLM-x32\...\Chrome\Extension: [efofpgodgejpmjgbpjdblepalcommejk] - C:\Users\Joey\AppData\Local\CRE\efofpgodgejpmjgbpjdblepalcommejk.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [270616 2014-07-02] (AVG Technologies CZ, s.r.o.)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 cpuz134; \??\C:\Users\Joey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 09:13 - 2014-10-26 09:14 - 00020308 _____ () C:\Users\Joey\Desktop\FRST.txt
2014-10-26 09:12 - 2014-10-26 09:12 - 00000000 ____D () C:\Users\Joey\Desktop\FRST-OlderVersion
2014-10-25 16:47 - 2014-10-25 16:47 - 00000085 _____ () C:\Windows\wininit.ini
2014-10-25 15:12 - 2014-10-25 15:12 - 00003135 _____ () C:\Users\Joey\Desktop\JRT.txt
2014-10-25 15:04 - 2014-10-21 14:25 - 01706144 _____ (Thisisu) C:\Users\Joey\Desktop\JRT_NEW.exe
2014-10-25 15:02 - 2014-10-25 15:02 - 00000000 ____D () C:\Users\Joey\AppData\Local\Apple
2014-10-25 14:49 - 2014-10-25 14:49 - 00000000 _____ () C:\Windows\SysWOW64\sho70EB.tmp
2014-10-25 14:34 - 2014-10-25 14:34 - 01962496 _____ () C:\Users\Joey\Desktop\AdwCleaner.exe
2014-10-24 13:50 - 2014-10-24 13:51 - 00035683 _____ () C:\Users\Joey\Downloads\Addition.txt
2014-10-24 13:49 - 2014-10-24 13:51 - 00056652 _____ () C:\Users\Joey\Downloads\FRST.txt
2014-10-24 13:46 - 2014-10-26 09:13 - 00000000 ____D () C:\FRST
2014-10-24 13:45 - 2014-10-26 09:12 - 02113024 _____ (Farbar) C:\Users\Joey\Desktop\FRST64.exe
2014-10-24 12:26 - 2014-10-24 12:26 - 00001429 _____ () C:\Users\Joey\Desktop\aswMBR - Shortcut.lnk
2014-10-24 12:25 - 2014-10-24 12:25 - 05192704 _____ (AVAST Software) C:\Users\Joey\Downloads\aswMBR.exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-10-24 11:51 - 2014-10-24 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-10-24 11:50 - 2014-10-24 11:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_NuidFltr_01011.Wdf
2014-10-24 11:49 - 2014-10-24 11:49 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-10-24 11:41 - 2014-10-24 11:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-10-24 11:28 - 2014-10-25 16:41 - 00000000 ____D () C:\Users\Joey\Desktop\New folder
2014-10-22 15:10 - 2014-10-25 15:21 - 00001060 _____ () C:\Users\Joey\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-22 15:10 - 2014-10-22 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-22 14:13 - 2014-10-22 14:13 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Joey\Downloads\mbam-clean-2.1.1.1001.exe
2014-10-22 14:02 - 2014-10-22 14:03 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Joey\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-10-22 13:34 - 2014-10-22 13:34 - 00000000 ____D () C:\ProgramData\F-Secure
2014-10-22 12:35 - 2014-10-22 12:35 - 00000000 _____ () C:\Windows\SysWOW64\sho34B9.tmp
2014-10-22 12:00 - 2014-10-25 16:49 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-22 12:00 - 2014-10-25 16:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-22 12:00 - 2014-10-22 12:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-22 11:58 - 2014-10-22 11:59 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Joey\Downloads\spybot-2.4.exe
2014-10-22 11:48 - 2014-10-22 11:48 - 00014298 _____ () C:\Users\Joey\Downloads\DevDiag.txt
2014-10-22 11:47 - 2014-10-22 11:47 - 00032804 _____ (jpshortstuff) C:\Users\Joey\Downloads\DevDiag.exe
2014-10-22 11:43 - 2014-10-22 11:43 - 00036864 _____ (Appleoddity) C:\Users\Joey\Downloads\JavaMSIFix.exe
2014-10-21 19:09 - 2014-10-21 19:09 - 04161313 _____ () C:\Users\Joey\Downloads\tdsskiller.zip
2014-10-21 19:07 - 2014-10-21 19:07 - 00000000 ____D () C:\Users\Joey\Documents\tdsskiller
2014-10-21 18:51 - 2014-10-21 18:51 - 01962496 _____ () C:\Users\Joey\Downloads\adwcleaner_4.001.exe
2014-10-21 18:34 - 2014-10-25 14:47 - 00000000 ____D () C:\AdwCleaner
2014-10-21 17:05 - 2014-10-21 17:05 - 00000000 ____D () C:\Windows\ERUNT
2014-10-21 17:02 - 2014-10-21 17:02 - 01705755 _____ (Thisisu) C:\Users\Joey\Desktop\JRT.exe
2014-10-21 16:56 - 2014-10-21 16:56 - 00050688 _____ (Atribune.org) C:\Users\Joey\Downloads\ATF_Cleaner.exe
2014-10-21 14:38 - 2014-10-21 14:38 - 04211416 _____ (http://www.maxuninstaller.com/ ) C:\Users\Joey\Downloads\MUninstaller_2014_Setup(1).exe
2014-10-21 12:56 - 2014-10-21 12:52 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-21 12:56 - 2014-10-21 12:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-21 12:56 - 2014-10-21 12:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-21 12:54 - 2014-10-21 12:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-21 12:52 - 2014-10-21 12:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-21 12:52 - 2014-10-21 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-21 10:05 - 2014-10-21 10:05 - 00000925 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\TuneUp Software
2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\AVG2015
2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-21 10:04 - 2014-10-21 10:06 - 00000000 ____D () C:\ProgramData\AVG2015
2014-10-21 10:04 - 2014-10-21 10:04 - 00000000 ___HD () C:\$AVG
2014-10-21 10:03 - 2014-10-21 10:03 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-21 09:57 - 2014-10-26 08:53 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-21 09:57 - 2014-10-21 10:13 - 00000000 ____D () C:\Users\Joey\AppData\Local\Avg2015
2014-10-21 09:57 - 2014-10-21 09:57 - 00000000 ____D () C:\Users\Joey\AppData\Local\MFAData
2014-10-21 09:56 - 2014-10-21 09:56 - 04579176 _____ (AVG Technologies) C:\Users\Joey\Downloads\avg_free_stb_all_2015_5315_cnet.exe
2014-10-18 15:17 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 15:01 - 2014-10-18 15:01 - 00000000 ____D () C:\Users\Joey\AppData\Local\IsolatedStorage
2014-10-16 12:05 - 2014-10-16 12:05 - 00000000 _____ () C:\autoexec.bat
2014-10-16 12:04 - 2014-10-25 16:50 - 00000400 ____H () C:\Windows\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe.job
2014-10-16 12:04 - 2014-10-16 12:04 - 00003030 _____ () C:\Windows\System32\Tasks\KeepMySettingsX
2014-10-16 12:04 - 2014-10-16 12:04 - 00002574 _____ () C:\Windows\System32\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe
2014-10-16 12:02 - 2014-10-18 17:51 - 00000000 ____D () C:\Windows\DF2339B7C3C24663B47AF7AA76E4F47F.TMP
2014-10-16 12:02 - 2014-10-18 17:36 - 00000000 ____D () C:\ProgramData\InstallSightSDK
2014-10-16 12:01 - 2014-10-21 10:30 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\KeepMySettingsX
2014-10-16 12:01 - 2014-10-18 17:36 - 00000000 ____D () C:\Users\Joey\AppData\Local\WebBar
2014-10-16 07:17 - 2014-10-16 07:17 - 00000000 _____ () C:\Windows\SysWOW64\sho4394.tmp
2014-10-15 07:29 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:28 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:28 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:28 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:28 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:28 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:28 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:28 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:28 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:28 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:28 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:28 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:28 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:28 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:28 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:28 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:28 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:28 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:28 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:28 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:28 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:28 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:28 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:28 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:28 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:28 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:28 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:28 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:28 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:28 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:28 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:28 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:28 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:28 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:28 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:28 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:28 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:28 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:28 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:28 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:28 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:28 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:28 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:28 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:28 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:28 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:28 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:28 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:28 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:28 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:28 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:28 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:28 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:28 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:28 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:28 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:28 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:28 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:28 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:28 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:28 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 07:28 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 07:28 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 07:28 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 07:28 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 07:28 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 07:28 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 07:28 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 07:28 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 07:28 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 07:28 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 07:28 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 07:28 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 07:28 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 07:28 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 07:28 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 07:28 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 07:28 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 07:28 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 07:28 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 07:28 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 07:28 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 07:28 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 07:28 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 07:28 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 07:28 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 07:28 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 07:28 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:28 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:28 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 07:28 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 07:28 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 07:28 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 07:28 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 07:28 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 07:27 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:27 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:27 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:27 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 07:27 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:27 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 07:27 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:27 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:27 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 07:27 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:27 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:27 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-01 07:07 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 07:07 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 08:32 - 2014-10-18 17:49 - 00148282 _____ () C:\Windows\system32\ScanResults.xml
2014-09-29 08:27 - 2014-10-18 17:29 - 00000464 _____ () C:\Windows\system32\ScannerSettings

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 09:14 - 2012-08-06 11:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA.job
2014-10-26 09:14 - 2012-08-06 11:47 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core.job
2014-10-26 09:00 - 2014-03-31 19:10 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC1E528D-422F-4927-B871-EC8439B76B3C}
2014-10-26 08:25 - 2012-10-19 18:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 08:24 - 2011-08-18 19:14 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-26 03:50 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-26 03:50 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 03:46 - 2010-08-20 04:21 - 01242139 _____ () C:\Windows\WindowsUpdate.log
2014-10-25 17:23 - 2009-07-13 22:34 - 00000513 _____ () C:\Windows\win.ini
2014-10-25 16:50 - 2011-08-18 19:14 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-25 16:49 - 2010-11-26 21:37 - 01654602 _____ () C:\Windows\PFRO.log
2014-10-25 16:49 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-25 16:49 - 2009-07-14 00:51 - 00110825 _____ () C:\Windows\setupact.log
2014-10-24 11:51 - 2012-08-03 19:20 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-10-24 11:51 - 2012-08-03 19:20 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-10-22 15:36 - 2014-04-06 19:49 - 00000000 ____D () C:\Users\Joey\AppData\Local\TB
2014-10-22 14:19 - 2011-01-31 09:22 - 00000000 ____D () C:\Users\Joey\AppData\Local\CrashDumps
2014-10-22 14:17 - 2009-07-14 01:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-21 13:39 - 2010-07-10 23:12 - 00000000 ____D () C:\ProgramData\Temp
2014-10-21 12:56 - 2014-08-08 17:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-21 12:52 - 2010-07-11 00:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-21 12:37 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-10-21 10:47 - 2013-05-18 13:49 - 00000000 ____D () C:\temp
2014-10-21 09:24 - 2012-06-13 19:31 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-10-21 09:24 - 2010-08-20 04:37 - 00000000 ____D () C:\Program Files (x86)\HP Games
2014-10-21 09:24 - 2010-08-20 04:36 - 00000000 ____D () C:\ProgramData\WildTangent
2014-10-21 09:24 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-21 09:23 - 2010-11-26 15:32 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\WildTangent
2014-10-21 09:02 - 2012-04-21 15:10 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-10-21 08:39 - 2014-09-02 12:41 - 00000000 ____D () C:\ProgramData\c12f2f613465db07
2014-10-21 08:17 - 2010-08-20 04:35 - 00000000 ____D () C:\ProgramData\Norton
2014-10-20 21:24 - 2014-06-29 11:21 - 00000591 _____ () C:\Users\Joey\AppData\Roaming\Microsoft\Windows\Start Menu\How much for 911 to go digital - The Item Local News.website
2014-10-20 13:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-18 17:57 - 2009-07-14 00:45 - 00419976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 17:28 - 2010-11-26 14:46 - 00000000 ____D () C:\Users\Joey
2014-10-18 17:25 - 2014-05-06 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-18 17:24 - 2010-08-20 04:33 - 00000000 ____D () C:\ProgramData\CinemaNow
2014-10-18 17:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-18 17:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-18 17:23 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-18 17:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-10-16 12:04 - 2010-11-26 15:00 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\Adobe
2014-10-16 06:42 - 2011-08-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 06:28 - 2013-07-16 06:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 06:20 - 2013-04-01 17:30 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-13 08:12 - 2013-12-12 21:02 - 00003072 _____ () C:\Windows\SysWOW64\Cache.db
2014-10-12 15:38 - 2014-08-30 15:34 - 00000055 _____ () C:\Users\Joey\AppData\Roaming\mbam.context.scan
2014-10-08 07:58 - 2012-06-16 11:59 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForJoey.job
2014-10-08 07:58 - 2011-07-23 12:18 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJoey
2014-10-08 07:58 - 2011-06-10 17:26 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJOEY-HP$
2014-10-08 07:58 - 2011-06-10 17:26 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job
2014-10-02 15:53 - 2011-01-29 23:37 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Joey\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Joey\AppData\Local\Temp\Quarantine.exe
C:\Users\Joey\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-26 00:22

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2014
Ran by Joey at 2014-10-26 09:14:40
Running from C:\Users\Joey\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Comcast Desktop Software (v1.2.1) (HKLM-x32\...\{118C3943-1683-42EF-824D-C22E70DB42E7}) (Version: 24 - Comcast)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (x32 Version: 82.0.188.000 - Hewlett-Packard) Hidden
GamingWonderland Internet Explorer Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HeadlineAlley Internet Explorer Toolbar (HKLM-x32\...\HeadlineAlley_29bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{5E25081D-9CB4-4B17-AD2B-8DF2DC335E85}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
iCloud (HKLM\...\{D1829BE5-F305-4576-9593-C66FC7E0B008}) (Version: 1.0.2.17 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeepMySettingsX (HKLM-x32\...\KeepMySettingsX) (Version: - InstallX, LLC) <==== ATTENTION
MediaBar (HKLM-x32\...\BearShare MediaBar) (Version: 2.0.0.93720 - Musiclab, LLC) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30120 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0329 - REALTEK Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage)
Roxio CinemaNow 2.0 (x32 Version: 1.0.278 - Hewlett-Packard) Hidden
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Scan (x32 Version: 8.1.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
Toolbox (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web Bar 2.0.5343.21616 (HKCU\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 2.0.5343.21616 - Web Bar Media)
WebReg (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

21-10-2014 13:21:38 Removed Norton Online Backup
21-10-2014 13:22:27 Removed Norton Online Backup
21-10-2014 13:59:35 Installed AVG 2015
21-10-2014 14:00:25 Removed AVG 2015
21-10-2014 14:03:37 Installed AVG 2015
21-10-2014 14:04:00 Installed AVG 2015
22-10-2014 15:45:29 JavaMSIFix
22-10-2014 18:24:35 JavaMSIFix
22-10-2014 18:45:05 Windows Update
24-10-2014 15:44:56 DCInstallRestorePoint
25-10-2014 20:46:10 Removed Norton Online Backup

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03B4B85F-9080-42EA-8DF5-24F983820CED} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {1B563FFA-B213-4C85-AE47-3C21165207AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
Task: {1B93AA3B-8A3E-4800-BDF3-3F25A3302F36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {1C578182-8F08-4D9D-8CF8-2CA0E80EA8D3} - System32\Tasks\HPCeeScheduleForJoey => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {1EDF4FFB-1764-4CF4-BD53-F10F12F5163A} - System32\Tasks\HPCeeScheduleForJOEY-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {30A29AAB-1E1D-40AF-9E2A-B9BA4C113DEA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {35A72398-4A87-41CB-ACF1-77EABBE49C84} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {45AA0DE3-78C2-45E4-9608-B4C86E7E9FA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {4982C457-54A8-4EA8-B4FC-88798259C349} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {67203623-4015-4AA0-8CBD-570AD5A2C8AD} - System32\Tasks\KeepMySettingsX => C:\Users\Joey\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
Task: {91EAAFA3-E1BE-409B-85CD-68FC824E40C0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B08B0710-D51A-4BE0-BEBF-683020C97E47} - System32\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe => C:\Users\Joey\AppData\Local\Temp\qs_100e2750\mediaplayer\VideoBuzz_installer.exe <==== ATTENTION
Task: {B5450CFA-0404-4E89-BE6E-FA68793CAF3C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.)
Task: {BF50918A-34C1-47CC-BBFB-C94A6D7CE0C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {CAF4017D-C689-46C9-9810-5E85F56664DE} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {D06C066A-4246-4FCA-9B33-432044B34CF3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.)
Task: {D235E143-2178-49A5-9A73-B32879257315} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3851006659-123458156-2832309802-1001
Task: {ED6FE846-D31E-4BC3-805F-3DC9C269CC02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {EF501002-9025-43A4-9F2D-B97E8D7DCCA1} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {F3BFB125-EE39-46E4-AF32-34AC21F2FBCE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F515BB5A-A469-40F3-8134-0D35CB316C46} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe.job => C:\Users\Joey\AppData\Local\Temp\qs_100e2750\mediaplayer\VideoBuzz_installer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJoey.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-10-16 12:01 - 2014-06-19 16:09 - 00813568 _____ () C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\ISightSDK_x64.dll
2014-10-25 16:51 - 2014-10-25 16:51 - 00003072 _____ () C:\Users\Joey\AppData\Local\Temp\isdk9nkg6Hge\ISightHost.exe
2014-10-25 16:51 - 2014-06-19 16:09 - 00813568 _____ () C:\Users\Joey\AppData\Local\Temp\isdk9nkg6Hge\ISightSDK.DLL
2010-06-18 19:26 - 2010-06-18 19:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 19:26 - 2010-06-18 19:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-06-18 19:26 - 2010-06-18 19:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3851006659-123458156-2832309802-500 - Administrator - Disabled)
Guest (S-1-5-21-3851006659-123458156-2832309802-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3851006659-123458156-2832309802-1002 - Limited - Enabled)
Joey (S-1-5-21-3851006659-123458156-2832309802-1001 - Administrator - Enabled) => C:\Users\Joey

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2014 00:06:49 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (10/25/2014 05:23:36 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/25/2014 05:23:36 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/25/2014 05:01:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/25/2014 05:01:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/25/2014 05:01:26 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/25/2014 05:01:26 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/25/2014 04:58:04 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/25/2014 04:58:04 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/25/2014 04:56:10 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

System errors:
=============
Error: (10/25/2014 05:27:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer HOME-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
The master browser is stopping or an election is being forced.

Error: (10/25/2014 05:03:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer HOME-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
The master browser is stopping or an election is being forced.

Error: (10/25/2014 04:52:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2

Error: (10/25/2014 04:51:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer HOME-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
The master browser is stopping or an election is being forced.

Error: (10/25/2014 04:42:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer HOME-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
The master browser is stopping or an election is being forced.

Error: (10/25/2014 04:21:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (10/25/2014 03:18:34 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer HOME-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
The master browser is stopping or an election is being forced.

Microsoft Office Sessions:
=========================
Error: (10/26/2014 00:06:49 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (10/25/2014 05:23:36 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/25/2014 05:23:36 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/25/2014 05:01:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/25/2014 05:01:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/25/2014 05:01:26 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/25/2014 05:01:26 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/25/2014 04:58:04 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/25/2014 04:58:04 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/25/2014 04:56:10 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

==================== Memory info ===========================

Processor: Intel® Pentium® CPU P6100 @ 2.00GHz
Percentage of memory in use: 48%
Total physical RAM: 2933.86 MB
Available physical RAM: 1515.04 MB
Total Pagefile: 5865.9 MB
Available Pagefile: 3632.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:281.58 GB) (Free:208.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.22 GB) (Free:2.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 880AFEC3)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

#7 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 26 October 2014 - 08:14 AM

Run this quick fix and let me know after the fix if it is gone

Open notepad (Start --> All Programs --> Accessories --> Notepad).

Please copy the entire contents of the code box below.

(To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).

Save it to the same directory as FRST or FRST64 as fixlist.txt. (it has to be right next to FRST or FRST64) either in a directory you saved FRST or FRST64 or on your desktop if thats where you saved it.

You can use your mouse to drag Fixlist right next to FRST or FRST64, either above or below it but not on top of it.

Start
CloseProcesses:
(Web Bar Media) C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe
C:\Users\Joey\AppData\Local\WebBar
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [WebBar] => C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe [195056 2014-08-18] (Web Bar Media)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {5BF486E2-20C5-4DB9-AF4C-431948759845} URL =
Toolbar: HKLM-x32 - HeadlineAlley - {8f61e414-ea79-4559-8bb6-61d956f70306} - C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29bar.dll No File
C:\Program Files (x86)\HeadlineAlley_29
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {8F61E414-EA79-4559-8BB6-61D956F70306} -  No File
2014-10-16 12:01 - 2014-10-18 17:36 - 00000000 ____D () C:\Users\Joey\AppData\Local\WebBar
Task: {67203623-4015-4AA0-8CBD-570AD5A2C8AD} - System32\Tasks\KeepMySettingsX => C:\Users\Joey\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
C:\Users\Joey\AppData\Roaming\KeepMySettingsX
CMD: ipconfig /flushdns
Hosts:
EmptyTemp:
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Then open FRST or FRST64 and click on fix

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#8 tcdollar

Authentic Member

Authentic Member
47 posts

Posted 26 October 2014 - 08:38 AM

Awesome!

Web Bar is gone from the desktop now, I do still see it in Control Panel Programs, though - but didn't want to try to uninstall it again before checking with you first. Here's the Fixlog.txt report:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-10-2014
Ran by Joey at 2014-10-26 10:25:45 Run:1
Running from C:\Users\Joey\Desktop
Loaded Profile: Joey (Available profiles: Joey)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
(Web Bar Media) C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe
C:\Users\Joey\AppData\Local\WebBar
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [WebBar] => C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe [195056 2014-08-18] (Web Bar Media)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {5BF486E2-20C5-4DB9-AF4C-431948759845} URL =
Toolbar: HKLM-x32 - HeadlineAlley - {8f61e414-ea79-4559-8bb6-61d956f70306} - C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29bar.dll No File
C:\Program Files (x86)\HeadlineAlley_29
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {8F61E414-EA79-4559-8BB6-61D956F70306} - No File
2014-10-16 12:01 - 2014-10-18 17:36 - 00000000 ____D () C:\Users\Joey\AppData\Local\WebBar
Task: {67203623-4015-4AA0-8CBD-570AD5A2C8AD} - System32\Tasks\KeepMySettingsX => C:\Users\Joey\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
C:\Users\Joey\AppData\Roaming\KeepMySettingsX
CMD: ipconfig /flushdns
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
[3584] C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe => Process closed successfully.

"C:\Users\Joey\AppData\Local\WebBar" directory move:

C:\Users\Joey\AppData\Local\WebBar\ISightSDK.dll => Moved successfully.
C:\Users\Joey\AppData\Local\WebBar\unins000.exe => Moved successfully.
C:\Users\Joey\AppData\Local\WebBar\wb.app.settings => Moved successfully.
Could not move "C:\Users\Joey\AppData\Local\WebBar\wb.log" => Scheduled to move on reboot.
C:\Users\Joey\AppData\Local\WebBar\wb.user.settings => Moved successfully.
C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\Interop.SHDocVw.dll => Moved successfully.
C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\ISightSDK.dll => Moved successfully.
C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\ISightSDK_x64.dll => Moved successfully.
C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\log4net.dll => Moved successfully.
C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\Newtonsoft.Json.dll => Moved successfully.
C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe => Moved successfully.
C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe.config => Moved successfully.
Could not move "C:\Users\Joey\AppData\Local\WebBar" directory. => Scheduled to move on reboot.

HKU\S-1-5-21-3851006659-123458156-2832309802-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WebBar => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5BF486E2-20C5-4DB9-AF4C-431948759845}" => Key deleted successfully.
"HKCR\CLSID\{5BF486E2-20C5-4DB9-AF4C-431948759845}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8f61e414-ea79-4559-8bb6-61d956f70306} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{8f61e414-ea79-4559-8bb6-61d956f70306}" => Key deleted successfully.
"C:\Program Files (x86)\HeadlineAlley_29" => File/Directory not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8F61E414-EA79-4559-8BB6-61D956F70306} => value deleted successfully.
"HKCR\CLSID\{8F61E414-EA79-4559-8BB6-61D956F70306}" => Key not found.
C:\Users\Joey\AppData\Local\WebBar => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{67203623-4015-4AA0-8CBD-570AD5A2C8AD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67203623-4015-4AA0-8CBD-570AD5A2C8AD}" => Key deleted successfully.
C:\Windows\System32\Tasks\KeepMySettingsX => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KeepMySettingsX" => Key deleted successfully.
C:\Users\Joey\AppData\Roaming\KeepMySettingsX => Moved successfully.

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 608.9 MB temporary data.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-10-26 10:29:23)<=

C:\Users\Joey\AppData\Local\WebBar\wb.log => Is moved successfully.
C:\Users\Joey\AppData\Local\WebBar => Is moved successfully.

==== End of Fixlog ====

#9 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 26 October 2014 - 10:35 AM

Great, you can go into Programs and Features in the Control Panel and look for WebBar, click uninstall , you will most likely get a message that its been uninstalled do you want to remove it from the list .....say yes

Double click on AdwCleaner.exe to run the tool again.

Click on the Uninstall button.

Click Yes when asked are you sure you want to uninstall.

Both AdwCleaner.exe, its folder and all logs will be removed.

==========================================================

Please download DelFix and save the file to your Desktop.

Windows XP Double Click DelFix.exe to run the program.

Windows Vista > Win 7 > Win 8 Right Click on DelFix.exe and select RUN AS ADMINISTRATOR

Place a checkmark next to the following items

Activate UAC

Remove Disinfection Tools

Create registry backup

Reset System Settings

Click the Run button

This will remove the specialised tools we used to clean your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually

==========================================================

How did I get infected in the first place ?

Read these links and find out how to prevent getting infected again.

Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.

WhattheTech

Grinler BleepingComputer

GeeksTo Go

Dslreports

Safe Surfn

Ken

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#10 tcdollar

Authentic Member

Authentic Member
47 posts

Posted 26 October 2014 - 10:53 AM

Hey Ken -

Don't know how to thank you for all your help! Your quick and knowledgable assistance has been most sincerely appreciated !

Thanks, so much, again !!

Take care -

TCDollar

P.S. which free antivirus program would you suggest for someone that mostly plays multi-player online games (predominantly MSN) ?

Edited by tcdollar, 26 October 2014 - 10:57 AM.

Advertisements

Register to Remove

#11 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 26 October 2014 - 11:41 AM

I have been using Microsoft Security Essentials for years and never had a problem with it

http://www.microsoft...ls.aspx?id=5201

I also use the Pro Version of Malwarebytes, it blocks bad sites from loading, the cost is minimal but this of course is up to you

The above two programs are all i need and they work well together

Take care my friend

Ken

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#12 tcdollar

Authentic Member

Authentic Member
47 posts

Posted 26 October 2014 - 12:30 PM

Hey Ken -

Hope ya don't mind if I bug you about one more small issue ............ everything else seems great, but there's still one file in the Control Panel Programs that won't disappear - "HeadlineAlley Internet Explorer Toolbar". When I try to uninstall it, I get the error message:

" There was a problem starting C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29Bar.dll

The specified module could not be found."

I'm sure it's not a major thing, but wanted to make sure it won't be an issue farther down the line. Thanks!!

#13 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 26 October 2014 - 01:44 PM

No problem at all, thats why we're here

Read this

http://www.systemloo...-29bar_dll.html

Is it giving you problems on start up ?

Open FRST and copy and paste this in to the search box and click on Search Files

HeadlineAlley

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#14 tcdollar

Authentic Member

Authentic Member
47 posts

Posted 26 October 2014 - 01:53 PM

Thanks, Ken -

There doesn't seem to be any problem with/on startup - please refresh my memory, though, I don't remember which program FRST is ? Since we removed all the tools earlier, it's not on the desktop anymore : )

#15 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 26 October 2014 - 02:13 PM

My Bad sorry :blush:

If its just a left over entry in the Control Panel I wouldn't worry about it as long as its not running and causing you problems

But lets take a peak, you will need the 64 bit version

Download and Run SystemLook

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

64 Bit Version

Double-click SystemLook.exe to run it.

Copy the content of the following codebox into the main textfield:

:folderfind
HeadlineAlley
:filefind
HeadlineAlley

Click the Look button to start the scan.

When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

Body Background

skin color theme

Can't Get Rid of Web Bar on Desk Top [Solved]

#1 tcdollar

Advertisements

Register to Remove

#2 ken545

#3 tcdollar

#4 tcdollar

#5 ken545

#6 tcdollar

#7 ken545

#8 tcdollar

#9 ken545

#10 tcdollar

Advertisements

Register to Remove

#11 ken545

#12 tcdollar

#13 ken545

#14 tcdollar

#15 ken545

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

Can't Get Rid of Web Bar on Desk Top [Solved]

#1 tcdollar

Advertisements Register to Remove

#2 ken545

#3 tcdollar

#4 tcdollar

#5 ken545

#6 tcdollar

#7 ken545

#8 tcdollar

#9 ken545

#10 tcdollar

Advertisements Register to Remove

#11 ken545

#12 tcdollar

#13 ken545

#14 tcdollar

#15 ken545

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove

Advertisements

Register to Remove