Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Can't Get Rid of Web Bar on Desk Top [Solved]


  • This topic is locked This topic is locked
24 replies to this topic

#1 tcdollar

tcdollar

    Authentic Member

  • Authentic Member
  • PipPip
  • 47 posts

Posted 24 October 2014 - 12:16 PM

Hi -

 

I've been trying to clean up my friend's laptop for the last few days and seem to have been able to remove at least one Trojan Horse and several Ad-, Spy-, and Mal- ware issues.  But when I run scans, they still find some files that are some kind of threat, but not major ones.  But I just cannot figure out how to remove" Web Bar" from the Control Panel program files, or get it off of the desk-top screen. 

 

Please find the reports below that your instructions ask for :

 

 

aswMBR version 1.0.1.2161 Copyright© 2014 AVAST Software
Run date: 2014-10-24 12:26:40
-----------------------------
12:26:40.382    OS Version: Windows x64 6.1.7601 Service Pack 1
12:26:40.382    Number of processors: 2 586 0x2505
12:26:40.383    ComputerName: JOEY-HP  UserName: Joey
12:26:44.591    Initialize success
12:26:44.763    VM: initialized successfully
12:26:44.778    VM: Intel CPU virtualization not supported
12:26:44.825    supported disk I/O iaStor.sys
12:29:00.378    AVAST engine defs: 14102400
12:30:13.246    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:30:13.261    Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 305245MB BusType: 3
12:30:13.792    Disk 0 MBR read successfully I/O
12:30:13.792    Disk 0 MBR scan
12:30:13.807    Disk 0 unknown MBR code
12:30:13.839    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
12:30:13.885    Disk 0 default boot code
12:30:13.917    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       288334 MB offset 409600
12:30:13.963    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        16607 MB offset 590917632
12:30:14.026    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0      103 MB offset 624928768
12:30:14.556    Disk 0 scanning C:\Windows\system32\drivers
12:30:40.967    Service scanning
12:31:29.577    Modules scanning
12:31:29.577    Disk 0 trace - called modules:
12:31:29.655    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
12:31:29.655    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80032ea640]
12:31:29.670    3 CLASSPNP.SYS[fffff88001b2243f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800316e050]
12:31:33.071    AVAST engine scan C:\Windows
12:31:38.703    AVAST engine scan C:\Windows\system32
12:39:31.172    AVAST engine scan C:\Windows\system32\drivers
12:40:03.185    AVAST engine scan C:\Users\Joey
12:50:51.007    AVAST engine scan C:\ProgramData
12:57:36.744    Disk 0 statistics 4283929/26/0 @ 1.95 MB/s
12:57:36.744    Scan finished successfully
13:43:33.612    Disk 0 MBR has been saved successfully to "C:\Users\Joey\Desktop\MBR.dat"
13:43:33.628    The log file has been saved successfully to "C:\Users\Joey\Desktop\aswMBR.txt"

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Joey (administrator) on JOEY-HP on 24-10-2014 13:49:39
Running from C:\Users\Joey\Downloads
Loaded Profile: Joey (Available profiles: Joey)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
(Web Bar Media) C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\Joey\AppData\Local\Temp\isdkW6yXmnQE\ISightHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Users\Joey\Downloads\aswMBR.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2012-01-21] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2011-06-10] (Realtek Semiconductor)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [GamingWonderland EPM Support] => "C:\PROGRA~2\GAMING~2\bar\2.bin\gtmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Desktop Software] => C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe [1025320 2009-04-24] (SupportSoft, Inc.)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Google Update] => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-06] (Google Inc.)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [WebBar] => C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe [195056 2014-08-18] (Web Bar Media)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\MountPoints2: {02a13231-0600-11e0-b4df-60eb69498f01} - F:\LaunchU3.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-23] (Microsoft Corporation)
Startup: C:\Users\Joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD646EB295FEDCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zone.msn.com/en-us/home
SearchScopes: HKLM - {2205B49A-8B6A-4880-B761-96C17A282331} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {FB72AB47-FCB7-4F9D-9292-31EBF79F7AF7} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {2205B49A-8B6A-4880-B761-96C17A282331} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKCU - {5BF486E2-20C5-4DB9-AF4C-431948759845} URL =
SearchScopes: HKCU - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL =
SearchScopes: HKCU - {FB72AB47-FCB7-4F9D-9292-31EBF79F7AF7} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Toolbar BHO -> {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} -> C:\PROGRA~2\GAMING~2\bar\2.bin\gtbar.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - HeadlineAlley - {8f61e414-ea79-4559-8bb6-61d956f70306} - C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29bar.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {8F61E414-EA79-4559-8BB6-61D956F70306} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/...tz.cab99160.cab
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
Tcpip\Parameters: [DhcpNameServer] 216.218.93.165 216.218.93.38

FireFox:
========
FF ProfilePath: C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\186yjm9e.default
FF NewTab: https://us.search.ya...031,0,IE11,9284
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Yahoo
FF SelectedSearchEngine: Yahoo
FF Homepage: https://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.SmileyCentral_1v.com/Plugin -> C:\Program Files (x86)\SmileyCentral_1vEI\Installr\2.bin\NP1vEISB.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (SmileyCentral Installer Plugin Stub) - C:\Program Files (x86)\SmileyCentral_1vEI\Installr\2.bin\NP1vEISB.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (MixiDJ V36) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\efofpgodgejpmjgbpjdblepalcommejk [2013-06-27]
CHR Extension: (Google Wallet) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKCU\...\Chrome\Extension: [efofpgodgejpmjgbpjdblepalcommejk] - C:\Users\Joey\AppData\Local\CRE\efofpgodgejpmjgbpjdblepalcommejk.crx []
CHR HKLM-x32\...\Chrome\Extension: [efofpgodgejpmjgbpjdblepalcommejk] - C:\Users\Joey\AppData\Local\CRE\efofpgodgejpmjgbpjdblepalcommejk.crx []

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [270616 2014-07-02] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 cpuz134; \??\C:\Users\Joey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U3 aswMBR; \??\C:\Users\Joey\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Joey\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 13:49 - 2014-10-24 13:50 - 00022815 _____ () C:\Users\Joey\Downloads\FRST.txt
2014-10-24 13:47 - 2014-10-24 13:49 - 00001429 _____ () C:\Users\Joey\Desktop\FRST64 - Shortcut.lnk
2014-10-24 13:46 - 2014-10-24 13:49 - 00000000 ____D () C:\FRST
2014-10-24 13:45 - 2014-10-24 13:45 - 02112000 _____ (Farbar) C:\Users\Joey\Downloads\FRST64.exe
2014-10-24 13:43 - 2014-10-24 13:43 - 00002245 _____ () C:\Users\Joey\Desktop\aswMBR.txt
2014-10-24 13:43 - 2014-10-24 13:43 - 00000512 _____ () C:\Users\Joey\Desktop\MBR.dat
2014-10-24 12:26 - 2014-10-24 12:26 - 00001429 _____ () C:\Users\Joey\Desktop\aswMBR - Shortcut.lnk
2014-10-24 12:25 - 2014-10-24 12:25 - 05192704 _____ (AVAST Software) C:\Users\Joey\Downloads\aswMBR.exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-10-24 11:51 - 2014-10-24 11:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2014-10-24 11:51 - 2014-10-24 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-10-24 11:50 - 2014-10-24 11:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_NuidFltr_01011.Wdf
2014-10-24 11:49 - 2014-10-24 11:49 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-10-24 11:41 - 2014-10-24 11:51 - 00000000 ____D () C:\Windows\LastGood
2014-10-24 11:41 - 2014-10-24 11:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2014-10-24 11:28 - 2014-10-24 11:30 - 00000000 ____D () C:\Users\Joey\Desktop\New folder
2014-10-22 15:14 - 2014-10-24 12:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-22 15:10 - 2014-10-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-22 15:10 - 2014-10-22 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-22 15:10 - 2014-10-22 15:10 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-10-22 15:10 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-22 15:10 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-22 15:10 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-22 14:13 - 2014-10-22 14:13 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Joey\Downloads\mbam-clean-2.1.1.1001.exe
2014-10-22 14:02 - 2014-10-22 14:03 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Joey\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-10-22 13:34 - 2014-10-22 13:34 - 00000000 ____D () C:\ProgramData\F-Secure
2014-10-22 13:14 - 2014-10-22 13:14 - 00000501 _____ () C:\Windows\wininit.ini
2014-10-22 12:35 - 2014-10-22 12:35 - 00000000 _____ () C:\Windows\SysWOW64\sho34B9.tmp
2014-10-22 12:00 - 2014-10-22 13:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-22 12:00 - 2014-10-22 12:09 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-22 12:00 - 2014-10-22 12:00 - 00001351 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-22 12:00 - 2014-10-22 12:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-22 12:00 - 2014-10-22 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-22 12:00 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-10-22 11:58 - 2014-10-22 11:59 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Joey\Downloads\spybot-2.4.exe
2014-10-22 11:48 - 2014-10-22 11:48 - 00014298 _____ () C:\Users\Joey\Downloads\DevDiag.txt
2014-10-22 11:47 - 2014-10-22 11:47 - 00032804 _____ (jpshortstuff) C:\Users\Joey\Downloads\DevDiag.exe
2014-10-22 11:43 - 2014-10-22 11:43 - 00036864 _____ (Appleoddity) C:\Users\Joey\Downloads\JavaMSIFix.exe
2014-10-21 19:09 - 2014-10-21 19:09 - 04161313 _____ () C:\Users\Joey\Downloads\tdsskiller.zip
2014-10-21 19:07 - 2014-10-21 19:07 - 00000000 ____D () C:\Users\Joey\Documents\tdsskiller
2014-10-21 18:51 - 2014-10-21 18:51 - 01962496 _____ () C:\Users\Joey\Downloads\adwcleaner_4.001.exe
2014-10-21 18:34 - 2014-10-21 18:56 - 00000000 ____D () C:\AdwCleaner
2014-10-21 17:05 - 2014-10-21 17:05 - 00000000 ____D () C:\Windows\ERUNT
2014-10-21 17:02 - 2014-10-21 17:02 - 01705755 _____ (Thisisu) C:\Users\Joey\Downloads\JRT.exe
2014-10-21 16:56 - 2014-10-21 16:56 - 00050688 _____ (Atribune.org) C:\Users\Joey\Downloads\ATF_Cleaner.exe
2014-10-21 14:38 - 2014-10-21 14:38 - 04211416 _____ (http://www.maxuninstaller.com/ ) C:\Users\Joey\Downloads\MUninstaller_2014_Setup(1).exe
2014-10-21 12:56 - 2014-10-21 12:52 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-21 12:56 - 2014-10-21 12:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-21 12:56 - 2014-10-21 12:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-21 12:54 - 2014-10-21 12:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-21 12:52 - 2014-10-21 12:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-21 12:52 - 2014-10-21 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-21 10:05 - 2014-10-21 10:05 - 00000925 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\TuneUp Software
2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\AVG2015
2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-21 10:04 - 2014-10-21 10:06 - 00000000 ____D () C:\ProgramData\AVG2015
2014-10-21 10:04 - 2014-10-21 10:04 - 00000000 ___HD () C:\$AVG
2014-10-21 10:03 - 2014-10-21 10:03 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-21 09:57 - 2014-10-24 11:17 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-21 09:57 - 2014-10-21 10:13 - 00000000 ____D () C:\Users\Joey\AppData\Local\Avg2015
2014-10-21 09:57 - 2014-10-21 09:57 - 00000000 ____D () C:\Users\Joey\AppData\Local\MFAData
2014-10-21 09:56 - 2014-10-21 09:56 - 04579176 _____ (AVG Technologies) C:\Users\Joey\Downloads\avg_free_stb_all_2015_5315_cnet.exe
2014-10-18 15:17 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-18 15:01 - 2014-10-18 15:01 - 00000000 ____D () C:\Users\Joey\AppData\Local\IsolatedStorage
2014-10-16 12:05 - 2014-10-16 12:05 - 00000000 _____ () C:\autoexec.bat
2014-10-16 12:04 - 2014-10-22 15:38 - 00000400 ____H () C:\Windows\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe.job
2014-10-16 12:04 - 2014-10-16 12:04 - 00003030 _____ () C:\Windows\System32\Tasks\KeepMySettingsX
2014-10-16 12:04 - 2014-10-16 12:04 - 00002574 _____ () C:\Windows\System32\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe
2014-10-16 12:02 - 2014-10-18 17:51 - 00000000 ____D () C:\Windows\DF2339B7C3C24663B47AF7AA76E4F47F.TMP
2014-10-16 12:02 - 2014-10-18 17:36 - 00000000 ____D () C:\ProgramData\InstallSightSDK
2014-10-16 12:01 - 2014-10-21 10:30 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\KeepMySettingsX
2014-10-16 12:01 - 2014-10-18 17:36 - 00000000 ____D () C:\Users\Joey\AppData\Local\WebBar
2014-10-16 07:17 - 2014-10-16 07:17 - 00000000 _____ () C:\Windows\SysWOW64\sho4394.tmp
2014-10-15 07:29 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:29 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 07:28 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 07:28 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 07:28 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 07:28 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 07:28 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:28 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 07:28 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:28 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:28 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:28 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:28 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:28 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 07:28 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 07:28 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 07:28 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 07:28 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:28 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 07:28 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 07:28 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 07:28 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 07:28 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 07:28 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 07:28 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 07:28 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 07:28 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 07:28 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 07:28 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:28 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 07:28 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 07:28 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 07:28 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:28 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 07:28 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 07:28 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:28 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 07:28 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:28 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:28 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 07:28 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:28 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 07:28 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:28 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:28 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:28 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:28 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:28 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:28 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 07:28 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 07:28 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 07:28 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:28 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 07:28 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:28 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:28 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:28 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 07:28 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:28 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 07:28 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:28 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:28 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 07:28 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 07:28 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 07:28 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 07:28 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 07:28 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 07:28 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 07:28 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 07:28 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 07:28 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 07:28 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 07:28 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 07:28 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 07:28 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 07:28 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 07:28 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 07:28 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 07:28 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 07:28 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 07:28 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 07:28 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 07:28 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 07:28 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 07:28 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 07:28 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 07:28 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 07:28 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 07:28 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 07:28 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 07:28 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:28 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:28 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 07:28 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 07:28 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 07:28 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 07:28 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 07:28 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 07:27 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 07:27 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 07:27 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 07:27 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 07:27 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 07:27 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 07:27 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 07:27 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 07:27 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 07:27 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 07:27 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:27 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:27 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 07:27 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-01 07:07 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 07:07 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 08:32 - 2014-10-18 17:49 - 00148282 _____ () C:\Windows\system32\ScanResults.xml
2014-09-29 08:27 - 2014-10-18 17:29 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-09-24 06:58 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 06:58 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 13:39 - 2014-03-31 19:10 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC1E528D-422F-4927-B871-EC8439B76B3C}
2014-10-24 13:25 - 2012-10-19 18:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-24 13:24 - 2011-08-18 19:14 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-24 13:14 - 2012-08-06 11:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA.job
2014-10-24 12:41 - 2010-08-20 04:21 - 01190438 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 12:26 - 2009-07-13 22:34 - 00000513 _____ () C:\Windows\win.ini
2014-10-24 11:51 - 2012-08-03 19:20 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-10-24 11:51 - 2012-08-03 19:20 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-10-24 11:51 - 2009-07-14 00:51 - 00110713 _____ () C:\Windows\setupact.log
2014-10-24 11:43 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-24 11:43 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-24 11:24 - 2011-08-18 19:14 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-24 11:15 - 2012-08-06 11:47 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core.job
2014-10-22 15:37 - 2010-11-26 21:37 - 01651448 _____ () C:\Windows\PFRO.log
2014-10-22 15:37 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-22 15:36 - 2014-04-06 19:49 - 00000000 ____D () C:\Users\Joey\AppData\Local\TB
2014-10-22 14:19 - 2011-01-31 09:22 - 00000000 ____D () C:\Users\Joey\AppData\Local\CrashDumps
2014-10-22 14:17 - 2009-07-14 01:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-21 13:39 - 2010-07-10 23:12 - 00000000 ____D () C:\ProgramData\Temp
2014-10-21 12:56 - 2014-08-08 17:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-21 12:52 - 2010-07-11 00:34 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-21 12:37 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-10-21 10:47 - 2013-05-18 13:49 - 00000000 ____D () C:\temp
2014-10-21 09:24 - 2012-06-13 19:31 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-10-21 09:24 - 2010-08-20 04:37 - 00000000 ____D () C:\Program Files (x86)\HP Games
2014-10-21 09:24 - 2010-08-20 04:36 - 00000000 ____D () C:\ProgramData\WildTangent
2014-10-21 09:24 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-21 09:23 - 2010-11-26 15:32 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\WildTangent
2014-10-21 09:02 - 2012-04-21 15:10 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-10-21 08:39 - 2014-09-02 12:41 - 00000000 ____D () C:\ProgramData\c12f2f613465db07
2014-10-21 08:17 - 2010-08-20 04:35 - 00000000 ____D () C:\ProgramData\Norton
2014-10-20 21:24 - 2014-06-29 11:21 - 00000591 _____ () C:\Users\Joey\AppData\Roaming\Microsoft\Windows\Start Menu\How much for 911 to go digital - The Item Local News.website
2014-10-20 13:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-18 17:57 - 2009-07-14 00:45 - 00419976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-18 17:28 - 2010-11-26 14:46 - 00000000 ____D () C:\Users\Joey
2014-10-18 17:25 - 2014-05-06 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-18 17:24 - 2010-08-20 04:33 - 00000000 ____D () C:\ProgramData\CinemaNow
2014-10-18 17:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-18 17:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-18 17:23 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-18 17:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-10-16 12:04 - 2010-11-26 15:00 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\Adobe
2014-10-16 06:42 - 2011-08-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 06:28 - 2013-07-16 06:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 06:20 - 2013-04-01 17:30 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-13 08:12 - 2013-12-12 21:02 - 00003072 _____ () C:\Windows\SysWOW64\Cache.db
2014-10-12 15:38 - 2014-08-30 15:34 - 00000055 _____ () C:\Users\Joey\AppData\Roaming\mbam.context.scan
2014-10-08 07:58 - 2012-06-16 11:59 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForJoey.job
2014-10-08 07:58 - 2011-07-23 12:18 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJoey
2014-10-08 07:58 - 2011-06-10 17:26 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJOEY-HP$
2014-10-08 07:58 - 2011-06-10 17:26 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job
2014-10-02 15:53 - 2011-01-29 23:37 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-24 16:36 - 2013-04-01 17:25 - 00000000 ____D () C:\Users\Joey\AppData\Local\Windows Live

Some content of TEMP:
====================
C:\Users\Joey\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-21 06:25

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Joey at 2014-10-24 13:50:43
Running from C:\Users\Joey\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Comcast Desktop Software (v1.2.1) (HKLM-x32\...\{118C3943-1683-42EF-824D-C22E70DB42E7}) (Version: 24 - Comcast)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1616 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.4217 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.0.2511 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (x32 Version: 82.0.188.000 - Hewlett-Packard) Hidden
GamingWonderland Internet Explorer Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HeadlineAlley Internet Explorer Toolbar (HKLM-x32\...\HeadlineAlley_29bar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{5E25081D-9CB4-4B17-AD2B-8DF2DC335E85}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
iCloud (HKLM\...\{D1829BE5-F305-4576-9593-C66FC7E0B008}) (Version: 1.0.2.17 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeepMySettingsX (HKLM-x32\...\KeepMySettingsX) (Version:  - InstallX, LLC) <==== ATTENTION
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MediaBar (HKLM-x32\...\BearShare MediaBar) (Version: 2.0.0.93720 - Musiclab, LLC) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30120 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0329 - REALTEK Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
Reimage Protector (HKLM\...\Reimage Protector) (Version:  - Reimage)
Roxio CinemaNow 2.0 (x32 Version: 1.0.278 - Hewlett-Packard) Hidden
RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
Scan (x32 Version: 8.1.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
Toolbox (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web Bar 2.0.5343.21616 (HKCU\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 2.0.5343.21616 - Web Bar Media)
WebReg (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

18-10-2014 21:09:26 Restore Operation
18-10-2014 21:40:01 Made by Registry Mechanic                                       
18-10-2014 21:41:08 Windows Update
18-10-2014 21:49:58 Removed SpyHunter
20-10-2014 12:40:21 Windows Backup
21-10-2014 01:09:50 Made by Registry Mechanic                                       
21-10-2014 13:21:38 Removed Norton Online Backup
21-10-2014 13:22:27 Removed Norton Online Backup
21-10-2014 13:59:35 Installed AVG 2015
21-10-2014 14:00:25 Removed AVG 2015
21-10-2014 14:03:37 Installed AVG 2015
21-10-2014 14:04:00 Installed AVG 2015
22-10-2014 15:45:29 JavaMSIFix
22-10-2014 18:24:35 JavaMSIFix
22-10-2014 18:45:05 Windows Update
24-10-2014 15:44:56 DCInstallRestorePoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03B4B85F-9080-42EA-8DF5-24F983820CED} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {1B563FFA-B213-4C85-AE47-3C21165207AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
Task: {1B93AA3B-8A3E-4800-BDF3-3F25A3302F36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {1C578182-8F08-4D9D-8CF8-2CA0E80EA8D3} - System32\Tasks\HPCeeScheduleForJoey => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {1EDF4FFB-1764-4CF4-BD53-F10F12F5163A} - System32\Tasks\HPCeeScheduleForJOEY-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {30A29AAB-1E1D-40AF-9E2A-B9BA4C113DEA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {35A72398-4A87-41CB-ACF1-77EABBE49C84} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {44A50243-20BD-4DDC-B53E-7E0C383CC42B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {45AA0DE3-78C2-45E4-9608-B4C86E7E9FA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {4982C457-54A8-4EA8-B4FC-88798259C349} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {51443AD6-23FB-437A-B977-EBB91776FE32} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {67203623-4015-4AA0-8CBD-570AD5A2C8AD} - System32\Tasks\KeepMySettingsX => C:\Users\Joey\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
Task: {80536698-6568-42F2-BE10-E2133E4F637C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {91EAAFA3-E1BE-409B-85CD-68FC824E40C0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B08B0710-D51A-4BE0-BEBF-683020C97E47} - System32\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe => C:\Users\Joey\AppData\Local\Temp\qs_100e2750\mediaplayer\VideoBuzz_installer.exe <==== ATTENTION
Task: {B5450CFA-0404-4E89-BE6E-FA68793CAF3C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.)
Task: {BF50918A-34C1-47CC-BBFB-C94A6D7CE0C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {CAF4017D-C689-46C9-9810-5E85F56664DE} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {D06C066A-4246-4FCA-9B33-432044B34CF3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.)
Task: {D235E143-2178-49A5-9A73-B32879257315} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3851006659-123458156-2832309802-1001
Task: {ED6FE846-D31E-4BC3-805F-3DC9C269CC02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {EF501002-9025-43A4-9F2D-B97E8D7DCCA1} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {F3BFB125-EE39-46E4-AF32-34AC21F2FBCE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F515BB5A-A469-40F3-8134-0D35CB316C46} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe.job => C:\Users\Joey\AppData\Local\Temp\qs_100e2750\mediaplayer\VideoBuzz_installer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJoey.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-10-16 12:01 - 2014-06-19 16:09 - 00813568 _____ () C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\ISightSDK_x64.dll
2014-10-22 15:40 - 2014-10-22 15:40 - 00003072 _____ () C:\Users\Joey\AppData\Local\Temp\isdkW6yXmnQE\ISightHost.exe
2014-10-22 15:40 - 2014-06-19 16:09 - 00813568 _____ () C:\Users\Joey\AppData\Local\Temp\isdkW6yXmnQE\ISightSDK.DLL
2010-06-18 19:26 - 2010-06-18 19:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-06-18 19:26 - 2010-06-18 19:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 19:26 - 2010-06-18 19:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-22 12:00 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-22 12:00 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-22 12:00 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-22 12:00 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-22 12:00 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 21:58 - 2010-02-09 21:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2014-08-08 17:41 - 2014-08-08 17:41 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3851006659-123458156-2832309802-500 - Administrator - Disabled)
Guest (S-1-5-21-3851006659-123458156-2832309802-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3851006659-123458156-2832309802-1002 - Limited - Enabled)
Joey (S-1-5-21-3851006659-123458156-2832309802-1001 - Administrator - Enabled) => C:\Users\Joey

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 00:26:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:26:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:04:35 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:04:35 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:04:06 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:04:06 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:03:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:03:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:01:29 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

Error: (10/24/2014 00:01:29 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.


System errors:
=============
Error: (10/24/2014 01:24:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The AVG WatchDog service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (10/22/2014 03:41:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%2

Error: (10/22/2014 03:38:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (10/22/2014 03:38:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (10/22/2014 03:36:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:36:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:36:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:34:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:34:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/22/2014 03:34:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (10/24/2014 00:26:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:26:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:04:35 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:04:35 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:04:06 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:04:06 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:03:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:03:09 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:01:29 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/24/2014 00:01:29 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info ===========================

Processor: Intel® Pentium® CPU P6100 @ 2.00GHz
Percentage of memory in use: 70%
Total physical RAM: 2933.86 MB
Available physical RAM: 859.19 MB
Total Pagefile: 5865.9 MB
Available Pagefile: 2754.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:281.58 GB) (Free:208.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.22 GB) (Free:2.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 880AFEC3)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

 

 

 


    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 25 October 2014 - 12:16 PM

:welcome:

 

Lets do this as I see multiple adware and malware programs listed

 

First see if you can go into Program and Features in the Control Panel and uninstall Web bar

 

 

-AdwCleaner-by Xplode
 
Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
 
Do not click on any links in the top Advertisment.
 
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  •  
     
    ===============================================================================
     
     
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    ===============================================================================
     
    Download Malwarebytes' Anti-Malware  to your desktop. 
     
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  •  
    MBAM203_zps0a230260.jpg
     
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Treat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished and the log pops up...select Copy to Clipboard
  • Please paste the log back into this thread for review
  • Exit Malwarebytes


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #3 tcdollar

    tcdollar

      Authentic Member

    • Authentic Member
    • PipPip
    • 47 posts

    Posted 25 October 2014 - 12:33 PM

    Hi Ken545 -

     

    I had been trying to uninstall "Web Bar" from Program and Features in the Control Panel - but it gives me an error message saying that

    " ............WebBar\unins000.dat  does not exist.  Cannot uninstall "

     

    But I'll go and take care of the other instructions you've listed, and get back to you when they finish .

     

    Thank you so much for your response and your help !



    #4 tcdollar

    tcdollar

      Authentic Member

    • Authentic Member
    • PipPip
    • 47 posts

    Posted 25 October 2014 - 02:35 PM

    Hope I got everything you asked for and did them correctly, here are the reports :

     

     

     

    # AdwCleaner v4.001 - Report created 25/10/2014 at 14:47:50
    # DB v2014-10-23.2
    # Updated 20/10/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Joey - JOEY-HP
    # Running from : C:\Users\Joey\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17344


    -\\ Mozilla Firefox v31.0 (x86 en-US)


    -\\ Google Chrome v


    *************************

    AdwCleaner[R0].txt - [20026 octets] - [21/10/2014 18:36:26]
    AdwCleaner[R1].txt - [19798 octets] - [21/10/2014 18:51:40]
    AdwCleaner[R2].txt - [948 octets] - [25/10/2014 14:38:42]
    AdwCleaner[R3].txt - [1007 octets] - [25/10/2014 14:45:28]
    AdwCleaner[S0].txt - [19604 octets] - [21/10/2014 18:56:41]
    AdwCleaner[S1].txt - [923 octets] - [25/10/2014 14:47:50]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [982 octets] ##########

     

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.3.3 (10.21.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Joey on Sat 10/25/2014 at 15:06:23.21
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files

    Successfully deleted: [File] "C:\Windows\wininit.ini"



    ~~~ Folders



    ~~~ FireFox

    Successfully deleted the following from C:\Users\Joey\AppData\Roaming\mozilla\firefox\profiles\186yjm9e.default\prefs.js

    user_pref("CT3298572_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1376683566888,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
    user_pref("extensions.3Cgcs.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1|
    user_pref("extensions.GnF9axv94aMo.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com
    user_pref("extensions.YR07cXKNXc.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\"
    user_pref("extensions.dynconff.cache.d11vdn9ox0j18d.cloudfront.net.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"pu
    user_pref("extensions.dynconff.cache.d1ui18tz1fx59z.cloudfront.net.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"pu
    user_pref("extensions.dynconff.cache.parks.livepositively.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puConfi
    user_pref("extensions.dynconff.cache.search.aol.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1134_1169_1146_1183_1263_1348_1420\"><content id=\"puConfi
    user_pref("extensions.dynconff.cache.www.blueskycabinrentals.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puCo
    user_pref("extensions.dynconff.cache.www.fullvideoplayer.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puConfig
    user_pref("extensions.dynconff.cache.www.gastateparks.org.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puConfig_20
    user_pref("extensions.dynconff.cache.www.search.ask.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1477_1164_1169_1146_1263_1348_1420\"><content id=\"DEALAddC
    user_pref("extensions.dynconff.cache.www.visitnc.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"v51_1164_1169_1146_1263_1348_1420\"><content id=\"puConfig_2052A3D



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sat 10/25/2014 at 15:12:38.25
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     

     

     

     

     

     

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 10/25/2014
    Scan Time: 4:00:16 PM
    Logfile:
    Administrator: Yes

    Version: 2.00.3.1025
    Malware Database: v2014.10.25.05
    Rootkit Database: v2014.10.22.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Joey

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 330209
    Time Elapsed: 11 min, 15 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)



    #5 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 25 October 2014 - 03:35 PM

    Go ahead and run a new scan with FRST, be sure to checkmark Additions and post both logs please



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #6 tcdollar

    tcdollar

      Authentic Member

    • Authentic Member
    • PipPip
    • 47 posts

    Posted 26 October 2014 - 07:51 AM

    Thank you again, Ken545 !  Here are the log reports:

     

     

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2014
    Ran by Joey (administrator) on JOEY-HP on 26-10-2014 09:13:11
    Running from C:\Users\Joey\Desktop
    Loaded Profile: Joey (Available profiles: Joey)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Google Inc.) C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
    (Web Bar Media) C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    () C:\Users\Joey\AppData\Local\Temp\isdk9nkg6Hge\ISightHost.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    (Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2281256 2012-01-21] (Synaptics Incorporated)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6489704 2011-06-10] (Realtek Semiconductor)
    HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296 2010-11-09] (Hewlett-Packard Development Company, L.P.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
    HKLM-x32\...\Run: [GamingWonderland EPM Support] => "C:\PROGRA~2\GAMING~2\bar\2.bin\gtmedint.exe" T8EPMSUP.DLL,S
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
    HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Desktop Software] => C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe [1025320 2009-04-24] (SupportSoft, Inc.)
    HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [Google Update] => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-06] (Google Inc.)
    HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [WebBar] => C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe [195056 2014-08-18] (Web Bar Media)
    HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\MountPoints2: {02a13231-0600-11e0-b4df-60eb69498f01} - F:\LaunchU3.exe
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-23] (Microsoft Corporation)
    Startup: C:\Users\Joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    BootExecute: autocheck autochk * sdnclean64.exe
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD646EB295FEDCF01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zone.msn.com/en-us/home
    SearchScopes: HKLM - {2205B49A-8B6A-4880-B761-96C17A282331} URL = http://search.yahoo....psg&type=HPNTDF
    SearchScopes: HKLM - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL = http://en.wikipedia....h={searchTerms}
    SearchScopes: HKLM - {FB72AB47-FCB7-4F9D-9292-31EBF79F7AF7} URL = http://www.ask.com/w...}&l=dis&o=ushpl
    SearchScopes: HKLM-x32 - {2205B49A-8B6A-4880-B761-96C17A282331} URL = http://search.yahoo....psg&type=HPNTDF
    SearchScopes: HKLM-x32 - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL = http://en.wikipedia....h={searchTerms}
    SearchScopes: HKCU - {5BF486E2-20C5-4DB9-AF4C-431948759845} URL =
    SearchScopes: HKCU - {B4716C52-07E7-4F92-8FD2-CC67A49CDC23} URL =
    SearchScopes: HKCU - {FB72AB47-FCB7-4F9D-9292-31EBF79F7AF7} URL =
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: Toolbar BHO -> {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} -> C:\PROGRA~2\GAMING~2\bar\2.bin\gtbar.dll No File
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    Toolbar: HKLM-x32 - HeadlineAlley - {8f61e414-ea79-4559-8bb6-61d956f70306} - C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29bar.dll No File
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
    Toolbar: HKCU - No Name - {8F61E414-EA79-4559-8BB6-61D956F70306} -  No File
    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
    DPF: HKLM-x32 {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/...tz.cab99160.cab
    DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab
    DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab
    Tcpip\Parameters: [DhcpNameServer] 216.218.93.165 216.218.93.38

    FireFox:
    ========
    FF ProfilePath: C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\186yjm9e.default
    FF NewTab: https://us.search.ya...031,0,IE11,9284
    FF DefaultSearchEngine: Yahoo
    FF SearchEngineOrder.1: Yahoo
    FF SelectedSearchEngine: Yahoo
    FF Homepage: https://www.google.com
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @ei.SmileyCentral_1v.com/Plugin -> C:\Program Files (x86)\SmileyCentral_1vEI\Installr\2.bin\NP1vEISB.dll No File
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

    Chrome:
    =======
    CHR Plugin: (Shockwave Flash) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Joey\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
    CHR Plugin: (Norton Confidential) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
    CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
    CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
    CHR Plugin: (SmileyCentral Installer Plugin Stub) - C:\Program Files (x86)\SmileyCentral_1vEI\Installr\2.bin\NP1vEISB.dll No File
    CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
    CHR Profile: C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
    CHR Extension: (MixiDJ V36) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\efofpgodgejpmjgbpjdblepalcommejk [2013-06-27]
    CHR Extension: (Google Wallet) - C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
    CHR HKCU\...\Chrome\Extension: [efofpgodgejpmjgbpjdblepalcommejk] - C:\Users\Joey\AppData\Local\CRE\efofpgodgejpmjgbpjdblepalcommejk.crx []
    CHR HKLM-x32\...\Chrome\Extension: [efofpgodgejpmjgbpjdblepalcommejk] - C:\Users\Joey\AppData\Local\CRE\efofpgodgejpmjgbpjdblepalcommejk.crx []

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
    R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-24] (Realtek Semiconductor Corp.) [File not signed]
    S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [270616 2014-07-02] (AVG Technologies CZ, s.r.o.)
    S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
    S3 cpuz134; \??\C:\Users\Joey\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-26 09:13 - 2014-10-26 09:14 - 00020308 _____ () C:\Users\Joey\Desktop\FRST.txt
    2014-10-26 09:12 - 2014-10-26 09:12 - 00000000 ____D () C:\Users\Joey\Desktop\FRST-OlderVersion
    2014-10-25 16:47 - 2014-10-25 16:47 - 00000085 _____ () C:\Windows\wininit.ini
    2014-10-25 15:12 - 2014-10-25 15:12 - 00003135 _____ () C:\Users\Joey\Desktop\JRT.txt
    2014-10-25 15:04 - 2014-10-21 14:25 - 01706144 _____ (Thisisu) C:\Users\Joey\Desktop\JRT_NEW.exe
    2014-10-25 15:02 - 2014-10-25 15:02 - 00000000 ____D () C:\Users\Joey\AppData\Local\Apple
    2014-10-25 14:49 - 2014-10-25 14:49 - 00000000 _____ () C:\Windows\SysWOW64\sho70EB.tmp
    2014-10-25 14:34 - 2014-10-25 14:34 - 01962496 _____ () C:\Users\Joey\Desktop\AdwCleaner.exe
    2014-10-24 13:50 - 2014-10-24 13:51 - 00035683 _____ () C:\Users\Joey\Downloads\Addition.txt
    2014-10-24 13:49 - 2014-10-24 13:51 - 00056652 _____ () C:\Users\Joey\Downloads\FRST.txt
    2014-10-24 13:46 - 2014-10-26 09:13 - 00000000 ____D () C:\FRST
    2014-10-24 13:45 - 2014-10-26 09:12 - 02113024 _____ (Farbar) C:\Users\Joey\Desktop\FRST64.exe
    2014-10-24 12:26 - 2014-10-24 12:26 - 00001429 _____ () C:\Users\Joey\Desktop\aswMBR - Shortcut.lnk
    2014-10-24 12:25 - 2014-10-24 12:25 - 05192704 _____ (AVAST Software) C:\Users\Joey\Downloads\aswMBR.exe
    2014-10-24 11:51 - 2014-10-24 11:51 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
    2014-10-24 11:51 - 2014-10-24 11:51 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
    2014-10-24 11:51 - 2014-10-24 11:51 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
    2014-10-24 11:51 - 2014-10-24 11:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
    2014-10-24 11:51 - 2014-10-24 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
    2014-10-24 11:50 - 2014-10-24 11:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_NuidFltr_01011.Wdf
    2014-10-24 11:49 - 2014-10-24 11:49 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
    2014-10-24 11:41 - 2014-10-24 11:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
    2014-10-24 11:28 - 2014-10-25 16:41 - 00000000 ____D () C:\Users\Joey\Desktop\New folder
    2014-10-22 15:10 - 2014-10-25 15:21 - 00001060 _____ () C:\Users\Joey\Desktop\Malwarebytes Anti-Malware.lnk
    2014-10-22 15:10 - 2014-10-22 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-10-22 14:13 - 2014-10-22 14:13 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Joey\Downloads\mbam-clean-2.1.1.1001.exe
    2014-10-22 14:02 - 2014-10-22 14:03 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Joey\Downloads\mbam-setup-2.0.3.1025(1).exe
    2014-10-22 13:34 - 2014-10-22 13:34 - 00000000 ____D () C:\ProgramData\F-Secure
    2014-10-22 12:35 - 2014-10-22 12:35 - 00000000 _____ () C:\Windows\SysWOW64\sho34B9.tmp
    2014-10-22 12:00 - 2014-10-25 16:49 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-10-22 12:00 - 2014-10-25 16:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-10-22 12:00 - 2014-10-22 12:00 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2014-10-22 11:58 - 2014-10-22 11:59 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Joey\Downloads\spybot-2.4.exe
    2014-10-22 11:48 - 2014-10-22 11:48 - 00014298 _____ () C:\Users\Joey\Downloads\DevDiag.txt
    2014-10-22 11:47 - 2014-10-22 11:47 - 00032804 _____ (jpshortstuff) C:\Users\Joey\Downloads\DevDiag.exe
    2014-10-22 11:43 - 2014-10-22 11:43 - 00036864 _____ (Appleoddity) C:\Users\Joey\Downloads\JavaMSIFix.exe
    2014-10-21 19:09 - 2014-10-21 19:09 - 04161313 _____ () C:\Users\Joey\Downloads\tdsskiller.zip
    2014-10-21 19:07 - 2014-10-21 19:07 - 00000000 ____D () C:\Users\Joey\Documents\tdsskiller
    2014-10-21 18:51 - 2014-10-21 18:51 - 01962496 _____ () C:\Users\Joey\Downloads\adwcleaner_4.001.exe
    2014-10-21 18:34 - 2014-10-25 14:47 - 00000000 ____D () C:\AdwCleaner
    2014-10-21 17:05 - 2014-10-21 17:05 - 00000000 ____D () C:\Windows\ERUNT
    2014-10-21 17:02 - 2014-10-21 17:02 - 01705755 _____ (Thisisu) C:\Users\Joey\Desktop\JRT.exe
    2014-10-21 16:56 - 2014-10-21 16:56 - 00050688 _____ (Atribune.org) C:\Users\Joey\Downloads\ATF_Cleaner.exe
    2014-10-21 14:38 - 2014-10-21 14:38 - 04211416 _____ (http://www.maxuninstaller.com/ ) C:\Users\Joey\Downloads\MUninstaller_2014_Setup(1).exe
    2014-10-21 12:56 - 2014-10-21 12:52 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-10-21 12:56 - 2014-10-21 12:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-10-21 12:56 - 2014-10-21 12:52 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-10-21 12:54 - 2014-10-21 12:52 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-10-21 12:52 - 2014-10-21 12:57 - 00000000 ____D () C:\ProgramData\Oracle
    2014-10-21 12:52 - 2014-10-21 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2014-10-21 10:05 - 2014-10-21 10:05 - 00000925 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
    2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\TuneUp Software
    2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\AVG2015
    2014-10-21 10:05 - 2014-10-21 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2014-10-21 10:04 - 2014-10-21 10:06 - 00000000 ____D () C:\ProgramData\AVG2015
    2014-10-21 10:04 - 2014-10-21 10:04 - 00000000 ___HD () C:\$AVG
    2014-10-21 10:03 - 2014-10-21 10:03 - 00000000 ____D () C:\Program Files (x86)\AVG
    2014-10-21 09:57 - 2014-10-26 08:53 - 00000000 ____D () C:\ProgramData\MFAData
    2014-10-21 09:57 - 2014-10-21 10:13 - 00000000 ____D () C:\Users\Joey\AppData\Local\Avg2015
    2014-10-21 09:57 - 2014-10-21 09:57 - 00000000 ____D () C:\Users\Joey\AppData\Local\MFAData
    2014-10-21 09:56 - 2014-10-21 09:56 - 04579176 _____ (AVG Technologies) C:\Users\Joey\Downloads\avg_free_stb_all_2015_5315_cnet.exe
    2014-10-18 15:17 - 2014-09-28 20:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-10-18 15:01 - 2014-10-18 15:01 - 00000000 ____D () C:\Users\Joey\AppData\Local\IsolatedStorage
    2014-10-16 12:05 - 2014-10-16 12:05 - 00000000 _____ () C:\autoexec.bat
    2014-10-16 12:04 - 2014-10-25 16:50 - 00000400 ____H () C:\Windows\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe.job
    2014-10-16 12:04 - 2014-10-16 12:04 - 00003030 _____ () C:\Windows\System32\Tasks\KeepMySettingsX
    2014-10-16 12:04 - 2014-10-16 12:04 - 00002574 _____ () C:\Windows\System32\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe
    2014-10-16 12:02 - 2014-10-18 17:51 - 00000000 ____D () C:\Windows\DF2339B7C3C24663B47AF7AA76E4F47F.TMP
    2014-10-16 12:02 - 2014-10-18 17:36 - 00000000 ____D () C:\ProgramData\InstallSightSDK
    2014-10-16 12:01 - 2014-10-21 10:30 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\KeepMySettingsX
    2014-10-16 12:01 - 2014-10-18 17:36 - 00000000 ____D () C:\Users\Joey\AppData\Local\WebBar
    2014-10-16 07:17 - 2014-10-16 07:17 - 00000000 _____ () C:\Windows\SysWOW64\sho4394.tmp
    2014-10-15 07:29 - 2014-06-18 18:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
    2014-10-15 07:29 - 2014-06-18 18:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
    2014-10-15 07:29 - 2014-06-18 18:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
    2014-10-15 07:29 - 2014-06-18 18:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
    2014-10-15 07:29 - 2014-06-18 18:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
    2014-10-15 07:29 - 2014-06-18 18:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
    2014-10-15 07:28 - 2014-10-09 22:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-10-15 07:28 - 2014-10-09 22:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-10-15 07:28 - 2014-10-09 22:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-10-15 07:28 - 2014-10-06 22:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-10-15 07:28 - 2014-10-06 22:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-10-15 07:28 - 2014-09-25 18:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-10-15 07:28 - 2014-09-25 18:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-10-15 07:28 - 2014-09-25 18:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-10-15 07:28 - 2014-09-25 18:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-10-15 07:28 - 2014-09-25 18:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-10-15 07:28 - 2014-09-25 18:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-10-15 07:28 - 2014-09-25 18:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-10-15 07:28 - 2014-09-18 22:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-10-15 07:28 - 2014-09-18 21:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-10-15 07:28 - 2014-09-18 21:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-10-15 07:28 - 2014-09-18 21:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-10-15 07:28 - 2014-09-18 21:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-10-15 07:28 - 2014-09-18 21:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-10-15 07:28 - 2014-09-18 21:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-10-15 07:28 - 2014-09-18 21:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-10-15 07:28 - 2014-09-18 21:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-10-15 07:28 - 2014-09-18 21:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-10-15 07:28 - 2014-09-18 21:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-10-15 07:28 - 2014-09-18 21:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-10-15 07:28 - 2014-09-18 21:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-10-15 07:28 - 2014-09-18 21:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-10-15 07:28 - 2014-09-18 21:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-10-15 07:28 - 2014-09-18 21:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-10-15 07:28 - 2014-09-18 21:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-10-15 07:28 - 2014-09-18 21:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-10-15 07:28 - 2014-09-18 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-10-15 07:28 - 2014-09-18 21:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-10-15 07:28 - 2014-09-18 21:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-10-15 07:28 - 2014-09-18 21:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-10-15 07:28 - 2014-09-18 21:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-10-15 07:28 - 2014-09-18 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-10-15 07:28 - 2014-09-18 21:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-10-15 07:28 - 2014-09-18 21:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-10-15 07:28 - 2014-09-18 20:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-10-15 07:28 - 2014-09-18 20:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-10-15 07:28 - 2014-09-18 20:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-10-15 07:28 - 2014-09-18 20:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-10-15 07:28 - 2014-09-18 20:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-10-15 07:28 - 2014-09-18 20:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-10-15 07:28 - 2014-09-18 20:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-10-15 07:28 - 2014-09-18 20:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-10-15 07:28 - 2014-09-18 20:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-10-15 07:28 - 2014-09-18 20:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-10-15 07:28 - 2014-09-18 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-10-15 07:28 - 2014-09-18 20:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-10-15 07:28 - 2014-09-18 20:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-10-15 07:28 - 2014-09-18 20:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-10-15 07:28 - 2014-09-18 20:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-10-15 07:28 - 2014-09-18 20:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-10-15 07:28 - 2014-09-18 20:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-10-15 07:28 - 2014-09-18 19:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-10-15 07:28 - 2014-09-18 19:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-10-15 07:28 - 2014-09-18 19:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-10-15 07:28 - 2014-09-18 19:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-10-15 07:28 - 2014-08-18 23:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2014-10-15 07:28 - 2014-08-18 23:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2014-10-15 07:28 - 2014-08-18 23:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2014-10-15 07:28 - 2014-08-18 23:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2014-10-15 07:28 - 2014-08-18 23:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2014-10-15 07:28 - 2014-08-18 23:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2014-10-15 07:28 - 2014-08-18 23:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2014-10-15 07:28 - 2014-08-18 23:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2014-10-15 07:28 - 2014-08-18 23:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2014-10-15 07:28 - 2014-08-18 23:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2014-10-15 07:28 - 2014-08-18 22:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2014-10-15 07:28 - 2014-08-18 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2014-10-15 07:28 - 2014-08-18 22:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2014-10-15 07:28 - 2014-07-06 22:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2014-10-15 07:28 - 2014-07-06 22:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
    2014-10-15 07:28 - 2014-07-06 22:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2014-10-15 07:28 - 2014-07-06 22:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2014-10-15 07:28 - 2014-07-06 22:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2014-10-15 07:28 - 2014-07-06 22:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2014-10-15 07:28 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2014-10-15 07:28 - 2014-07-06 22:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2014-10-15 07:28 - 2014-07-06 22:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2014-10-15 07:28 - 2014-07-06 22:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2014-10-15 07:28 - 2014-07-06 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2014-10-15 07:28 - 2014-07-06 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2014-10-15 07:28 - 2014-07-06 21:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2014-10-15 07:28 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2014-10-15 07:28 - 2014-07-06 21:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2014-10-15 07:28 - 2014-07-06 21:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2014-10-15 07:28 - 2014-07-06 21:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2014-10-15 07:28 - 2014-07-06 21:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2014-10-15 07:28 - 2014-07-06 21:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
    2014-10-15 07:28 - 2014-07-06 21:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
    2014-10-15 07:28 - 2014-07-06 21:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
    2014-10-15 07:28 - 2014-06-27 20:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2014-10-15 07:28 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2014-10-15 07:28 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2014-10-15 07:27 - 2014-09-17 22:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
    2014-10-15 07:27 - 2014-09-17 21:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2014-10-15 07:27 - 2014-09-12 21:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
    2014-10-15 07:27 - 2014-09-12 21:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
    2014-10-15 07:27 - 2014-09-04 01:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
    2014-10-15 07:27 - 2014-09-04 01:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
    2014-10-15 07:27 - 2014-07-16 22:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2014-10-15 07:27 - 2014-07-16 22:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
    2014-10-15 07:27 - 2014-07-16 22:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
    2014-10-15 07:27 - 2014-07-16 22:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2014-10-15 07:27 - 2014-07-16 22:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
    2014-10-15 07:27 - 2014-07-16 22:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
    2014-10-15 07:27 - 2014-07-16 22:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2014-10-15 07:27 - 2014-07-16 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2014-10-15 07:27 - 2014-07-16 21:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
    2014-10-15 07:27 - 2014-07-16 21:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2014-10-15 07:27 - 2014-07-16 21:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
    2014-10-15 07:27 - 2014-07-16 21:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
    2014-10-15 07:27 - 2014-07-16 21:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2014-10-15 07:27 - 2014-07-16 21:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2014-10-15 07:27 - 2014-07-16 21:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
    2014-10-15 07:27 - 2014-07-16 21:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
    2014-10-01 07:07 - 2014-09-24 22:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2014-10-01 07:07 - 2014-09-24 21:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2014-09-29 08:32 - 2014-10-18 17:49 - 00148282 _____ () C:\Windows\system32\ScanResults.xml
    2014-09-29 08:27 - 2014-10-18 17:29 - 00000464 _____ () C:\Windows\system32\ScannerSettings

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-10-26 09:14 - 2012-08-06 11:47 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA.job
    2014-10-26 09:14 - 2012-08-06 11:47 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core.job
    2014-10-26 09:00 - 2014-03-31 19:10 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC1E528D-422F-4927-B871-EC8439B76B3C}
    2014-10-26 08:25 - 2012-10-19 18:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-10-26 08:24 - 2011-08-18 19:14 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-10-26 03:50 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-10-26 03:50 - 2009-07-14 00:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-10-26 03:46 - 2010-08-20 04:21 - 01242139 _____ () C:\Windows\WindowsUpdate.log
    2014-10-25 17:23 - 2009-07-13 22:34 - 00000513 _____ () C:\Windows\win.ini
    2014-10-25 16:50 - 2011-08-18 19:14 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-10-25 16:49 - 2010-11-26 21:37 - 01654602 _____ () C:\Windows\PFRO.log
    2014-10-25 16:49 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-10-25 16:49 - 2009-07-14 00:51 - 00110825 _____ () C:\Windows\setupact.log
    2014-10-24 11:51 - 2012-08-03 19:20 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
    2014-10-24 11:51 - 2012-08-03 19:20 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
    2014-10-22 15:36 - 2014-04-06 19:49 - 00000000 ____D () C:\Users\Joey\AppData\Local\TB
    2014-10-22 14:19 - 2011-01-31 09:22 - 00000000 ____D () C:\Users\Joey\AppData\Local\CrashDumps
    2014-10-22 14:17 - 2009-07-14 01:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-10-21 13:39 - 2010-07-10 23:12 - 00000000 ____D () C:\ProgramData\Temp
    2014-10-21 12:56 - 2014-08-08 17:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-10-21 12:52 - 2010-07-11 00:34 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-10-21 12:37 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
    2014-10-21 10:47 - 2013-05-18 13:49 - 00000000 ____D () C:\temp
    2014-10-21 09:24 - 2012-06-13 19:31 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
    2014-10-21 09:24 - 2010-08-20 04:37 - 00000000 ____D () C:\Program Files (x86)\HP Games
    2014-10-21 09:24 - 2010-08-20 04:36 - 00000000 ____D () C:\ProgramData\WildTangent
    2014-10-21 09:24 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-10-21 09:23 - 2010-11-26 15:32 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\WildTangent
    2014-10-21 09:02 - 2012-04-21 15:10 - 00000000 ____D () C:\ProgramData\Yahoo!
    2014-10-21 08:39 - 2014-09-02 12:41 - 00000000 ____D () C:\ProgramData\c12f2f613465db07
    2014-10-21 08:17 - 2010-08-20 04:35 - 00000000 ____D () C:\ProgramData\Norton
    2014-10-20 21:24 - 2014-06-29 11:21 - 00000591 _____ () C:\Users\Joey\AppData\Roaming\Microsoft\Windows\Start Menu\How much for 911 to go digital - The Item Local News.website
    2014-10-20 13:18 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-10-18 17:57 - 2009-07-14 00:45 - 00419976 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-10-18 17:28 - 2010-11-26 14:46 - 00000000 ____D () C:\Users\Joey
    2014-10-18 17:25 - 2014-05-06 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
    2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
    2014-10-18 17:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-10-18 17:24 - 2010-08-20 04:33 - 00000000 ____D () C:\ProgramData\CinemaNow
    2014-10-18 17:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-10-18 17:24 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2014-10-18 17:23 - 2009-07-14 01:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
    2014-10-18 17:23 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
    2014-10-16 12:04 - 2010-11-26 15:00 - 00000000 ____D () C:\Users\Joey\AppData\Roaming\Adobe
    2014-10-16 06:42 - 2011-08-22 20:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-10-16 06:28 - 2013-07-16 06:35 - 00000000 ____D () C:\Windows\system32\MRT
    2014-10-16 06:20 - 2013-04-01 17:30 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-10-13 08:12 - 2013-12-12 21:02 - 00003072 _____ () C:\Windows\SysWOW64\Cache.db
    2014-10-12 15:38 - 2014-08-30 15:34 - 00000055 _____ () C:\Users\Joey\AppData\Roaming\mbam.context.scan
    2014-10-08 07:58 - 2012-06-16 11:59 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForJoey.job
    2014-10-08 07:58 - 2011-07-23 12:18 - 00003180 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJoey
    2014-10-08 07:58 - 2011-06-10 17:26 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForJOEY-HP$
    2014-10-08 07:58 - 2011-06-10 17:26 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job
    2014-10-02 15:53 - 2011-01-29 23:37 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

    Some content of TEMP:
    ====================
    C:\Users\Joey\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
    C:\Users\Joey\AppData\Local\Temp\Quarantine.exe
    C:\Users\Joey\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-10-26 00:22

    ==================== End Of Log ============================

     

     

     

     

     

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2014
    Ran by Joey at 2014-10-26 09:14:40
    Running from C:\Users\Joey\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
    AIO_CDB_ProductContext (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
    AIO_CDB_Software (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
    AIO_Scan (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
    Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
    AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden
    AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
    Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    BufferChm (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
    CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
    Comcast Desktop Software (v1.2.1) (HKLM-x32\...\{118C3943-1683-42EF-824D-C22E70DB42E7}) (Version: 24 - Comcast)
    CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
    CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    Fax (x32 Version: 82.0.188.000 - Hewlett-Packard) Hidden
    GamingWonderland Internet Explorer Toolbar (HKLM-x32\...\GamingWonderlandbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
    Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    HeadlineAlley Internet Explorer Toolbar (HKLM-x32\...\HeadlineAlley_29bar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
    HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
    HP Documentation (HKLM-x32\...\{5E25081D-9CB4-4B17-AD2B-8DF2DC335E85}) (Version: 1.1.1.0 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
    HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
    HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)
    HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
    iCloud (HKLM\...\{D1829BE5-F305-4576-9593-C66FC7E0B008}) (Version: 1.0.2.17 - Apple Inc.)
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    Intel® Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
    iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    KeepMySettingsX (HKLM-x32\...\KeepMySettingsX) (Version:  - InstallX, LLC) <==== ATTENTION
    MediaBar (HKLM-x32\...\BearShare MediaBar) (Version: 2.0.0.93720 - Musiclab, LLC) <==== ATTENTION
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
    PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
    Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
    PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
    QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6206 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30120 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Software (HKLM-x32\...\{901F0D4C-009D-1112-8DE4-03599E7B0C5C}) (Version: 1.00.10.0329 - REALTEK Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
    Reimage Protector (HKLM\...\Reimage Protector) (Version:  - Reimage)
    Roxio CinemaNow 2.0 (x32 Version: 1.0.278 - Hewlett-Packard) Hidden
    RtVOsd (HKLM\...\{091A0130-A82F-4A6D-9C61-3BBBB3289030}) (Version: 1.0.6 - Realtek Semiconductor Corp.)
    Scan (x32 Version: 8.1.0.0 - Hewlett-Packard) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.64 - Synaptics Incorporated)
    Toolbox (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
    UnloadSupport (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Web Bar 2.0.5343.21616 (HKCU\...\{0BCE8B0A-1E76-44E5-9909-3CF804D92E4D}_is1) (Version: 2.0.5343.21616 - Web Bar Media)
    WebReg (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
    Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3851006659-123458156-2832309802-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Joey\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

    ==================== Restore Points  =========================

    21-10-2014 13:21:38 Removed Norton Online Backup
    21-10-2014 13:22:27 Removed Norton Online Backup
    21-10-2014 13:59:35 Installed AVG 2015
    21-10-2014 14:00:25 Removed AVG 2015
    21-10-2014 14:03:37 Installed AVG 2015
    21-10-2014 14:04:00 Installed AVG 2015
    22-10-2014 15:45:29 JavaMSIFix
    22-10-2014 18:24:35 JavaMSIFix
    22-10-2014 18:45:05 Windows Update
    24-10-2014 15:44:56 DCInstallRestorePoint
    25-10-2014 20:46:10 Removed Norton Online Backup

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {03B4B85F-9080-42EA-8DF5-24F983820CED} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
    Task: {1B563FFA-B213-4C85-AE47-3C21165207AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
    Task: {1B93AA3B-8A3E-4800-BDF3-3F25A3302F36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
    Task: {1C578182-8F08-4D9D-8CF8-2CA0E80EA8D3} - System32\Tasks\HPCeeScheduleForJoey => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {1EDF4FFB-1764-4CF4-BD53-F10F12F5163A} - System32\Tasks\HPCeeScheduleForJOEY-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
    Task: {30A29AAB-1E1D-40AF-9E2A-B9BA4C113DEA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {35A72398-4A87-41CB-ACF1-77EABBE49C84} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {45AA0DE3-78C2-45E4-9608-B4C86E7E9FA0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
    Task: {4982C457-54A8-4EA8-B4FC-88798259C349} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
    Task: {67203623-4015-4AA0-8CBD-570AD5A2C8AD} - System32\Tasks\KeepMySettingsX => C:\Users\Joey\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
    Task: {91EAAFA3-E1BE-409B-85CD-68FC824E40C0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
    Task: {B08B0710-D51A-4BE0-BEBF-683020C97E47} - System32\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe => C:\Users\Joey\AppData\Local\Temp\qs_100e2750\mediaplayer\VideoBuzz_installer.exe <==== ATTENTION
    Task: {B5450CFA-0404-4E89-BE6E-FA68793CAF3C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.)
    Task: {BF50918A-34C1-47CC-BBFB-C94A6D7CE0C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
    Task: {CAF4017D-C689-46C9-9810-5E85F56664DE} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
    Task: {D06C066A-4246-4FCA-9B33-432044B34CF3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-06] (Google Inc.)
    Task: {D235E143-2178-49A5-9A73-B32879257315} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3851006659-123458156-2832309802-1001
    Task: {ED6FE846-D31E-4BC3-805F-3DC9C269CC02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
    Task: {EF501002-9025-43A4-9F2D-B97E8D7DCCA1} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
    Task: {F3BFB125-EE39-46E4-AF32-34AC21F2FBCE} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: {F515BB5A-A469-40F3-8134-0D35CB316C46} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\C__Users_Joey_AppData_Local_Temp_qs_100e2750_mediaplayer_VideoBuzz_installer.exe.job => C:\Users\Joey\AppData\Local\Temp\qs_100e2750\mediaplayer\VideoBuzz_installer.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001Core.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851006659-123458156-2832309802-1001UA.job => C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForJOEY-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForJoey.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

    ==================== Loaded Modules (whitelisted) =============

    2014-10-16 12:01 - 2014-06-19 16:09 - 00813568 _____ () C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\ISightSDK_x64.dll
    2014-10-25 16:51 - 2014-10-25 16:51 - 00003072 _____ () C:\Users\Joey\AppData\Local\Temp\isdk9nkg6Hge\ISightHost.exe
    2014-10-25 16:51 - 2014-06-19 16:09 - 00813568 _____ () C:\Users\Joey\AppData\Local\Temp\isdk9nkg6Hge\ISightSDK.DLL
    2010-06-18 19:26 - 2010-06-18 19:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
    2010-06-18 19:26 - 2010-06-18 19:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
    2010-06-18 19:26 - 2010-06-18 19:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
    2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2010-02-09 21:58 - 2010-02-09 21:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
    2010-02-09 21:58 - 2010-02-09 21:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
    2010-02-09 21:58 - 2010-02-09 21:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
    2010-02-09 21:58 - 2010-02-09 21:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
    2010-02-09 21:58 - 2010-02-09 21:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
    2010-02-09 21:58 - 2010-02-09 21:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
    2010-02-09 21:58 - 2010-02-09 21:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
    2010-02-09 21:58 - 2010-02-09 21:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:373E1720
    AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ========================= Accounts: ==========================

    Administrator (S-1-5-21-3851006659-123458156-2832309802-500 - Administrator - Disabled)
    Guest (S-1-5-21-3851006659-123458156-2832309802-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3851006659-123458156-2832309802-1002 - Limited - Enabled)
    Joey (S-1-5-21-3851006659-123458156-2832309802-1001 - Administrator - Enabled) => C:\Users\Joey

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (10/26/2014 00:06:49 AM) (Source: SideBySide) (EventID: 63) (User: )
    Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
    The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

    Error: (10/25/2014 05:23:36 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

    Error: (10/25/2014 05:23:36 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

    Error: (10/25/2014 05:01:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

    Error: (10/25/2014 05:01:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

    Error: (10/25/2014 05:01:26 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

    Error: (10/25/2014 05:01:26 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

    Error: (10/25/2014 04:58:04 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

    Error: (10/25/2014 04:58:04 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.

    Error: (10/25/2014 04:56:10 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.


    System errors:
    =============
    Error: (10/25/2014 05:27:17 PM) (Source: bowser) (EventID: 8003) (User: )
    Description: The master browser has received a server announcement from the computer HOME-PC
    that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
    The master browser is stopping or an election is being forced.

    Error: (10/25/2014 05:03:17 PM) (Source: bowser) (EventID: 8003) (User: )
    Description: The master browser has received a server announcement from the computer HOME-PC
    that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
    The master browser is stopping or an election is being forced.

    Error: (10/25/2014 04:52:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The HP Support Assistant Service service failed to start due to the following error:
    %%2

    Error: (10/25/2014 04:51:17 PM) (Source: bowser) (EventID: 8003) (User: )
    Description: The master browser has received a server announcement from the computer HOME-PC
    that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
    The master browser is stopping or an election is being forced.

    Error: (10/25/2014 04:42:30 PM) (Source: bowser) (EventID: 8003) (User: )
    Description: The master browser has received a server announcement from the computer HOME-PC
    that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
    The master browser is stopping or an election is being forced.

    Error: (10/25/2014 04:21:46 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

    Error: (10/25/2014 03:18:34 PM) (Source: bowser) (EventID: 8003) (User: )
    Description: The master browser has received a server announcement from the computer HOME-PC
    that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D151B98E-B38E-4B51-B1B1-820C0BFAAF1D}.
    The master browser is stopping or an election is being forced.


    Microsoft Office Sessions:
    =========================
    Error: (10/26/2014 00:06:49 AM) (Source: SideBySide) (EventID: 63) (User: )
    Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

    Error: (10/25/2014 05:23:36 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (10/25/2014 05:23:36 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (10/25/2014 05:01:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (10/25/2014 05:01:55 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (10/25/2014 05:01:26 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (10/25/2014 05:01:26 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (10/25/2014 04:58:04 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (10/25/2014 04:58:04 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (10/25/2014 04:56:10 PM) (Source: MsiInstaller) (EventID: 11606) (User: NT AUTHORITY)
    Description: Product: AIO_CDB_ProductContext -- Error 1606. Could not access network location %APPDATA%\.(NULL)(NULL)(NULL)(NULL)(NULL)


    ==================== Memory info ===========================

    Processor: Intel® Pentium® CPU P6100 @ 2.00GHz
    Percentage of memory in use: 48%
    Total physical RAM: 2933.86 MB
    Available physical RAM: 1515.04 MB
    Total Pagefile: 5865.9 MB
    Available Pagefile: 3632.82 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:281.58 GB) (Free:208.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (RECOVERY) (Fixed) (Total:16.22 GB) (Free:2.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 298.1 GB) (Disk ID: 880AFEC3)
    Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=281.6 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=16.2 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

    ==================== End Of Log ============================



    #7 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 26 October 2014 - 08:14 AM

    Run this quick fix and let me know after the fix if it is gone

     

     

    Open notepad (Start --> All Programs --> Accessories --> Notepad).
    Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    Save it to the same directory as FRST or FRST64 as fixlist.txt. (it has to be right next to FRST or FRST64) either in a directory you saved FRST or FRST64 or on your desktop if thats where you saved it.
    You can use your mouse to drag Fixlist right next to FRST or FRST64, either above or below it but not on top of it.
     
    Start
    CloseProcesses:
    (Web Bar Media) C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe
    C:\Users\Joey\AppData\Local\WebBar
    HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [WebBar] => C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe [195056 2014-08-18] (Web Bar Media)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKCU - {5BF486E2-20C5-4DB9-AF4C-431948759845} URL =
    Toolbar: HKLM-x32 - HeadlineAlley - {8f61e414-ea79-4559-8bb6-61d956f70306} - C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29bar.dll No File
    C:\Program Files (x86)\HeadlineAlley_29
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
    Toolbar: HKCU - No Name - {8F61E414-EA79-4559-8BB6-61D956F70306} -  No File
    2014-10-16 12:01 - 2014-10-18 17:36 - 00000000 ____D () C:\Users\Joey\AppData\Local\WebBar
    Task: {67203623-4015-4AA0-8CBD-570AD5A2C8AD} - System32\Tasks\KeepMySettingsX => C:\Users\Joey\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
    C:\Users\Joey\AppData\Roaming\KeepMySettingsX
    CMD: ipconfig /flushdns
    Hosts:
    EmptyTemp:
    End
    
     
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
     
    Then open FRST or FRST64 and click on fix
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #8 tcdollar

    tcdollar

      Authentic Member

    • Authentic Member
    • PipPip
    • 47 posts

    Posted 26 October 2014 - 08:38 AM

    Awesome! 

     

    Web Bar is gone from the desktop now, I do still see it in Control Panel Programs, though - but didn't want to try to uninstall it again before checking with you first.  Here's the Fixlog.txt report:

     

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-10-2014
    Ran by Joey at 2014-10-26 10:25:45 Run:1
    Running from C:\Users\Joey\Desktop
    Loaded Profile: Joey (Available profiles: Joey)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    Start
    CloseProcesses:
    (Web Bar Media) C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe
    C:\Users\Joey\AppData\Local\WebBar
    HKU\S-1-5-21-3851006659-123458156-2832309802-1001\...\Run: [WebBar] => C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe [195056 2014-08-18] (Web Bar Media)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKCU - {5BF486E2-20C5-4DB9-AF4C-431948759845} URL =
    Toolbar: HKLM-x32 - HeadlineAlley - {8f61e414-ea79-4559-8bb6-61d956f70306} - C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29bar.dll No File
    C:\Program Files (x86)\HeadlineAlley_29
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
    Toolbar: HKCU - No Name - {8F61E414-EA79-4559-8BB6-61D956F70306} -  No File
    2014-10-16 12:01 - 2014-10-18 17:36 - 00000000 ____D () C:\Users\Joey\AppData\Local\WebBar
    Task: {67203623-4015-4AA0-8CBD-570AD5A2C8AD} - System32\Tasks\KeepMySettingsX => C:\Users\Joey\AppData\Roaming\KeepMySettingsX\keepmysettingsx.exe
    C:\Users\Joey\AppData\Roaming\KeepMySettingsX
    CMD: ipconfig /flushdns
    Hosts:
    EmptyTemp:
    End
    *****************

    Processes closed successfully.
    [3584] C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe => Process closed successfully.

    "C:\Users\Joey\AppData\Local\WebBar" directory move:

    C:\Users\Joey\AppData\Local\WebBar\ISightSDK.dll => Moved successfully.
    C:\Users\Joey\AppData\Local\WebBar\unins000.exe => Moved successfully.
    C:\Users\Joey\AppData\Local\WebBar\wb.app.settings => Moved successfully.
    Could not move "C:\Users\Joey\AppData\Local\WebBar\wb.log" => Scheduled to move on reboot.
    C:\Users\Joey\AppData\Local\WebBar\wb.user.settings => Moved successfully.
    C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\Interop.SHDocVw.dll => Moved successfully.
    C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\ISightSDK.dll => Moved successfully.
    C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\ISightSDK_x64.dll => Moved successfully.
    C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\log4net.dll => Moved successfully.
    C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\Newtonsoft.Json.dll => Moved successfully.
    C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe => Moved successfully.
    C:\Users\Joey\AppData\Local\WebBar\2.0.5343.21616\wb.exe.config => Moved successfully.
    Could not move "C:\Users\Joey\AppData\Local\WebBar" directory. => Scheduled to move on reboot.

    HKU\S-1-5-21-3851006659-123458156-2832309802-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WebBar => value deleted successfully.
    "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
    "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5BF486E2-20C5-4DB9-AF4C-431948759845}" => Key deleted successfully.
    "HKCR\CLSID\{5BF486E2-20C5-4DB9-AF4C-431948759845}" => Key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8f61e414-ea79-4559-8bb6-61d956f70306} => value deleted successfully.
    "HKCR\Wow6432Node\CLSID\{8f61e414-ea79-4559-8bb6-61d956f70306}" => Key deleted successfully.
    "C:\Program Files (x86)\HeadlineAlley_29" => File/Directory not found.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
    "HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8F61E414-EA79-4559-8BB6-61D956F70306} => value deleted successfully.
    "HKCR\CLSID\{8F61E414-EA79-4559-8BB6-61D956F70306}" => Key not found.
    C:\Users\Joey\AppData\Local\WebBar => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{67203623-4015-4AA0-8CBD-570AD5A2C8AD}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67203623-4015-4AA0-8CBD-570AD5A2C8AD}" => Key deleted successfully.
    C:\Windows\System32\Tasks\KeepMySettingsX => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KeepMySettingsX" => Key deleted successfully.
    C:\Users\Joey\AppData\Roaming\KeepMySettingsX => Moved successfully.

    =========  ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========

    C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
    Hosts was reset successfully.
    EmptyTemp: => Removed 608.9 MB temporary data.

    => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-10-26 10:29:23)<=

    C:\Users\Joey\AppData\Local\WebBar\wb.log => Is moved successfully.
    C:\Users\Joey\AppData\Local\WebBar => Is moved successfully.

    ==== End of Fixlog ====



    #9 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 26 October 2014 - 10:35 AM

    Great, you can go into Programs and Features in the Control Panel and look for WebBar, click uninstall , you will most likely get a message that its been uninstalled do you want to remove it from the list .....say yes

     

     

     

    Double click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.
  •  
     
    ==========================================================
     
     
    Please download DelFix and save the file to your Desktop.
     
  • Windows XP Double Click DelFix.exe to run the program. 
  • Windows Vista > Win 7 > Win 8 Right Click on DelFix.exe and select RUN AS ADMINISTRATOR 
  • Place a checkmark next to the following items
  • Activate UAC
  • Remove Disinfection Tools
  • Create registry backup
  • Reset System Settings
  •  
    Click the Run button
     
    This will remove the specialised tools we used to clean your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually
     
     
     
    ==========================================================
     
     
     
    How did I get infected in the first place ?    
    Read these links and find out how to prevent getting infected again.
  • Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.
  •  
     
    Safe Surfn
    Ken


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #10 tcdollar

    tcdollar

      Authentic Member

    • Authentic Member
    • PipPip
    • 47 posts

    Posted 26 October 2014 - 10:53 AM

    Hey Ken -

     

    Don't know how to thank you for all your help!  Your quick and knowledgable assistance has been most sincerely appreciated !

     

    Thanks, so much, again !!

     

    Take care -

     

    TCDollar

     

     

    P.S.    which free antivirus program would you suggest for someone that mostly plays multi-player online games (predominantly MSN) ?


    Edited by tcdollar, 26 October 2014 - 10:57 AM.

      Advertisements

    Register to Remove


    #11 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 26 October 2014 - 11:41 AM

    I have been using Microsoft Security Essentials for years and never had a problem with it

    http://www.microsoft...ls.aspx?id=5201

     

    I also use the Pro Version of Malwarebytes, it blocks bad sites from loading, the cost is minimal but this of course is up to you

     

    The above two programs are all i need and they work well together

     

     

    Take care my friend

     

    Ken :)



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #12 tcdollar

    tcdollar

      Authentic Member

    • Authentic Member
    • PipPip
    • 47 posts

    Posted 26 October 2014 - 12:30 PM

    Hey Ken -

     

    Hope ya don't mind if I bug you about one more small issue ............ everything else seems great, but there's still one file in the Control Panel Programs that won't disappear - "HeadlineAlley Internet Explorer Toolbar".  When I try to uninstall it, I get the error message:

     

    " There was a problem starting C:\Program Files (x86)\HeadlineAlley_29\bar\1.bin\29Bar.dll

    The specified module could not be found."

     

    I'm sure it's not a major thing, but wanted to make sure it won't be an issue farther down the line.    Thanks!!



    #13 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 26 October 2014 - 01:44 PM

    No problem at all, thats why we're here 

     

    Read this

    http://www.systemloo...-29bar_dll.html

     

    Is it giving you problems on start up ? 

     

     

    Open FRST and copy and paste this in to the search box and click on Search Files

    HeadlineAlley



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #14 tcdollar

    tcdollar

      Authentic Member

    • Authentic Member
    • PipPip
    • 47 posts

    Posted 26 October 2014 - 01:53 PM

    Thanks, Ken -

     

    There doesn't seem to be any problem with/on startup - please refresh my memory, though, I don't remember which program FRST is ? Since we removed all the tools earlier, it's not on the desktop anymore  : )



    #15 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 26 October 2014 - 02:13 PM

    My Bad sorry   :blush:

     

    If its just a left over entry in the Control Panel I wouldn't worry about it as long as its not running and causing you problems

     

    But lets take a peak, you will need the 64 bit  version

     

    Download and Run SystemLook
     
    Please download SystemLook from one of the links below and save it to your Desktop.
     
    •  
    • Double-click SystemLook.exe to run it.
    • Copy the content of the following codebox into the main textfield:
    :folderfind
    HeadlineAlley
    :filefind
    HeadlineAlley
     
    
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users