Solved Major issues. Pop ups, windows opening randomly, etc.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Kelly on Tue 01/27/2015 at 21:54:22.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 01/27/2015 at 22:14:11.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Kelly (administrator) on LIVING on 27-01-2015 22:22:00
Running from C:\Users\Kelly\Downloads
Loaded Profiles: Kelly (Available profiles: Kelly)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(MicroStudio) C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
(MicroTools) C:\Program Files (x86)\YouTube Downloader Services\P4\youtubeserv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
() C:\Users\Kelly\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\Kelly\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6549136 2012-07-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2068992 2011-12-14] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [OSDTool] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe [2101248 2012-06-13] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-16] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [1435136 2014-10-03] ()
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [PCKeeper2] => "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [GenieoUpdaterService] => C:\Users\Kelly\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe [294240 2014-10-20] ()
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [GenieoSystemTray] => C:\Users\Kelly\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe [539488 2014-10-20] ()
HKU\S-1-5-18\...\Run: [GenieoUpdaterService] => C:\Users\Kelly\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe [294240 2014-10-20] ()
HKU\S-1-5-18\...\Run: [GenieoSystemTray] => C:\Users\Kelly\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe [539488 2014-10-20] ()
HKU\S-1-5-18\...\Run: [StartPoint] => C:\Users\Kelly\AppData\Local\StartPoint\startpoint\1.3.18.7\startpoint.exe
HKU\S-1-5-18\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1484.0.0.0\jsdrv.exe
HKU\S-1-5-18\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-4052977653-386163532-366534634-1001] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.strtpoint.com/?v=insMac&t=1411&ap=578080078
HKU\S-1-5-21-4052977653-386163532-366534634-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=COSP&ptag=D010715-AE3372CAF8274412FA2F&form=CONMHP&conlogo=CT3330942
HKU\S-1-5-21-4052977653-386163532-366534634-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {E67F2FA0-804A-4E2B-BFFF-C16E8628E10A} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {E67F2FA0-804A-4E2B-BFFF-C16E8628E10A} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A293DF6-9396-4C80-B4CC-A51E96A84702} URL = http://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=663
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4052977653-386163532-366534634-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-4052977653-386163532-366534634-1001 -> {E67F2FA0-804A-4E2B-BFFF-C16E8628E10A} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: adTech Class -> {934B156A-3D17-3981-B78A-5C138F423AD6} -> C:\Users\Kelly\AppData\Roaming\pdfie\PdfConv_64.dll ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: adTech Class -> {934B156A-3D17-3981-B78A-5C138F423AD6} -> C:\Users\Kelly\AppData\Roaming\pdfie\PdfConv_32.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\2mgjvxz0.default-1420589058988
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: SourceApp 1.0.1 - C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\2mgjvxz0.default-1420589058988\Extensions\{95282a5e-d707-43c0-b998-d6a934a963a8}.xpi [2015-01-09]
FF Extension: Super Web Accelerator ! - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\firefox [2014-12-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-28]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-17]
CHR Extension: (Google Drive) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-18]
CHR Extension: (YouTube) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-17]
CHR Extension: (Google Search) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-17]
CHR Extension: (Avast Online Security) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-17]
CHR Extension: (Google Wallet) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-17]
CHR Extension: (Google Quick Scroll) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2015-01-27]
CHR Extension: (SourceApp) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okaoifjanopnhpfhindbpjfkhgpdppaa [2014-12-17]
CHR Extension: (Gmail) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-07-19] (Hewlett-Packard)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 print server; C:\WINDOWS\UpgradeSvr.exe [106688 2014-11-17] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-12-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]
R2 YouTubeDownload_P4; C:\Program Files (x86)\YouTube Downloader Services\P4\youtubeserv.exe [2968696 2014-12-13] (MicroTools)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-16] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-16] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 fileHiders; C:\Windows\System32\DRIVERS\fileHiders.sys [32464 2014-12-15] ()
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-01-27] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S2 SPDRIVER_1484.0.0.0; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1484.0.0.0\jsdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 22:22 - 2015-01-27 22:22 - 00021167 _____ () C:\Users\Kelly\Downloads\FRST.txt
2015-01-27 22:21 - 2015-01-27 22:21 - 00001457 _____ () C:\Users\Kelly\Desktop\FRST64.exe - Shortcut.lnk
2015-01-27 22:20 - 2015-01-27 22:20 - 02129920 _____ (Farbar) C:\Users\Kelly\Downloads\FRST64.exe
2015-01-27 22:14 - 2015-01-27 22:14 - 00000622 _____ () C:\Users\Kelly\Desktop\JRT.txt
2015-01-27 22:11 - 2015-01-27 22:11 - 00004966 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LIVING-Kelly Living
2015-01-27 22:10 - 2015-01-27 22:10 - 00003228 _____ () C:\WINDOWS\System32\Tasks\DriverMgr
2015-01-27 22:10 - 2015-01-27 22:10 - 00003222 _____ () C:\WINDOWS\System32\Tasks\WinKit
2015-01-27 22:10 - 2015-01-27 22:10 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\Winsta
2015-01-27 22:10 - 2015-01-27 22:10 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\WinKit
2015-01-27 22:10 - 2015-01-27 22:10 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\pdfie
2015-01-27 22:10 - 2015-01-27 22:10 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\Convertor
2015-01-27 21:53 - 2015-01-27 21:53 - 01707939 _____ (Thisisu) C:\Users\Kelly\Desktop\JRT.exe
2015-01-27 20:35 - 2015-01-27 20:35 - 00026415 _____ () C:\Users\Kelly\Desktop\mbam new.txt
2015-01-27 17:02 - 2015-01-27 17:02 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2015-01-27 17:01 - 2015-01-27 17:01 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\SysWOW64\AniGIF.ocx
2015-01-27 17:01 - 2015-01-27 17:01 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-01-27 17:01 - 2015-01-27 17:01 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2015-01-09 20:14 - 2015-01-09 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Itibiti VoIP Phone
2015-01-09 20:14 - 2015-01-09 20:15 - 00000000 ____D () C:\Program Files (x86)\Itibiti Soft Phone
2015-01-09 20:13 - 2015-01-09 20:13 - 00000000 ____D () C:\WINDOWS\Download
2015-01-06 19:23 - 2015-01-06 19:23 - 00003504 _____ () C:\WINDOWS\System32\Tasks\BBQLeads
2015-01-06 19:23 - 2015-01-06 19:23 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\WebTest
2015-01-06 19:15 - 2015-01-06 19:17 - 00000000 ____D () C:\Users\Kelly\AppData\Local\Lavasoft
2015-01-06 19:14 - 2015-01-06 19:14 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\Lavasoft
2015-01-06 19:14 - 2015-01-06 19:14 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-06 19:04 - 2015-01-06 19:04 - 00000000 ____D () C:\Users\Kelly\Desktop\Old Firefox Data
2015-01-06 18:49 - 2015-01-06 18:49 - 00000000 __SHD () C:\Users\Kelly\AppData\Local\EmieBrowserModeList
2015-01-03 23:35 - 2015-01-03 23:35 - 00000000 ____D () C:\Program Files (x86)\Software Update Services
2014-12-30 23:52 - 2014-12-30 23:52 - 00002678 _____ () C:\Users\Kelly\Desktop\FSS2.txt
2014-12-30 23:41 - 2014-12-30 23:41 - 00001138 _____ () C:\Users\Kelly\Desktop\checkup.txt
2014-12-30 23:17 - 2014-12-30 23:17 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 22:22 - 2014-12-23 01:03 - 00000000 ____D () C:\FRST
2015-01-27 22:21 - 2013-12-18 00:24 - 00560128 ___SH () C:\Users\Kelly\Downloads\Thumbs.db
2015-01-27 22:19 - 2013-12-10 11:46 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-27 22:10 - 2014-12-22 22:52 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\jellylam
2015-01-27 22:10 - 2014-12-19 00:23 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-01-27 22:10 - 2014-12-17 21:55 - 00003764 _____ () C:\WINDOWS\System32\Tasks\Convertor
2015-01-27 22:10 - 2014-12-17 21:55 - 00003280 _____ () C:\WINDOWS\System32\Tasks\Winsta Update
2015-01-27 22:10 - 2013-12-18 02:04 - 00000000 ___DO () C:\Users\Kelly\SkyDrive
2015-01-27 22:10 - 2013-08-22 10:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-01-27 22:09 - 2013-11-25 02:04 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4052977653-386163532-366534634-1001
2015-01-27 22:04 - 2014-02-02 21:25 - 00475648 ___SH () C:\Users\Kelly\Desktop\Thumbs.db
2015-01-27 22:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-27 21:58 - 2014-12-17 21:45 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-27 21:58 - 2014-12-17 21:45 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-27 21:51 - 2013-12-17 21:46 - 00000000 ____D () C:\Users\Kelly\Tracing
2015-01-27 21:04 - 2012-08-24 18:00 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-01-27 21:02 - 2014-12-17 21:44 - 00003198 _____ () C:\WINDOWS\UpgradeSvr.exe.log
2015-01-27 21:02 - 2013-11-14 02:20 - 01005720 _____ () C:\WINDOWS\PFRO.log
2015-01-27 21:02 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-27 21:01 - 2014-12-22 22:35 - 00000000 ____D () C:\AdwCleaner
2015-01-27 21:01 - 2013-12-18 01:05 - 00000000 ____D () C:\Users\Kelly
2015-01-27 21:00 - 2012-08-24 18:09 - 00000000 ____D () C:\ProgramData\Temp
2015-01-27 20:47 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-27 20:33 - 2014-12-22 00:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-27 20:33 - 2014-12-21 23:58 - 00000000 ____D () C:\Users\Kelly\Desktop\mbar
2015-01-27 20:33 - 2014-12-18 23:41 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-27 20:19 - 2013-12-10 11:46 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-27 20:04 - 2014-12-18 23:41 - 00097496 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-27 20:02 - 2013-11-25 01:58 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0739E881-050B-4741-8D6F-9172584A47C7}
2015-01-27 19:54 - 2014-12-21 00:47 - 00035064 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-01-27 17:34 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\IME
2015-01-27 17:33 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-27 17:33 - 2013-08-22 08:25 - 00000229 _____ () C:\WINDOWS\win.ini
2015-01-27 17:25 - 2014-12-17 21:46 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-27 17:19 - 2013-12-18 01:22 - 01418273 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-27 17:12 - 2014-01-28 19:51 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-27 16:58 - 2014-12-17 21:54 - 00000030 _____ () C:\WINDOWS\UpdateSvrCfg.dat
2015-01-27 16:57 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-09 20:13 - 2014-12-17 21:44 - 00000000 ____D () C:\Program Files (x86)\Ainishare
2015-01-09 20:11 - 2014-12-21 01:27 - 00000000 ____D () C:\Users\Kelly\AppData\Local\CrashDumps
2015-01-05 19:42 - 2014-01-16 17:59 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-05 19:41 - 2014-01-16 17:59 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-05 18:38 - 2014-12-17 22:01 - 00000000 ____D () C:\ProgramData\Optimizer
2015-01-05 18:37 - 2014-12-17 22:04 - 00000000 ____D () C:\ProgramData\Windows VXM
2015-01-03 23:35 - 2014-12-17 22:01 - 00000000 ____D () C:\Program Files (x86)\YouTube Downloader Services
2015-01-03 07:34 - 2014-02-11 20:34 - 00003160 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForKelly
2015-01-03 07:34 - 2014-02-11 20:34 - 00000346 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForKelly.job
2014-12-30 23:43 - 2014-12-23 23:32 - 00002678 _____ () C:\Users\Kelly\Desktop\FSS.txt

==================== Files in the root of some directories =======

2014-04-07 18:51 - 2014-04-07 19:04 - 0000822 _____ () C:\ProgramData\hpzinstall.log
2012-08-24 19:13 - 2012-08-24 19:13 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some content of TEMP:
====================
C:\Users\Kelly\AppData\Local\Temp\cabex.dll
C:\Users\Kelly\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Kelly\AppData\Local\Temp\GsDownload.dll
C:\Users\Kelly\AppData\Local\Temp\InstallGenieo.exe
C:\Users\Kelly\AppData\Local\Temp\Itibiti_Knctr_B.exe
C:\Users\Kelly\AppData\Local\Temp\Quarantine.exe
C:\Users\Kelly\AppData\Local\Temp\Setup.exe
C:\Users\Kelly\AppData\Local\Temp\SpOrder.dll
C:\Users\Kelly\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Kelly\AppData\Local\Temp\sqlite3.dll
C:\Users\Kelly\AppData\Local\Temp\unelevate.exe
C:\Users\Kelly\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-27 21:17

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Kelly at 2015-01-27 22:24:19
Running from C:\Users\Kelly\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D110 (x32 Version: 140.0.353.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.13 - Piriform)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocToPDFConverter (HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\DocToPDFConverter) (Version: 01.00.00.00 - VolatoTech)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Flv Player (HKLM-x32\...\{CC86C6C4-7E7D-8447-BA9D-2FD7823E5754}_is1) (Version: 14.1.0 - Ainishare International LLC.)
Free PC Cleaner (HKLM-x32\...\{6B01D54E-1E2D-4566-8217-B75ABDEB201B}_is1) (Version: 1.0.0 - Ainishare LLC.)
freecenterlite (HKLM-x32\...\{970B1835-2440-4397-B94B-92A9A74C1D82}_is1) (Version: 1.0.0 - Ainishare International LLC.)
Genieo (HKU\.DEFAULT\...\genieo) (Version: 1.0.400 - Genieo Innovation Ltd.)
Genieo (HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\genieo) (Version: 1.0.400 - Genieo Innovation Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1202 - Hewlett-Packard)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.7 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{A5E2418D-B360-419D-AAAD-0D8F2E98FBF6}) (Version: 14.0 - HP)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Knctr (HKLM-x32\...\Itibiti_is1) (Version: - Itibiti Inc.)
KromtechAccountService (Version: 1.1.25 - Kromtech) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PCKeeper (Version: 2.2.941 - Kromtech) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.365.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Solid YouTube Downloader and Converter 6.1.9.0 (HKLM-x32\...\{66732EEE-ECBC-4CA6-A474-ytd}_is1) (Version: - DreamVideoSoft,Inc.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
StartPoint (HKU\.DEFAULT\...\startpoint) (Version: - StartPoint) <==== ATTENTION!
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4052977653-386163532-366534634-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kelly\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

09-01-2015 20:08:32 LavasoftWeCompanion
27-01-2015 21:13:42 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03464D0F-2D4A-475E-8647-F080FA4A04BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {0F4CC2DC-89FC-42A3-8154-FBB1D56DDB87} - System32\Tasks\avastBCLRestartS-1-5-21-4052977653-386163532-366534634-1001 => Firefox.exe
Task: {225F7BDB-265D-4176-BCF6-641B486BE08A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)
Task: {2BFAB7AA-9DF6-42B4-8EED-42E3F7D76668} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LIVING-Kelly Living => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {49B415D4-BD6F-48E9-A238-720AF4B0C3C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-17] (Google Inc.)
Task: {4A804477-A7C8-44EA-B8D9-EA19BA158353} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {4CD1F5C9-7A38-4190-AFDA-78A11E680D5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {4D34FB4F-3577-4211-97A3-5E6CCD9E1D95} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {53EE2C0B-7B24-46DB-B3E1-E30A308FAD4F} - System32\Tasks\BBQLeads => C:\Program Files (x86)\bbqleads\ScheduledTask.exe
Task: {565A2703-4F37-496E-8B87-369496245B66} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4052977653-386163532-366534634-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {6A1E7745-3413-4D2E-B81A-83620A93E30F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6C623341-7A14-42BA-99E4-E1DE4512F9D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {77F4331C-019F-45FB-9BEA-D14729151DAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-17] (Google Inc.)
Task: {82EB495E-5D17-4E3B-8EF1-8F1D270E39FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {91BB7A56-CDFC-41F0-89C2-6BC2B237A925} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {9E1FF6D0-94DB-4E76-AC0C-6C6FA9A3E545} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {AFA4CBE2-C8FE-4728-8190-D745E8A172B4} - System32\Tasks\Convertor => C:\Users\Kelly\AppData\Roaming\Convertor\Convertor.exe [2015-01-27] ()
Task: {B26EDD0E-8499-4B2D-8BF3-5BF8CBE7A619} - System32\Tasks\Kromtech updater => C:\ProgramData\Kromtech\installer.exe
Task: {B8F2FC71-0AD8-44EA-8316-E391F0896E0C} - System32\Tasks\DriverMgr => C:\Users\Kelly\AppData\Roaming\jellylam\rinti.exe [2014-12-09] ()
Task: {BCA769CA-4C99-4B13-AC9A-3C945F213B17} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {D0A4D0A6-E70D-47AA-AFB6-FC5FE3FCFBCF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-16] (AVAST Software)
Task: {E2292C0B-2476-4E78-B201-E43124A4051A} - System32\Tasks\WinKit => C:\Users\Kelly\AppData\Roaming\WinKit\Updater.exe [2015-01-21] ()
Task: {E6B2C07F-1D20-46A6-801B-E71561E9013B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-27] (Adobe Systems Incorporated)
Task: {ECEBFF77-EC1F-4048-A96B-8D766A132041} - System32\Tasks\Winsta Update => C:\Users\Kelly\AppData\Roaming\Winsta\Winsta.exe [2015-01-21] ()
Task: {FD10BCBA-DEF0-437A-91E7-4F1D1B5779EE} - System32\Tasks\HPCeeScheduleForKelly => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForKelly.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-04-02 21:40 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-07-19 20:06 - 2012-07-19 20:06 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-07-19 20:06 - 2012-07-19 20:06 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-07-19 20:07 - 2012-07-19 20:07 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-12-18 02:00 - 2013-12-18 02:00 - 00120224 _____ () C:\Users\Kelly\AppData\Local\assembly\dl3\KRYLADMR.NY1\2EGDHX9Q.NLR\3bf7edf8\0038bcf4_1366cd01\HPItunesModule.DLL
2014-10-03 03:08 - 2014-10-03 03:08 - 01435136 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
2014-10-20 04:45 - 2014-10-20 04:45 - 00539488 _____ () C:\Users\Kelly\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe
2012-05-04 18:42 - 2012-05-04 18:42 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2014-10-20 04:45 - 2014-10-20 04:45 - 00294240 _____ () C:\Users\Kelly\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe
2014-11-24 00:00 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-10-16 10:45 - 2014-10-16 10:45 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-27 16:52 - 2015-01-27 16:52 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012701\algo.dll
2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 12:19 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-09 20:04 - 2015-01-09 20:04 - 00541696 _____ () C:\Users\Kelly\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
2012-08-24 18:22 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-24 18:35 - 2009-02-19 19:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.DLL
2014-10-16 10:45 - 2014-10-16 10:45 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-23 23:58 - 2014-11-23 23:58 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-11-23 23:59 - 2014-11-23 23:59 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-01-27 17:25 - 2015-01-25 16:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 17:25 - 2015-01-25 16:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 17:25 - 2015-01-25 16:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
2015-01-27 17:25 - 2015-01-25 16:08 - 14913864 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\Kelly\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4052977653-386163532-366534634-500 - Administrator - Disabled)
Guest (S-1-5-21-4052977653-386163532-366534634-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4052977653-386163532-366534634-1005 - Limited - Enabled)
Kelly (S-1-5-21-4052977653-386163532-366534634-1001 - Administrator - Enabled) => C:\Users\Kelly

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/27/2015 10:22:37 PM) (Source: DCOM) (EventID: 10010) (User: LIVING)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/27/2015 10:22:07 PM) (Source: DCOM) (EventID: 10010) (User: LIVING)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/27/2015 10:21:37 PM) (Source: DCOM) (EventID: 10010) (User: LIVING)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 49%
Total physical RAM: 3665.86 MB
Available physical RAM: 1865.68 MB
Total Pagefile: 5649.86 MB
Available Pagefile: 3307.08 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:444.15 GB) (Free:389.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.79 GB) (Free:2.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D2F74A76)

Partition: GPT Partition Type.

==================== End Of Log ============================
 
Uninstall Genieo.
You'll see two instances of it in Control Panel>Programs & Features.
Uninstall PCKeeper.
Uninstall StartPoint.

Let me know if any of them gave you trouble while uninstalling.

When done re-run FRST.
Make sure you checkmark Addition.txt box so both logs will be produced.
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Kelly (administrator) on LIVING on 27-01-2015 23:01:23
Running from C:\Users\Kelly\Downloads
Loaded Profiles: Kelly (Available profiles: Kelly)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(MicroStudio) C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
(MicroTools) C:\Program Files (x86)\YouTube Downloader Services\P4\youtubeserv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6549136 2012-07-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2068992 2011-12-14] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [OSDTool] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe [2101248 2012-06-13] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-10-16] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe [1435136 2014-10-03] ()
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [PCKeeper2] => "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\RunOnce: [CleanupUninstallerTemp] => cmd.exe /c del /F /Q "%temp%\updater_uninstall.exe" /f
HKU\S-1-5-18\...\Run: [GenieoUpdaterService] => "C:\Users\Kelly\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe" -wait 5
HKU\S-1-5-18\...\Run: [GenieoSystemTray] => "C:\Users\Kelly\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe"
HKU\S-1-5-18\...\Run: [StartPoint] => C:\Users\Kelly\AppData\Local\StartPoint\startpoint\1.3.18.7\startpoint.exe
HKU\S-1-5-18\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1484.0.0.0\jsdrv.exe
HKU\S-1-5-18\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-4052977653-386163532-366534634-1001] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.strtpoint.com/?v=insMac&t=1411&ap=578080078
HKU\S-1-5-21-4052977653-386163532-366534634-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=COSP&ptag=D010715-AE3372CAF8274412FA2F&form=CONMHP&conlogo=CT3330942
HKU\S-1-5-21-4052977653-386163532-366534634-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {E67F2FA0-804A-4E2B-BFFF-C16E8628E10A} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {E67F2FA0-804A-4E2B-BFFF-C16E8628E10A} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A293DF6-9396-4C80-B4CC-A51E96A84702} URL = http://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=663
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4052977653-386163532-366534634-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-4052977653-386163532-366534634-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-4052977653-386163532-366534634-1001 -> {E67F2FA0-804A-4E2B-BFFF-C16E8628E10A} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: adTech Class -> {934B156A-3D17-3981-B78A-5C138F423AD6} -> C:\Users\Kelly\AppData\Roaming\pdfie\PdfConv_64.dll ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: adTech Class -> {934B156A-3D17-3981-B78A-5C138F423AD6} -> C:\Users\Kelly\AppData\Roaming\pdfie\PdfConv_32.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\2mgjvxz0.default-1420589058988
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: SourceApp 1.0.1 - C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\2mgjvxz0.default-1420589058988\Extensions\{95282a5e-d707-43c0-b998-d6a934a963a8}.xpi [2015-01-09]
FF Extension: Super Web Accelerator ! - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\firefox [2014-12-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-28]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-17]
CHR Extension: (Google Drive) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-18]
CHR Extension: (YouTube) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-17]
CHR Extension: (Google Search) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-17]
CHR Extension: (Avast Online Security) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-17]
CHR Extension: (Google Wallet) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-17]
CHR Extension: (Google Quick Scroll) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2015-01-27]
CHR Extension: (SourceApp) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okaoifjanopnhpfhindbpjfkhgpdppaa [2014-12-17]
CHR Extension: (Gmail) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-07-19] (Hewlett-Packard)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 print server; C:\WINDOWS\UpgradeSvr.exe [106688 2014-11-17] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-12-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]
R2 YouTubeDownload_P4; C:\Program Files (x86)\YouTube Downloader Services\P4\youtubeserv.exe [2968696 2014-12-13] (MicroTools)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-10-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-10-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-10-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-10-16] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 fileHiders; C:\Windows\System32\DRIVERS\fileHiders.sys [32464 2014-12-15] ()
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-01-27] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
S2 SPDRIVER_1484.0.0.0; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1484.0.0.0\jsdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 22:24 - 2015-01-27 22:26 - 00025814 _____ () C:\Users\Kelly\Downloads\Addition.txt
2015-01-27 22:22 - 2015-01-27 23:01 - 00020807 _____ () C:\Users\Kelly\Downloads\FRST.txt
2015-01-27 22:21 - 2015-01-27 22:21 - 00001457 _____ () C:\Users\Kelly\Desktop\FRST64.exe - Shortcut.lnk
2015-01-27 22:20 - 2015-01-27 22:20 - 02129920 _____ (Farbar) C:\Users\Kelly\Downloads\FRST64.exe
2015-01-27 22:14 - 2015-01-27 22:14 - 00000622 _____ () C:\Users\Kelly\Desktop\JRT.txt
2015-01-27 22:11 - 2015-01-27 22:31 - 00004964 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for LIVING-Kelly Living
2015-01-27 22:10 - 2015-01-27 22:10 - 00003228 _____ () C:\WINDOWS\System32\Tasks\DriverMgr
2015-01-27 22:10 - 2015-01-27 22:10 - 00003222 _____ () C:\WINDOWS\System32\Tasks\WinKit
2015-01-27 22:10 - 2015-01-27 22:10 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\Winsta
2015-01-27 22:10 - 2015-01-27 22:10 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\WinKit
2015-01-27 22:10 - 2015-01-27 22:10 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\pdfie
2015-01-27 22:10 - 2015-01-27 22:10 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\Convertor
2015-01-27 21:53 - 2015-01-27 21:53 - 01707939 _____ (Thisisu) C:\Users\Kelly\Desktop\JRT.exe
2015-01-27 20:35 - 2015-01-27 20:35 - 00026415 _____ () C:\Users\Kelly\Desktop\mbam new.txt
2015-01-27 17:02 - 2015-01-27 17:02 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2015-01-27 17:01 - 2015-01-27 17:01 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\SysWOW64\AniGIF.ocx
2015-01-27 17:01 - 2015-01-27 17:01 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-01-27 17:01 - 2015-01-27 17:01 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2015-01-09 20:14 - 2015-01-09 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Itibiti VoIP Phone
2015-01-09 20:14 - 2015-01-09 20:15 - 00000000 ____D () C:\Program Files (x86)\Itibiti Soft Phone
2015-01-09 20:13 - 2015-01-09 20:13 - 00000000 ____D () C:\WINDOWS\Download
2015-01-06 19:23 - 2015-01-06 19:23 - 00003504 _____ () C:\WINDOWS\System32\Tasks\BBQLeads
2015-01-06 19:23 - 2015-01-06 19:23 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\WebTest
2015-01-06 19:15 - 2015-01-06 19:17 - 00000000 ____D () C:\Users\Kelly\AppData\Local\Lavasoft
2015-01-06 19:14 - 2015-01-06 19:14 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\Lavasoft
2015-01-06 19:14 - 2015-01-06 19:14 - 00000000 ____D () C:\ProgramData\Lavasoft
2015-01-06 19:04 - 2015-01-06 19:04 - 00000000 ____D () C:\Users\Kelly\Desktop\Old Firefox Data
2015-01-06 18:49 - 2015-01-06 18:49 - 00000000 __SHD () C:\Users\Kelly\AppData\Local\EmieBrowserModeList
2015-01-03 23:35 - 2015-01-03 23:35 - 00000000 ____D () C:\Program Files (x86)\Software Update Services
2014-12-30 23:52 - 2014-12-30 23:52 - 00002678 _____ () C:\Users\Kelly\Desktop\FSS2.txt
2014-12-30 23:41 - 2014-12-30 23:41 - 00001138 _____ () C:\Users\Kelly\Desktop\checkup.txt
2014-12-30 23:17 - 2014-12-30 23:17 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 23:01 - 2014-12-23 01:03 - 00000000 ____D () C:\FRST
2015-01-27 23:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-27 22:58 - 2014-12-17 21:45 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-27 22:21 - 2013-12-18 00:24 - 00560128 ___SH () C:\Users\Kelly\Downloads\Thumbs.db
2015-01-27 22:19 - 2013-12-10 11:46 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-27 22:10 - 2014-12-22 22:52 - 00000000 ____D () C:\Users\Kelly\AppData\Roaming\jellylam
2015-01-27 22:10 - 2014-12-19 00:23 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2015-01-27 22:10 - 2014-12-17 21:55 - 00003764 _____ () C:\WINDOWS\System32\Tasks\Convertor
2015-01-27 22:10 - 2014-12-17 21:55 - 00003280 _____ () C:\WINDOWS\System32\Tasks\Winsta Update
2015-01-27 22:10 - 2013-12-18 02:04 - 00000000 ___DO () C:\Users\Kelly\SkyDrive
2015-01-27 22:10 - 2013-08-22 10:36 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-01-27 22:09 - 2013-11-25 02:04 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4052977653-386163532-366534634-1001
2015-01-27 22:04 - 2014-02-02 21:25 - 00475648 ___SH () C:\Users\Kelly\Desktop\Thumbs.db
2015-01-27 21:58 - 2014-12-17 21:45 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-27 21:51 - 2013-12-17 21:46 - 00000000 ____D () C:\Users\Kelly\Tracing
2015-01-27 21:04 - 2012-08-24 18:00 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-01-27 21:02 - 2014-12-17 21:44 - 00003198 _____ () C:\WINDOWS\UpgradeSvr.exe.log
2015-01-27 21:02 - 2013-11-14 02:20 - 01005720 _____ () C:\WINDOWS\PFRO.log
2015-01-27 21:02 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-27 21:01 - 2014-12-22 22:35 - 00000000 ____D () C:\AdwCleaner
2015-01-27 21:01 - 2013-12-18 01:05 - 00000000 ____D () C:\Users\Kelly
2015-01-27 21:00 - 2012-08-24 18:09 - 00000000 ____D () C:\ProgramData\Temp
2015-01-27 20:47 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-27 20:33 - 2014-12-22 00:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-27 20:33 - 2014-12-21 23:58 - 00000000 ____D () C:\Users\Kelly\Desktop\mbar
2015-01-27 20:33 - 2014-12-18 23:41 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-27 20:19 - 2013-12-10 11:46 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-27 20:04 - 2014-12-18 23:41 - 00097496 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-27 20:02 - 2013-11-25 01:58 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0739E881-050B-4741-8D6F-9172584A47C7}
2015-01-27 19:54 - 2014-12-21 00:47 - 00035064 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-01-27 17:34 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\IME
2015-01-27 17:33 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-27 17:33 - 2013-08-22 08:25 - 00000229 _____ () C:\WINDOWS\win.ini
2015-01-27 17:25 - 2014-12-17 21:46 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-27 17:19 - 2013-12-18 01:22 - 01418273 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-27 17:12 - 2014-01-28 19:51 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-27 16:58 - 2014-12-17 21:54 - 00000030 _____ () C:\WINDOWS\UpdateSvrCfg.dat
2015-01-27 16:57 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-09 20:13 - 2014-12-17 21:44 - 00000000 ____D () C:\Program Files (x86)\Ainishare
2015-01-09 20:11 - 2014-12-21 01:27 - 00000000 ____D () C:\Users\Kelly\AppData\Local\CrashDumps
2015-01-05 19:42 - 2014-01-16 17:59 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-05 19:41 - 2014-01-16 17:59 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-05 18:38 - 2014-12-17 22:01 - 00000000 ____D () C:\ProgramData\Optimizer
2015-01-05 18:37 - 2014-12-17 22:04 - 00000000 ____D () C:\ProgramData\Windows VXM
2015-01-03 23:35 - 2014-12-17 22:01 - 00000000 ____D () C:\Program Files (x86)\YouTube Downloader Services
2015-01-03 07:34 - 2014-02-11 20:34 - 00003160 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForKelly
2015-01-03 07:34 - 2014-02-11 20:34 - 00000346 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForKelly.job
2014-12-30 23:43 - 2014-12-23 23:32 - 00002678 _____ () C:\Users\Kelly\Desktop\FSS.txt

==================== Files in the root of some directories =======

2014-04-07 18:51 - 2014-04-07 19:04 - 0000822 _____ () C:\ProgramData\hpzinstall.log
2012-08-24 19:13 - 2012-08-24 19:13 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some content of TEMP:
====================
C:\Users\Kelly\AppData\Local\Temp\cabex.dll
C:\Users\Kelly\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Kelly\AppData\Local\Temp\GsDownload.dll
C:\Users\Kelly\AppData\Local\Temp\IeSearchProvider608745130365286122.exe
C:\Users\Kelly\AppData\Local\Temp\InstallGenieo.exe
C:\Users\Kelly\AppData\Local\Temp\Itibiti_Knctr_B.exe
C:\Users\Kelly\AppData\Local\Temp\Quarantine.exe
C:\Users\Kelly\AppData\Local\Temp\Setup.exe
C:\Users\Kelly\AppData\Local\Temp\SpOrder.dll
C:\Users\Kelly\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Kelly\AppData\Local\Temp\sqlite3.dll
C:\Users\Kelly\AppData\Local\Temp\unelevate.exe
C:\Users\Kelly\AppData\Local\Temp\updater_uninstall.exe
C:\Users\Kelly\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-27 21:17

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Kelly at 2015-01-27 23:03:24
Running from C:\Users\Kelly\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D110 (x32 Version: 140.0.353.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.13 - Piriform)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocToPDFConverter (HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\DocToPDFConverter) (Version: 01.00.00.00 - VolatoTech)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Flv Player (HKLM-x32\...\{CC86C6C4-7E7D-8447-BA9D-2FD7823E5754}_is1) (Version: 14.1.0 - Ainishare International LLC.)
Free PC Cleaner (HKLM-x32\...\{6B01D54E-1E2D-4566-8217-B75ABDEB201B}_is1) (Version: 1.0.0 - Ainishare LLC.)
freecenterlite (HKLM-x32\...\{970B1835-2440-4397-B94B-92A9A74C1D82}_is1) (Version: 1.0.0 - Ainishare International LLC.)
Genieo (HKU\.DEFAULT\...\genieo) (Version: 1.0.400 - Genieo Innovation Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1202 - Hewlett-Packard)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Keyboard (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.5.0.7 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{A5E2418D-B360-419D-AAAD-0D8F2E98FBF6}) (Version: 14.0 - HP)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Knctr (HKLM-x32\...\Itibiti_is1) (Version: - Itibiti Inc.)
KromtechAccountService (Version: 1.1.25 - Kromtech) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PCKeeper (Version: 2.2.941 - Kromtech) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.365.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Solid YouTube Downloader and Converter 6.1.9.0 (HKLM-x32\...\{66732EEE-ECBC-4CA6-A474-ytd}_is1) (Version: - DreamVideoSoft,Inc.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
StartPoint (HKU\.DEFAULT\...\startpoint) (Version: - StartPoint) <==== ATTENTION!
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4052977653-386163532-366534634-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kelly\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

09-01-2015 20:08:32 LavasoftWeCompanion
27-01-2015 21:13:42 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03464D0F-2D4A-475E-8647-F080FA4A04BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {0F4CC2DC-89FC-42A3-8154-FBB1D56DDB87} - System32\Tasks\avastBCLRestartS-1-5-21-4052977653-386163532-366534634-1001 => Firefox.exe
Task: {225F7BDB-265D-4176-BCF6-641B486BE08A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)
Task: {2BFAB7AA-9DF6-42B4-8EED-42E3F7D76668} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LIVING-Kelly Living => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {49B415D4-BD6F-48E9-A238-720AF4B0C3C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-17] (Google Inc.)
Task: {4A804477-A7C8-44EA-B8D9-EA19BA158353} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {4CD1F5C9-7A38-4190-AFDA-78A11E680D5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {4D34FB4F-3577-4211-97A3-5E6CCD9E1D95} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {53EE2C0B-7B24-46DB-B3E1-E30A308FAD4F} - System32\Tasks\BBQLeads => C:\Program Files (x86)\bbqleads\ScheduledTask.exe
Task: {565A2703-4F37-496E-8B87-369496245B66} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-4052977653-386163532-366534634-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {6A1E7745-3413-4D2E-B81A-83620A93E30F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6C623341-7A14-42BA-99E4-E1DE4512F9D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {77F4331C-019F-45FB-9BEA-D14729151DAC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-17] (Google Inc.)
Task: {82EB495E-5D17-4E3B-8EF1-8F1D270E39FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {91BB7A56-CDFC-41F0-89C2-6BC2B237A925} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {9E1FF6D0-94DB-4E76-AC0C-6C6FA9A3E545} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {AFA4CBE2-C8FE-4728-8190-D745E8A172B4} - System32\Tasks\Convertor => C:\Users\Kelly\AppData\Roaming\Convertor\Convertor.exe [2015-01-27] ()
Task: {B26EDD0E-8499-4B2D-8BF3-5BF8CBE7A619} - System32\Tasks\Kromtech updater => C:\ProgramData\Kromtech\installer.exe
Task: {B8F2FC71-0AD8-44EA-8316-E391F0896E0C} - System32\Tasks\DriverMgr => C:\Users\Kelly\AppData\Roaming\jellylam\rinti.exe [2014-12-09] ()
Task: {BCA769CA-4C99-4B13-AC9A-3C945F213B17} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {D0A4D0A6-E70D-47AA-AFB6-FC5FE3FCFBCF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-16] (AVAST Software)
Task: {E2292C0B-2476-4E78-B201-E43124A4051A} - System32\Tasks\WinKit => C:\Users\Kelly\AppData\Roaming\WinKit\Updater.exe [2015-01-21] ()
Task: {E6B2C07F-1D20-46A6-801B-E71561E9013B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-27] (Adobe Systems Incorporated)
Task: {ECEBFF77-EC1F-4048-A96B-8D766A132041} - System32\Tasks\Winsta Update => C:\Users\Kelly\AppData\Roaming\Winsta\Winsta.exe [2015-01-21] ()
Task: {FD10BCBA-DEF0-437A-91E7-4F1D1B5779EE} - System32\Tasks\HPCeeScheduleForKelly => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForKelly.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-04-02 21:40 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-07-19 20:06 - 2012-07-19 20:06 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-07-19 20:06 - 2012-07-19 20:06 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-07-19 20:07 - 2012-07-19 20:07 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2013-12-18 02:00 - 2013-12-18 02:00 - 00120224 _____ () C:\Users\Kelly\AppData\Local\assembly\dl3\KRYLADMR.NY1\2EGDHX9Q.NLR\3bf7edf8\0038bcf4_1366cd01\HPItunesModule.DLL
2014-10-03 03:08 - 2014-10-03 03:08 - 01435136 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
2012-05-04 18:42 - 2012-05-04 18:42 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2014-11-24 00:00 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-10-16 10:45 - 2014-10-16 10:45 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-27 16:52 - 2015-01-27 16:52 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012701\algo.dll
2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 12:19 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-24 18:22 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-24 18:35 - 2009-02-19 19:22 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\WMINPUT.DLL
2014-10-16 10:45 - 2014-10-16 10:45 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-23 23:59 - 2014-11-23 23:59 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-01-27 17:25 - 2015-01-25 16:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 17:25 - 2015-01-25 16:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 17:25 - 2015-01-25 16:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
2015-01-27 17:25 - 2015-01-25 16:08 - 14913864 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\Kelly\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4052977653-386163532-366534634-500 - Administrator - Disabled)
Guest (S-1-5-21-4052977653-386163532-366534634-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4052977653-386163532-366534634-1005 - Limited - Enabled)
Kelly (S-1-5-21-4052977653-386163532-366534634-1001 - Administrator - Enabled) => C:\Users\Kelly

==================== Faulty Device Manager Devices =============

Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/27/2015 10:22:37 PM) (Source: DCOM) (EventID: 10010) (User: LIVING)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/27/2015 10:22:07 PM) (Source: DCOM) (EventID: 10010) (User: LIVING)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/27/2015 10:21:37 PM) (Source: DCOM) (EventID: 10010) (User: LIVING)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 46%
Total physical RAM: 3665.86 MB
Available physical RAM: 1975.94 MB
Total Pagefile: 5649.86 MB
Available Pagefile: 3420.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:444.15 GB) (Free:390.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.79 GB) (Free:2.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D2F74A76)

Partition: GPT Partition Type.

==================== End Of Log ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    4.1 KB · Views: 1
Again it's telling me there's no fixlist and they are literally right next to each other on the desktop
 
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE
  • Double-click SystemLook.exe to run it.
  • Vista users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following box and paste it into the main textfield:
Code: 
:filefind
frst*
fixlist*
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
 
SystemLook 30.07.11 by jpshortstuff
Log created at 13:20 on 30/01/2015 by Kelly
Administrator - Elevation successful

========== filefind ==========

Searching for "frst*"
C:\FRST\Logs\FRST_23-12-2014_01-08-50.txt --a---- 41522 bytes [06:08 23/12/2014] [06:08 23/12/2014] 6C39CBFF512FAA9D223FE026DCC94307
C:\FRST\Logs\FRST_27-01-2015_22-26-03.txt --a---- 31008 bytes [03:26 28/01/2015] [03:26 28/01/2015] 150C6E03BE25279155837FB661370813
C:\FRST\Logs\FRST_27-01-2015_23-04-39.txt --a---- 30874 bytes [04:04 28/01/2015] [04:04 28/01/2015] 49F4AB567D6DDF0D0BD0E6EBA037E513
C:\Users\Kelly\AppData\Local\Microsoft\Windows\INetCache\IE\YBA0BWXU\FRST64[1].exe --a---- 2130432 bytes [02:18 30/01/2015] [02:18 30/01/2015] 43D7BD405CA7FE83570BA089001434E1
C:\Users\Kelly\Desktop\FRST.txt --a---- 41522 bytes [06:03 23/12/2014] [06:08 23/12/2014] 6C39CBFF512FAA9D223FE026DCC94307
C:\Users\Kelly\Desktop\FRST64.exe --a---- 2122240 bytes [03:35 23/12/2014] [02:59 23/12/2014] 55DBDB936D733425340DAB3BE4B13900
C:\Users\Kelly\Desktop\FRST64.lnk --a---- 1457 bytes [03:21 28/01/2015] [03:21 28/01/2015] 302F721770418A5C246B5A081F2BFFD9
C:\Users\Kelly\Downloads\FRST.txt --a---- 30874 bytes [03:22 28/01/2015] [04:04 28/01/2015] 49F4AB567D6DDF0D0BD0E6EBA037E513
C:\Users\Kelly\Downloads\FRST64.exe --a---- 2130432 bytes [03:20 28/01/2015] [02:18 30/01/2015] 43D7BD405CA7FE83570BA089001434E1
C:\Users\Kelly\Downloads\FRST-OlderVersion\FRST64.exe --a---- 2129920 bytes [03:20 28/01/2015] [03:20 28/01/2015] 0A5A11928325940A75A7CE46D5B460BD
C:\Windows\Prefetch\FRST.EXE-AF77B641.pf --a---- 28458 bytes [06:03 23/12/2014] [06:03 23/12/2014] 66FA44BEE985F77B2F8534F053F576E5
C:\Windows\Prefetch\FRST64.EXE-56A61938.pf --a---- 60928 bytes [03:21 28/01/2015] [02:21 30/01/2015] 1E4E019A0530DCD3D76EA126752A8D7B
C:\Windows\Prefetch\FRST64.EXE-C22CDC13.pf --a---- 46278 bytes [06:03 23/12/2014] [04:01 24/12/2014] AD957300CB5923103B59161018524159

Searching for "fixlist*"
C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Recent\fixlist.txt.lnk --a---- 555 bytes [02:21 30/01/2015] [02:21 30/01/2015] 1574326B1904484886B8DCE5A739B8B4
C:\Users\Kelly\Desktop\fixlist.txt --a---- 4197 bytes [02:17 30/01/2015] [02:17 30/01/2015] B6A98A262D27E12346FF59BEF4F9416D

-= EOF =-
 
Delete your FRST64 file which seems to be some older version and download fresh one...
C:\Users\Kelly\Desktop\FRST.txt --a---- 41522 bytes [06:03 23/12/2014]
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-01-2015 01
Ran by Kelly at 2015-01-31 16:56:33 Run:2
Running from C:\Users\Kelly\Desktop
Loaded Profiles: Kelly (Available profiles: Kelly)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\Run: [PCKeeper2] => "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
C:\Program Files\Kromtech
HKU\S-1-5-18\...\Run: [GenieoUpdaterService] => "C:\Users\Kelly\AppData\Roaming\Genieo\Application\Updater\bin\genupdater.exe" -wait 5
C:\Users\Kelly\AppData\Roaming\Genieo
HKU\S-1-5-18\...\Run: [GenieoSystemTray] => "C:\Users\Kelly\AppData\Roaming\Genieo\Application\TrayUi\bin\gentray.exe"
HKU\S-1-5-18\...\Run: [StartPoint] => C:\Users\Kelly\AppData\Local\StartPoint\startpoint\1.3.18.7\startpoint.exe
C:\Users\Kelly\AppData\Local\StartPoint
HKU\S-1-5-18\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe"
C:\Program Files (x86)\YouTube Accelerator
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: [S-1-5-21-4052977653-386163532-366534634-1001] => Internet Explorer proxy is enabled.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.strtpoint.com/?v=insMac&t=1411&ap=578080078
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A293DF6-9396-4C80-B4CC-A51E96A84702} URL = http://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=663
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: adTech Class -> {934B156A-3D17-3981-B78A-5C138F423AD6} -> C:\Users\Kelly\AppData\Roaming\pdfie\PdfConv_64.dll ()
C:\Users\Kelly\AppData\Roaming\pdfie
BHO-x32: adTech Class -> {934B156A-3D17-3981-B78A-5C138F423AD6} -> C:\Users\Kelly\AppData\Roaming\pdfie\PdfConv_32.dll ()
FF Extension: SourceApp 1.0.1 - C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\2mgjvxz0.default-1420589058988\Extensions\{95282a5e-d707-43c0-b998-d6a934a963a8}.xpi [2015-01-09]
C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\2mgjvxz0.default-1420589058988\Extensions\{95282a5e-d707-43c0-b998-d6a934a963a8}.xpi
FF Extension: Super Web Accelerator ! - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\firefox [2014-12-22]
CHR Extension: (SourceApp) - C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okaoifjanopnhpfhindbpjfkhgpdppaa [2014-12-17]
C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okaoifjanopnhpfhindbpjfkhgpdppaa
R2 YouTubeDownload_P4; C:\Program Files (x86)\YouTube Downloader Services\P4\youtubeserv.exe [2968696 2014-12-13] (MicroTools)
C:\Program Files (x86)\YouTube Downloader Services
HKU\S-1-5-21-4052977653-386163532-366534634-1001\...\RunOnce: [CleanupUninstallerTemp] => cmd.exe /c del /F /Q "%temp%\updater_uninstall.exe" /f
S2 SPDRIVER_1484.0.0.0; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1484.0.0.0\jsdrv.sys [X]
2014-04-07 18:51 - 2014-04-07 19:04 - 0000822 _____ () C:\ProgramData\hpzinstall.log
2012-08-24 19:13 - 2012-08-24 19:13 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
C:\Users\Kelly\AppData\Local\Temp\cabex.dll
C:\Users\Kelly\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Kelly\AppData\Local\Temp\GsDownload.dll
C:\Users\Kelly\AppData\Local\Temp\IeSearchProvider608745130365286122.exe
C:\Users\Kelly\AppData\Local\Temp\InstallGenieo.exe
C:\Users\Kelly\AppData\Local\Temp\Itibiti_Knctr_B.exe
C:\Users\Kelly\AppData\Local\Temp\Quarantine.exe
C:\Users\Kelly\AppData\Local\Temp\Setup.exe
C:\Users\Kelly\AppData\Local\Temp\SpOrder.dll
C:\Users\Kelly\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Kelly\AppData\Local\Temp\sqlite3.dll
C:\Users\Kelly\AppData\Local\Temp\unelevate.exe
C:\Users\Kelly\AppData\Local\Temp\updater_uninstall.exe
C:\Users\Kelly\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe
Reg: reg delete "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\genieo"
PCKeeper (Version: 2.2.941 - Kromtech) Hidden
Reg: reg delete "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\startpoint"
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\Kelly\SkyDrive:ms-properties

*****************

HKU\S-1-5-21-4052977653-386163532-366534634-1001\Software\Microsoft\Windows\CurrentVersion\Run\\PCKeeper2 => value deleted successfully.
"C:\Program Files\Kromtech" => File/Directory not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GenieoUpdaterService => value deleted successfully.
"C:\Users\Kelly\AppData\Roaming\Genieo" => File/Directory not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GenieoSystemTray => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\StartPoint => value deleted successfully.
"C:\Users\Kelly\AppData\Local\StartPoint" => File/Directory not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GoobzoYouTubeAccelerator => value deleted successfully.
"C:\Program Files (x86)\YouTube Accelerator" => File/Directory not found.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
HKU\S-1-5-21-4052977653-386163532-366534634-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A293DF6-9396-4C80-B4CC-A51E96A84702}" => Key deleted successfully.
HKCR\CLSID\{6A293DF6-9396-4C80-B4CC-A51E96A84702} => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}" => Key deleted successfully.
"HKCR\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}" => Key deleted successfully.
C:\Users\Kelly\AppData\Roaming\pdfie => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{934B156A-3D17-3981-B78A-5C138F423AD6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{934B156A-3D17-3981-B78A-5C138F423AD6}" => Key deleted successfully.
C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\2mgjvxz0.default-1420589058988\Extensions\{95282a5e-d707-43c0-b998-d6a934a963a8}.xpi => Moved successfully.
"C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\2mgjvxz0.default-1420589058988\Extensions\{95282a5e-d707-43c0-b998-d6a934a963a8}.xpi" => File/Directory not found.
C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\firefox => Moved successfully.
C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okaoifjanopnhpfhindbpjfkhgpdppaa => Moved successfully.
"C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okaoifjanopnhpfhindbpjfkhgpdppaa" => File/Directory not found.
YouTubeDownload_P4 => Unable to stop service
YouTubeDownload_P4 => Service deleted successfully.
C:\Program Files (x86)\YouTube Downloader Services => Moved successfully.
HKU\S-1-5-21-4052977653-386163532-366534634-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\CleanupUninstallerTemp => Value not found.
SPDRIVER_1484.0.0.0 => Service deleted successfully.
C:\ProgramData\hpzinstall.log => Moved successfully.
C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\cabex.dll => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\dllnt_dump.dll => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\GsDownload.dll => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\IeSearchProvider608745130365286122.exe => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\InstallGenieo.exe => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\Itibiti_Knctr_B.exe => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\Setup.exe => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\SpOrder.dll => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Kelly\AppData\Local\Temp\unelevate.exe => Moved successfully.
"C:\Users\Kelly\AppData\Local\Temp\updater_uninstall.exe" => File/Directory not found.
C:\Users\Kelly\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe => Moved successfully.

========= reg delete "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\genieo" =========

Permanently delete the registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\genieo (Yes/No)? The operation completed successfully.



========= End of Reg: =========

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{74BE5ED0-FC20-4F5F-94C4-EA4AABE2E359}\\SystemComponent => value deleted successfully.

========= reg delete "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\startpoint" =========

Permanently delete the registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\startpoint (Yes/No)? The operation completed successfully.



========= End of Reg: =========

C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
"C:\Users\Kelly\SkyDrive" => ":ms-properties" ADS not found.


The system needed a reboot.

==== End of Fixlog 16:56:44 ====
 
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 0.99.96
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Free PC Cleaner
Java 7 Update 67
Java version 32-bit out of Date!
Java 64-bit 8 Update 31
Adobe Flash Player 16.0.0.296
Adobe Reader XI
Mozilla Firefox 34.0.5 Firefox out of Date!
Google Chrome 39.0.2171.95 Google Chrome out of date!
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
 
Farbar Service Scanner Version: 17-01-2015
Ran by Kelly (administrator) on 02-02-2015 at 00:06:53
Running from "C:\Users\Kelly\Desktop"
Microsoft Windows 8.1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
Run this instead....

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Click on "Run ESET Online Scanner" button.
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
 
C:\Users\All Users\Optimizer\program\winapp_Test002.exe a variant of Win32/Agent.WMC trojan
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\youtube-download-trace[1].exe a variant of Win32/Agent.WMC trojan
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\engine.dll.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\helper.dll.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\ipc.dll.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\lspinst.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\lspinst2.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\Res.dll.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\testlsp.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\unelevate.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\Updater.exe.vir a variant of Win32/ShopperPro.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\xmldb.dll.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\YTAHUninstall.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\ytalsp.dll.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTAHelper\SPRemove.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTAHelper\YTAHelper.dll.vir a variant of Win32/ShopperPro.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTAHelper\YTAHelper.exe.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTAHelper\YTAHelper64.dll.vir a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTAHelper\JSDriver\jsdrv.exe.vir Win32/ShopperPro.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTAHelper\JSDriver\jsdrv.sys.vir Win64/ShopperPro.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\YTAHelper\YTAHelper.dll.vir a variant of Win32/ShopperPro.A potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\Mozilla Firefox\distribution\bundles\firefox\chrome\content\main.js Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okaoifjanopnhpfhindbpjfkhgpdppaa\1.0.1_0\background.js Win32/BrowseFox.Q potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Extensions\okaoifjanopnhpfhindbpjfkhgpdppaa\1.0.1_0\content.js Win32/BrowseFox.Q potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\Kelly\AppData\Local\Temp\APNSetup.exe.xBAD a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application deleted - quarantined
C:\FRST\Quarantine\C\Users\Kelly\AppData\Local\Temp\unelevate.exe.xBAD a variant of Win32/SBWatchman.D potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Users\Kelly\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe.xBAD a variant of Win32/SpeedBit.D potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Ainishare\Free Center\Repair.txt Win32/Somoto.E potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Convertor\Convertor.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Program Files (x86)\Winsta\bin\Winsta.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\ProgramData\Optimizer\program\winapp_Test002.exe a variant of Win32/Agent.WMC trojan cleaned by deleting - quarantined
C:\Users\Kelly\AppData\Local\Installer\Installiwebar_26448\ins_postInst.exe a variant of Win32/SpeedBit.C potentially unwanted application deleted - quarantined
C:\Users\Kelly\AppData\Local\Installer\Installsense_26448\ins_postInst.exe a variant of Win32/SpeedBit.C potentially unwanted application deleted - quarantined
C:\Users\Kelly\AppData\Roaming\PDFConvert\SWUpdate.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Users\Kelly\AppData\Roaming\WinKit\Updater.exe a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Users\Kelly\AppData\Roaming\Winsta\trzEDD2.tmp a variant of Win32/Adware.Vonteera.L application cleaned by deleting - quarantined
C:\Users\Kelly\Downloads\Download\91a1b50c3f508094e5a548d384.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantined
C:\Users\Kelly\Downloads\Download\GiliSoft Data Recovery 3.5.exe a variant of Win32/Downloader.Delf.A potentially unwanted application deleted - quarantined
C:\Users\Kelly\Downloads\Download\Windows Cleaner.exe multiple threats cleaned by deleting - quarantined
C:\Windows\bi.exe a variant of Win32/Downloader.Delf.A potentially unwanted application deleted - quarantined
C:\Windows\sys_print_svr.exe a variant of Win32/Downloader.Delf.A potentially unwanted application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\youtube-download-trace[1].exe a variant of Win32/Agent.WMC trojan cleaned by deleting - quarantined
 
That scan took over 5 hours and I let it go through the night the other night and had forgotten about it until just now and this computer has been on the whole time. Is there a chance that if the virus hasn't been taken care of yet that it could have spread again while the computer was on that long?
 
You should be fine.

redtarget.gif
Uninstall Free PC Cleaner.
Registry cleaners/optimizers are not recommended for several reasons:

  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

    The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


redtarget.gif
Update Firefox to the latest 35.0.1 version.

redtarget.gif
Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

redtarget.gif
Update your Java version here: https://www.techspot.com/downloads/6463-java-se.html
Alternate download: http://www.java.com/en/download/manual.jsp

NOTE. You only need to update 32-bit version. 64-bit version is up to date.

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

========================================

Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
51a5ce45263de-delfix.png
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

12. Please, let me know, how your computer is doing.
 
I finished through the rest of the list and the pop ups seem to be gone now. But I ran another malwarebytes scan and there are still several issues being found. Here's the log from mbam.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2/8/2015
Scan Time: 10:45:00 PM
Logfile: mbam newest.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.09.01
Rootkit Database: v2015.02.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Kelly

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352945
Time Elapsed: 28 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 11
PUP.Optional.AdTech.A, HKU\S-1-5-21-4052977653-386163532-366534634-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{934B156A-3D17-3981-B78A-5C138F423AD6}, Quarantined, [97ceb96319715ed863bd4cb12dd505fb],
PUP.Optional.AdTech.A, HKLM\SOFTWARE\CLASSES\adTech.adTech, Quarantined, [97ceb96319715ed863bd4cb12dd505fb],
PUP.Optional.AdTech.A, HKLM\SOFTWARE\CLASSES\adTech.adTech.1, Quarantined, [97ceb96319715ed863bd4cb12dd505fb],
PUP.Optional.AdTech.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\adTech.adTech, Quarantined, [97ceb96319715ed863bd4cb12dd505fb],
PUP.Optional.AdTech.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\adTech.adTech.1, Quarantined, [97ceb96319715ed863bd4cb12dd505fb],
PUP.Optional.AdTech.A, HKU\S-1-5-21-4052977653-386163532-366534634-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{934B156A-3D17-3981-B78A-5C138F423AD6}, Quarantined, [97ceb96319715ed863bd4cb12dd505fb],
PUP.Optional.AdTech.A, HKU\S-1-5-21-4052977653-386163532-366534634-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{934B156A-3D17-3981-B78A-5C138F423AD6}, Quarantined, [97ceb96319715ed863bd4cb12dd505fb],
PUP.Optional.KeepMySearch.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CLASSES\keepmysearch, Quarantined, [90d5db410585e84ee179e2af20e344bc],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\26549, Quarantined, [006577a51b6fd66004e2405d27dcd828],
PUP.Optional.NoVooIT.A, HKU\S-1-5-21-4052977653-386163532-366534634-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\NoVooITSet, Quarantined, [98cd4bd12a6081b5efbc5f2b4ab955ab],
PUP.Optional.Vonteera.A, HKU\S-1-5-21-4052977653-386163532-366534634-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Vonteera Safe ads, Quarantined, [5f06bc604c3e4ee8109d247e709339c7],

Registry Values: 1
PUP.Optional.ShopperPro, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|SPDriver, C:\Program Files (x86)\ShopperPro\JSDriver\1484.0.0.0\jsdrv.exe, Quarantined, [ca9be933bad0a1958dca970c5ea50bf5]

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.WinKit.A, C:\Users\Kelly\AppData\Roaming\WinKit, Quarantined, [1d4896861c6e20166edcfb90f50ecc34],

Files: 2
PUP.Optional.Downloader, C:\Users\Kelly\AppData\Roaming\jellylam\trzFD16.tmp, Quarantined, [9ec7ea320486ae889b24af70966f9a66],
PUP.Optional.WinKit.A, C:\Users\Kelly\AppData\Roaming\WinKit\tosty.dat, Quarantined, [1d4896861c6e20166edcfb90f50ecc34],

Physical Sectors: 0
(No malicious items detected)


(end)
 
Run it again and see if it's clean.
Run it again in couple of days.

...and make sure...

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642
Click to expand...
 
I just ran it again and it came up clean. I will run it again on thursday and update you on what happens. Thanks!
 
You must log in or register to reply here.

Similar threads

S
Dell Latitude E5470 Video Issues
Replies
1
Views
680
Mark Fuller
M
Mickey1
PC Freezes & won't open anything
Replies
3
Views
498
info12345
info12345
Gilbertcyberpro
Alienware 17 r5 Why is my internet speed being reduced to 30 download and 0.4 upload. Normally 900 up and down
Replies
2
Views
1K
Mark Fuller
M

Latest posts

Back