Jump to content

Help Please


Recommended Posts

I downloaded malwarebytes and scanned. It didn't automatically save the log file so I saved results. I am not sure if this is what you need. The computer runs constantly and is so slow we can't do anything. 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/8/2015
Scan Time: 1:27:27 PM
Logfile: frst.txt
Administrator: Yes
 
Version: 0.00.0.0000
Malware Database: v2015.06.08.04
Rootkit Database: v2015.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ashley Favara
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342405
Time Elapsed: 29 min, 51 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll try to help your with your issue.
 
     
    
Before we start please read and note the following:

  • We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 



 
Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

FRST

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Ashley Favara (administrator) on ASHLEYFAVARA-PC on 08-06-2015 14:02:37
Running from C:\Users\Ashley Favara\Downloads
Loaded Profiles: Ashley Favara (Available Profiles: Ashley Favara)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(SMSC) C:\Program Files\SGFX\sgfxmgr.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Ashley Favara\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Ashley Favara\AppData\Roaming\Spotify\Spotify.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files\SGFX\SgfxConfig.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Ashley Favara\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Ashley Favara\AppData\Roaming\Spotify\Spotify.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Dropbox, Inc.) C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2095912 2010-05-14] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [sgfxConfig] => C:\Program Files\SGFX\sgfxconfig.exe [2233592 2013-03-18] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-14] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-1356638605-569504071-3264840808-1000\...\Run: [GoogleChromeAutoLaunch_84839FF01F1313477B26258568055341] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\S-1-5-21-1356638605-569504071-3264840808-1000\...\Run: [spotify Web Helper] => C:\Users\Ashley Favara\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-05-25] (Spotify Ltd)
HKU\S-1-5-21-1356638605-569504071-3264840808-1000\...\Run: [spotify] => C:\Users\Ashley Favara\AppData\Roaming\Spotify\Spotify.exe [7168568 2015-05-25] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-01-27]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Ashley Favara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-14] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1356638605-569504071-3264840808-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-1356638605-569504071-3264840808-1000 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-14] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-14] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 4.2.2.2
 
FireFox:
========
FF ProfilePath: C:\Users\Ashley Favara\AppData\Roaming\Mozilla\Firefox\Profiles\nhk7u51g.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-11-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-11-15] (Microsoft Corporation)
FF Extension: Firefox Old Version Update Hotfix - C:\Users\Ashley Favara\AppData\Roaming\Mozilla\Firefox\Profiles\nhk7u51g.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-07-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-02]
FF HKU\S-1-5-21-1356638605-569504071-3264840808-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR Profile: C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-27]
CHR Extension: (Google Drive) - C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-27]
CHR Extension: (YouTube) - C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-27]
CHR Extension: (Google Search) - C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-27]
CHR Extension: (Bookmark Manager) - C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-25]
CHR Extension: (Avast Online Security) - C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-27]
CHR Extension: (Gmail) - C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-14] (AVAST Software)
R2 HPSLPSVC; C:\Users\Ashley Favara\AppData\Local\Temp\7zS07FA\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 SGFXMgr; C:\Program Files\SGFX\sgfxmgr.exe [8481280 2013-03-15] (SMSC) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 hpqwmiex; "C:\Users\Administrator\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-14] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-12-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-14] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
R4 Sgfxk; C:\Windows\System32\drivers\sgfxk64.sys [157432 2013-03-18] (SMSC)
R0 Sgfxl; C:\Windows\System32\drivers\sgfxl64.sys [18168 2013-03-18] (SMSC)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-08 14:02 - 2015-06-08 14:03 - 00017717 _____ C:\Users\Ashley Favara\Downloads\FRST.txt
2015-06-08 14:02 - 2015-06-08 14:02 - 02108928 _____ (Farbar) C:\Users\Ashley Favara\Downloads\FRST64.exe
2015-06-08 14:02 - 2015-06-08 14:02 - 01147904 _____ (Farbar) C:\Users\Ashley Favara\Downloads\FRST.exe
2015-06-08 14:02 - 2015-06-08 14:02 - 00000000 ____D C:\FRST
2015-06-08 10:40 - 2015-06-08 13:27 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-08 10:39 - 2015-06-08 10:39 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Ashley Favara\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-08 10:39 - 2015-06-08 10:39 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Ashley Favara\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-06-08 10:39 - 2015-06-08 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-08 10:39 - 2015-06-08 10:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-08 10:39 - 2015-06-08 10:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-08 10:39 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-08 10:39 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-08 10:39 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-25 18:54 - 2015-05-25 18:54 - 00000000 ____D C:\Windows\system32\appmgmt
2015-05-25 18:34 - 2015-05-25 18:35 - 00266288 _____ C:\Windows\Minidump\052515-28657-01.dmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-08 13:43 - 2014-01-14 21:04 - 01495065 _____ C:\Windows\WindowsUpdate.log
2015-06-08 13:19 - 2014-01-27 17:23 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-08 10:42 - 2014-02-05 00:11 - 00000000 ____D C:\Users\Ashley Favara\AppData\Roaming\Spotify
2015-06-08 10:40 - 2009-07-13 23:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-08 10:40 - 2009-07-13 23:45 - 00031904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-08 10:38 - 2014-02-05 00:12 - 00000000 ____D C:\Users\Ashley Favara\AppData\Local\Spotify
2015-05-25 19:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-05-25 19:12 - 2014-09-30 15:19 - 00000000 ___RD C:\Users\Ashley Favara\Dropbox
2015-05-25 19:12 - 2014-08-17 14:42 - 00000000 ____D C:\Users\Ashley Favara\AppData\Roaming\Dropbox
2015-05-25 19:11 - 2014-09-30 15:19 - 00001056 _____ C:\Users\Ashley Favara\Desktop\Dropbox.lnk
2015-05-25 19:11 - 2014-08-17 14:43 - 00000000 ____D C:\Users\Ashley Favara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-25 19:04 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-05-25 19:04 - 2009-07-13 23:51 - 00051260 _____ C:\Windows\setupact.log
2015-05-25 18:34 - 2015-03-31 16:09 - 490908997 _____ C:\Windows\MEMORY.DMP
2015-05-25 18:34 - 2015-03-31 16:09 - 00000000 ____D C:\Windows\Minidump
2015-05-25 18:31 - 2014-02-05 00:12 - 00001860 _____ C:\Users\Ashley Favara\Desktop\Spotify.lnk
2015-05-25 18:31 - 2014-02-05 00:12 - 00001846 _____ C:\Users\Ashley Favara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-05-25 18:22 - 2014-01-27 17:26 - 00002190 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-25 18:14 - 2014-01-27 17:23 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-25 18:14 - 2014-01-27 17:23 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-25 18:14 - 2014-01-27 17:23 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-25 18:11 - 2014-02-02 16:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
 
==================== Files in the root of some directories =======
 
2014-05-23 01:59 - 2015-03-01 16:27 - 5601792 _____ (FFmpeg Project) C:\Program Files\avformat-55.dll
2015-02-15 12:03 - 2015-03-01 16:14 - 0421888 _____ () C:\Program Files\lame_enc.dll
2014-01-27 20:59 - 2014-01-27 21:03 - 0000816 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
C:\Users\Ashley Favara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyyjaq0.dll
C:\Users\Ashley Favara\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Ashley Favara\AppData\Local\Temp\HPInstaller.exe
C:\Users\Ashley Favara\AppData\Local\Temp\ose00000.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-08 10:33
 
==================== End of log ============================
 
Addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Ashley Favara at 2015-06-08 14:03:17
Running from C:\Users\Ashley Favara\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1356638605-569504071-3264840808-500 - Administrator - Disabled)
Ashley Favara (S-1-5-21-1356638605-569504071-3264840808-1000 - Administrator - Enabled) => C:\Users\Ashley Favara
Guest (S-1-5-21-1356638605-569504071-3264840808-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1356638605-569504071-3264840808-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-1356638605-569504071-3264840808-1000\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{D0A76081-22E4-5B3F-5394-1229DDF73585}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Core Graphics Software (Version: 5.2.59.0297 - SMSC) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1356638605-569504071-3264840808-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{B1A6285F-C31A-4482-8EA0-9445E4C1DCEA}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.17.1 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Integrated Camera Driver Installer Package Ver.1.33.110.0 (HKLM-x32\...\{B0344B38-378B-47E0-BDCC-977785D24768}) (Version: 1.33.110.0 - BISON)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 16.3 - Intel)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.13.00.05 - RICOH)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SMSC Core Graphics Software (HKLM-x32\...\Core Graphics Software) (Version: 5.2.59.0297 - SMSC)
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-1356638605-569504071-3264840808-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.2 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
ViewSpan (HKLM\...\{6285D158-D528-4ED8-A935-BB2A402E21F2}) (Version: 2.8.1.0 - SMSC)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Intel (NETwNs64) net  (10/18/2010 13.4.0.9) (HKLM\...\F09FE5BEFA92C4B8272F1CB01F385D9EA34548CF) (Version: 10/18/2010 13.4.0.9 - Intel)
Windows Driver Package - Intel net  (10/18/2010 13.4.0.9) (HKLM\...\07D134D497B9E69E9B463F9D6217EC65A1530396) (Version: 10/18/2010 13.4.0.9 - Intel)
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1356638605-569504071-3264840808-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
04-05-2015 06:33:27 Installed TrayApp
04-05-2015 06:36:01 Installed TrayApp
04-05-2015 06:37:06 Installed TrayApp
04-05-2015 06:53:07 Installed TrayApp
25-05-2015 18:11:13 Removed AMD Catalyst Install Manager
25-05-2015 18:30:57 Installed TrayApp
25-05-2015 18:52:35 Installed TrayApp
25-05-2015 18:54:35 Installed TrayApp
25-05-2015 18:54:56 Installed TrayApp
25-05-2015 18:55:11 Installed TrayApp
25-05-2015 18:56:52 Installed F2400
25-05-2015 18:57:03 Installed F2400
25-05-2015 18:58:17 Removed Core Graphics Software
25-05-2015 19:02:54 Installed TrayApp
25-05-2015 19:06:36 Installed TrayApp
25-05-2015 19:09:10 Installed TrayApp
25-05-2015 19:09:52 Installed TrayApp
25-05-2015 19:10:25 Installed TrayApp
08-06-2015 10:33:11 Installed F2400
08-06-2015 10:54:05 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00A5A28E-4493-43E2-9690-6F96F3E35644} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {03E219BD-B29A-4F4E-968C-527A4C6CBDC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {0C0EE8BF-A5A6-4674-8D8E-43575F49F1B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-27] (Google Inc.)
Task: {1BEDD498-9681-4628-8ED3-FA0B262F8FDB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {321F4A2D-BA0C-4D50-8EE8-9F94BF967A82} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {507BCE15-675D-4272-919D-FFF9B1DF9044} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {72A7AB7D-901B-4990-8E74-20E6161C3918} - System32\Tasks\{AAD957BF-6E7E-4D00-B8F2-F8951E590DBA} => pcalua.exe -a "C:\Users\Ashley Favara\AppData\Local\Temp\Temp1_SBT-SP6C-Windows_7.zip\WIN7\setup.exe"
Task: {746B3AB6-1CCA-447B-BC40-D7E91AFEFDEB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {8C6AB753-75A5-446A-85F1-55CF94011EA6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {922E5265-A08A-4522-A9AD-AAD89880F827} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-26] (Microsoft Corporation)
Task: {B5759179-273A-483C-95DB-455EB188A8BA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {C4356DC4-584C-43E0-B4DF-715587ADDF4F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E943F7EB-1474-45CE-9E46-BFBC55BC9AA5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-14] (AVAST Software)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-10-08 13:59 - 2013-01-31 04:25 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-21 15:59 - 2015-01-21 15:59 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-03-18 09:42 - 2013-03-18 09:42 - 02233592 _____ () C:\Program Files\SGFX\SgfxConfig.exe
2014-08-14 19:52 - 2014-08-14 19:52 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-05-25 18:13 - 2015-05-25 18:13 - 02948096 _____ () C:\Program Files\AVAST Software\Avast\defs\15052502\algo.dll
2015-01-21 15:58 - 2015-01-21 15:58 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-31 15:46 - 2015-05-25 18:31 - 40518200 _____ () C:\Users\Ashley Favara\AppData\Roaming\Spotify\libcef.dll
2014-08-14 19:53 - 2014-08-14 19:53 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-25 18:20 - 2015-05-22 15:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-25 18:20 - 2015-05-22 15:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-03-31 15:46 - 2015-05-25 18:30 - 01365560 _____ () C:\Users\Ashley Favara\AppData\Roaming\Spotify\libglesv2.dll
2015-03-31 15:46 - 2015-05-25 18:30 - 00219192 _____ () C:\Users\Ashley Favara\AppData\Roaming\Spotify\libegl.dll
2015-03-31 15:46 - 2015-03-31 15:46 - 09305656 _____ () C:\Users\Ashley Favara\AppData\Roaming\Spotify\pdf.dll
2015-03-31 15:46 - 2015-05-25 18:30 - 00990776 _____ () C:\Users\Ashley Favara\AppData\Roaming\Spotify\ffmpegsumo.dll
2014-12-03 18:27 - 2014-12-03 18:27 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2013-10-08 13:54 - 2010-03-03 22:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-05-25 19:12 - 2015-05-25 19:12 - 00043008 _____ () c:\Users\Ashley Favara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyyjaq0.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00750080 _____ () C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00047616 _____ () C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00865280 _____ () C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00200704 _____ () C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1356638605-569504071-3264840808-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ashley Favara\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 4.2.2.2
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [sPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [sPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1A71BC65-5D9F-4CBC-A92C-CFEE3C1BA4DD}] => (Allow) C:\Users\Ashley Favara\AppData\Local\Temp\7zS07FA\hppiw.exe
FirewallRules: [{FACF7FDD-D548-49AF-9C4F-314F2A394CD0}] => (Allow) C:\Users\Ashley Favara\AppData\Local\Temp\7zS07FA\hppiw.exe
FirewallRules: [{7B0B4269-4785-415D-B285-709CE72BC495}] => (Allow) C:\Users\Ashley Favara\AppData\Local\Temp\7zS0CA8\hppiw.exe
FirewallRules: [{E353258C-1E6E-4E08-A408-FCC62529F925}] => (Allow) C:\Users\Ashley Favara\AppData\Local\Temp\7zS0CA8\hppiw.exe
FirewallRules: [{6CCCB115-4D7C-4C3B-91F1-911247AB788C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2039310C-3FED-4E6A-9B1B-F2A50A70252C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{592E9266-43A2-4227-A927-21DAA23228BF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{0CE3C229-CD2B-4852-BFD7-0A0050F0168C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{6EAAD38B-E76A-43D2-8ACF-64ADB46E32AD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{CE227041-95E2-4943-88B2-2AFB4D802A24}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B6A200B1-A5E9-4AA5-9715-93FE2D2E014B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{E6A126C2-0C70-4435-ADE7-DD95826F838E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{672D2D8E-18D5-4891-87C9-13B3C4D5BBDA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{06FF8F8B-C7D0-492D-BD3D-569D001529EF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{36B9A465-C8EC-4DBF-A21F-B1262F939ED7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{B5E2F330-019F-4095-A43C-D616C148DA1F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3953C054-8D0B-4AC8-9CBD-07656FF832BF}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{4CE7B93B-BE42-4B6F-9543-CA0B53104220}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{154ECA8B-A9B5-4FF0-AC2F-EE80034D665D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{710FB585-F0AB-4139-8032-FA855E96D2E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{F1D3525A-151D-4214-98AB-F07460A8F844}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1F2DD39B-6928-4886-8CB3-A38E921F30DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{3EA28441-30A3-44F5-BB6A-F6FCCCD3375D}C:\users\ashley favara\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ashley favara\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{B461DB0C-B245-4D83-97B9-4EC5D720D8A7}C:\users\ashley favara\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ashley favara\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{36C792D4-E14F-461D-98E1-35B691F33596}C:\users\ashley favara\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ashley favara\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{0BEA39A0-F2F2-4E63-B151-EED86EDCD879}C:\users\ashley favara\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ashley favara\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A19696B4-CB91-499E-ABCF-F92A998DA75B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{4BD69382-8DB8-40D1-A885-721639A63ECD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{EE0C1D89-532F-465D-8199-58312F48A9B3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2A8CDC3E-8DB5-418E-A44A-ACF096CA2EB4}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{27A40A85-015C-471C-9203-8E7D2283D683}] => (Allow) C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E07BE82F-00FE-41E7-8B0C-DE0C0BBBF59C}] => (Allow) C:\Users\Ashley Favara\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{BC467A36-28C9-4531-BC7E-DBB968F470D2}C:\users\ashley favara\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ashley favara\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [uDP Query User{96EDA77C-2EB9-42D2-95B5-63F4748AFDBE}C:\users\ashley favara\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ashley favara\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C0E517D8-30F1-4EED-89BF-0D8955F72C30}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8C95133D-688B-45C2-8B4B-2DE1F4279F11}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{59004864-BD99-49EE-989E-A21DEA850E9F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5267CE1D-FFF1-441F-B8C3-F1464E52FBE1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A3B7B570-FCBF-4004-9D9C-2AB02B1FB751}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{54D4A726-65B2-459D-8401-1C428EA42AEA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/08/2015 01:45:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (06/08/2015 00:55:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4916543
 
Error: (06/08/2015 00:55:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4916543
 
Error: (06/08/2015 00:55:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/08/2015 00:55:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4915529
 
Error: (06/08/2015 00:55:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4915529
 
Error: (06/08/2015 00:55:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/08/2015 00:55:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4914530
 
Error: (06/08/2015 00:55:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4914530
 
Error: (06/08/2015 00:55:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (05/25/2015 07:04:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Ricoh xD-Picture Card Driver service failed to start due to the following error: 
%%1058
 
Error: (05/25/2015 07:04:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The rimsptsk service failed to start due to the following error: 
%%1058
 
Error: (05/25/2015 07:04:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The rimmptsk service failed to start due to the following error: 
%%1058
 
Error: (05/25/2015 06:50:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Ricoh xD-Picture Card Driver service failed to start due to the following error: 
%%1058
 
Error: (05/25/2015 06:50:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The rimsptsk service failed to start due to the following error: 
%%1058
 
Error: (05/25/2015 06:50:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The rimmptsk service failed to start due to the following error: 
%%1058
 
Error: (05/25/2015 06:49:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
 
Error: (05/25/2015 06:45:45 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}
 
Error: (05/25/2015 06:45:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (05/25/2015 06:45:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office:
=========================
Error: (06/08/2015 01:45:45 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1
 
Error: (06/08/2015 00:55:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4916543
 
Error: (06/08/2015 00:55:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4916543
 
Error: (06/08/2015 00:55:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/08/2015 00:55:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4915529
 
Error: (06/08/2015 00:55:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4915529
 
Error: (06/08/2015 00:55:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/08/2015 00:55:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4914530
 
Error: (06/08/2015 00:55:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4914530
 
Error: (06/08/2015 00:55:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-02 15:50:59.821
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Ashley Favara\AppData\Local\Temp\{E44BFEC1-0F6D-4F5A-9C09-76B03C6BF958}\{0DFF25A2-876E-4E5D-B97A-78BD400AE68B}\cmiainfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-02-02 15:50:59.775
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Ashley Favara\AppData\Local\Temp\{E44BFEC1-0F6D-4F5A-9C09-76B03C6BF958}\{0DFF25A2-876E-4E5D-B97A-78BD400AE68B}\cmiainfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 61%
Total physical RAM: 3887.43 MB
Available physical RAM: 1513.87 MB
Total Pagefile: 7773.05 MB
Available Pagefile: 4595.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:143.63 GB) (Free:81.24 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: EA255B04)
Partition 1: (Active) - (Size=5.4 GB) - (Type=27)
Partition 2: (Not Active) - (Size=143.6 GB) - (Type=07 NTFS)
 
==================== End of log ============================
Link to post
Share on other sites

51a612a8b27e2-Zoek.png Scan with ZOEK
 
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;autoclean;emptyalltemp;ipconfig /flushdns;b
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Link to post
Share on other sites

I keep trying to upload the results and get the attached error, therefore, I am pasting results inline. Sorry for the inconvenience.

 

 
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Ashley Favara on Thu 06/11/2015 at  7:30:39.01.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ashley Favara\Downloads\zoek.exe [scan all users] [script inserted] 
 
==== Older Logs ======================
 
C:\zoek-results2015-06-11-121040.log 599 bytes
C:\zoek-results2015-06-11-122117.log 564 bytes
 
==== System Restore Info ======================
 
6/11/2015 7:34:23 AM Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\PROGRA~3\NVIDIA deleted successfully
C:\Users\Ashley Favara\AppData\Local\VirtualStore deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hpqwmiex deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hpqwmiex deleted successfully
 
==== Batch Command(s) Run By Tool======================
 
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\Coupons deleted
C:\PROGRA~2\Yahoo! deleted
C:\found.000 deleted
C:\Users\Ashley Favara\AppData\Roaming\Yahoo! deleted
C:\PROGRA~3\Yahoo! Companion deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
 
==== Firefox Extensions Registry ======================
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [08/14/2014 07:53 PM]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [01/27/2014 09:01 PM]
 
==== Firefox Extensions ======================
 
ProfilePath: C:\Users\ASHLEY~1\AppData\Roaming\Mozilla\Firefox\Profiles\nhk7u51g.default
- Firefox Old Version Update Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
 
==== Chromium Look ======================
 
Google Chrome Version: 43.0.2357.124
 
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[08/14/2014 07:52 PM]
 
Bookmark Manager - Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Hotword Shared Module - Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
 
==== Chromium Startpages ======================
 
C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Preferences
references":{},"install_time":"13072225702834538","lastpingday":"13078479596256652","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"en_US","default_locale":"en","description":"Fast,searchable email with less spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"ashleyfavara@gmail.com","username":"ashleyfavara@gmail.com"}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"6D9C71255B644EB222AA631493B0AC272DC137CE05625EC651BB0F75130C3699"},"default_search_provider":{"keyword":"A311B20A9B45209B0CB2F67504D2F67B2D0E1446CDED7AD7A791EB46224E6501","name":"F7DE5CB987FADB02E56C1B27FFA02506031746365E5BFC81F61D77F548200571","search_url":"A55406CBB2D038CB7A0633626D3F7C80337EE35BAFFE9CC60B25DC8540450565"},"default_search_provider_data":{"template_url_data":"BB37D0B35BC2D6CD3A041130461D164A109C02498AE3E82E2E2D15FCC5CF7CE5"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"A17D33C7726260006483D0EF97314D5B11FC0D9A13E0EA9B35E9AEE812C1A810","aohghmighlieiainnegkcijnfilokake":"6B077B16246AA5FD116D7224FE04A43A320306CAA95893C53E8D9B739C47869F","apdfllckaahabafndbhieahigkjlhalf":"9B6E3030EFA8022A77E7B2E1A41D58B5F81E3D237BDD29C7CFFDB7E0B2859673","bepbmhgboaologfdajaanbcjmnhjmhfn":"2E5A2411B95BB62DE66DF83D13935EE15D98A18017012FF1B5F02F7A46306E11","blpcfgokakmgnkcojhhkbfbldkacnbeo":"7723934A2400F5CD929C111AE35591EC65BD79A57315F995889C9C7708178C03","coobgpohoikkiipiblmjeljniedjpjpf":"C2121D1D951DD9A6EFA6AB24F035F421A1E9152F7BDEE6DFF504F3C377BBDA34","dnhpdliibojhegemfjheidglijccjfmc":"CFCF0EB6EA45AF33431E06106FE40C166E4082737711F53BF30F2987B1A72638","eemcgdkfndhakfknompkggombfjjjeno":"823D78B5E5102656058DCE6BE636DD1D815C645F4A106830E352DBEB8F626471","ennkphjdgehloodpbhlhldgbnhmacadg":"E8BEDCB0FDF78902451CD4A50077432F458E447DF73D82C7931A9053EC15D798","gfdkimpbcpahaombhbimeihdjnejgicl":"5DC1B7336642543017C7C7C649B775ACCDFE94FDFA421AE097DC6D07ECB09534","gmlllbghnfkpflemihljekbapjopfjik":"DCF2EBFB246CF6D54163E85138DC165670E4FD4376BA319E3D845E49084D233D","gomekmidlodglbbmalcneegieacbdmki":"1AF6DF1C3472C79C6462E3942C579114BF66F1FE04379D092D1669ABDE2A1F6B","kmendfapggjehodndflmmgagdbamhnfd":"3AF934684B0965204C8D972EC0813A7734CE974D0EAE1ACA1AFF15AFFF04DA11","lccekmodgklaepjeofjdjpbminllajkg":"9472FE671EAFBCAF998564A92BD6705C9FC2D3F8BCE846FE9922AA77C9F898EE","mfehgcgbbipciphmccgaenjidiccnmng":"CAF81F0D569B048EE6B2F3FC0DB530EBA245492AAF057F25840A40F794575A1A","mgndgikekgjfcpckkfioiadnlibdjbkf":"74C09963DE57E21ADEDF68B2A1FE34F41FD3CAC2BF62137163FEEC170D7A65EA","mhjfbmdgcfjbbpaeojofohoefgiehjai":"E14F033B84CC194FA4BA1D09358ACF9F344D03EA7569D5EFCF40D37F5B423C8E","nbpagnldghgfoolbancepceaanlmhfmd":"8CE8126A123510C761C2BD645F41F088273218CF8CF01727B2EE83E1951E7311","neajdppkdcdipfabeoofebfddakdcjhd":"F0BDB474ACDB6BA184889DC5728F94CEAA0A5857510C37BC7C47E28B8D85AEB8","nkeimhogjdpnpccoofpliimaahmaaome":"03A3D2DCCDE98F5A7C7767C49012F78A2EB2C3A04FAD040066663923DF70A502","nmmhkkegccagdldgiimedpiccmgmieda":"C05CAFC196302365FE851991B56E30FBD945F9BA3A611BF798B6875B00541E5C","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"A188461C537CD3B52F93E42108CD94B547C244AA15DE83740CE0532361D90C24","pjkljhegncpnkpknbcohdijeoejaedia":"455D8DD9CE6FB575FA583EF9F9469DFF4E577558A2DFD2579F522E950620AB58"}},"google":{"services":{"last_username":"6DE4B1DC36287D9C7F372C9A22EBF114DCEEB13083C1F831A2994CF4A8C62E78","username":"C67AD5657DF47CEA8303D853AB5316C3EBE7A3337842A18DE37A56AA034FEDDA"}},"homepage":"2BDE906A2338CD73C3B3D1722FFB4154561681AD9BF230C839776BE8B8A94D7A","homepage_is_newtabpage":"63DCF92482798CDC9A5A1BC867566020B014670AFF08D6AB4B2C17F92A80C5E2","pinned_tabs":"9AD17740960FC62C7EA363F85DB54EA39CABF900BF6B5D89F41E33752D89167F","prefs":{"preference_reset_time":"DB36F9E21F9EFF73FA90D1674FCFFB8B8C012C37D4911C87981583B85F8FFA0C"},"profile":{"reset_prompt_memento":"A8D8342678751BAB9B79C55A1B1234BC3DF412A346445106B265618A1DA856B8"},"safebrowsing":{"incidents_sent":"4AD88CFB2BFCC84D15DF9C85FDC70D92053EE78C81C7B0F2E04F29C6DDB8ACCC"},"search_provider_overrides":"CFC9926015B5DF19464077F7372BF283E97DEA73B85576927C3130CE128830E7","session":{"restore_on_startup":"9E8E19E640E33B12D8DB83C0932243436AACB4988F603E30363A5F3BB3D43B75","startup_urls":"381A27B922ADDC4BC90D7C50AD3843B445653063D96E56768572425836217DA5"},"software_reporter":{"prompt_reason":"55AD36762228BE8740EDECEEE8CED75B9F4FFF46685A146B8894DC28B30BD2B8","prompt_seed":"F89D1E5353A07FDE02D2BE5269F0717768A9C95510A440EDBE4E5B509DC7D721","prompt_version":"E1F8EC8E1962C4D798640E19A203268A17095025698916427EBE5BA232C448E4"},"sync":{"remaining_rollback_tries":"7A862D9123FFC1596D60930476E24FF96AB94AE9925D372D6E05C65BAC3D08DD"}},"super_mac":"CF32193E74BC153269DD0583E3DA8EFCDBAC7F20C20FA12370949BAF5481D8ED"},"sync":{"remaining_rollback_tries":0}}
 
 
==== Chromium Fix ======================
 
C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully
C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully
C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.gradesaver.com_0.localstorage deleted successfully
C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.gradesaver.com_0.localstorage-journal deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
==== All HKCU SearchScopes ======================
 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
 
==== Deleting CLSID Registry Keys ======================
 
HKEY_USERS\S-1-5-21-1356638605-569504071-3264840808-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-1356638605-569504071-3264840808-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-1356638605-569504071-3264840808-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_USERS\S-1-5-21-1356638605-569504071-3264840808-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_USERS\S-1-5-21-1356638605-569504071-3264840808-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_USERS\S-1-5-21-1356638605-569504071-3264840808-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} deleted successfully
 
==== Deleting CLSID Registry Values ======================
 
HKEY_USERS\S-1-5-21-1356638605-569504071-3264840808-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.0 deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ashley Favara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ashley Favara\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
C:\Users\Ashley Favara\AppData\Local\Mozilla\Firefox\Profiles\nhk7u51g.default\Cache emptied successfully
 
==== Empty Chrome Cache ======================
 
C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
No Java Cache Found
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=23 folders=5 2193803 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Ashley Favara\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\ASHLEY~1\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== EOF on Thu 06/11/2015 at  8:12:18.69 ======================
 

post-163775-0-32941700-1434034474_thumb.

Link to post
Share on other sites

Don't worry ;)

 

 

We need to run one more Zoek fix.

 

 

51a612a8b27e2-Zoek.png Fix with ZOEK
 

 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;C:\Users\Ashley Favara\AppData\Local\Google\Chrome\User Data\Default\Preferences;fchrdefaults;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.