Jump to content

I'm infected with s.hklmm.com - help!


Recommended Posts

I have been unsuccessful at removing the s.hklmm.com virus that has infected my computer. Please help me get rid of it!

 

Here is my log from the Farbar scan:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by Rebekah at 2015-07-10 12:41:10
Running from C:\Users\Rebekah\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3917129107-1040993877-1650463427-500 - Administrator - Disabled)
Guest (S-1-5-21-3917129107-1040993877-1650463427-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3917129107-1040993877-1650463427-1005 - Limited - Enabled)
Josh (S-1-5-21-3917129107-1040993877-1650463427-1006 - Limited - Enabled) => C:\Users\Josh
Rebekah (S-1-5-21-3917129107-1040993877-1650463427-1001 - Administrator - Enabled) => C:\Users\Rebekah

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Canon G.726 WMP-Decoder (HKLM-x32\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.6.0.12 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.2.7 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 2.6.0.4 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 0.9.3.9 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC (HKLM-x32\...\CameraWindowDC) (Version: 7.1.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM-x32\...\MyCameraDC) (Version: 7.0.1.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities RemoteCapture DC (HKLM-x32\...\RemoteCaptureDC) (Version: 3.0.1.8 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
CCB "E Safety" Internet Banking security components  1.0.8.6 (HKLM-x32\...\CCB "E Safety" Internet Banking security components Setup) (Version: 1.0.8.6 - China Construction Bank)
Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_05_F4400_Software_Min (x32 Version: 140.0.841.000 - Hewlett-Packard) Hidden
F4400 (x32 Version: 140.0.841.000 - Hewlett-Packard) Hidden
Free Desktop Timer 1.2 (HKLM-x32\...\Free Desktop Timer_is1) (Version:  - Drive Software Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (HKLM\...\{82D96D11-AF74-4449-8811-4D6CE66FEF63}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8e41467d-297e-496d-8b0f-e771b6c87c06}) (Version: 16.11.0 - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MobileWiFi Driver (HKLM-x32\...\MobileWiFi Driver) (Version:  - )
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NTI Backup Now EZ (HKLM-x32\...\InstallShield_{B9ECA41B-55CC-4654-B6B5-6731D009EC69}) (Version: 1.1.2.97 - NewTech Infosystems)
NTI Backup Now EZ (x32 Version: 1.1.2.97 - NewTech Infosystems) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)
Peace Corps VRF (HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\...\207282067.files.peacecorps.gov) (Version:  - files.peacecorps.gov)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 3.2 - PureVPN)
QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4700 - SRS Labs, Inc.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.1.0001 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM\...\TosPU_is1) (Version: 0.0.64.19B - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B483D427-9702-4BE1-B171-756D0C3E230E}) (Version: 2.4.6 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.42.120  - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3917129107-1040993877-1650463427-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points =========================

09-07-2015 17:01:32 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12D43328-D200-42D2-B4BF-69F2951826E0} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3917129107-1040993877-1650463427-1001
Task: {24F33531-7BA5-4293-B9B7-5ECD059A8E02} - \Optimize Start Menu Cache Files-S-1-5-21-3917129107-1040993877-1650463427-1006 No Task File <==== ATTENTION
Task: {3CAECE5C-CF29-4A0F-B148-47058476606F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01] (Adobe Systems Incorporated)
Task: {5F36AD10-9DE9-4B71-88FB-AB5FE5D62BCD} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-08-24] (TOSHIBA Corporation)
Task: {656E018B-B4ED-4971-B6BA-06AB4E99FEE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {759E9331-8E63-468A-B611-6C7B4717AAF1} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.8.0.32\SymErr.exe
Task: {7B5496D1-675F-4362-9721-960439508C4F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {82F9C494-B1FF-4E19-9BCB-60C7C22E8D5B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {9ACD0122-FC4E-48C6-8E25-10AE1FC37591} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-20] (Synaptics Incorporated)
Task: {9B959156-A93E-4F1B-8069-6A2DAFADAB9F} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.8.0.32\SymErr.exe
Task: {9BE29C0F-C07C-42B9-8144-7FC489DDA26E} - \Optimize Start Menu Cache Files-S-1-5-21-3917129107-1040993877-1650463427-500 No Task File <==== ATTENTION
Task: {E0115275-768B-451E-BF8C-943F39FCEAE0} - System32\Tasks\{B23019EB-569D-4960-A1CB-061731DFCC66} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.6.0.103&LastError=12002
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-08-31 18:31 - 2012-09-18 15:27 - 00192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2014-08-31 18:31 - 2012-09-18 15:27 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-08-31 18:31 - 2012-09-18 15:27 - 03162624 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\suhp1020.dll
2014-08-31 18:31 - 2012-09-18 15:27 - 01236992 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\gchp1020.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-19 10:38 - 2012-07-19 10:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 10:38 - 2012-07-19 10:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-05 07:01 - 2012-08-05 07:01 - 00213136 _____ () C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
2011-08-13 06:57 - 2011-08-13 06:57 - 00437632 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2012-08-14 11:13 - 2012-08-14 11:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2013-09-21 16:22 - 2013-09-21 16:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-02-21 17:39 - 2015-02-21 17:39 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\5c9c0b89a558d0e589c254af6b1ca238\Windows.UI.ni.dll
2015-02-21 17:39 - 2015-02-21 17:39 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\e291aa8a59dc390d0cdf99d3c6d8b6e5\Windows.Data.ni.dll
2015-01-26 21:38 - 2015-01-26 21:38 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\b3972424579e18e6699549ecb948c4ef\Windows.Foundation.ni.dll
2014-08-31 18:31 - 2012-09-18 15:27 - 00676864 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\sdhp1020.dll
2008-09-30 05:37 - 2008-09-30 05:37 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\sqlite3.dll
2013-01-09 01:10 - 2012-06-26 17:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-21 02:17 - 2014-01-21 02:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-07-11 00:07 - 2013-07-11 00:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2015-01-18 12:40 - 2014-04-08 11:55 - 00037888 _____ () C:\WINDOWS\system32\WatchData\Watchdata CCB OCL CSP v3.2\UIResE3.DLL
2015-01-18 12:40 - 2014-04-30 15:54 - 00176520 _____ () C:\WINDOWS\system32\WatchData\Watchdata CCB OCL CSP v3.2\hodll.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Josh\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Rebekah\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7872 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rebekah\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 199.244.117.3 - 46.23.70.70

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "CCBCertificate"
HKLM\...\StartupApproved\Run: => "wdcertm_ccb"
HKLM\...\StartupApproved\Run32: => "USBKeyTools.exe"
HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\...\StartupApproved\Run: => "FreeDesktopTimer"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DD5D1B56-A1CB-4DB2-B6E4-BB1B4A8628E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4A2A17E2-4B4B-439C-90C5-429EE490E7E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{60FEFEE5-BDE7-4C1A-960E-385B711E77F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D1368BD-D2CC-44C9-A2D7-BAA26FEBA1FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BD61F73F-75EB-44F4-8C78-61FAE490A791}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{9C0D0986-F885-47E6-B9D6-380C11D0C7FF}] => (Allow) LPort=1900
FirewallRules: [{BC958A0B-3024-4A77-8ED1-F6DD34153BEC}] => (Allow) LPort=2869
FirewallRules: [{3B8D4488-E1C1-41CE-923F-8E6D157A50F9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7444BCC7-D8CC-453E-A44F-7756254B5F49}] => (Allow) C:\Users\Rebekah\AppData\Local\Temp\7zS7EDC\hppiw.exe
FirewallRules: [{A15878C1-2B14-4B01-B249-7BCFF6349F83}] => (Allow) C:\Users\Rebekah\AppData\Local\Temp\7zS7EDC\hppiw.exe
FirewallRules: [{DD05E6BE-1C1F-4FE8-AB8C-84648BB6F41E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{B7CD7451-B223-4637-BD42-770CCF6AE0F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{179F4D02-F575-4E4B-A954-F00A88E9A9BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{8C3927D8-7DB2-4898-88EA-C44545CBD459}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{6B953F8C-73B5-4827-BEB4-6C10541C9DE5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{1DF04E6B-55E6-45A3-99FE-5E38DEC44018}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FEB2F71B-8D34-4D3A-BD0C-54C31DE0E6D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{AE8D9BFB-72A8-44D7-ADC1-E123C0C3E8C7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{EEAB912D-7A3F-4270-B442-6CB9D373995C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{4D575097-C5E0-4A34-8B10-F7FD0F303856}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{F6FF74B3-73CB-4E25-9AC9-9A3CB7254071}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A1DF9076-CE76-4784-9F23-D32EEBEBA5A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{C3F30A03-B1BD-4447-AF35-42AEDD32421E}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [TCP Query User{FB9A3558-7DB9-48E3-A16C-A2D9D24CEABB}C:\users\rebekah\appdata\roaming\mozilla\firefox\profiles\878jgj3k.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Block) C:\users\rebekah\appdata\roaming\mozilla\firefox\profiles\878jgj3k.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [uDP Query User{C58BB749-E1DA-49A6-8606-D835312FB7B0}C:\users\rebekah\appdata\roaming\mozilla\firefox\profiles\878jgj3k.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Block) C:\users\rebekah\appdata\roaming\mozilla\firefox\profiles\878jgj3k.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [{EBBFCA52-8F81-4845-8326-7C3A87D81368}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7E004D5D-72B6-41F5-91BC-36DC6C47258D}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BC027CE3-55D5-424E-8DC9-BD940B6EC98D}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{73772D76-4495-4C26-B791-00026C28BD45}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{E267361F-7FAD-4463-B709-C9550BA990EF}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{DCEF6382-C03E-4A40-B5AB-91F9AC311475}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{280B0984-7B8B-4649-BB6D-782B38FEAD25}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E5739DC4-D003-49F8-AB30-2D9BD6E78884}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{48409AC4-5D8C-4156-B562-C490F1227089}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1115ECE4-8243-44EB-A3C2-34D989FDF3C9}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{328281E8-343E-41DC-B092-2F0978EAB14E}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{C08D862E-A69F-486C-8D88-2D0E7A6A0B7A}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{2EC6A23D-CF8E-44B5-8E82-EF218D2EDD5A}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{A33C7279-6E50-4E42-8787-EFDF69EF9CED}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{E908B518-46D7-4AC7-AB2D-576F30C27562}] => (Allow) C:\Program Files (x86)\GoForFiles\GoforFiles.exe
FirewallRules: [{508349ED-31FC-46D4-8B6F-5D69F24CD9D4}] => (Allow) C:\Program Files (x86)\GoForFiles\GoforFiles.exe
FirewallRules: [TCP Query User{C135137C-F352-4EDB-BC5E-5A6604D69359}C:\program files (x86)\goforfiles\goforfilesdl.exe] => (Block) C:\program files (x86)\goforfiles\goforfilesdl.exe
FirewallRules: [uDP Query User{5E34EC53-E837-4462-9EAD-BCEE9896C74A}C:\program files (x86)\goforfiles\goforfilesdl.exe] => (Block) C:\program files (x86)\goforfiles\goforfilesdl.exe
FirewallRules: [{15B2DD97-D5BD-4610-BDE9-E1C3D5CDBF9C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{128F6391-755E-49DE-883B-B5919200FDB1}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{B1114D9C-A336-4D5E-BB26-218D68D4707C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{46D55345-C365-48B7-9363-84A5C1F6761C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{69684F74-D317-423E-9221-628816E9DF0C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{58B69676-056B-4DA6-AE6A-96613329367C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{F990F98F-B9DC-4FAD-A2C7-01330987C219}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87628BC8-5015-417E-940E-2037FF7EDCB1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9AA14D7-506B-4307-8DA1-9ACA364E65FE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{7701CBFE-8A25-42C7-BB3C-CE4EA3E46167}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [uDP Query User{3F5389C6-4512-4B64-A136-0C6845D4AEC6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{DC42A4F0-5E1D-4F2A-8FF9-9BBF8B321863}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2015 11:39:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 39.0.0.5659, time stamp: 0x55933a80
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc000000d
Fault offset: 0x000f4da4
Faulting process id: 0x340c
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Faulting package full name: firefox.exe4
Faulting package-relative application ID: firefox.exe5

Error: (07/10/2015 11:38:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 39.0.0.5659, time stamp: 0x55933a80
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc000000d
Fault offset: 0x000f4da4
Faulting process id: 0xb68
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Faulting package full name: firefox.exe4
Faulting package-relative application ID: firefox.exe5

Error: (07/10/2015 11:38:13 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={02758847-5CA9-414D-A487-305BB5A88160}: The user SYSTEM dialed a connection named PureVPN which has failed. The error code returned on failure is 868.

Error: (07/10/2015 11:03:36 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={B43F3F1A-0C74-4D62-BECD-EF0D6EAA50AF}: The user SYSTEM dialed a connection named PureVPN which has failed. The error code returned on failure is 800.

Error: (07/10/2015 11:03:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 39.0.0.5659, time stamp: 0x55933a80
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc000000d
Fault offset: 0x000f4da4
Faulting process id: 0x14bc
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Faulting package full name: firefox.exe4
Faulting package-relative application ID: firefox.exe5

Error: (07/10/2015 10:56:31 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={3A19B491-633B-447B-A292-CA032BC84C6D}: The user SYSTEM dialed a connection named PureVPN which has failed. The error code returned on failure is 0.

Error: (07/10/2015 10:56:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 39.0.0.5659, time stamp: 0x55933a80
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc000000d
Fault offset: 0x000f4da4
Faulting process id: 0x1144
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Faulting package full name: firefox.exe4
Faulting package-relative application ID: firefox.exe5

Error: (07/10/2015 10:55:58 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: REBEKAH-PC)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (07/10/2015 10:55:58 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: REBEKAH-PC)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (07/10/2015 10:55:58 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: REBEKAH-PC)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0


System errors:
=============
Error: (07/10/2015 00:42:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:41:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:32:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:27:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:22:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053


Microsoft Office:
=========================
Error: (10/08/2013 02:55:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 21 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-06-08 12:32:52.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 43%
Total physical RAM: 8093.85 MB
Available physical RAM: 4562.5 MB
Total Virtual: 16593.85 MB
Available Virtual: 12736.31 MB

==================== Drives ================================

Drive c: (TI10659100C) (Fixed) (Total:656.6 GB) (Free:557.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

Link to post
Share on other sites

  • Staff

51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:

    createsrpoint;autoclean;emptyalltemp;ipconfig /flushdns;b
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
Link to post
Share on other sites

Here it is:

 

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Rebekah on Sat 07/11/2015 at 19:37:13.46.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rebekah\Desktop\zoek.exe [scan all users] [script inserted]

===== Runcheck 19:38:18.10 =====

--- Create Environment Variables 19:38:21.41
--- Create System Restore Point 19:38:42.21
--- Checking Input 19:39:25.28
--- AU AppData Check 19:39:45.95
--- Remove From Windows Installer 19:39:55.78
--- Empty Folders Check 19:42:09.49
--- Registry HKLM Software Check 19:42:09.53
--- Quick Launch Shortcut Check 19:42:45.45
--- IE Startpage Check 19:42:51.46
--- Program Files DB Check 19:43:27.91
--- C:\Users\Default\AppData\Roaming DB Check 19:45:37.02
--- C:\Users\Default User\AppData\Roaming DB Check 19:45:37.02
 

Link to post
Share on other sites

  • Staff

FRST.gif Scan with Farbar Recovery Scan Tool

 

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please upload them into your next reply.
Link to post
Share on other sites

  • Staff

FRST.gif Fix with Farbar Recovery Scan Tool

 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif

icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 

Download attached fixlist.txt file and save it to the Desktop:

 

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites

  • Staff

Let's do it this way:

- Uninstall Firefox (Programs and Features)

Then

Click Start, copy in search %appdata%\ Then delete folder Mozilla

Click Start, copy in search %LOCALAPPDATA%\ delete folder Mozilla

Then delete following folders:

C:\Program Files (x86)\mozilla firefox

C:\Program Files (x86)\Mozilla Maintenance Service

Restart your PC.

Then install Firefox again.

https://www.mozilla.org/en-US/firefox/new/

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.