I'm infected with s.hklmm.com - help!

[Dagny]

I have been unsuccessful at removing the s.hklmm.com virus that has infected my computer. Please help me get rid of it!

 

Here is my log from the Farbar scan:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by Rebekah at 2015-07-10 12:41:10
Running from C:\Users\Rebekah\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3917129107-1040993877-1650463427-500 - Administrator - Disabled)
Guest (S-1-5-21-3917129107-1040993877-1650463427-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3917129107-1040993877-1650463427-1005 - Limited - Enabled)
Josh (S-1-5-21-3917129107-1040993877-1650463427-1006 - Limited - Enabled) => C:\Users\Josh
Rebekah (S-1-5-21-3917129107-1040993877-1650463427-1001 - Administrator - Enabled) => C:\Users\Rebekah

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Canon G.726 WMP-Decoder (HKLM-x32\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.6.0.12 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.2.7 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 2.6.0.4 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 0.9.3.9 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.1.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC (HKLM-x32\...\CameraWindowDC) (Version: 7.1.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.4.2.16 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 6.4.0.5 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM-x32\...\MyCameraDC) (Version: 7.0.1.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.21.45 - Canon Inc.)
Canon Utilities RemoteCapture DC (HKLM-x32\...\RemoteCaptureDC) (Version: 3.0.1.8 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.7.1.9 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.1.1.21 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.1.0.8 - Canon Inc.)
CCB "E Safety" Internet Banking security components  1.0.8.6 (HKLM-x32\...\CCB "E Safety" Internet Banking security components Setup) (Version: 1.0.8.6 - China Construction Bank)
Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_05_F4400_Software_Min (x32 Version: 140.0.841.000 - Hewlett-Packard) Hidden
F4400 (x32 Version: 140.0.841.000 - Hewlett-Packard) Hidden
Free Desktop Timer 1.2 (HKLM-x32\...\Free Desktop Timer_is1) (Version:  - Drive Software Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5 (HKLM\...\{82D96D11-AF74-4449-8811-4D6CE66FEF63}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8e41467d-297e-496d-8b0f-e771b6c87c06}) (Version: 16.11.0 - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MobileWiFi Driver (HKLM-x32\...\MobileWiFi Driver) (Version:  - )
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NTI Backup Now EZ (HKLM-x32\...\InstallShield_{B9ECA41B-55CC-4654-B6B5-6731D009EC69}) (Version: 1.1.2.97 - NewTech Infosystems)
NTI Backup Now EZ (x32 Version: 1.1.2.97 - NewTech Infosystems) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)
Peace Corps VRF (HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\...\207282067.files.peacecorps.gov) (Version:  - files.peacecorps.gov)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PureVPN (HKLM-x32\...\PureVPN_is1) (Version: 3.2 - PureVPN)
QQ International (HKLM-x32\...\{3CA54984-A14B-42FE-9FF1-7EA90151D725}) (Version: 1.91.1369.0 - Tencent Technology(Shenzhen) Company Limited)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SRS Premium Sound Control Panel (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4700 - SRS Labs, Inc.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.2 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
Toshiba Book Place (HKLM-x32\...\{24B45620-22B6-4E4A-B836-FF30A0B0404E}) (Version: 3.1.9534 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.1.0001 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.1.1 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM\...\TosPU_is1) (Version: 0.0.64.19B - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B483D427-9702-4BE1-B171-756D0C3E230E}) (Version: 2.4.6 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.42.120  - Toshiba Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3917129107-1040993877-1650463427-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rebekah\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

==================== Restore Points =========================

09-07-2015 17:01:32 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12D43328-D200-42D2-B4BF-69F2951826E0} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3917129107-1040993877-1650463427-1001
Task: {24F33531-7BA5-4293-B9B7-5ECD059A8E02} - \Optimize Start Menu Cache Files-S-1-5-21-3917129107-1040993877-1650463427-1006 No Task File <==== ATTENTION
Task: {3CAECE5C-CF29-4A0F-B148-47058476606F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01] (Adobe Systems Incorporated)
Task: {5F36AD10-9DE9-4B71-88FB-AB5FE5D62BCD} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-08-24] (TOSHIBA Corporation)
Task: {656E018B-B4ED-4971-B6BA-06AB4E99FEE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {759E9331-8E63-468A-B611-6C7B4717AAF1} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.8.0.32\SymErr.exe
Task: {7B5496D1-675F-4362-9721-960439508C4F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {82F9C494-B1FF-4E19-9BCB-60C7C22E8D5B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {9ACD0122-FC4E-48C6-8E25-10AE1FC37591} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-20] (Synaptics Incorporated)
Task: {9B959156-A93E-4F1B-8069-6A2DAFADAB9F} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.8.0.32\SymErr.exe
Task: {9BE29C0F-C07C-42B9-8144-7FC489DDA26E} - \Optimize Start Menu Cache Files-S-1-5-21-3917129107-1040993877-1650463427-500 No Task File <==== ATTENTION
Task: {E0115275-768B-451E-BF8C-943F39FCEAE0} - System32\Tasks\{B23019EB-569D-4960-A1CB-061731DFCC66} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=7.6.0.103&LastError=12002
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-08-31 18:31 - 2012-09-18 15:27 - 00192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2014-08-31 18:31 - 2012-09-18 15:27 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-08-31 18:31 - 2012-09-18 15:27 - 03162624 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\suhp1020.dll
2014-08-31 18:31 - 2012-09-18 15:27 - 01236992 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\gchp1020.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-19 10:38 - 2012-07-19 10:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 10:38 - 2012-07-19 10:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-05 07:01 - 2012-08-05 07:01 - 00213136 _____ () C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
2011-08-13 06:57 - 2011-08-13 06:57 - 00437632 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2012-08-14 11:13 - 2012-08-14 11:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2013-09-21 16:22 - 2013-09-21 16:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-02-21 17:39 - 2015-02-21 17:39 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\5c9c0b89a558d0e589c254af6b1ca238\Windows.UI.ni.dll
2015-02-21 17:39 - 2015-02-21 17:39 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\e291aa8a59dc390d0cdf99d3c6d8b6e5\Windows.Data.ni.dll
2015-01-26 21:38 - 2015-01-26 21:38 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\b3972424579e18e6699549ecb948c4ef\Windows.Foundation.ni.dll
2014-08-31 18:31 - 2012-09-18 15:27 - 00676864 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\sdhp1020.dll
2008-09-30 05:37 - 2008-09-30 05:37 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Backup Now EZ\sqlite3.dll
2013-01-09 01:10 - 2012-06-26 17:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-21 02:17 - 2014-01-21 02:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-07-11 00:07 - 2013-07-11 00:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2015-01-18 12:40 - 2014-04-08 11:55 - 00037888 _____ () C:\WINDOWS\system32\WatchData\Watchdata CCB OCL CSP v3.2\UIResE3.DLL
2015-01-18 12:40 - 2014-04-30 15:54 - 00176520 _____ () C:\WINDOWS\system32\WatchData\Watchdata CCB OCL CSP v3.2\hodll.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Josh\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Rebekah\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7872 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rebekah\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 199.244.117.3 - 46.23.70.70

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "CCBCertificate"
HKLM\...\StartupApproved\Run: => "wdcertm_ccb"
HKLM\...\StartupApproved\Run32: => "USBKeyTools.exe"
HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3917129107-1040993877-1650463427-1001\...\StartupApproved\Run: => "FreeDesktopTimer"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DD5D1B56-A1CB-4DB2-B6E4-BB1B4A8628E8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4A2A17E2-4B4B-439C-90C5-429EE490E7E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{60FEFEE5-BDE7-4C1A-960E-385B711E77F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2D1368BD-D2CC-44C9-A2D7-BAA26FEBA1FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BD61F73F-75EB-44F4-8C78-61FAE490A791}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{9C0D0986-F885-47E6-B9D6-380C11D0C7FF}] => (Allow) LPort=1900
FirewallRules: [{BC958A0B-3024-4A77-8ED1-F6DD34153BEC}] => (Allow) LPort=2869
FirewallRules: [{3B8D4488-E1C1-41CE-923F-8E6D157A50F9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7444BCC7-D8CC-453E-A44F-7756254B5F49}] => (Allow) C:\Users\Rebekah\AppData\Local\Temp\7zS7EDC\hppiw.exe
FirewallRules: [{A15878C1-2B14-4B01-B249-7BCFF6349F83}] => (Allow) C:\Users\Rebekah\AppData\Local\Temp\7zS7EDC\hppiw.exe
FirewallRules: [{DD05E6BE-1C1F-4FE8-AB8C-84648BB6F41E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{B7CD7451-B223-4637-BD42-770CCF6AE0F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{179F4D02-F575-4E4B-A954-F00A88E9A9BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{8C3927D8-7DB2-4898-88EA-C44545CBD459}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{6B953F8C-73B5-4827-BEB4-6C10541C9DE5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{1DF04E6B-55E6-45A3-99FE-5E38DEC44018}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FEB2F71B-8D34-4D3A-BD0C-54C31DE0E6D6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{AE8D9BFB-72A8-44D7-ADC1-E123C0C3E8C7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{EEAB912D-7A3F-4270-B442-6CB9D373995C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{4D575097-C5E0-4A34-8B10-F7FD0F303856}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{F6FF74B3-73CB-4E25-9AC9-9A3CB7254071}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A1DF9076-CE76-4784-9F23-D32EEBEBA5A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{C3F30A03-B1BD-4447-AF35-42AEDD32421E}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [TCP Query User{FB9A3558-7DB9-48E3-A16C-A2D9D24CEABB}C:\users\rebekah\appdata\roaming\mozilla\firefox\profiles\878jgj3k.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Block) C:\users\rebekah\appdata\roaming\mozilla\firefox\profiles\878jgj3k.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [uDP Query User{C58BB749-E1DA-49A6-8606-D835312FB7B0}C:\users\rebekah\appdata\roaming\mozilla\firefox\profiles\878jgj3k.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Block) C:\users\rebekah\appdata\roaming\mozilla\firefox\profiles\878jgj3k.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [{EBBFCA52-8F81-4845-8326-7C3A87D81368}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7E004D5D-72B6-41F5-91BC-36DC6C47258D}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BC027CE3-55D5-424E-8DC9-BD940B6EC98D}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{73772D76-4495-4C26-B791-00026C28BD45}] => (Allow) C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe
FirewallRules: [{E267361F-7FAD-4463-B709-C9550BA990EF}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{DCEF6382-C03E-4A40-B5AB-91F9AC311475}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{280B0984-7B8B-4649-BB6D-782B38FEAD25}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E5739DC4-D003-49F8-AB30-2D9BD6E78884}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{48409AC4-5D8C-4156-B562-C490F1227089}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1115ECE4-8243-44EB-A3C2-34D989FDF3C9}] => (Allow) C:\Users\Rebekah\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{328281E8-343E-41DC-B092-2F0978EAB14E}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{C08D862E-A69F-486C-8D88-2D0E7A6A0B7A}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFileDownloader.exe
FirewallRules: [{2EC6A23D-CF8E-44B5-8E82-EF218D2EDD5A}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{A33C7279-6E50-4E42-8787-EFDF69EF9CED}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{E908B518-46D7-4AC7-AB2D-576F30C27562}] => (Allow) C:\Program Files (x86)\GoForFiles\GoforFiles.exe
FirewallRules: [{508349ED-31FC-46D4-8B6F-5D69F24CD9D4}] => (Allow) C:\Program Files (x86)\GoForFiles\GoforFiles.exe
FirewallRules: [TCP Query User{C135137C-F352-4EDB-BC5E-5A6604D69359}C:\program files (x86)\goforfiles\goforfilesdl.exe] => (Block) C:\program files (x86)\goforfiles\goforfilesdl.exe
FirewallRules: [uDP Query User{5E34EC53-E837-4462-9EAD-BCEE9896C74A}C:\program files (x86)\goforfiles\goforfilesdl.exe] => (Block) C:\program files (x86)\goforfiles\goforfilesdl.exe
FirewallRules: [{15B2DD97-D5BD-4610-BDE9-E1C3D5CDBF9C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{128F6391-755E-49DE-883B-B5919200FDB1}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{B1114D9C-A336-4D5E-BB26-218D68D4707C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{46D55345-C365-48B7-9363-84A5C1F6761C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{69684F74-D317-423E-9221-628816E9DF0C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\proc.exe
FirewallRules: [{58B69676-056B-4DA6-AE6A-96613329367C}] => (Allow) C:\Program Files (x86)\Bench\Proxy\pwdg.exe
FirewallRules: [{F990F98F-B9DC-4FAD-A2C7-01330987C219}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87628BC8-5015-417E-940E-2037FF7EDCB1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9AA14D7-506B-4307-8DA1-9ACA364E65FE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{7701CBFE-8A25-42C7-BB3C-CE4EA3E46167}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [uDP Query User{3F5389C6-4512-4B64-A136-0C6845D4AEC6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{DC42A4F0-5E1D-4F2A-8FF9-9BBF8B321863}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2015 11:39:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 39.0.0.5659, time stamp: 0x55933a80
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc000000d
Fault offset: 0x000f4da4
Faulting process id: 0x340c
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Faulting package full name: firefox.exe4
Faulting package-relative application ID: firefox.exe5

Error: (07/10/2015 11:38:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 39.0.0.5659, time stamp: 0x55933a80
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc000000d
Fault offset: 0x000f4da4
Faulting process id: 0xb68
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Faulting package full name: firefox.exe4
Faulting package-relative application ID: firefox.exe5

Error: (07/10/2015 11:38:13 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={02758847-5CA9-414D-A487-305BB5A88160}: The user SYSTEM dialed a connection named PureVPN which has failed. The error code returned on failure is 868.

Error: (07/10/2015 11:03:36 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={B43F3F1A-0C74-4D62-BECD-EF0D6EAA50AF}: The user SYSTEM dialed a connection named PureVPN which has failed. The error code returned on failure is 800.

Error: (07/10/2015 11:03:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 39.0.0.5659, time stamp: 0x55933a80
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc000000d
Fault offset: 0x000f4da4
Faulting process id: 0x14bc
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Faulting package full name: firefox.exe4
Faulting package-relative application ID: firefox.exe5

Error: (07/10/2015 10:56:31 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={3A19B491-633B-447B-A292-CA032BC84C6D}: The user SYSTEM dialed a connection named PureVPN which has failed. The error code returned on failure is 0.

Error: (07/10/2015 10:56:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 39.0.0.5659, time stamp: 0x55933a80
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f42c2
Exception code: 0xc000000d
Fault offset: 0x000f4da4
Faulting process id: 0x1144
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
Faulting package full name: firefox.exe4
Faulting package-relative application ID: firefox.exe5

Error: (07/10/2015 10:55:58 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: REBEKAH-PC)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (07/10/2015 10:55:58 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: REBEKAH-PC)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (07/10/2015 10:55:58 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: REBEKAH-PC)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0


System errors:
=============
Error: (07/10/2015 00:42:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:41:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:32:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:27:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053

Error: (07/10/2015 00:22:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error:
%%1053


Microsoft Office:
=========================
Error: (10/08/2013 02:55:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 21 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-06-08 12:32:52.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 43%
Total physical RAM: 8093.85 MB
Available physical RAM: 4562.5 MB
Total Virtual: 16593.85 MB
Available Virtual: 12736.31 MB

==================== Drives ================================

Drive c: (TI10659100C) (Fixed) (Total:656.6 GB) (Free:557.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================

[TwinHeadedEagle]

Hello,

Can you please upload reports instead of pasting? Thanks!

[Dagny]

Yes, I can!

FRST log - R.txt

[TwinHeadedEagle]

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:

  createsrpoint;autoclean;emptyalltemp;ipconfig /flushdns;b

• Make sure that Scan All Users option is checked.
• Push Run Script and wait patiently. The scan may take a couple of minutes.
• When the scan completes, a zoek-results logfile should open in notepad.
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

[Dagny]

Here it is:

 

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Rebekah on Sat 07/11/2015 at 19:37:13.46.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rebekah\Desktop\zoek.exe [scan all users] [script inserted]

===== Runcheck 19:38:18.10 =====

--- Create Environment Variables 19:38:21.41
--- Create System Restore Point 19:38:42.21
--- Checking Input 19:39:25.28
--- AU AppData Check 19:39:45.95
--- Remove From Windows Installer 19:39:55.78
--- Empty Folders Check 19:42:09.49
--- Registry HKLM Software Check 19:42:09.53
--- Quick Launch Shortcut Check 19:42:45.45
--- IE Startpage Check 19:42:51.46
--- Program Files DB Check 19:43:27.91
--- C:\Users\Default\AppData\Roaming DB Check 19:45:37.02
--- C:\Users\Default User\AppData\Roaming DB Check 19:45:37.02
 

[TwinHeadedEagle]

It is not full report. Do you have Zoek-results.log? If not, please run Zoek again.

[Dagny]

Indeed, not a full report. ha! I'm so sorry. Thank you for your patience. You understand now why I cannot fix my computer by myself.

zoek-results - R.txt

[TwinHeadedEagle]

Now it is fine. How is your PC behaving?

[Dagny]

No, I still have s.hlkmm.com pop open a new tab at random times.

[TwinHeadedEagle]

Scan with Farbar Recovery Scan Tool

 

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on icon and select Run as Administrator to start the tool.

  (XP users click run after receipt of Windows Security Warning - Open File).

• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please upload them into your next reply.

[Dagny]

Here you are!

Addition - R.txt

FRST log 2 - R.txt

[TwinHeadedEagle]

Fix with Farbar Recovery Scan Tool

 

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

 

Download attached fixlist.txt file and save it to the Desktop:

 

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on icon and select Run as Administrator to start the tool.

  (XP users click run after receipt of Windows Security Warning - Open File).

• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

fixlist.txt

[Dagny]

Alright.

 

FYI, I have already had popups since the reboot, so that didn't take care of it....

Fixlog.txt

[TwinHeadedEagle]

In which browser?

[Dagny]

Firefox

[TwinHeadedEagle]

Can you reinstall Firefox?

[Dagny]

Refresh it or fully uninstall and reinstall? I have tried refreshing it a couple times before.

[TwinHeadedEagle]

Let's do it this way:

- Uninstall Firefox (Programs and Features)

Then

Click Start, copy in search %appdata%\ Then delete folder Mozilla

Click Start, copy in search %LOCALAPPDATA%\ delete folder Mozilla

Then delete following folders:

C:\Program Files (x86)\mozilla firefox

C:\Program Files (x86)\Mozilla Maintenance Service

Restart your PC.

Then install Firefox again.

https://www.mozilla.org/en-US/firefox/new/

[Dagny]

This worked! Thank you so much!

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!