Recently, I have been unable to do anything that requires the Microsoft Account. I took this issue to Microsoft Support and they said, based on an error code that I was seeing, that my registry was corrupted due to a virus on my PC.
1 - When I try to switch to a Microsoft Account on my PC, I get the error code 0x800c0008 "We're sorry but something went wrong. Your account wasn't changed to this Microsoft Account."
2 - I cannot set up and use Microsoft Live Mail 2012. It times out trying to download folders.
3 - I cannot connect to the Store "We cannot connect you to the store..." The error code reported is 0x80072f8f".
Search the web revealed no valid help for this problem.
Since this is a Windows 8.1 OS, I had to run FRST. The results shown below. Running the GMER, failed so I do not have results from it. I tried several times including one after rebooting the PC.
FRST text:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2015
Ran by Administrator (administrator) on HOMELAPTOP on 22-02-2015 10:53:27
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Paul & Administrator (Available profiles: Paul & Administrator)
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Fitbit, Inc.) C:\Program Files\Fitbit Connect\FitbitConnectService.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ooVoo LLC) C:\Program Files\ooVoo\ooVoo.exe
(Dell) C:\Users\Paul\AppData\Local\Apps\2.0\LZKHAC5E.TAQ\1WP15C89.9ET\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
(Motorola Mobility Inc.) C:\Program Files\Motorola Mobility\MotoCast\MotoCast.exe
(Dropbox, Inc.) C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
() C:\Program Files\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
() C:\Program Files\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd.) C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FARNLAE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FARNLAE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FARNLAE.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [LTCM Client] => C:\Program Files\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM\...\Run: [OEM02Mon.exe] => C:\WINDOWS\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKLM\...\Run: [openvpn-gui] => C:\Program Files\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe [265216 2010-05-07] ()
HKLM\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [Amazon Cloud Player] => C:\Users\Paul\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3109376 2013-09-10] ()
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [DELL Webcam Manager] => C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe [118784 2007-06-07] (Creative Technology Ltd.)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [AVG-Secure-Search-Update_0414c] => C:\Program Files\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912 2014-04-26] ()
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [ooVoo.exe] => C:\Program Files\ooVoo\oovoo.exe [36202560 2014-09-01] (ooVoo LLC)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [MotoCast] => C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk [2025 2014-12-14] ()
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [DellSystemDetect] => C:\Users\Paul\AppData\Local\Apps\2.0\LZKHAC5E.TAQ\1WP15C89.9ET\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-01] (Dell)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\MountPoints2: {f1d75717-78a8-11e4-afd9-001d09dbeb43} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\MountPoints2: {f47c7cf6-fd95-11e3-afc7-c9ae9772d22c} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\MountPoints2: {f65c66ed-f221-11e2-afab-001d09dbeb43} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [DellSystemDetect] => C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATILAE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [Amazon Cloud Player] => C:\Users\Administrator\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [DELL Webcam Manager] => C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe [118784 2007-06-07] (Creative Technology Ltd.)
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\MountPoints2: {f65c66ed-f221-11e2-afab-001d09dbeb43} - "F:\LaunchU3.exe" -a
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google
HKU\S-1-5-21-839522115-1682526488-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
SearchScopes: HKU\S-1-5-21-839522115-1682526488-725345543-500 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
SearchScopes: HKU\S-1-5-21-839522115-1682526488-725345543-500 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={996D8884-1E0E-41EF-B77D-E292FEAFEDA9}&mid=3d570f58562647d38c0dd1544f3f02b0-6c8982b9f7c2757dcb6814dd69b9b895ac4bc867&lang=en&ds=sf011&coid=avgtbdissf&pr=sa&d=2013-12-08 08:18:24&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.3.1 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.3.1 -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2014-11-15]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DeviceMonitorService; C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe [87992 2012-09-07] (Nero AG)
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [577088 2013-05-01] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-16] (Seiko Epson Corporation)
R2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-11-15] (Macrovision Europe Ltd.) [File not signed]
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files\Astaro\Astaro SSL VPN Client\bin\openvpnserv.exe [39936 2010-05-07] () [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-30] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-30] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2013-10-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2013-08-21] (Microsoft Corporation)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys [4715008 2013-07-01] (Broadcom Corporation)
R2 giveio; C:\WINDOWS\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R1 MpKsl84b6b704; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B353D267-3F98-4DD6-8FE9-62BABA0AF63C}\MpKsl84b6b704.sys [39464 2015-02-22] (Microsoft Corporation)
R2 speedfan; C:\WINDOWS\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [34336 2010-05-07] (The OpenVPN Project)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [93016 2013-10-30] (Microsoft Corporation)
S3 WUDFSensorLP; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-21] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-21] (Microsoft Corporation)
U3 pwloykow; \??\C:\Users\ADMINI~1\AppData\Local\Temp\pwloykow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 10:44 - 2015-02-22 10:44 - 00370943 _____ () C:\Users\Administrator\Downloads\gmer.zip
2015-02-22 10:44 - 2015-02-22 10:44 - 00370943 _____ () C:\Users\Administrator\Desktop\gmer.zip
2015-02-22 10:43 - 2015-02-22 10:53 - 00017701 _____ () C:\Users\Administrator\Desktop\FRST.txt
2015-02-22 10:42 - 2015-02-22 10:53 - 00000000 ____D () C:\FRST
2015-02-22 10:42 - 2015-02-22 10:42 - 01126912 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe
2015-02-22 10:42 - 2015-02-22 10:42 - 01126912 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2015-02-22 10:38 - 2015-02-22 10:38 - 00688992 _____ (Swearware) C:\Users\Administrator\Downloads\dds.scr
2015-02-22 10:35 - 2015-02-22 10:34 - 00688992 _____ (Swearware) C:\Users\Paul\Desktop\dds.scr
2015-02-22 10:35 - 2015-02-22 10:34 - 00370943 _____ () C:\Users\Paul\Desktop\gmer.zip
2015-02-22 10:34 - 2015-02-22 10:48 - 00036576 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-22 10:34 - 2015-02-22 10:34 - 00370943 _____ () C:\Users\Paul\Downloads\gmer.zip
2015-02-22 10:33 - 2015-02-22 10:34 - 00688992 _____ (Swearware) C:\Users\Paul\Downloads\dds.scr
2015-02-22 10:20 - 2015-02-22 10:20 - 00003180 _____ () C:\Users\Paul\Desktop\cc_20150222_102010.reg
2015-02-22 09:59 - 2015-02-22 10:15 - 00000000 ____D () C:\Program Files\LogMeIn Rescue RC - 4e79fb14-e1b0-408c-bccc-92db84a64adf
2015-02-22 09:18 - 2013-10-30 16:38 - 00202584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-22 09:18 - 2013-10-30 16:38 - 00093016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-22 09:18 - 2013-10-30 16:36 - 00030224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-22 08:45 - 2014-05-07 22:52 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-22 08:45 - 2014-05-07 21:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-22 08:45 - 2014-04-18 23:49 - 18644072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-02-22 08:45 - 2014-03-10 01:43 - 01673048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-02-22 08:45 - 2014-03-10 01:43 - 00283992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-02-22 08:43 - 2015-02-22 08:43 - 00002222 _____ () C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support.lnk
2015-02-22 08:42 - 2015-02-22 10:37 - 00000000 ____D () C:\Users\Paul\AppData\Local\LogMeIn Rescue Applet
2015-02-22 08:42 - 2015-02-22 08:42 - 01532224 _____ (LogMeIn, Inc.) C:\Users\Paul\Downloads\Support-LogMeInRescue.exe
2015-02-08 10:35 - 2015-02-08 10:36 - 05487040 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\Windows8-Setup.exe
2015-02-08 10:33 - 2015-02-08 10:34 - 06431728 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\OSGS14-WindowsSetupBox-32bitand64bit-English-4141408.exe
2015-02-08 09:29 - 2015-02-08 09:29 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2015-02-08 09:29 - 2015-02-08 09:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2015-02-08 08:58 - 2015-02-08 08:58 - 00143357 _____ () C:\Users\Paul\Downloads\microsoftaccountdiagnostic (1).diagcab
2015-02-08 08:47 - 2015-02-08 08:47 - 01239752 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wlsetup-web (1).exe
2015-02-08 08:46 - 2015-02-08 08:46 - 01239752 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wlsetup-web.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 10:44 - 2013-09-11 17:44 - 00000941 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {E9566DDA-B1B5-457A-849F-F99DA95D0B89}.job
2015-02-22 10:44 - 2013-09-11 17:44 - 00000755 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {E9566DDA-B1B5-457A-849F-F99DA95D0B89}.job
2015-02-22 10:37 - 2013-04-06 15:53 - 00000000 ____D () C:\TEMP
2015-02-22 10:37 - 2013-04-04 09:55 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-22 10:32 - 2013-12-28 09:01 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-22 10:14 - 2013-04-04 09:55 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-22 10:05 - 2014-06-09 20:05 - 00000941 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {16BF628B-63BC-464D-9395-B4E4B1CC2238}.job
2015-02-22 10:05 - 2014-06-09 20:05 - 00000755 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {16BF628B-63BC-464D-9395-B4E4B1CC2238}.job
2015-02-22 10:02 - 2014-12-14 12:32 - 00000000 ____D () C:\Users\Paul\.gstreamer-0.10
2015-02-22 10:02 - 2014-12-14 12:27 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\MotoCast
2015-02-22 10:02 - 2014-07-20 19:11 - 00000000 ___RD () C:\Users\Paul\Dropbox
2015-02-22 10:01 - 2014-07-20 19:01 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Dropbox
2015-02-22 10:00 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-22 09:58 - 2013-08-22 00:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-22 09:57 - 2013-08-21 23:13 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-22 09:56 - 2013-08-22 01:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-02-22 09:56 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-22 09:56 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-22 09:56 - 2013-08-22 01:17 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-22 09:36 - 2013-04-04 09:56 - 00002149 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-22 09:34 - 2012-07-25 23:43 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-22 09:31 - 2013-10-05 06:44 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-22 09:31 - 2013-09-08 15:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-22 09:20 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2015-02-22 09:18 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-02-22 08:44 - 2014-11-16 08:18 - 00000000 ____D () C:\Users\Paul\Desktop\Pam
2015-02-14 10:43 - 2013-10-30 22:24 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-14 08:25 - 2014-07-20 19:11 - 00001026 _____ () C:\Users\Paul\Desktop\Dropbox.lnk
2015-02-14 08:25 - 2014-07-20 19:04 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-08 10:22 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-08 09:37 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-08 09:29 - 2013-10-30 22:12 - 00000000 ____D () C:\Users\Administrator
2015-02-08 09:01 - 2014-06-09 19:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-02-08 09:01 - 2014-06-09 19:10 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-02-08 09:00 - 2013-04-04 10:40 - 00002448 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-02-08 09:00 - 2013-04-04 10:40 - 00001336 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-02-08 08:59 - 2013-04-04 10:40 - 00001420 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
==================== Files in the root of some directories =======
2013-04-06 15:53 - 2013-08-18 15:55 - 0008065 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjvmgtc.dll
C:\Users\Paul\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-21 10:01
==================== End Of Log ============================
Additions.txt uploaded as Additions.zip
I downloaded the original version of Windows 8 when it first came out after a special offer from Microsoft. I have upgraded to 8.1 since then. So, I do not have access to an installation disk.
1 - When I try to switch to a Microsoft Account on my PC, I get the error code 0x800c0008 "We're sorry but something went wrong. Your account wasn't changed to this Microsoft Account."
2 - I cannot set up and use Microsoft Live Mail 2012. It times out trying to download folders.
3 - I cannot connect to the Store "We cannot connect you to the store..." The error code reported is 0x80072f8f".
Search the web revealed no valid help for this problem.
Since this is a Windows 8.1 OS, I had to run FRST. The results shown below. Running the GMER, failed so I do not have results from it. I tried several times including one after rebooting the PC.
FRST text:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-02-2015
Ran by Administrator (administrator) on HOMELAPTOP on 22-02-2015 10:53:27
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Paul & Administrator (Available profiles: Paul & Administrator)
Platform: Microsoft Windows 8.1 Pro (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Fitbit, Inc.) C:\Program Files\Fitbit Connect\FitbitConnectService.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ooVoo LLC) C:\Program Files\ooVoo\ooVoo.exe
(Dell) C:\Users\Paul\AppData\Local\Apps\2.0\LZKHAC5E.TAQ\1WP15C89.9ET\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
(Motorola Mobility Inc.) C:\Program Files\Motorola Mobility\MotoCast\MotoCast.exe
(Dropbox, Inc.) C:\Users\Paul\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
() C:\Program Files\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
() C:\Program Files\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd.) C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FARNLAE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FARNLAE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FARNLAE.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [LTCM Client] => C:\Program Files\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM\...\Run: [OEM02Mon.exe] => C:\WINDOWS\OEM02Mon.exe [36864 2007-05-09] (Creative Technology Ltd.)
HKLM\...\Run: [openvpn-gui] => C:\Program Files\Astaro\Astaro SSL VPN Client\bin\openvpn-gui.exe [265216 2010-05-07] ()
HKLM\...\Run: [Fitbit Connect] => C:\Program Files\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [Amazon Cloud Player] => C:\Users\Paul\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3109376 2013-09-10] ()
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [DELL Webcam Manager] => C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe [118784 2007-06-07] (Creative Technology Ltd.)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [AVG-Secure-Search-Update_0414c] => C:\Program Files\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2725912 2014-04-26] ()
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [ooVoo.exe] => C:\Program Files\ooVoo\oovoo.exe [36202560 2014-09-01] (ooVoo LLC)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [MotoCast] => C:\Program Files\Motorola Mobility\MotoCast\MotoLauncher.lnk [2025 2014-12-14] ()
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\Run: [DellSystemDetect] => C:\Users\Paul\AppData\Local\Apps\2.0\LZKHAC5E.TAQ\1WP15C89.9ET\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-11-01] (Dell)
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\MountPoints2: {f1d75717-78a8-11e4-afd9-001d09dbeb43} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\MountPoints2: {f47c7cf6-fd95-11e3-afc7-c9ae9772d22c} - "F:\MotoCastSetup.exe" -a
HKU\S-1-5-21-839522115-1682526488-725345543-1004\...\MountPoints2: {f65c66ed-f221-11e2-afab-001d09dbeb43} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [DellSystemDetect] => C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATILAE.EXE [260160 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [Amazon Cloud Player] => C:\Users\Administrator\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\Run: [DELL Webcam Manager] => C:\Program Files\DELL\DELL Webcam Manager\DellWMgr.exe [118784 2007-06-07] (Creative Technology Ltd.)
HKU\S-1-5-21-839522115-1682526488-725345543-500\...\MountPoints2: {f65c66ed-f221-11e2-afab-001d09dbeb43} - "F:\LaunchU3.exe" -a
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Administrator\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google
HKU\S-1-5-21-839522115-1682526488-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
SearchScopes: HKU\S-1-5-21-839522115-1682526488-725345543-500 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
SearchScopes: HKU\S-1-5-21-839522115-1682526488-725345543-500 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={996D8884-1E0E-41EF-B77D-E292FEAFEDA9}&mid=3d570f58562647d38c0dd1544f3f02b0-6c8982b9f7c2757dcb6814dd69b9b895ac4bc867&lang=en&ds=sf011&coid=avgtbdissf&pr=sa&d=2013-12-08 08:18:24&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.3.1 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.3.1 -> C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2014-11-15]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-16]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DeviceMonitorService; C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe [87992 2012-09-07] (Nero AG)
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [577088 2013-05-01] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [126128 2012-05-16] (Seiko Epson Corporation)
R2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-11-15] (Macrovision Europe Ltd.) [File not signed]
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files\Astaro\Astaro SSL VPN Client\bin\openvpnserv.exe [39936 2010-05-07] () [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-30] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-30] (Microsoft Corporation)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2013-10-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2013-08-21] (Microsoft Corporation)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys [4715008 2013-07-01] (Broadcom Corporation)
R2 giveio; C:\WINDOWS\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R1 MpKsl84b6b704; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B353D267-3F98-4DD6-8FE9-62BABA0AF63C}\MpKsl84b6b704.sys [39464 2015-02-22] (Microsoft Corporation)
R2 speedfan; C:\WINDOWS\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 tap0901; C:\WINDOWS\system32\DRIVERS\tap0901.sys [34336 2010-05-07] (The OpenVPN Project)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [93016 2013-10-30] (Microsoft Corporation)
S3 WUDFSensorLP; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-21] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-21] (Microsoft Corporation)
U3 pwloykow; \??\C:\Users\ADMINI~1\AppData\Local\Temp\pwloykow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 10:44 - 2015-02-22 10:44 - 00370943 _____ () C:\Users\Administrator\Downloads\gmer.zip
2015-02-22 10:44 - 2015-02-22 10:44 - 00370943 _____ () C:\Users\Administrator\Desktop\gmer.zip
2015-02-22 10:43 - 2015-02-22 10:53 - 00017701 _____ () C:\Users\Administrator\Desktop\FRST.txt
2015-02-22 10:42 - 2015-02-22 10:53 - 00000000 ____D () C:\FRST
2015-02-22 10:42 - 2015-02-22 10:42 - 01126912 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe
2015-02-22 10:42 - 2015-02-22 10:42 - 01126912 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2015-02-22 10:38 - 2015-02-22 10:38 - 00688992 _____ (Swearware) C:\Users\Administrator\Downloads\dds.scr
2015-02-22 10:35 - 2015-02-22 10:34 - 00688992 _____ (Swearware) C:\Users\Paul\Desktop\dds.scr
2015-02-22 10:35 - 2015-02-22 10:34 - 00370943 _____ () C:\Users\Paul\Desktop\gmer.zip
2015-02-22 10:34 - 2015-02-22 10:48 - 00036576 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-22 10:34 - 2015-02-22 10:34 - 00370943 _____ () C:\Users\Paul\Downloads\gmer.zip
2015-02-22 10:33 - 2015-02-22 10:34 - 00688992 _____ (Swearware) C:\Users\Paul\Downloads\dds.scr
2015-02-22 10:20 - 2015-02-22 10:20 - 00003180 _____ () C:\Users\Paul\Desktop\cc_20150222_102010.reg
2015-02-22 09:59 - 2015-02-22 10:15 - 00000000 ____D () C:\Program Files\LogMeIn Rescue RC - 4e79fb14-e1b0-408c-bccc-92db84a64adf
2015-02-22 09:18 - 2013-10-30 16:38 - 00202584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-22 09:18 - 2013-10-30 16:38 - 00093016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-22 09:18 - 2013-10-30 16:36 - 00030224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-22 08:45 - 2014-05-07 22:52 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-22 08:45 - 2014-05-07 21:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-22 08:45 - 2014-04-18 23:49 - 18644072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-02-22 08:45 - 2014-03-10 01:43 - 01673048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-02-22 08:45 - 2014-03-10 01:43 - 00283992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-02-22 08:43 - 2015-02-22 08:43 - 00002222 _____ () C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Support.lnk
2015-02-22 08:42 - 2015-02-22 10:37 - 00000000 ____D () C:\Users\Paul\AppData\Local\LogMeIn Rescue Applet
2015-02-22 08:42 - 2015-02-22 08:42 - 01532224 _____ (LogMeIn, Inc.) C:\Users\Paul\Downloads\Support-LogMeInRescue.exe
2015-02-08 10:35 - 2015-02-08 10:36 - 05487040 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\Windows8-Setup.exe
2015-02-08 10:33 - 2015-02-08 10:34 - 06431728 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\OSGS14-WindowsSetupBox-32bitand64bit-English-4141408.exe
2015-02-08 09:29 - 2015-02-08 09:29 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2015-02-08 09:29 - 2015-02-08 09:29 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Motorola Mobility
2015-02-08 08:58 - 2015-02-08 08:58 - 00143357 _____ () C:\Users\Paul\Downloads\microsoftaccountdiagnostic (1).diagcab
2015-02-08 08:47 - 2015-02-08 08:47 - 01239752 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wlsetup-web (1).exe
2015-02-08 08:46 - 2015-02-08 08:46 - 01239752 _____ (Microsoft Corporation) C:\Users\Paul\Downloads\wlsetup-web.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-22 10:44 - 2013-09-11 17:44 - 00000941 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {E9566DDA-B1B5-457A-849F-F99DA95D0B89}.job
2015-02-22 10:44 - 2013-09-11 17:44 - 00000755 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {E9566DDA-B1B5-457A-849F-F99DA95D0B89}.job
2015-02-22 10:37 - 2013-04-06 15:53 - 00000000 ____D () C:\TEMP
2015-02-22 10:37 - 2013-04-04 09:55 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-22 10:32 - 2013-12-28 09:01 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-22 10:14 - 2013-04-04 09:55 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-22 10:05 - 2014-06-09 20:05 - 00000941 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Update {16BF628B-63BC-464D-9395-B4E4B1CC2238}.job
2015-02-22 10:05 - 2014-06-09 20:05 - 00000755 _____ () C:\WINDOWS\Tasks\EPSON XP-410 Series Invitation {16BF628B-63BC-464D-9395-B4E4B1CC2238}.job
2015-02-22 10:02 - 2014-12-14 12:32 - 00000000 ____D () C:\Users\Paul\.gstreamer-0.10
2015-02-22 10:02 - 2014-12-14 12:27 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\MotoCast
2015-02-22 10:02 - 2014-07-20 19:11 - 00000000 ___RD () C:\Users\Paul\Dropbox
2015-02-22 10:01 - 2014-07-20 19:01 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Dropbox
2015-02-22 10:00 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-22 09:58 - 2013-08-22 00:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-22 09:57 - 2013-08-21 23:13 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-22 09:56 - 2013-08-22 01:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-02-22 09:56 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-22 09:56 - 2013-08-22 01:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-22 09:56 - 2013-08-22 01:17 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-22 09:36 - 2013-04-04 09:56 - 00002149 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-22 09:34 - 2012-07-25 23:43 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-22 09:31 - 2013-10-05 06:44 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-22 09:31 - 2013-09-08 15:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-22 09:20 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2015-02-22 09:18 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-02-22 08:44 - 2014-11-16 08:18 - 00000000 ____D () C:\Users\Paul\Desktop\Pam
2015-02-14 10:43 - 2013-10-30 22:24 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-14 08:25 - 2014-07-20 19:11 - 00001026 _____ () C:\Users\Paul\Desktop\Dropbox.lnk
2015-02-14 08:25 - 2014-07-20 19:04 - 00000000 ____D () C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-08 10:22 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-08 09:37 - 2013-08-22 01:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-08 09:29 - 2013-10-30 22:12 - 00000000 ____D () C:\Users\Administrator
2015-02-08 09:01 - 2014-06-09 19:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-02-08 09:01 - 2014-06-09 19:10 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-02-08 09:00 - 2013-04-04 10:40 - 00002448 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-02-08 09:00 - 2013-04-04 10:40 - 00001336 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-02-08 08:59 - 2013-04-04 10:40 - 00001420 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
==================== Files in the root of some directories =======
2013-04-06 15:53 - 2013-08-18 15:55 - 0008065 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjvmgtc.dll
C:\Users\Paul\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-21 10:01
==================== End Of Log ============================
Additions.txt uploaded as Additions.zip
I downloaded the original version of Windows 8 when it first came out after a special offer from Microsoft. I have upgraded to 8.1 since then. So, I do not have access to an installation disk.