No I didn't. And I'm not sure. I did have it in the past but my trial expired so I started using avast.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-09-2015 01
Ran by Danielle (administrator) on SENNSTROM-HOME (06-09-2015 12:59:22)
Running from C:\Users\Danielle\Downloads
Loaded Profiles: Danielle (Available Profiles: Danielle & Guest)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files\Razer\Razer Cortex\RzKLService.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Danielle\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Razer Inc.) C:\Program Files\Razer\Razer Cortex\main.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard)
HKLM\...\Run: [DPService] => C:\Program Files\HP\DVDPlay\DPService.exe [90112 2008-06-12] (CyberLink Corp.)
HKLM\...\Run: [SunJavaUpdateReg] => C:\Windows\system32\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [UnlockerAssistant] => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [RazerCortex] => C:\Program Files\Razer\Razer Cortex\RazerCortex.exe [98256 2015-06-05] (Razer Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\RunOnce: [94_1948685863361] => C:\Users\Danielle\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp_r.bat [371 2015-09-04] ()
HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\...\Run: [Spotify Web Helper] => C:\Users\Danielle\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1964088 2015-06-05] (Spotify Ltd)
HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\...0c966feabec1\InprocServer32: [Default-shell32] ATTENTION! ====> ZeroAccess?
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{67E63B23-21BC-46DB-AD98-4089574A6E5B}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
hxxps://www.google.com/?trackid=sp-006HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
hxxps://www.google.com/?trackid=sp-006HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Internet Explorer\Main,Search Page =
hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\Software\Microsoft\Internet Explorer\Main,Search Bar =
hxxps://www.google.com/?trackid=sp-006SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2767167476-1858105450-2367976372-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2767167476-1858105450-2367976372-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL =
hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2767167476-1858105450-2367976372-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL =
hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage:
hxxps://www.ecosia.org/FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2767167476-1858105450-2367976372-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Danielle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-15] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\dv9qb26k.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
Chrome:
=======
CHR StartupUrls: Default -> ""
CHR Profile: C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-26]
CHR Extension: (Google Docs) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-26]
CHR Extension: (Google Drive) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-26]
CHR Extension: (Don't Fall!) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfiggjmpgelmocdfipjbddjbnbmcfepb [2014-11-28]
CHR Extension: (YouTube) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-26]
CHR Extension: (Google Search) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-26]
CHR Extension: (Give Up) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi [2014-11-28]
CHR Extension: (Free Rider HD) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikpifndnjfkgofoglceekhkbaicbde [2014-11-28]
CHR Extension: (Google Sheets) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-26]
CHR Extension: (Causality Games) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl [2014-11-28]
CHR Extension: (Snake) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmokkdndehlgfklkghmlcphifmnlfkhp [2014-11-28]
CHR Extension: (Manyland) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\geieilhcelplmpfhepdoggckhmfaanmp [2014-11-28]
CHR Extension: (Dark atmosphere) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpikgkkfdoabncoileilaglepbpdhek [2014-11-28]
CHR Extension: (Google Docs Offline) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Happy Wheels) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpljdpjoahbnnfilkiilnfdkdbfiabfc [2014-11-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-14]
CHR Extension: (PacMan Advanced) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdmffjghfdhgmjohekbbfgagpifiiapf [2014-11-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-26]
CHR Extension: (Gmail) - C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-26]
CHR HKLM\...\Chrome\Extension: [fjpbiejamkbdmglmndhcidcodgdffcae] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta771\ch\VideoPlayerV3beta771.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2007048 2015-08-20] (Electronic Arts)
R2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-05-28] ()
R2 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [129168 2015-06-05] (Razer Inc.)
R2 UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848 2012-01-18] (Logitech Inc.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1439744 2010-10-10] (Atheros Communications, Inc.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 HSXHWBS3; C:\Windows\System32\DRIVERS\HSXHWBS3.sys [207360 2008-02-12] (Conexant Systems, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [20416 2015-03-10] (Razer, Inc.)
S3 esgiguard; no ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [X]
S3 RTL8192su; system32\DRIVERS\RTL8192su.sys [X]
U3 mbr; \??\C:\Users\Danielle\AppData\Local\Temp\mbr.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-06 12:59 - 2015-09-06 12:59 - 00014622 _____ C:\Users\Danielle\Downloads\FRST.txt
2015-09-06 12:59 - 2015-09-06 12:59 - 00000000 ____D C:\FRST
2015-09-06 12:58 - 2015-09-06 12:58 - 01692160 _____ (Farbar) C:\Users\Danielle\Downloads\FRST.exe
2015-09-06 12:58 - 2015-09-06 12:58 - 00000207 _____ C:\Windows\tweaking.com-regbackup-SENNSTROM-HOME-Windows-Vista-(TM)-Home-Basic-(32-bit).dat
2015-09-06 12:57 - 2015-09-06 12:57 - 00001978 _____ C:\Users\Danielle\Desktop\Tweaking.com - Registry Backup.lnk
2015-09-06 12:57 - 2015-09-06 12:57 - 00000000 ____D C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-09-06 12:57 - 2015-09-06 12:57 - 00000000 ____D C:\Program Files\Tweaking.com
2015-09-06 12:56 - 2015-09-06 12:57 - 04687184 _____ (Tweaking.com) C:\Users\Danielle\Downloads\tweaking.com_registry_backup_setup.exe
2015-09-04 19:12 - 2015-09-04 19:12 - 00000029 _____ C:\Users\Danielle\Desktop\wifi network.txt
2015-09-04 19:05 - 2015-09-06 12:59 - 00000000 ____D C:\Users\Danielle\AppData\Local\LogMeIn Rescue Applet
2015-09-02 16:47 - 2015-09-02 16:47 - 00007335 _____ C:\Users\Danielle\Desktop\dds.txt
2015-09-02 16:47 - 2015-09-02 16:47 - 00003359 _____ C:\Users\Danielle\Desktop\attach.txt
2015-09-02 16:45 - 2015-09-02 16:45 - 00688992 ____R (Swearware) C:\Users\Danielle\Downloads\dds.scr
2015-09-02 16:30 - 2015-09-02 16:30 - 274755559 _____ C:\Windows\MEMORY.DMP
2015-09-02 16:30 - 2015-09-02 16:30 - 00140048 _____ C:\Windows\Minidump\Mini090215-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-06 13:00 - 2009-02-21 10:18 - 00000424 ____H C:\Windows\Tasks\User_Feed_Synchronization-{153C7F06-C33C-4344-9301-9EF00F17085C}.job
2015-09-06 12:33 - 2014-11-26 14:57 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-06 12:30 - 2006-11-02 08:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-06 12:30 - 2006-11-02 08:45 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-06 12:09 - 2012-04-29 11:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-06 03:33 - 2014-11-26 14:57 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-05 16:41 - 2008-09-04 10:11 - 02526702 _____ C:\Windows\WindowsUpdate.log
2015-09-03 04:35 - 2014-11-26 14:58 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-02 16:58 - 2012-08-19 16:30 - 00000000 ____D C:\Users\Danielle\AppData\Roaming\Skype
2015-09-02 16:37 - 2012-08-19 16:29 - 00000000 ____D C:\ProgramData\Skype
2015-09-02 16:30 - 2009-02-28 11:01 - 00000000 ____D C:\Windows\Minidump
2015-09-02 16:30 - 2006-11-02 08:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-30 19:26 - 2008-12-07 20:17 - 00000052 _____ C:\Windows\system32\DOErrors.log
2015-08-20 16:54 - 2011-12-28 23:23 - 00000000 ____D C:\ProgramData\Origin
2015-08-20 16:28 - 2011-12-28 23:22 - 00000000 ____D C:\Program Files\Origin
2015-08-12 09:09 - 2012-04-29 11:29 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-12 09:09 - 2012-01-22 15:06 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-09 16:35 - 2008-12-03 22:31 - 00000334 _____ C:\Windows\Tasks\HPCeeScheduleForDanielle.job
==================== Files in the root of some directories =======
2012-05-03 16:34 - 2015-07-05 09:32 - 0000888 _____ () C:\Users\Danielle\AppData\Roaming\wklnhst.dat
2013-01-16 01:03 - 2013-01-16 01:03 - 0000552 _____ () C:\Users\Danielle\AppData\Local\d3d8caps.dat
2008-12-04 16:38 - 2015-06-30 10:00 - 0000680 _____ () C:\Users\Danielle\AppData\Local\d3d9caps.dat
2008-12-05 09:49 - 2014-07-31 12:28 - 0017408 _____ () C:\Users\Danielle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-08-25 09:13 - 2008-08-25 09:14 - 0000349 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Danielle\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Danielle\AppData\Local\Temp\GotClip_Setup.exe
C:\Users\Danielle\AppData\Local\Temp\installerdll2054655721.dll
C:\Users\Danielle\AppData\Local\Temp\mpam-2c543907.exe
C:\Users\Danielle\AppData\Local\Temp\mpam-7f721943.exe
C:\Users\Danielle\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-06 05:01
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:06-09-2015 01
Ran by Danielle (2015-09-06 13:00:26)
Running from C:\Users\Danielle\Downloads
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) (2008-09-04 14:07:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2767167476-1858105450-2367976372-500 - Administrator - Disabled)
Danielle (S-1-5-21-2767167476-1858105450-2367976372-1000 - Administrator - Enabled) => C:\Users\Danielle
Guest (S-1-5-21-2767167476-1858105450-2367976372-501 - Limited - Enabled) => C:\Users\Guest
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Enabled - Out of date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Out of date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Enabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
CameraHelperMsi (Version: 13.31.1038.0 - Logitech) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: .1707 - CyberLink Corp.)
DVD Play (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 2.4.5411 - Hewlett-Packard)
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - Hewlett-Packard)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.4861.15 - PC-Doctor, Inc.)
HP Customer Experience Enhancements (HKLM\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Demo (HKLM\...\{97ABD26A-3249-46CB-B2E2-F66E64B2E480}) (Version: 1.00.0000 - Hewlett-Packard)
HP Total Care Advisor (HKLM\...\{f32502b5-5b64-4882-bf61-77f23edcac4f}) (Version: 2.3.4292.2709 - Hewlett-Packard)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{FA3B34BE-4246-4062-90A3-34CBBEA12B72}) (Version: 1.0.964.2626 - Hewlett-Packard Company)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.363 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network Play System (Patching) (HKLM\...\Network Play System (Patching)) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Origin (HKLM\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
PCIe Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.71.00.50 - Conexant Systems)
Python 2.5.2 (HKLM\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Razer Cortex (HKLM\...\Razer Cortex_is1) (Version: 5.5.31.0 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5657 - Realtek Semiconductor Corp.)
Skype™ 7.7 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\...\Spotify) (Version: 1.0.2.6.g9977a14b - Spotify AB)
Strongvault Online Backup (Version: 5.0.2.34 - Strongvault Online Backup) Hidden <==== ATTENTION
The Sims 2 Family Fun Stuff (HKLM\...\{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}) (Version: - )
The Sims 2 Glamour Life Stuff (HKLM\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version: - )
The Sims 2 Open For Business (HKLM\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version: - )
The Sims 2 Pets (HKLM\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
The Sims 2 University (HKLM\...\{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}) (Version: - )
The Sims™ 2 Apartment Life (HKLM\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts)
The Sims™ 2 Bon Voyage (HKLM\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
The Sims™ 2 Double Deluxe (HKLM\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version: - Electronic Arts)
The Sims™ 2 FreeTime (HKLM\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version: - Electronic Arts)
The Sims™ 2 H&M® Fashion Stuff (HKLM\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
The Sims™ 2 IKEA® Home Stuff (HKLM\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version: - Electronic Arts)
The Sims™ 2 Kitchen & Bath Interior Design Stuff (HKLM\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version: - Electronic Arts)
The Sims™ 2 Mansion and Garden Stuff (HKLM\...\{1A2A15C2-6780-49c1-B296-503230E9DE00}) (Version: - Electronic Arts)
The Sims™ 2 Seasons (HKLM\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - )
The Sims™ 2 Teen Style Stuff (HKLM\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version: - Electronic Arts)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 3.2.0 - Tweaking.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
26-07-2015 11:27:54 Scheduled Checkpoint
31-07-2015 10:59:33 Scheduled Checkpoint
07-08-2015 14:47:02 Scheduled Checkpoint
16-08-2015 16:55:21 Scheduled Checkpoint
18-08-2015 02:58:47 Scheduled Checkpoint
19-08-2015 01:42:51 Scheduled Checkpoint
20-08-2015 00:00:03 Scheduled Checkpoint
21-08-2015 00:55:58 Scheduled Checkpoint
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 06:23 - 2014-07-18 12:04 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04E68783-7001-4B91-858F-2BF018A702C4} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {25B2DF22-3C77-4A5E-BFD9-84A4FD99B44B} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\SymErr.exe
Task: {342EF9AD-9494-4A79-8BFA-7C28B7BC1C51} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.6.6.3\SymErr.exe
Task: {58BEC6FB-B1C2-481B-AD80-DF89D3F906E6} - System32\Tasks\RecoveryCD => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2008-04-11] ()
Task: {76F8B4E1-E197-49E6-9B5E-7EA97F4F5C33} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMPMLMPMPMLJOMNMKMCNKJMJJJJMCNLMKMLMOJCNHMMJHMHMCNNJLMOJNMKJPMOJLMIMGMLJOJJNJICMIMCNLMCNNMFMIMCNPMCNJMPMPMOMFMJMCNPMCNJMPMPMOMCNNMJNPICMPMFMFMMMMMJNHICMNJKIBJPMOMJNBJCMLLOJBJGJKJDJDJKJJNKJCMJNNICMJNDJCMKJBJ"
Task: {793BCAB2-0A80-40D0-A6D5-3071BE88D477} - System32\Tasks\HPCeeScheduleForDanielle => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-12-17] (Hewlett-Packard)
Task: {7B45B33D-8335-4355-8922-AF2AD7AA4753} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {819C8B06-671E-4F15-BCAF-9D9310D4F2FE} - System32\Tasks\avastBCLRestartS-1-5-21-2767167476-1858105450-2367976372-1000 => Firefox.exe
Task: {A04EF1F8-4D2B-4880-A9AC-FBD3F859A27A} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Danielle => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {A4D6192D-2A9B-4F6C-B946-3659A202AD14} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {A4EC0100-76A3-4BBF-B702-E499C8B41D19} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC-Doctor for Windows\RunProfiler.exe [2008-04-09] (PC-Doctor, Inc.)
Task: {BA415AF0-7697-49EC-8D44-E6C4D6BE0E00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {D81F77EE-2004-4379-8FBE-7A2200283A7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DD75CDFB-0EF3-461A-A193-0DFB291DF32C} - System32\Tasks\{5B770A6B-ED5E-4A11-BB52-0F17C0B8AD34} => pcalua.exe -a "C:\Program Files\EA GAMES\The Sims 2 Double Deluxe\SP4\CSBin\PackageInstaller.exe" -d "C:\Program Files\EA GAMES\The Sims 2 Double Deluxe\SP4\CSBin"
Task: {E0C1436B-1E78-478B-829E-33E9DD71F952} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program Files\PC-Doctor for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDanielle.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{153C7F06-C33C-4344-9301-9EF00F17085C}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-28 20:13 - 2015-05-28 20:13 - 00187048 _____ () C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
2015-02-14 21:43 - 2015-06-05 17:54 - 00264192 _____ () C:\Program Files\Razer\Razer Cortex\D3DX8Wrapper.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 02145304 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 07956504 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00342552 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00029208 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 14:08 - 2011-11-11 14:08 - 00128536 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2015-08-12 09:09 - 2015-08-12 09:09 - 17482952 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2767167476-1858105450-2367976372-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Danielle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
mpsdrv Firewall Service is not running.
MpsSvc Firewall Service is not running.
bfe Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/02/2015 04:39:05 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL\ARROWS.PNG> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/02/2015 04:39:05 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL\ARROWS.PNG> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/02/2015 04:39:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL\ARROW-UP.PNG> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/02/2015 04:39:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL\ARROW-UP.PNG> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/02/2015 04:39:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/02/2015 04:39:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/02/2015 04:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\BLACK-ON-WHITE\TICKED_NOT_10X10@2X.PNG> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/02/2015 04:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\BLACK-ON-WHITE\TICKED_NOT_10X10@2X.PNG> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/02/2015 04:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\BLACK-ON-WHITE\TICKED_NOT_10X10.PNG> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/02/2015 04:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\BLACK-ON-WHITE\TICKED_NOT_10X10.PNG> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (09/05/2015 04:42:46 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 0.0.0.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (09/05/2015 04:42:44 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: %NT AUTHORITY15
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (09/05/2015 04:41:07 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.205.1639.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (09/04/2015 04:42:13 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 0.0.0.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (09/04/2015 04:42:07 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: %NT AUTHORITY15
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (09/04/2015 04:41:07 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.205.1539.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (09/03/2015 04:47:17 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 0.0.0.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (09/03/2015 04:47:14 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: %NT AUTHORITY15
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\NETWORK SERVICE
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (09/03/2015 04:41:08 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.205.1374.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (09/02/2015 04:32:16 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: IPsec Policy AgentBFE
Microsoft Office:
=========================
Error: (09/02/2015 04:39:05 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL\ARROWS.PNG
Error: (09/02/2015 04:39:05 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL\ARROWS.PNG
Error: (09/02/2015 04:39:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL\ARROW-UP.PNG
Error: (09/02/2015 04:39:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL\ARROW-UP.PNG
Error: (09/02/2015 04:39:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL
Error: (09/02/2015 04:39:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\NORMAL
Error: (09/02/2015 04:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\BLACK-ON-WHITE\TICKED_NOT_10X10@2X.PNG
Error: (09/02/2015 04:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\BLACK-ON-WHITE\TICKED_NOT_10X10@2X.PNG
Error: (09/02/2015 04:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\BLACK-ON-WHITE\TICKED_NOT_10X10.PNG
Error: (09/02/2015 04:39:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\DANIELLE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\BLACK-ON-WHITE\TICKED_NOT_10X10.PNG
CodeIntegrity:
===================================
Date: 2014-07-16 12:57:31.004
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 12:57:30.879
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 12:57:30.706
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 12:57:30.524
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 12:57:30.374
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 12:57:30.244
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 12:57:30.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 12:57:29.998
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 12:57:29.878
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-07-16 12:57:29.757
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Sempron(tm) Dual Core Processor 2200
Percentage of memory in use: 55%
Total physical RAM: 1917.76 MB
Available physical RAM: 854.8 MB
Total Virtual: 4080.74 MB
Available Virtual: 2538.59 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:138.03 GB) (Free:45.55 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.02 GB) (Free:1.5 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=138 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
I'm gonna post the last one in a second. I wasn't sure if it would fit in this reply.