thank you for the instructions, attached are the two logs requested.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Miguel (administrator) on MIGUEL-PC on 15-02-2015 13:46:55
Running from C:\Users\Miguel\Desktop
Loaded Profiles: Miguel (Available profiles: Miguel)
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\nis.exe
(AVG Secure Search) C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
(TiVo Inc.) C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
() C:\Users\Miguel\AppData\Roaming\Search Protection\SP.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Apache Software Foundation) C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Corporation) C:\Windows\System32\Dxpserver.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2320752 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-24] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-10-02] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-06-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2573312 2011-06-07] (FileZilla Project)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [333088 2010-07-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1884576 2012-01-17] (Affinegy, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Run: [TivoServer] => C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe [2264336 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Run: [TivoTransfer] => C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe [608528 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Run: [TivoNotify] => C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe [437520 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Run: [TranscodingService] => C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe [856336 2010-08-24] (TiVo Inc.)
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Run: [Search Protection] => C:\Users\Miguel\AppData\Roaming\Search Protection\SP.EXE [1128760 2015-01-16] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
ShortcutTarget: Monitor Apache Servers.lnk -> C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe (Apache Software Foundation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ie
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3825614735-2571243367-1755432831-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
http://mysearch.avg.com/search?cid={382BB3EB-D105-4FEE-AC2C-54BAADD27585}&mid=68887df0ef7c47d3ae529128c0862250-d6a07b213d5ad8ee90a644d551f413b71ebb99dd&lang=en&ds=sf011&pr=sa&d=2013-05-10 07:39:25&v=15.3.0.11&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3825614735-2571243367-1755432831-1001 -> {AB69006C-6BA8-4004-9673-394387F63F20} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3825614735-2571243367-1755432831-1001 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKU\S-1-5-21-3825614735-2571243367-1755432831-1001 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKU\S-1-5-21-3825614735-2571243367-1755432831-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 04 %SystemRoot%\System32\nwprovau.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 02 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Miguel\AppData\Roaming\Mozilla\Firefox\Profiles\fd1xfqx1.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://easy-google-search.blogspot.com
FF Keyword.URL: hxxp://www.google.com/cse?cx=partner-pub-5528014799800033:cevktqnfrvl&ie=ISO-8859-1&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF SearchPlugin: C:\Users\Miguel\AppData\Roaming\Mozilla\Firefox\Profiles\fd1xfqx1.default\searchplugins\yahoo_ff.xml
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-02-15]
FF HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-21]
CHR Extension: (Google Docs) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-21]
CHR Extension: (Google Drive) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-21]
CHR Extension: (YouTube) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-22]
CHR Extension: (Google Search) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-22]
CHR Extension: (Google Sheets) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-21]
CHR Extension: (Norton Identity Safe) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-21]
CHR Extension: (Google Wallet) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-21]
CHR Extension: (Gmail) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-24]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-09-24]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-01-29] (SUPERAntiSpyware.com) [File not signed]
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-01-17] (Affinegy, Inc.)
S4 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20549 2011-09-09] (Apache Software Foundation) [File not signed]
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2011-04-19] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [File not signed]
S4 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [630272 2011-06-07] (FileZilla Project) [File not signed]
S4 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-12-22] (IBM Corp.)
S4 SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [384072 2013-10-09] ()
S4 TivoBeacon2; C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe [1104656 2010-08-24] (TiVo Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150203.001\BHDrvx64.sys [1622744 2015-02-02] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-13] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150213.001\IDSvia64.sys [669400 2015-02-07] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150214.001\ENG64.SYS [129752 2015-01-25] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20150214.001\EX64.SYS [2137304 2015-01-25] (Symantec Corporation)
R1 RapportCerberus_80120; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80120.sys [845464 2015-01-15] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445816 2014-12-22] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [535576 2014-12-22] (IBM Corp.)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1041000 2012-02-22] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R3 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 ccHP; \SystemRoot\system32\drivers\NISx64\1107000.00C\ccHPx64.sys [X]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]
U2 WZCSVC; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-15 13:46 - 2015-02-15 13:47 - 00031466 _____ () C:\Users\Miguel\Desktop\FRST.txt
2015-02-15 13:46 - 2015-02-15 13:46 - 02085888 _____ (Farbar) C:\Users\Miguel\Desktop\FRST64.exe
2015-02-15 13:46 - 2015-02-15 13:46 - 00000000 ____D () C:\FRST
2015-02-14 20:17 - 2015-02-14 20:17 - 00000000 ____D () C:\Windows\system32\SPReview
2015-02-14 20:03 - 2015-02-14 20:10 - 00000000 ____D () C:\Users\Miguel\Desktop\tools
2015-02-14 19:51 - 2015-02-14 19:51 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-14 19:49 - 2015-02-14 19:49 - 01114576 _____ () C:\Users\Miguel\Downloads\revosetup.exe
2015-02-14 19:43 - 2015-02-14 19:43 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MIGUEL-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2015-02-14 19:41 - 2015-02-14 19:41 - 00000000 ____D () C:\RegBackup
2015-02-14 19:40 - 2015-02-14 19:40 - 02050596 _____ () C:\Users\Miguel\Downloads\System Tweaker - Portable.zip
2015-02-14 11:16 - 2015-02-14 11:16 - 00101086 _____ () C:\Users\Miguel\Downloads\Extras.Txt
2015-02-14 10:21 - 2015-02-14 10:21 - 00005463 _____ () C:\Users\Miguel\Downloads\RC_0003411914_20140101_20141231.xlsx
2015-02-07 08:11 - 2015-02-07 08:11 - 00000000 ____D () C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-07 08:09 - 2015-02-07 08:09 - 00001140 _____ () C:\Users\Miguel\Desktop\Chessmaster 10th Edition.lnk
2015-02-07 08:09 - 2015-02-07 08:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chessmaster 10th Edition
2015-02-07 08:09 - 2011-11-12 12:56 - 00000187 _____ () C:\Users\Public\Desktop\Google Search.url
2015-02-07 08:09 - 2011-11-12 12:56 - 00000187 _____ () C:\ProgramData\Desktop\Google Search.url
2015-02-07 08:09 - 2011-11-05 02:00 - 00000173 _____ () C:\Users\Public\Desktop\Full Games and Software.url
2015-02-07 08:09 - 2011-11-05 02:00 - 00000173 _____ () C:\ProgramData\Desktop\Full Games and Software.url
2015-02-07 08:08 - 2015-02-07 08:11 - 00000000 ____D () C:\Program Files (x86)\Chessmaster 10th Edition
2015-02-07 08:05 - 2015-02-07 08:06 - 00000000 ____D () C:\Users\Miguel\Downloads\Chessmaster_10th_Edition_for_PC_Compressed
2015-02-07 08:01 - 2015-02-07 08:01 - 00014459 _____ () C:\Users\Miguel\Downloads\[kickass.so]chessmaster.10th.edition.for.pc.torrent
2015-02-07 07:44 - 2015-02-07 07:45 - 62344953 _____ () C:\Users\Miguel\Downloads\Chessmaster10thEditionDemo_v102.zip
2015-02-01 10:24 - 2015-02-01 10:24 - 00032840 _____ () C:\Users\Miguel\Desktop\Early bird Tennis schedule 2015 - till May-with roster.xlsx
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-15 13:42 - 2013-02-15 08:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-15 13:40 - 2010-03-17 13:04 - 01533117 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 13:29 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 13:29 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 13:20 - 2013-05-29 09:17 - 00000352 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job
2015-02-15 13:20 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 13:20 - 2009-07-13 23:51 - 00143400 _____ () C:\Windows\setupact.log
2015-02-14 20:17 - 2013-08-06 21:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-14 20:11 - 2010-11-20 09:55 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-14 20:08 - 2011-09-11 10:19 - 00001366 _____ () C:\Users\Miguel\Documents\EE BONDS.SBW.bak
2015-02-14 20:08 - 2011-09-11 10:19 - 00001366 _____ () C:\Users\Miguel\Documents\EE Bonds.sbw
2015-02-14 20:00 - 2011-09-11 10:06 - 00000000 ____D () C:\Program Files (x86)\Savings Bond Wizard
2015-02-14 19:59 - 2014-12-21 08:43 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-14 19:59 - 2010-03-16 17:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-14 19:46 - 2013-04-16 21:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-14 09:26 - 2013-04-16 21:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-08 07:28 - 2009-07-13 23:45 - 00456944 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-07 09:10 - 2010-12-01 22:07 - 00000000 ____D () C:\Users\Miguel\AppData\Roaming\uTorrent
2015-02-07 08:13 - 2014-12-21 08:44 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-07 08:13 - 2014-12-21 08:44 - 00002185 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2015-02-07 07:55 - 2010-08-16 21:07 - 00000000 ____D () C:\Users\Miguel\AppData\Local\VirtualStore
2015-02-07 07:54 - 2014-12-21 08:43 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 07:54 - 2014-12-21 08:43 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-07 07:54 - 2014-12-21 08:43 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-07 07:52 - 2010-08-16 21:06 - 00122472 _____ () C:\Users\Miguel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-01 10:21 - 2015-01-10 08:57 - 00032803 _____ () C:\Users\Miguel\Desktop\Early bird Tennis schedule 2015 - till May.xlsx
2015-02-01 09:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-25 22:09 - 2010-03-16 17:22 - 00078922 _____ () C:\Windows\PFRO.log
==================== Files in the root of some directories =======
2012-01-15 14:12 - 2012-01-22 17:55 - 0011222 _____ () C:\Users\Miguel\AppData\Roaming\ddc564d6
2010-08-22 10:30 - 2011-10-23 14:48 - 0000231 _____ () C:\Users\Miguel\AppData\Roaming\Rim.Desktop.Exception.log
2010-08-22 10:29 - 2012-02-04 12:31 - 0003479 _____ () C:\Users\Miguel\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-10-23 13:59 - 2011-10-23 14:48 - 0000077 _____ () C:\Users\Miguel\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-01-07 09:47 - 2011-01-04 09:26 - 0076407 _____ () C:\Users\Miguel\AppData\Roaming\Smiley.ico
2010-08-22 11:43 - 2012-12-16 21:48 - 0004346 _____ () C:\Users\Miguel\AppData\Roaming\wklnhst.dat
2012-01-15 14:12 - 2012-01-22 17:55 - 0011136 _____ () C:\Users\Miguel\AppData\Local\68b01a6d
2010-09-09 06:28 - 2011-10-23 14:57 - 0016896 _____ () C:\Users\Miguel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-12-27 11:18 - 2010-12-28 00:17 - 0000600 _____ () C:\Users\Miguel\AppData\Local\PUTTY.RND
2010-11-23 09:57 - 2011-12-17 18:01 - 0002433 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Miguel\AppData\Local\Temp\76d9atfa.dll
C:\Users\Miguel\AppData\Local\Temp\AVG-Safeguard.exe
C:\Users\Miguel\AppData\Local\Temp\ffmpeg15.exe
C:\Users\Miguel\AppData\Local\Temp\oi_{54EC0654-E02C-4C22-BA4C-FF4975C3EE65}.exe
C:\Users\Miguel\AppData\Local\Temp\prismsetup.exe
C:\Users\Miguel\AppData\Local\Temp\sbwcrv.exe
C:\Users\Miguel\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\Miguel\AppData\Local\Temp\tbuTor.dll
C:\Users\Miguel\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Miguel\AppData\Local\Temp\utt98FF.tmp.exe
C:\Users\Miguel\AppData\Local\Temp\uttCA81.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-14 12:06
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by Miguel at 2015-02-15 13:47:50
Running from C:\Users\Miguel\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Enabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Leawo AVI Converter version 5.1.0.0 (HKLM-x32\...\{7D42B43A-EA63-4234-B00A-757C15B2B185}_is1) (Version: 5.1.0.0 - Leawo Software Co.,Ltd.)
µTorrent (HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5 64-bit (HKLM\...\{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}) (Version: 5.0.1 - Adobe)
Adobe Reader 9.3.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.3 - Adobe Systems Incorporated)
Aimersoft iTransfer(Build 2.0.2.0) (HKLM-x32\...\Aimersoft iTransfer_is1) (Version: - Aimersoft Software)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
Apache HTTP Server 2.2.21 (HKLM-x32\...\{85262A06-2D8C-4BC1-B6ED-5A705D09CFFC}) (Version: 2.2.21 - Apache Software Foundation)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.3.12 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Belkin N600 DB USB Wireless Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4CD8-8306-DA03872311B1}) (Version: 1.00.0184.2 - Belkin International, Inc.)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version: - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.1.4 - Belkin International, Inc.)
Bigasoft iPod Transfer 1.6.11.4450 (HKLM-x32\...\{16594695-69AA-4b4d-8A7E-723501738B09}_is1) (Version: - Bigasoft Corporation)
Bonjour (HKLM\...\{877924AA-E044-4266-B37D-E974CD799934}) (Version: 2.0.0.34 - Apple Inc.)
BRC Excel to QIF Converter (HKLM-x32\...\Excel to QIF Converter) (Version: 7.37 - Big Red Consulting)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4400 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
C7200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
C7200_Help (x32 Version: 100.0.206.000 - Hewlett-Packard) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.01 - Canon Inc.)
Chessmaster 10th Edition (HKLM-x32\...\{AEA03D8E-87B5-4862-B82A-B5FE5A469BA0}_is1) (Version: 1.0.0 - Ubisoft)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
ConverterLite 1.6.3 (HKLM-x32\...\ConverterLite) (Version: 1.6.3 - ConverterLite)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileZilla Client 3.5.1 (HKLM-x32\...\FileZilla Client) (Version: 3.5.1 - FileZilla Project)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.39 - FileZilla Project)
Fitbit Connect (HKLM-x32\...\{6A7C2B2E-36A3-4EF5-96C6-708CD090A3AD}) (Version: 1.0.1.5127 - Fitbit Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photosmart All-In-One Driver Software 13.0 Rel. 2 (HKLM\...\{988329F4-A1A1-4D51-803C-EF2725A97627}) (Version: 13.0 - HP)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}) (Version: 4.2.5.3 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Java 6 Update 30 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416030FF}) (Version: 6.0.300 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
jZip (HKLM-x32\...\jZip) (Version: - Bandoo Media Inc.) <==== ATTENTION
K-Lite Codec Pack 8.7.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Malwarebytes Anti-Malware version 1.60.0.1800 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.60.0.1800 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MemoriesOnTV 4.1.2 (HKLM-x32\...\MemoriesOnTV4_is1) (Version: - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}) (Version: 7.10.344.0 - Microsoft)
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mixed In Key 2.5 (HKLM-x32\...\Mixed In Key) (Version: 2.5 - )
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
Nuance PDF Reader (HKLM-x32\...\{5F6C549F-78DA-4E0E-AE70-0BD981936D99}) (Version: 7.00.0000 - Nuance Communications, Inc.)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.58.36 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.2 (HKLM-x32\...\{5A13987D-55F4-4271-A40E-76AC9B1B38FD}) (Version: 3.2.9502 - OpenOffice.org)
Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version: - Synology)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3503 - CyberLink Corp.) Hidden
PS_AIO_02_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PS_AIO_03_C4400_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Quicken 2009 (HKLM-x32\...\{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}) (Version: 18.1.1.29 - Intuit)
Rapport (Version: 3.5.1201.78 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1404.61 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
Revo Uninstaller 1.85 (HKLM-x32\...\Revo Uninstaller) (Version: 1.85 - VS Revo Group)
Savings Bond Wizard (HKLM-x32\...\Savings Bond Wizard) (Version: - )
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Seagate Manager Installer (HKLM-x32\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate)
Seagate Manager Installer (x32 Version: 2.02.0109 - Seagate) Hidden
Search Protection (HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\...\Search Protection) (Version: 10.8.0.1 - Spigot, Inc.) <==== ATTENTION
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.6 - Seagate Technology)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1108 - SUPERAntiSpyware.com)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
Synology Data Replicator 3 (HKLM-x32\...\{8E310838-457C-4269-B177-3EFB300CBDDC}) (Version: 1.0.0.0 - Synology Inc.)
TiVo Desktop 2.8.2 (HKLM-x32\...\{4E839090-3B68-436A-B3CF-A2A08C38DD26}) (Version: 2.8.412.369 - TiVo Inc.)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.61 - Trusteer)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Video Mover (HKLM-x32\...\Video Mover_is1) (Version: - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C7}) (Version: 16.0.9661 - WinZip Computing, S.L. )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
08-02-2015 22:15:04 Windows 7 Service Pack 1
14-02-2015 19:52:31 Revo Uninstaller's restore point - Amazon Games & Software Downloader
14-02-2015 19:57:37 Revo Uninstaller's restore point - Chessmaster 10th Edition Demo
14-02-2015 19:57:57 Configured Chessmaster 10th Edition Demo
14-02-2015 20:11:10 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-01-29 14:56 - 2012-01-29 16:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1E83FF35-B34E-43F4-B6A1-4439E14A8A14} - System32\Tasks\{631CABD3-83B8-42B1-9E25-D388245DED5B} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {224EE998-D56D-418F-85E6-0C08A645F362} - System32\Tasks\{A05F4FED-D1CB-42E2-8252-3526DFC2A3DE} => pcalua.exe -a F:\Seagate\Installer\InstallSeagateManager.exe -d F:\Seagate\Installer
Task: {2B9D43A2-688D-4029-9F40-AEDC1E684E37} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {34B0C410-A8E1-4CFB-B939-9AECFBF496F4} - System32\Tasks\{958BE18A-0902-457B-965C-3FC3E5A8DECC} => pcalua.exe -a "C:\Users\Miguel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D4V8VTKK\WCNB_PCDrv_US_1_04_01_0322[1].EXE" -d C:\Users\Miguel\Desktop
Task: {5058EE63-549F-423C-A0AE-4F37ED68DF29} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {66CD4774-E810-4346-A572-7AB3E2147B3E} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-20] ()
Task: {763E0F14-E2B2-4EEF-90C8-B1298B7A6C3A} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {819FB84D-EE63-41C7-AA5F-205BF6E3D9E8} - System32\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe [2013-05-29] (AVG Secure Search)
Task: {82F29B20-BA3F-48C8-92DA-7FE12A70B866} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-12-01] (CyberLink)
Task: {8620D61F-2EBC-46C8-8798-CD7E7908B0B9} - System32\Tasks\{2D8A652B-0D56-4FA1-B210-4932586951FB} => pcalua.exe -a C:\Users\Miguel\Desktop\Audacity_40.exe -d C:\Users\Miguel\Desktop
Task: {8D10B163-192F-49F9-9319-B4EB958AF5D0} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {9210AAB3-AAA2-4465-BD80-509C0F3FAB62} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A3BE91AE-A35A-41E6-B513-059C615F841D} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {ADE8134F-5B3C-4A12-90CB-CB403678F4E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21] (Google Inc.)
Task: {B2F02832-5427-4C00-8AE5-FCF36BDEAD57} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-19] (Adobe Systems Incorporated)
Task: {CFAA90A0-1268-410F-88E4-3F04657EBD00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_MAY2013_TB_rel.job => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_MAY2013_TB.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe
==================== Loaded Modules (whitelisted) ==============
2012-08-20 20:50 - 2011-04-19 15:31 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2012-08-20 20:50 - 2010-02-09 14:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2010-01-02 09:42 - 2010-01-02 09:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-09-14 18:17 - 2009-09-14 18:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2015-01-16 04:30 - 2015-01-16 04:30 - 01128760 _____ () C:\Users\Miguel\AppData\Roaming\Search Protection\SP.exe
2012-08-20 20:50 - 2011-04-19 15:31 - 00150016 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2009-07-13 18:57 - 2009-07-13 20:40 - 00069120 _____ () C:\Windows\system32\BWContextHandler.dll
2012-08-20 20:48 - 2012-01-17 14:09 - 00022944 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2011-08-28 16:19 - 2011-08-28 16:19 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2010-03-16 17:28 - 2009-10-02 14:18 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2003-01-30 07:04 - 2003-01-30 07:04 - 00618496 _____ () C:\Program Files (x86)\TiVo\Desktop\STLPMT45.DLL
2010-05-04 14:36 - 2010-05-04 14:36 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-20 20:48 - 2010-08-22 19:01 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2012-08-20 20:48 - 2010-08-22 19:01 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2012-08-20 20:48 - 2010-08-22 19:01 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2012-08-20 20:48 - 2010-08-22 19:01 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2014-05-24 12:29 - 2010-08-22 18:32 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2014-05-24 12:29 - 2012-01-17 13:27 - 00669696 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2009-12-01 19:49 - 2009-12-01 19:49 - 00931112 ____N () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2015-02-07 08:13 - 2015-02-04 04:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-07 08:13 - 2015-02-04 04:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-07 08:13 - 2015-02-04 04:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
2015-02-07 08:13 - 2015-02-04 04:02 - 00310088 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libexif.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3825614735-2571243367-1755432831-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AffinegyService => 2
MSCONFIG\Services: Amazon Download Agent => 2
MSCONFIG\Services: Apache2.2 => 2
MSCONFIG\Services: FileZilla Server => 3
MSCONFIG\Services: Fitbit Connect => 2
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SynoDrService => 2
MSCONFIG\Services: vToolbarUpdater18.1.0 => 2
==================== Accounts: =============================
Administrator (S-1-5-21-3825614735-2571243367-1755432831-500 - Administrator - Disabled)
Guest (S-1-5-21-3825614735-2571243367-1755432831-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3825614735-2571243367-1755432831-1002 - Limited - Enabled)
Miguel (S-1-5-21-3825614735-2571243367-1755432831-1001 - Administrator - Enabled) => C:\Users\Miguel
==================== Faulty Device Manager Devices =============
Name: Symantec Hash Provider
Description: Symantec Hash Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ccHP
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Photosmart C7200 series
Description: Photosmart C7200 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: 802.11n Wireless PCI Express Card LAN Adapter
Description: 802.11n Wireless PCI Express Card LAN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LITE-ON TECHNOLOGY CORPORATION
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft PS/2 Port Mouse (IntelliPoint)
Description: Microsoft PS/2 Port Mouse (IntelliPoint)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/01/2015 09:12:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 39.0.2171.95 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1004
Start Time: 01d03e260631358b
Termination Time: 16
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Report Id:
Error: (02/01/2015 09:06:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263
Faulting module name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263
Exception code: 0xc0000005
Fault offset: 0x003660ec
Faulting process id: 0xe68
Faulting application start time: 0xEXCEL.EXE0
Faulting application path: EXCEL.EXE1
Faulting module path: EXCEL.EXE2
Report Id: EXCEL.EXE3
Error: (01/05/2015 07:53:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263
Faulting module name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263
Exception code: 0xc0000005
Fault offset: 0x003660ec
Faulting process id: 0x168c
Faulting application start time: 0xEXCEL.EXE0
Faulting application path: EXCEL.EXE1
Faulting module path: EXCEL.EXE2
Report Id: EXCEL.EXE3
Error: (12/21/2014 03:01:50 AM) (Source: VSS) (EventID: 12305) (User: )
Description: Volume Shadow Copy Service error: Volume/disk not connected or not found.
Error context: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5 - 0000000000000134,0x00560038,0000000000339FF0,0,0000000000338FE0,4096,[0]).
Operation:
Processing PostFinalCommitSnapshots
Context:
Execution Context: System Provider
Error: (12/20/2014 08:24:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RapportMgmtService.exe, version: 3.5.1404.34, time stamp: 0x546e66d1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00000000
Faulting process id: 0x3c8
Faulting application start time: 0xRapportMgmtService.exe0
Faulting application path: RapportMgmtService.exe1
Faulting module path: RapportMgmtService.exe2
Report Id: RapportMgmtService.exe3
Error: (11/29/2014 09:22:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263
Faulting module name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263
Exception code: 0xc0000005
Fault offset: 0x003660ec
Faulting process id: 0x15cc
Faulting application start time: 0xEXCEL.EXE0
Faulting application path: EXCEL.EXE1
Faulting module path: EXCEL.EXE2
Report Id: EXCEL.EXE3
Error: (11/15/2014 10:41:01 AM) (Source: VSS) (EventID: 12305) (User: )
Description: Volume Shadow Copy Service error: Volume/disk not connected or not found.
Error context: CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5,0xc0000000,0x00000003,...).
Operation:
Processing PostFinalCommitSnapshots
Context:
Execution Context: System Provider
Error: (11/01/2014 11:17:30 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Volume Shadow Copy Service error: Volume/disk not connected or not found.
Error context: CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy7,0xc0000000,0x00000003,...).
Operation:
Processing PostFinalCommitSnapshots
Context:
Execution Context: System Provider
Error: (11/01/2014 08:31:34 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Microsoft Office Excel because of this error.
Program: Microsoft Office Excel
File:
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: 00000000
Disk type: 0
Error: (11/01/2014 08:31:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: EXCEL.EXE, version: 12.0.4518.1014, time stamp: 0x45428263
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000096
Fault offset: 0x0d46f8a1
Faulting process id: 0x2bd8
Faulting application start time: 0xEXCEL.EXE0
Faulting application path: EXCEL.EXE1
Faulting module path: EXCEL.EXE2
Report Id: EXCEL.EXE3
System errors:
=============
Error: (02/15/2015 01:44:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
%%1058
Error: (02/15/2015 01:44:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
%%1058
Error: (02/15/2015 01:44:00 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (02/15/2015 01:21:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (02/15/2015 01:21:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
%%1058
Error: (02/15/2015 01:21:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
%%1058
Error: (02/15/2015 01:21:10 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (02/15/2015 01:21:07 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.
Error: (02/15/2015 01:20:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
%%1058
Error: (02/15/2015 01:20:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error:
%%1058
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2012-01-29 16:24:27.646
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-01-29 16:24:27.615
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-01-29 16:24:27.599
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-01-29 16:24:27.568
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-01-29 16:16:12.517
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-01-29 16:16:12.486
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-01-29 16:16:12.454
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-01-29 16:16:12.439
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-01-29 14:55:32.875
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2012-01-29 14:55:32.844
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 66%
Total physical RAM: 4055.08 MB
Available physical RAM: 1340.13 MB
Total Pagefile: 8108.29 MB
Available Pagefile: 4976.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:920.4 GB) (Free:668.44 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.01 GB) (Free:1.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 285D15A4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=07 NTFS)
==================== End Of Log ============================