Got the topic title message. Researched and it is said to be malware.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-07-2015
Ran by Jerry (administrator) on NETBOOK on 20-07-2015 17:41:02
Running from C:\Users\Jerry\Desktop
Loaded Profiles: Jerry (Available Profiles: Jerry)
Platform: Microsoft Windows 7 Starter (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\AEstSrv.exe
(DeviceVM, Inc.) C:\SPLASH.SYS\config\DVMExportService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\HP\HPBTWD.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1533224 2009-06-12] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-06-29] (IDT, Inc.)
HKLM\...\Run: [HP BTW Detect Program] => C:\Program Files\HP\HPBTWD.exe [319488 2009-03-30] ()
HKLM\...\Run: [HP] => C:\Program Files\Hewlett-Packard\HP QuickSync\QuickSync.exe [589104 2009-07-14] (Hewlett-Packard)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [148888 2009-08-28] (Sun Microsystems, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKU\S-1-5-21-726285506-2730714665-1725698905-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
HKU\S-1-5-21-726285506-2730714665-1725698905-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-726285506-2730714665-1725698905-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
SearchScopes: HKLM -> DefaultScope {89022F4C-44A1-4FDE-A12D-C4835266CC16} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {89022F4C-44A1-4FDE-A12D-C4835266CC16} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {8B31050B-FBEC-48A3-A4A2-383DD49998BB} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-726285506-2730714665-1725698905-1000 -> DefaultScope {89022F4C-44A1-4FDE-A12D-C4835266CC16} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-726285506-2730714665-1725698905-1000 -> {89022F4C-44A1-4FDE-A12D-C4835266CC16} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-726285506-2730714665-1725698905-1000 -> {8B31050B-FBEC-48A3-A4A2-383DD49998BB} URL = http://www.ask.com/w...}&l=dis&o=ushpl
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: hpBHO Class -> {ABD3B5E1-B268-407B-A150-2641DAB8D898} -> C:\Program Files\Common Files\Homepage Protection\HomepageProtection.dll [2009-06-08] (AOL Products)
BHO: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-28] (Sun Microsystems, Inc.)
Toolbar: HKLM - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-726285506-2730714665-1725698905-1000 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{15282BC9-16C7-4973-A340-1A028C6CA4DB}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Jerry\AppData\Roaming\Mozilla\Firefox\Profiles\3qcdoozm.default
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://news.google.com/
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-03-19] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll [2008-10-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
R2 DvmMDES; C:\SPLASH.SYS\config\DVMExportService.exe [323584 2009-07-08] (DeviceVM, Inc.) [File not signed]
S3 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [250616 2009-05-22] (WildTangent, Inc.)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\STacSV.exe [221266 2009-06-29] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 DVMIO; C:\SPLASH.SYS\config\dvmio.sys [16984 2009-07-27] (DeviceVM, Inc.)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-20 17:41 - 2015-07-20 17:41 - 00009955 _____ C:\Users\Jerry\Desktop\FRST.txt
2015-07-20 17:39 - 2015-07-20 17:37 - 01638912 _____ (Farbar) C:\Users\Jerry\Desktop\FRST.exe
2015-07-20 17:38 - 2015-07-20 17:41 - 00000000 ____D C:\FRST
2015-07-20 17:37 - 2015-07-20 17:37 - 01638912 _____ (Farbar) C:\Users\Jerry\Downloads\FRST.exe
2015-07-20 12:11 - 2015-07-20 12:11 - 00000000 ____D C:\Users\Jerry\AppData\Local\LogMeIn Rescue Applet
2015-07-09 08:00 - 2015-07-20 17:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-20 17:41 - 2009-07-13 23:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-20 17:41 - 2009-07-13 23:34 - 00014128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-20 17:39 - 2009-07-24 11:11 - 00778150 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-20 17:37 - 2015-03-26 09:38 - 01413356 _____ C:\Windows\WindowsUpdate.log
2015-07-20 17:33 - 2015-03-28 08:28 - 00000000 ____D C:\Users\Jerry\Tracing
2015-07-20 17:32 - 2015-04-10 09:29 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-20 17:32 - 2015-03-28 09:01 - 00175136 _____ C:\Windows\PFRO.log
2015-07-20 17:32 - 2009-07-13 23:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-20 17:32 - 2009-07-13 23:39 - 00030578 _____ C:\Windows\setupact.log
2015-07-20 12:22 - 2015-03-26 10:05 - 00000177 ____H C:\dvmexp.idx
2015-07-18 08:33 - 2015-04-02 08:35 - 00000322 _____ C:\Windows\Tasks\HPCeeScheduleForJerry.job
2015-07-16 09:09 - 2015-04-02 08:34 - 00000052 _____ C:\Windows\system32\DOErrors.log
2015-07-16 09:07 - 2015-04-02 08:32 - 00000000 ____D C:\Users\Jerry\AppData\Roaming\HpUpdate
==================== Files in the root of some directories =======
2015-03-26 08:39 - 2015-07-20 17:33 - 0000185 _____ () C:\ProgramData\HPWALog.txt
2015-03-26 09:51 - 2015-03-26 09:51 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2009-08-28 16:53 - 2009-08-28 16:54 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2015-03-26 09:50 - 2015-03-26 09:50 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2009-08-28 16:48 - 2009-08-28 16:52 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-18 08:59
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-07-2015
Ran by Jerry at 2015-07-20 17:42:12
Running from C:\Users\Jerry\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-726285506-2730714665-1725698905-500 - Administrator - Disabled)
Guest (S-1-5-21-726285506-2730714665-1725698905-501 - Limited - Disabled)
Jerry (S-1-5-21-726285506-2730714665-1725698905-1000 - Administrator - Enabled) => C:\Users\Jerry
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
ArcSoft WebCam Companion 3 (HKLM\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.189 - ArcSoft)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.5 - Atheros Communications Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.30.21.0 - Broadcom Corporation)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Homepage Protection (HKLM\...\Homepage Protection) (Version: - AOL Products)
HP Customer Experience Enhancements (HKLM\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)
HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP Instant Web (HKLM\...\{53F08287-443D-4FC0-B74D-1169B6B9A71C}) (Version: 1.0.5.0 - DeviceVM, Inc.)
HP QuickSync (HKLM\...\{EEA95E6C-6847-49BE-83C9-ED92D8E18983}) (Version: 5.1.234.4788 - Hewlett-Packard)
HP Setup (HKLM\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)
HP Update (HKLM\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0166 (HKLM\...\{11B7161D-3461-40CD-B31F-84065AC84A4E}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6217.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1867 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 6 Update 14 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-726285506-2730714665-1725698905-1000\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 2.0.31005.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerRecover (Version: 5.5.1923 - CyberLink Corp.) Hidden
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.1.0 - Synaptics Incorporated)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-726285506-2730714665-1725698905-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Jerry\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726285506-2730714665-1725698905-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jerry\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726285506-2730714665-1725698905-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Jerry\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726285506-2730714665-1725698905-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jerry\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726285506-2730714665-1725698905-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jerry\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726285506-2730714665-1725698905-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jerry\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-726285506-2730714665-1725698905-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jerry\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation)
==================== Restore Points =========================
07-04-2015 12:06:59 Windows Live Essentials
07-04-2015 12:08:25 Windows Update
07-04-2015 12:09:20 Windows Update
07-04-2015 12:13:06 Windows Update
07-04-2015 12:16:06 Installed DirectX
07-04-2015 12:16:42 Installed DirectX
07-04-2015 12:17:15 Installed DirectX
07-04-2015 12:19:10 WLSetup
14-04-2015 17:06:13 Windows Update
14-04-2015 17:14:21 Windows Update
14-04-2015 17:18:28 Windows Update
14-04-2015 17:24:56 Windows Update
16-04-2015 07:51:22 Windows Update
17-04-2015 08:35:06 Windows Update
17-04-2015 08:51:33 Restore Operation
18-04-2015 08:45:12 Windows Update
12-05-2015 08:17:15 Windows Update
16-05-2015 08:24:22 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:04 - 2009-06-10 16:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0492DB6A-934D-4805-A537-8BFE4390DD14} - System32\Tasks\HPCeeScheduleForJerry => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe [2009-05-26] (Hewlett-Packard)
Task: {0564D5CC-33C1-41DE-83FD-0D2BE5C96F54} - System32\Tasks\RMCreator => C:\Program Files\Hewlett-Packard\Recovery\Reminder.exe [2009-07-23] (CyberLink)
Task: {6943A436-F5BE-442D-A35C-09A17BABE3CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-07-15] (Microsoft)
Task: {C428398B-6682-4891-B086-ABD962EC66A1} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-09] (Hewlett-Packard)
Task: {CCC427C9-E415-4C1C-B5E8-A458E4E0D1F6} - System32\Tasks\RecoveryCDWin7 => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2009-07-08] ()
Task: {D1A91A7F-30A8-496A-A415-CFD482EF79D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-07-15] (Microsoft)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\HPCeeScheduleForJerry.job => C:\Program Files\hewlett-packard\sdp\ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2009-08-28 15:04 - 2009-03-30 18:02 - 00319488 _____ () C:\Program Files\HP\HPBTWD.exe
2009-07-01 17:44 - 2009-07-01 17:44 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-726285506-2730714665-1725698905-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A6690AC8-C5C3-44FF-93CA-A029AF259B49}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D95343FA-3605-4AF8-8291-7BD511EA18EE}] => (Allow) svchost.exe
FirewallRules: [TCP Query User{00937FBC-BCE3-4577-99CC-22EF5CD8D27C}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe] => (Block) C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe
FirewallRules: [UDP Query User{71312F49-E994-4245-9F66-96420ECDF4F9}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe] => (Block) C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe
FirewallRules: [{2E552370-0C5F-4AA4-AFCC-2AF2E923C94C}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{19F3C54F-AAB0-49DB-8F53-F70FF2CF7D99}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe] => (Block) C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe
FirewallRules: [UDP Query User{7929FF89-7289-472D-ABB9-D6ACD86A31BA}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe] => (Block) C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe
FirewallRules: [{AD8F6E8F-FF23-42F1-8D9D-1FD00BA324B7}] => (Allow) C:\Users\Jerry\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{15EE0A24-C748-4EDF-9B56-AA78FC8ACBF1}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{1F982A56-7206-457F-AA76-84D3AC1D9B99}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BD77C1F6-3EE9-42E8-A5F9-25800B8A0FAF}] => (Allow) LPort=2869
FirewallRules: [{218CE8A8-39C9-4AE6-99AE-8AD96F5A4AFC}] => (Allow) LPort=1900
FirewallRules: [{3B747ED0-90CE-41DE-82AF-CBC143543A2A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BD38B643-A13B-4E89-8647-A2AC4F2E33E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/08/2015 10:31:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hphc_service.exe, version: 3.1.7.1, time stamp: 0x4a564c5d
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp: 0x4a5bdaae
Exception code: 0xe053534f
Fault offset: 0x00009617
Faulting process id: 0x%9
Faulting application start time: 0xhphc_service.exe0
Faulting application path: hphc_service.exe1
Faulting module path: hphc_service.exe2
Report Id: hphc_service.exe3
Error: (06/19/2015 08:03:38 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: The scheduled restore point could not be created. Additional information: (0x81000101).
Error: (06/19/2015 08:03:38 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x81000101).
Error: (06/18/2015 08:59:48 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (04/15/2015 06:26:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: STacSV.exe, version: 1.0.6217.0, time stamp: 0x4a490222
Faulting module name: stapi32.dll, version: 1.0.6217.0, time stamp: 0x4a490151
Exception code: 0xc0000005
Fault offset: 0x0003e635
Faulting process id: 0x400
Faulting application start time: 0xSTacSV.exe0
Faulting application path: STacSV.exe1
Faulting module path: STacSV.exe2
Report Id: STacSV.exe3
Error: (04/07/2015 12:18:29 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Netbook)
Description: Application or service 'Internet Explorer' could not be shut down.
Error: (04/07/2015 12:08:05 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Netbook)
Description: Application or service 'Windows Live Messenger' could not be shut down.
Error: (04/03/2015 12:07:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 8.0.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 17d8
Start Time: 01d06e2dba53d277
Termination Time: 31
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id:
Error: (04/03/2015 09:42:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 8.0.7600.16385 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 114c
Start Time: 01d06e1a5fe186e6
Termination Time: 62
Application Path: C:\Program Files\Internet Explorer\iexplore.exe
Report Id: b503f01a-da0f-11e4-9618-002655c8dc8a
System errors:
=============
Error: (07/20/2015 05:32:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:03:26 PM on 7/20/2015 was unexpected.
Error: (07/20/2015 11:10:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (07/12/2015 08:57:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
Error: (07/08/2015 10:31:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Health Check Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (06/09/2015 08:02:34 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:43:29 AM on 6/8/2015 was unexpected.
Error: (06/06/2015 07:58:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:25:43 AM on 6/4/2015 was unexpected.
Error: (06/03/2015 08:22:14 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000008e (0xc0000005, 0x818b6c50, 0xa6387888, 0x00000000)C:\Windows\MEMORY.DMP060315-20186-01
Error: (06/03/2015 08:22:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:20:53 AM on 6/3/2015 was unexpected.
Error: (06/03/2015 08:15:05 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:26:52 AM on 6/2/2015 was unexpected.
Error: (05/16/2015 08:21:04 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xc0000005, 0x87ffa291, 0x88e44894, 0x88e44470)C:\Windows\MEMORY.DMP051615-15272-01
Microsoft Office:
=========================
Error: (07/08/2015 10:31:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: hphc_service.exe3.1.7.14a564c5dKERNELBASE.dll6.1.7600.163854a5bdaaee053534f00009617
Error: (06/19/2015 08:03:38 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: 0x81000101
Error: (06/19/2015 08:03:38 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x81000101
Error: (06/18/2015 08:59:48 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (04/15/2015 06:26:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: STacSV.exe1.0.6217.04a490222stapi32.dll1.0.6217.04a490151c00000050003e63540001d077d39dc796bbC:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\STacSV.exeC:\Windows\system32\stapi32.dlle6dcda0b-e3c6-11e4-b7f3-002655c8dc8a
Error: (04/07/2015 12:18:29 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Netbook)
Description: 1C:\Program Files\Internet Explorer\iexplore.exeInternet Explorer0211723880
Error: (04/07/2015 12:08:05 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Netbook)
Description: 1C:\Program Files\Windows Live\Messenger\msnmsgr.exeWindows Live Messenger0211722000
Error: (04/03/2015 12:07:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.7600.1638517d801d06e2dba53d27731C:\Program Files\Internet Explorer\iexplore.exe
Error: (04/03/2015 09:42:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.7600.16385114c01d06e1a5fe186e662C:\Program Files\Internet Explorer\iexplore.exeb503f01a-da0f-11e4-9618-002655c8dc8a
==================== Memory info ===========================
Processor: Intel® Atom CPU N270 @ 1.60GHz
Percentage of memory in use: 41%
Total physical RAM: 2039.3 MB
Available physical RAM: 1190.18 MB
Total Virtual: 4078.61 MB
Available Virtual: 3035.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:137.47 GB) (Free:108.48 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:11.38 GB) (Free:1.91 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: CD68444D)
Partition 1: (Not Active) - (Size=137.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=201 MB) - (Type=07 NTFS)
==================== End of log ============================