Windows 7 can not run programs -- critical error and will restart in 1 min

CONTINUED.....

09:11:02.0943 4932 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

09:11:02.0945 4932 nfrd960 - ok

09:11:02.0966 4932 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll

09:11:02.0978 4932 NlaSvc - ok

09:11:02.0989 4932 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

09:11:02.0991 4932 Npfs - ok

09:11:03.0004 4932 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

09:11:03.0006 4932 nsi - ok

09:11:03.0014 4932 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

09:11:03.0015 4932 nsiproxy - ok

09:11:03.0068 4932 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

09:11:03.0094 4932 Ntfs - ok

09:11:03.0107 4932 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

09:11:03.0108 4932 Null - ok

09:11:03.0139 4932 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys

09:11:03.0141 4932 nvraid - ok

09:11:03.0171 4932 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys

09:11:03.0173 4932 nvstor - ok

09:11:03.0199 4932 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys

09:11:03.0201 4932 nv_agp - ok

09:11:03.0205 4932 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys

09:11:03.0207 4932 ohci1394 - ok

09:11:03.0261 4932 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:11:03.0263 4932 ose - ok

09:11:03.0433 4932 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:11:03.0516 4932 osppsvc - ok

09:11:03.0531 4932 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

09:11:03.0536 4932 p2pimsvc - ok

09:11:03.0557 4932 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

09:11:03.0562 4932 p2psvc - ok

09:11:03.0591 4932 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

09:11:03.0592 4932 Parport - ok

09:11:03.0608 4932 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys

09:11:03.0610 4932 partmgr - ok

09:11:03.0621 4932 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

09:11:03.0625 4932 PcaSvc - ok

09:11:03.0653 4932 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys

09:11:03.0655 4932 pci - ok

09:11:03.0678 4932 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys

09:11:03.0679 4932 pciide - ok

09:11:03.0692 4932 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

09:11:03.0695 4932 pcmcia - ok

09:11:03.0709 4932 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

09:11:03.0710 4932 pcw - ok

09:11:03.0746 4932 pdfcDispatcher - ok

09:11:03.0767 4932 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

09:11:03.0780 4932 PEAUTH - ok

09:11:03.0827 4932 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

09:11:03.0853 4932 PeerDistSvc - ok

09:11:03.0929 4932 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

09:11:03.0931 4932 PerfHost - ok

09:11:03.0971 4932 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll

09:11:03.0997 4932 pla - ok

09:11:04.0037 4932 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

09:11:04.0051 4932 PlugPlay - ok

09:11:04.0060 4932 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

09:11:04.0062 4932 PNRPAutoReg - ok

09:11:04.0081 4932 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

09:11:04.0084 4932 PNRPsvc - ok

09:11:04.0105 4932 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

09:11:04.0119 4932 PolicyAgent - ok

09:11:04.0134 4932 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

09:11:04.0137 4932 Power - ok

09:11:04.0158 4932 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

09:11:04.0160 4932 PptpMiniport - ok

09:11:04.0178 4932 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys

09:11:04.0179 4932 Processor - ok

09:11:04.0198 4932 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll

09:11:04.0202 4932 ProfSvc - ok

09:11:04.0213 4932 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe

09:11:04.0215 4932 ProtectedStorage - ok

09:11:04.0237 4932 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

09:11:04.0240 4932 Psched - ok

09:11:04.0285 4932 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

09:11:04.0312 4932 ql2300 - ok

09:11:04.0317 4932 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

09:11:04.0319 4932 ql40xx - ok

09:11:04.0336 4932 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

09:11:04.0339 4932 QWAVE - ok

09:11:04.0349 4932 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

09:11:04.0350 4932 QWAVEdrv - ok

09:11:04.0354 4932 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

09:11:04.0355 4932 RasAcd - ok

09:11:04.0379 4932 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

09:11:04.0380 4932 RasAgileVpn - ok

09:11:04.0393 4932 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

09:11:04.0395 4932 RasAuto - ok

09:11:04.0409 4932 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

09:11:04.0450 4932 Rasl2tp - ok

09:11:04.0480 4932 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll

09:11:04.0496 4932 RasMan - ok

09:11:04.0517 4932 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

09:11:04.0521 4932 RasPppoe - ok

09:11:04.0532 4932 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

09:11:04.0534 4932 RasSstp - ok

09:11:04.0554 4932 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

09:11:04.0559 4932 rdbss - ok

09:11:04.0586 4932 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

09:11:04.0587 4932 rdpbus - ok

09:11:04.0602 4932 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

09:11:04.0603 4932 RDPCDD - ok

09:11:04.0637 4932 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

09:11:04.0639 4932 RDPDR - ok

09:11:04.0655 4932 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

09:11:04.0656 4932 RDPENCDD - ok

09:11:04.0669 4932 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

09:11:04.0670 4932 RDPREFMP - ok

09:11:04.0690 4932 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

09:11:04.0693 4932 RDPWD - ok

09:11:04.0706 4932 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

09:11:04.0708 4932 rdyboost - ok

09:11:04.0743 4932 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

09:11:04.0746 4932 RemoteAccess - ok

09:11:04.0755 4932 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

09:11:04.0758 4932 RemoteRegistry - ok

09:11:04.0769 4932 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

09:11:04.0771 4932 RpcEptMapper - ok

09:11:04.0793 4932 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

09:11:04.0794 4932 RpcLocator - ok

09:11:04.0815 4932 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll

09:11:04.0818 4932 RpcSs - ok

09:11:04.0835 4932 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

09:11:04.0837 4932 rspndr - ok

09:11:04.0885 4932 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

09:11:04.0892 4932 RTL8167 - ok

09:11:04.0914 4932 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe

09:11:04.0917 4932 SamSs - ok

09:11:05.0042 4932 [ BCE943896289A91AD75CC5652620B1C6 ] SBAMSvc C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe

09:11:05.0101 4932 SBAMSvc - ok

09:11:05.0141 4932 [ 6E342316E72F4B6FA39C99E06373A1A3 ] sbapifs C:\Windows\system32\DRIVERS\sbapifs.sys

09:11:05.0143 4932 sbapifs - ok

09:11:05.0180 4932 [ 19954328DDA3D656F8A879B3A46FFED6 ] SbFw C:\Windows\system32\drivers\SbFw.sys

09:11:05.0183 4932 SbFw - ok

09:11:05.0224 4932 [ 513B3BFCD3C465B9820C2D05FA94E630 ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys

09:11:05.0226 4932 SBFWIMCL - ok

09:11:05.0232 4932 [ 513B3BFCD3C465B9820C2D05FA94E630 ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys

09:11:05.0233 4932 SBFWIMCLMP - ok

09:11:05.0258 4932 [ B671EEF468D13016B9286F5835A06AE1 ] sbhips C:\Windows\system32\drivers\sbhips.sys

09:11:05.0260 4932 sbhips - ok

09:11:05.0280 4932 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys

09:11:05.0282 4932 sbp2port - ok

09:11:05.0321 4932 [ 9ACEB2A2362FC87A3825963E61BA9076 ] SBRE C:\Windows\system32\drivers\SBREdrv.sys

09:11:05.0323 4932 SBRE - ok

09:11:05.0435 4932 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

09:11:05.0470 4932 SBSDWSCService - ok

09:11:05.0509 4932 [ EAB54ADCCECA64B2F38CD859FB494895 ] sbwtis C:\Windows\system32\DRIVERS\sbwtis.sys

09:11:05.0511 4932 sbwtis - ok

09:11:05.0539 4932 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

09:11:05.0543 4932 SCardSvr - ok

09:11:05.0567 4932 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

09:11:05.0568 4932 scfilter - ok

09:11:05.0601 4932 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll

09:11:05.0627 4932 Schedule - ok

09:11:05.0650 4932 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll

09:11:05.0651 4932 SCPolicySvc - ok

09:11:05.0667 4932 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll

09:11:05.0670 4932 SDRSVC - ok

09:11:05.0719 4932 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

09:11:05.0723 4932 SeaPort - ok

09:11:05.0735 4932 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

09:11:05.0736 4932 secdrv - ok

09:11:05.0749 4932 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll

09:11:05.0751 4932 seclogon - ok

09:11:05.0764 4932 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

09:11:05.0767 4932 SENS - ok

09:11:05.0774 4932 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

09:11:05.0776 4932 SensrSvc - ok

09:11:05.0792 4932 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

09:11:05.0794 4932 Serenum - ok

09:11:05.0799 4932 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

09:11:05.0801 4932 Serial - ok

09:11:05.0805 4932 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

09:11:05.0807 4932 sermouse - ok

09:11:05.0825 4932 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll

09:11:05.0827 4932 SessionEnv - ok

09:11:05.0855 4932 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys

09:11:05.0856 4932 sffdisk - ok

09:11:05.0867 4932 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys

09:11:05.0868 4932 sffp_mmc - ok

09:11:05.0872 4932 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys

09:11:05.0873 4932 sffp_sd - ok

09:11:05.0877 4932 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

09:11:05.0878 4932 sfloppy - ok

09:11:05.0916 4932 [ 72CD52403EFC137290CB5A328510EBCA ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys

09:11:05.0930 4932 Sftfs - ok

09:11:05.0983 4932 [ F821B6C5D3FD23E11CBB613F61C94C98 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

09:11:05.0988 4932 sftlist - ok

09:11:06.0019 4932 [ 31A36EF71AF36EABCC4B4F8AB8F76465 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys

09:11:06.0023 4932 Sftplay - ok

09:11:06.0040 4932 [ 2D969194FCC8EB41ED1D52863BFE7F52 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys

09:11:06.0042 4932 Sftredir - ok

09:11:06.0052 4932 [ 08B36D2F63AF3CA2248458A4280C0C50 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys

09:11:06.0053 4932 Sftvol - ok

09:11:06.0064 4932 [ DB7213FCB2BC1B4F0C5CC5AF344ABCD0 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

09:11:06.0067 4932 sftvsa - ok

09:11:06.0090 4932 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll

09:11:06.0095 4932 ShellHWDetection - ok

09:11:06.0107 4932 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:11:06.0109 4932 SiSRaid2 - ok

09:11:06.0125 4932 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

09:11:06.0126 4932 SiSRaid4 - ok

09:11:06.0139 4932 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

09:11:06.0140 4932 Smb - ok

09:11:06.0171 4932 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

09:11:06.0173 4932 SNMPTRAP - ok

09:11:06.0181 4932 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

09:11:06.0183 4932 spldr - ok

09:11:06.0214 4932 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe

09:11:06.0230 4932 Spooler - ok

09:11:06.0291 4932 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe

09:11:06.0369 4932 sppsvc - ok

09:11:06.0388 4932 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

09:11:06.0391 4932 sppuinotify - ok

09:11:06.0430 4932 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

09:11:06.0433 4932 SQLBrowser - ok

09:11:06.0491 4932 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

09:11:06.0496 4932 SQLWriter - ok

09:11:06.0535 4932 [ 148D50904D2A0DF29A19778715EB35BB ] srv C:\Windows\system32\DRIVERS\srv.sys

09:11:06.0549 4932 srv - ok

09:11:06.0583 4932 [ CE2189FE31D36678AC9EB7DDEE08EC96 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

09:11:06.0587 4932 srv2 - ok

09:11:06.0622 4932 [ CB69EDEB069A49577592835659CD0E46 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

09:11:06.0625 4932 srvnet - ok

09:11:06.0652 4932 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

09:11:06.0658 4932 SSDPSRV - ok

09:11:06.0671 4932 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

09:11:06.0673 4932 SstpSvc - ok

09:11:06.0685 4932 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

09:11:06.0686 4932 stexstor - ok

09:11:06.0725 4932 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll

09:11:06.0740 4932 stisvc - ok

09:11:06.0748 4932 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

09:11:06.0750 4932 swenum - ok

09:11:06.0772 4932 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

09:11:06.0787 4932 swprv - ok

09:11:06.0830 4932 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll

09:11:06.0865 4932 SysMain - ok

09:11:06.0880 4932 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll

09:11:06.0882 4932 TabletInputService - ok

09:11:06.0902 4932 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll

09:11:06.0907 4932 TapiSrv - ok

09:11:06.0919 4932 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

09:11:06.0921 4932 TBS - ok

09:11:06.0971 4932 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys

09:11:07.0006 4932 Tcpip - ok

09:11:07.0052 4932 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

09:11:07.0061 4932 TCPIP6 - ok

09:11:07.0078 4932 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

09:11:07.0079 4932 tcpipreg - ok

09:11:07.0098 4932 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

09:11:07.0099 4932 TDPIPE - ok

09:11:07.0103 4932 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

09:11:07.0105 4932 TDTCP - ok

09:11:07.0120 4932 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys

09:11:07.0122 4932 tdx - ok

09:11:07.0133 4932 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

09:11:07.0135 4932 TermDD - ok

09:11:07.0158 4932 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll

09:11:07.0175 4932 TermService - ok

09:11:07.0193 4932 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

09:11:07.0195 4932 Themes - ok

09:11:07.0215 4932 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

09:11:07.0216 4932 THREADORDER - ok

09:11:07.0232 4932 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

09:11:07.0235 4932 TrkWks - ok

09:11:07.0284 4932 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

09:11:07.0287 4932 TrustedInstaller - ok

09:11:07.0301 4932 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

09:11:07.0302 4932 tssecsrv - ok

09:11:07.0324 4932 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

09:11:07.0326 4932 tunnel - ok

09:11:07.0402 4932 [ AAF458CC200326BEF602B5339400BF86 ] tvnserver C:\Program Files (x86)\TightVNC\tvnserver.exe

09:11:07.0428 4932 tvnserver - ok

09:11:07.0447 4932 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

09:11:07.0449 4932 uagp35 - ok

09:11:07.0462 4932 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys

09:11:07.0467 4932 udfs - ok

09:11:07.0488 4932 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

09:11:07.0490 4932 UI0Detect - ok

09:11:07.0502 4932 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys

09:11:07.0503 4932 uliagpkx - ok

09:11:07.0520 4932 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

09:11:07.0522 4932 umbus - ok

09:11:07.0526 4932 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

09:11:07.0527 4932 UmPass - ok

09:11:07.0551 4932 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll

09:11:07.0555 4932 UmRdpService - ok

09:11:07.0569 4932 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

09:11:07.0576 4932 upnphost - ok

09:11:07.0599 4932 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

09:11:07.0601 4932 usbccgp - ok

09:11:07.0617 4932 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys

09:11:07.0618 4932 usbcir - ok

09:11:07.0640 4932 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

09:11:07.0641 4932 usbehci - ok

09:11:07.0648 4932 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys

09:11:07.0649 4932 usbfilter - ok

09:11:07.0663 4932 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

09:11:07.0667 4932 usbhub - ok

09:11:07.0674 4932 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

09:11:07.0675 4932 usbohci - ok

09:11:07.0697 4932 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

09:11:07.0698 4932 usbprint - ok

09:11:07.0737 4932 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

09:11:07.0738 4932 usbscan - ok

09:11:07.0764 4932 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:11:07.0766 4932 USBSTOR - ok

09:11:07.0781 4932 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

09:11:07.0782 4932 usbuhci - ok

09:11:07.0796 4932 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

09:11:07.0799 4932 UxSms - ok

09:11:07.0806 4932 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe

09:11:07.0807 4932 VaultSvc - ok

09:11:07.0815 4932 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys

09:11:07.0817 4932 vdrvroot - ok

09:11:07.0841 4932 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe

09:11:07.0857 4932 vds - ok

09:11:07.0876 4932 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

09:11:07.0877 4932 vga - ok

09:11:07.0889 4932 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

09:11:07.0890 4932 VgaSave - ok

09:11:07.0896 4932 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys

09:11:07.0899 4932 vhdmp - ok

09:11:07.0903 4932 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys

09:11:07.0905 4932 viaide - ok

09:11:07.0924 4932 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys

09:11:07.0926 4932 volmgr - ok

09:11:07.0944 4932 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

09:11:07.0948 4932 volmgrx - ok

09:11:07.0964 4932 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys

09:11:07.0967 4932 volsnap - ok

09:11:07.0991 4932 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

09:11:07.0993 4932 vsmraid - ok

09:11:08.0035 4932 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe

09:11:08.0061 4932 VSS - ok

09:11:08.0077 4932 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

09:11:08.0078 4932 vwifibus - ok

09:11:08.0090 4932 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

09:11:08.0104 4932 W32Time - ok

09:11:08.0113 4932 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

09:11:08.0114 4932 WacomPen - ok

09:11:08.0139 4932 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

09:11:08.0141 4932 WANARP - ok

09:11:08.0144 4932 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

09:11:08.0145 4932 Wanarpv6 - ok

09:11:08.0189 4932 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

09:11:08.0215 4932 WatAdminSvc - ok

09:11:08.0246 4932 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe

09:11:08.0273 4932 wbengine - ok

09:11:08.0292 4932 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

09:11:08.0296 4932 WbioSrvc - ok

09:11:08.0316 4932 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll

09:11:08.0322 4932 wcncsvc - ok

09:11:08.0331 4932 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

09:11:08.0333 4932 WcsPlugInService - ok

09:11:08.0337 4932 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys

09:11:08.0339 4932 Wd - ok

09:11:08.0359 4932 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

09:11:08.0374 4932 Wdf01000 - ok

09:11:08.0379 4932 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

09:11:08.0381 4932 WdiServiceHost - ok

09:11:08.0385 4932 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

09:11:08.0387 4932 WdiSystemHost - ok

09:11:08.0410 4932 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll

09:11:08.0415 4932 WebClient - ok

09:11:08.0433 4932 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

09:11:08.0437 4932 Wecsvc - ok

09:11:08.0447 4932 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

09:11:08.0450 4932 wercplsupport - ok

09:11:08.0456 4932 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

09:11:08.0459 4932 WerSvc - ok

09:11:08.0470 4932 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

09:11:08.0471 4932 WfpLwf - ok

09:11:08.0484 4932 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

09:11:08.0486 4932 WIMMount - ok

09:11:08.0491 4932 WinHttpAutoProxySvc - ok

09:11:08.0546 4932 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

09:11:08.0549 4932 Winmgmt - ok

09:11:08.0601 4932 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll

09:11:08.0636 4932 WinRM - ok

09:11:08.0694 4932 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

09:11:08.0696 4932 WinUsb - ok

09:11:08.0724 4932 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

09:11:08.0742 4932 Wlansvc - ok

09:11:08.0880 4932 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:11:08.0936 4932 wlidsvc - ok

09:11:08.0975 4932 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys

09:11:08.0976 4932 WmiAcpi - ok

09:11:09.0008 4932 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

09:11:09.0012 4932 wmiApSrv - ok

09:11:09.0040 4932 WMPNetworkSvc - ok

09:11:09.0065 4932 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

09:11:09.0068 4932 WPCSvc - ok

09:11:09.0077 4932 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

09:11:09.0080 4932 WPDBusEnum - ok

09:11:09.0088 4932 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

09:11:09.0090 4932 ws2ifsl - ok

09:11:09.0096 4932 WSearch - ok

09:11:09.0116 4932 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

09:11:09.0119 4932 WudfPf - ok

09:11:09.0132 4932 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

09:11:09.0135 4932 WUDFRd - ok

09:11:09.0147 4932 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll

09:11:09.0149 4932 wudfsvc - ok

09:11:09.0165 4932 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

09:11:09.0169 4932 WwanSvc - ok

09:11:09.0174 4932 ================ Scan global ===============================

09:11:09.0192 4932 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

09:11:09.0217 4932 [ B200DECA2186858595A97FBE63E896CC ] C:\Windows\system32\winsrv.dll

09:11:09.0234 4932 [ B200DECA2186858595A97FBE63E896CC ] C:\Windows\system32\winsrv.dll

09:11:09.0254 4932 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

09:11:09.0283 4932 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

09:11:09.0288 4932 [Global] - ok

09:11:09.0288 4932 ================ Scan MBR ==================================

09:11:09.0301 4932 [ 65BF848E44E105340CCD97E0E434410B ] \Device\Harddisk0\DR0

09:11:09.0605 4932 \Device\Harddisk0\DR0 - ok

09:11:09.0615 4932 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1

09:11:09.0624 4932 \Device\Harddisk1\DR1 - ok

09:11:09.0628 4932 ================ Scan VBR ==================================

09:11:09.0631 4932 [ 4D4CC60CBD2D57E8B05A0F9BF5AC7F59 ] \Device\Harddisk0\DR0\Partition1

09:11:09.0633 4932 \Device\Harddisk0\DR0\Partition1 - ok

09:11:09.0639 4932 [ E4F9E7ECBD250BB026619BEC206C386A ] \Device\Harddisk0\DR0\Partition2

09:11:09.0640 4932 \Device\Harddisk0\DR0\Partition2 - ok

09:11:09.0678 4932 [ 7C376171D16FE2675DE8A1B5543A991C ] \Device\Harddisk0\DR0\Partition3

09:11:09.0679 4932 \Device\Harddisk0\DR0\Partition3 - ok

09:11:09.0684 4932 [ DF5169C1AD30269BA7CD56810DD992D5 ] \Device\Harddisk1\DR1\Partition1

09:11:09.0685 4932 \Device\Harddisk1\DR1\Partition1 - ok

09:11:09.0686 4932 ============================================================

09:11:09.0686 4932 Scan finished

09:11:09.0686 4932 ============================================================

09:11:09.0701 0368 Detected object count: 0

09:11:09.0701 0368 Actual detected object count: 0

RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 23 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\RunOnce : 109_95847513117 ("C:\Users\Meineke\AppData\Local\LogMeIn Rescue Applet\LMIR0003.tmp_r.bat") -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-1723799115-427907230-1844215600-1000[...]\RunOnce : 109_95847513117 ("C:\Users\Meineke\AppData\Local\LogMeIn Rescue Applet\LMIR0003.tmp_r.bat") -> FOUND
[TASK][BLACKLIST] {01737E60-5262-4105-BB88-FE5A39255548} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {1578090A-EE37-4D7F-9770-B9752FB8E325} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {1DE90D9B-5559-4FC6-B1B7-0C8FAE8B85E2} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {5D5E8FD9-1876-4247-A429-0E14C149C163} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {7D24B056-E7E1-41CA-9278-4B5273DFC620} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {7E37A33E-B776-43AA-A029-0AE5F2194C94} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {993C45FA-9EC8-4388-B31A-5D342BEBE463} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {9A41EBB0-8302-4512-AC2B-5012B42A50A8} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {BC5B9171-CE4F-48E9-82D5-5501FADB8BC8} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {CAF12BD9-8F94-48DF-8EEA-A20B32B639C7} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {DA888EF6-23D7-40AF-B57D-9F1A89DEFAF9} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[TASK][BLACKLIST] {F4E6E210-47F0-4DE7-B64B-A3A0829FE5C8} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{43F88FA6-A4CD-4941-A3AF-892DDADBB228} : NameServer (216.146.35.35,216.146.36.36,209.26.88.31,204.215.43.3) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{43F88FA6-A4CD-4941-A3AF-892DDADBB228} : NameServer (216.146.35.35,216.146.36.36,209.26.88.31,204.215.43.3) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\Meineke\AppData\Local\{babeb83d-cb3f-7df7-b90e-f5ed8b6f3e53}\n.) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess|Root.MBR ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD64 00AAKS-65Z7B0 SATA Disk Device +++++
--- User ---
[MBR] f20b8895274faa97fc10ad77d41a65d5
[BSP] 013490bbf7b0cdca1e05843829568fda : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 598024 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1224960000 | Size: 12354 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] f865fd65e9c3c863a930c5dd4a862f34
[BSP] 289999ed92a6a1d82d22dd89dfce7063 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 264071168 | Size: 300 Mo
+++++ PhysicalDrive1: SanDisk Cruzer USB Device +++++
--- User ---
[MBR] a124dc1f32b91ceacb765c7a5ad6ec2e
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 32 | Size: 15266 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[1].txt >>
RKreport[1].txt

RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com
Operating
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 20 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\RunOnce : 109_95847513117 ("C:\Users\Meineke\AppData\Local\LogMeIn Rescue Applet\LMIR0003.tmp_r.bat") -> DELETED
[TASK][BLACKLIST] {01737E60-5262-4105-BB88-FE5A39255548} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {1578090A-EE37-4D7F-9770-B9752FB8E325} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {1DE90D9B-5559-4FC6-B1B7-0C8FAE8B85E2} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {5D5E8FD9-1876-4247-A429-0E14C149C163} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {7D24B056-E7E1-41CA-9278-4B5273DFC620} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {7E37A33E-B776-43AA-A029-0AE5F2194C94} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {993C45FA-9EC8-4388-B31A-5D342BEBE463} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {9A41EBB0-8302-4512-AC2B-5012B42A50A8} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {BC5B9171-CE4F-48E9-82D5-5501FADB8BC8} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {CAF12BD9-8F94-48DF-8EEA-A20B32B639C7} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {DA888EF6-23D7-40AF-B57D-9F1A89DEFAF9} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[TASK][BLACKLIST] {F4E6E210-47F0-4DE7-B64B-A3A0829FE5C8} : C:\Program Files (x86)\Meineke\Mkey3\MKey.exe -> DELETED
[DNS] HKLM\[...]\ControlSet001\Services\Interfaces\{43F88FA6-A4CD-4941-A3AF-892DDADBB228} : NameServer (216.146.35.35,216.146.36.36,209.26.88.31,204.215.43.3) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Interfaces\{43F88FA6-A4CD-4941-A3AF-892DDADBB228} : NameServer (216.146.35.35,216.146.36.36,209.26.88.31,204.215.43.3) -> NOT REMOVED, USE DNSFIX
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ INPROC][ZeroAccess] HKCR\[...]\InprocServer32 : (C:\Users\Meineke\AppData\Local\{babeb83d-cb3f-7df7-b90e-f5ed8b6f3e53}\n.) -> REPLACED (C:\Windows\system32\shell32.dll)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess|Root.MBR ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD64 00AAKS-65Z7B0 SATA Disk Device +++++
--- User ---
[MBR] f20b8895274faa97fc10ad77d41a65d5
[BSP] 013490bbf7b0cdca1e05843829568fda : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 598024 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1224960000 | Size: 12354 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] f865fd65e9c3c863a930c5dd4a862f34
[BSP] 289999ed92a6a1d82d22dd89dfce7063 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 264071168 | Size: 300 Mo
+++++ PhysicalDrive1: SanDisk Cruzer USB Device +++++
--- User ---
[MBR] a124dc1f32b91ceacb765c7a5ad6ec2e
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 32 | Size: 15266 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-15 08:51:26
-----------------------------
08:51:26.592 OS Version: Windows x64 6.1.7600
08:51:26.592 Number of processors: 2 586 0x603
08:51:26.593 ComputerName: MEINEKE-HP UserName: Meineke
08:51:29.237 Initialize success
08:54:11.238 AVAST engine defs: 12101500
08:54:29.451 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000056
08:54:29.453 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 11
08:54:29.479 Disk 0 MBR read successfully
08:54:29.483 Disk 0 MBR scan
08:54:29.489 Disk 0 unknown MBR code
08:54:29.496 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:54:29.509 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 598024 MB offset 206848
08:54:29.548 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12354 MB offset 1224960000
08:54:29.606 Disk 0 scanning C:\Windows\system32\drivers
08:54:37.712 Service scanning
08:54:55.222 Modules scanning
08:54:55.241 Disk 0 trace - called modules:
08:54:55.261 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
08:54:55.608 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031dc060]
08:54:55.621 3 CLASSPNP.SYS[fffff880018c243f] -> nt!IofCallDriver -> [0xfffffa800317fb80]
08:54:55.634 5 amdxata.sys[fffff88000fcf7a8] -> nt!IofCallDriver -> \Device\00000056[0xfffffa8003178060]
08:54:57.714 AVAST engine scan C:\Windows
08:55:01.773 AVAST engine scan C:\Windows\system32
08:59:43.448 AVAST engine scan C:\Windows\system32\drivers
08:59:52.523 AVAST engine scan C:\Users\Meineke
09:01:04.395 Disk 0 MBR has been saved successfully to "C:\Users\Meineke\Desktop\MBR.dat"
09:01:04.402 The log file has been saved successfully to "C:\Users\Meineke\Desktop\aswMBR.txt"

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org
Database
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Meineke :: MEINEKE-HP [administrator]
Protection: Enabled
10/15/2012 8:26:07 AM
mbam-log-2012-10-15 (08-26-07).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 239239
Time elapsed: 20 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

Dupe...

Ok. I created restore point.

was able to run combofix but I can not find any generated log: combofix.exe

Ok. had to rerun 3 times until it finaly updated.

here are results:

ComboFix 12-10-22.01 - Meineke 10/22/2012 12:19:31.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2815.985 [GMT -4:00]
Running from: c:\users\Meineke\Desktop\ComboFix.exe
AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\1242_ShpInvHist.exe
C:\install.exe
c:\users\Meineke\AppData\Local\chromeupdate.crx
c:\windows\SysWow64\run.bat
.
.
((((((((((((((((((((((((( Files Created from 2012-09-22 to 2012-10-22 )))))))))))))))))))))))))))))))
.
.
2012-10-22 16:33 . 2012-10-22 16:37 -------- d-----w- c:\users\ACX\AppData\Local\temp
2012-10-22 16:33 . 2012-10-22 16:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-15 12:25 . 2012-10-15 12:25 -------- d-----w- c:\users\Meineke\AppData\Roaming\Malwarebytes
2012-10-15 12:24 . 2012-10-15 12:24 -------- d-----w- c:\programdata\Malwarebytes
2012-10-15 12:24 . 2012-10-22 11:42 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-15 12:24 . 2012-09-29 23:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-09 13:34 . 2011-09-29 16:16 119416 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-10-09 13:03 . 2012-10-09 13:03 -------- d-----w- C:\FRST
2012-10-09 02:31 . 2012-10-09 16:56 -------- d-----w- c:\programdata\Recovery
2012-10-08 11:52 . 2012-10-08 11:52 -------- d-----w- c:\program files\Send To Neat
2012-10-08 11:52 . 2012-09-06 12:41 148480 ----a-w- c:\windows\VPDAgent_x64.exe
2012-10-08 11:52 . 2012-09-06 12:41 54784 ----a-w- c:\windows\system32\sdtnpm.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2012-09-20 20:06 87448 ----a-w- c:\program files (x86)\adawaretb\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\adawaretb\adawareDx.dll" [2012-09-20 87448]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JumiController"="c:\program files (x86)\Jumi\jumi.exe" [2012-10-09 3635712]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-09-28 1715768]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-12 102400]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"tvncontrol"="c:\program files (x86)\TightVNC\tvnserver.exe" [2011-08-03 828944]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2012-08-08 540056]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dyn Updater Tray Icon.lnk - c:\program files (x86)\Dyn Updater\DynTray.exe [2011-11-15 78192]
Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2010-6-17 1040952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
R2 AConneX Part Fulfillment Svc 1;AConneX Part Fulfillment Svc 1;c:\acs\rt\win\APFSvc.exe [2009-10-16 86016]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 136176]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 136176]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-05-28 17152]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-09-29 119416]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-04 1255736]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-12-19 256632]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2011-10-26 57976]
S2 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-09-20 1236368]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Agent;VPDAgent;c:\windows\VPDAgent_x64.exe [2012-09-06 148480]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-11 203264]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-06-13 400368]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 Dyn Updater;Dyn Updater;c:\program files (x86)\Dyn Updater\DynUpSvc.exe [2011-11-15 95608]
S2 Handler;MKey Handler;c:\program files (x86)\Meineke\Mkey Handler\Mkey Handler.exe [2011-07-20 105984]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MSSQL$MPACTSQL;SQL Server (MPACTSQL);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416]
S2 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys [2011-11-29 74872]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
S2 tvnserver;TightVNC Server;c:\program files (x86)\TightVNC\tvnserver.exe [2011-08-03 828944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-11 6790656]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-11 221184]
S3 jumi;%Jumi%;c:\windows\system32\DRIVERS\jumi.sys [2010-06-03 15160]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-09-29 119416]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-12-19 60536]
S3 sbwtis;sbwtis;c:\windows\system32\DRIVERS\sbwtis.sys [2011-12-19 84600]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 721768]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 269672]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 13:40]
.
2012-10-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 13:40]
.
2012-10-22 c:\windows\Tasks\HPCeeScheduleForMeineke.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
.
------- Supplementary Scan -------
.
uStart Page = https://www.advancecommercial.com/w...nForm?catalogId=10051&langId=-1&storeId=10151
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 209.26.88.31 204.215.43.3
TCP: Interfaces\{43F88FA6-A4CD-4941-A3AF-892DDADBB228}: NameServer = 216.146.35.35,216.146.36.36,209.26.88.31,204.215.43.3
DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} - hxxps://www.icloud.com/system/iCloud.cab
DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} - hxxp://192.168.1.100/HiDvrOcx.cab
DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} - hxxp://192.168.1.10/web.cab
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-Microsoft Default Manager - c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-Neat ADF Scanner 2008 - reg copy HKLM\Software\Wow6432Node\The Neat Company\Neat ADF Scanner 2008 HKCU\Software\The Neat Company\Neat ADF Scanner 2008
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:1d,2a,da,2d,72,5c,cd,01
.
[HKEY_USERS\S-1-5-21-1723799115-427907230-1844215600-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1723799115-427907230-1844215600-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
.
**************************************************************************
.
Completion time: 2012-10-22 13:02:29 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-22 17:02
.
Pre-Run: 375,085,633,536 bytes free
Post-Run: 486,941,028,352 bytes free
.
- - End Of File - - D23DA68F983A8771356BA4821FF06E43

OTL logfile created on: 10/22/2012 5:31:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Meineke\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 55.68% Memory free
5.50 Gb Paging File | 3.84 Gb Available in Paging File | 69.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.01 Gb Total Space | 452.76 Gb Free Space | 77.53% Space Free | Partition Type: NTFS
Drive D: | 12.06 Gb Total Space | 1.48 Gb Free Space | 12.23% Space Free | Partition Type: NTFS
Drive E: | 339.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 14.90 Gb Total Space | 6.82 Gb Free Space | 45.76% Space Free | Partition Type: FAT32

Computer Name: MEINEKE-HP | User Name: Meineke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/22 17:30:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Meineke\Desktop\OTL.exe
PRC - [2012/10/09 08:59:46 | 003,635,712 | ---- | M] (Jumi Technologies) -- C:\Program Files (x86)\Jumi\jumi.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/20 15:03:20 | 001,236,368 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2012/09/20 15:03:16 | 018,941,832 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe
PRC - [2012/08/08 04:17:00 | 000,540,056 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2011/11/15 13:20:26 | 000,095,608 | ---- | M] (Dyn, Inc.) -- C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe
PRC - [2011/11/15 13:20:26 | 000,078,192 | ---- | M] (Dyn, Inc.) -- C:\Program Files (x86)\Dyn Updater\DynTray.exe
PRC - [2011/08/03 09:23:54 | 000,828,944 | ---- | M] (GlavSoft LLC.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe
PRC - [2011/07/20 08:31:10 | 000,105,984 | ---- | M] () -- C:\Program Files (x86)\Meineke\Mkey Handler\Mkey Handler.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/12 21:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/24 02:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 02:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/01/18 13:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/16 08:41:46 | 000,086,016 | ---- | M] (Activant Solutions Inc.) -- c:\acs\rt\win\APFSvc.exe
PRC - [2009/10/14 18:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/20 13:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/10/09 08:59:57 | 003,020,288 | ---- | M] () -- C:\Program Files (x86)\Jumi\PreloadedProducts.dll
MOD - [2011/07/20 08:50:16 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Jumi\libvorbis.dll
MOD - [2011/07/18 04:12:20 | 000,052,736 | ---- | M] () -- C:\Program Files (x86)\Jumi\libogg.dll
MOD - [2011/06/20 14:19:28 | 000,202,752 | ---- | M] () -- C:\Program Files (x86)\Jumi\libtheora.dll
MOD - [2011/04/16 03:34:35 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\94eb4ca06f43edf88bbdecd3729657d5\System.Management.ni.dll
MOD - [2011/04/16 03:29:07 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e1f199a523bdc014cd19072d583e7cc\PresentationFramework.Aero.ni.dll
MOD - [2011/04/16 03:28:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\adc8998d96ca331d17cef00b1ef95a5f\System.Runtime.Remoting.ni.dll
MOD - [2011/04/16 03:28:52 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\b9565c454a22ca564978b05db4186f22\System.Data.ni.dll
MOD - [2011/04/16 03:28:44 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7827588b8043e8be3184c8a64a867fc\PresentationFramework.ni.dll
MOD - [2011/04/16 03:28:30 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4ea95056046fdf87f06ae807308b627\System.Windows.Forms.ni.dll
MOD - [2011/04/16 03:28:25 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2a34e74599686e7383ae90670a994cdf\System.Drawing.ni.dll
MOD - [2011/04/16 03:28:22 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\03dd2b7701ca5cfe696d4ca5a0f7b8bb\PresentationCore.ni.dll
MOD - [2011/04/16 03:28:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\caa9d8bca3092573cdbb67c8e81bf0f3\WindowsBase.ni.dll
MOD - [2011/04/16 03:28:10 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\167c8c3817ba1f48fe7396cc56f557e3\System.Xml.ni.dll
MOD - [2011/04/16 03:28:06 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\50c67f851ae3df2d0ab7d86fd1c5c7e0\System.ni.dll
MOD - [2011/04/16 03:28:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9d054fc9618b81d5703af1662cd11135\System.Configuration.ni.dll
MOD - [2011/04/16 03:28:01 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ebdaeaeb9f66c9035b5f11431f10cda4\mscorlib.ni.dll
MOD - [2011/01/27 09:18:26 | 000,123,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/09/28 15:00:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/09/28 15:00:30 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/09/28 15:00:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2010/01/18 13:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2009/06/10 17:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/05/11 11:16:12 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/20 15:03:20 | 001,236,368 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2012/09/06 08:41:40 | 000,148,480 | ---- | M] (Two Pilots) [Auto | Running] -- C:\Windows\VPDAgent_x64.exe -- (Agent)
SRV - [2012/01/03 09:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2011/11/15 13:20:26 | 000,095,608 | ---- | M] (Dyn, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe -- (Dyn Updater)
SRV - [2011/08/03 09:23:54 | 000,828,944 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files (x86)\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2011/07/20 08:31:10 | 000,105,984 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Meineke\Mkey Handler\Mkey Handler.exe -- (Handler)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/10/14 18:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/12 21:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/04/24 02:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 02:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/04/03 19:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/16 08:41:46 | 000,086,016 | ---- | M] (Activant Solutions Inc.) [Auto | Running] -- c:\acs\rt\win\APFSvc.exe -- (AConneX Part Fulfillment Svc 1)
SRV - [2009/10/14 18:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/12/19 12:44:24 | 000,256,632 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2011/12/19 12:44:24 | 000,084,600 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sbwtis.sys -- (sbwtis)
DRV:64bit: - [2011/12/19 12:44:24 | 000,060,536 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2011/11/29 06:59:46 | 000,074,872 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\sbapifs.sys -- (sbapifs)
DRV:64bit: - [2011/10/26 14:23:36 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbredrv.sys -- (SBRE)
DRV:64bit: - [2011/09/29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2011/09/29 12:16:18 | 000,119,416 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2010/06/03 11:07:18 | 000,015,160 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jumi.sys -- (jumi)
DRV:64bit: - [2010/05/11 11:46:18 | 006,790,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/11 10:24:20 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/24 02:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/04/24 02:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/04/24 02:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/04/24 02:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/03/10 11:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/04 10:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/06 00:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/06 00:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/12/22 05:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011/10/26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/05/28 08:03:09 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9D998F51-5E47-4A8B-89F0-35D8E53786A2}
IE:64bit: - HKLM\..\SearchScopes\{0E42019E-BAD5-462E-AA5D-F7C471C6FA7E}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{8F3A4900-35FA-4072-AD95-656227B3A1D8}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{9D998F51-5E47-4A8B-89F0-35D8E53786A2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{D267F26D-657D-455C-91AA-07AAD491DE82}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\SearchScopes,DefaultScope = {9D998F51-5E47-4A8B-89F0-35D8E53786A2}
IE - HKLM\..\SearchScopes\{0E42019E-BAD5-462E-AA5D-F7C471C6FA7E}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{8F3A4900-35FA-4072-AD95-656227B3A1D8}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{9D998F51-5E47-4A8B-89F0-35D8E53786A2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{D267F26D-657D-455C-91AA-07AAD491DE82}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.showmetheparts.com/apex [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.advancecommercial.com/w...nForm?catalogId=10051&langId=-1&storeId=10151
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\..\SearchScopes,DefaultScope = {8F3A4900-35FA-4072-AD95-656227B3A1D8}
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\..\SearchScopes\{0E42019E-BAD5-462E-AA5D-F7C471C6FA7E}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://safesearchr.lavasoft.com/?so...34E58C278F0FD5B1858F507424AC11&q={searchTerms}
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\..\SearchScopes\{8F3A4900-35FA-4072-AD95-656227B3A1D8}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\..\SearchScopes\{9D998F51-5E47-4A8B-89F0-35D8E53786A2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\..\SearchScopes\{D267F26D-657D-455C-91AA-07AAD491DE82}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1004\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-1723799115-427907230-1844215600-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()



O1 HOSTS File: ([2012/10/22 12:38:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Ad-Aware Security Add-on) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKU\S-1-5-21-1723799115-427907230-1844215600-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-1723799115-427907230-1844215600-1000..\Run: [JumiController] C:\Program Files (x86)\Jumi\jumi.exe (Jumi Technologies)
O4 - HKU\S-1-5-21-1723799115-427907230-1844215600-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-1723799115-427907230-1844215600-1004..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-1723799115-427907230-1844215600-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1723799115-427907230-1844215600-1000..\RunOnce: [109_95847513117] "C:\Users\Meineke\AppData\Local\LogMeIn Rescue Applet\LMIR0003.tmp_r.bat" File not found
O4 - HKU\S-1-5-21-1723799115-427907230-1844215600-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1723799115-427907230-1844215600-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1723799115-427907230-1844215600-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files (x86)\Bodog Poker\BPGame.exe (Bodog)
O13 - gopher Prefix: missing
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.com/system/iCloud.cab (iCloud Web App Plugin)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} http://192.168.1.100/HiDvrOcx.cab (HiDvrOcx Control)
O16 - DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} http://192.168.1.10/web.cab (Web Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.26.88.31 204.215.43.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43F88FA6-A4CD-4941-A3AF-892DDADBB228}: DhcpNameServer = 209.26.88.31 204.215.43.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43F88FA6-A4CD-4941-A3AF-892DDADBB228}: NameServer = 216.146.35.35,216.146.36.36,209.26.88.31,204.215.43.3
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/04 18:13:52 | 000,000,110 | -H-- | M] () - G:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/22 17:30:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Meineke\Desktop\OTL.exe
[2012/10/22 13:02:55 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/10/22 12:38:12 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/10/22 12:16:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/22 12:16:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/22 12:16:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/22 12:15:46 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/22 08:02:19 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/10/22 07:58:21 | 004,986,434 | R--- | C] (Swearware) -- C:\Users\Meineke\Desktop\ComboFix.exe
[2012/10/15 13:35:14 | 000,000,000 | ---D | C] -- C:\Users\Meineke\AppData\Local\{C70F44D4-4CEE-4058-B25F-362EEF648435}
[2012/10/15 09:42:29 | 000,000,000 | ---D | C] -- C:\Users\Meineke\Desktop\SCOTT
[2012/10/15 09:27:39 | 000,000,000 | ---D | C] -- C:\Users\Meineke\Desktop\VIRUS PROGRAMS
[2012/10/15 08:25:15 | 000,000,000 | ---D | C] -- C:\Users\Meineke\AppData\Roaming\Malwarebytes
[2012/10/15 08:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/15 08:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/15 08:24:58 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/10/15 08:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/10/15 08:24:06 | 010,524,080 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Meineke\Desktop\mbam-setup-1.65.0.1400.exe
[2012/10/15 08:19:20 | 000,000,000 | ---D | C] -- C:\Users\Meineke\Desktop\RK_Quarantine
[2012/10/09 10:15:33 | 000,000,000 | ---D | C] -- C:\Users\Meineke\Documents\Neat Data
[2012/10/09 09:34:20 | 000,119,416 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFwIm.sys
[2012/10/09 09:34:19 | 000,256,632 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\SbFw.sys
[2012/10/09 09:33:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2012/10/09 09:27:18 | 000,000,000 | ---D | C] -- C:\Users\Meineke\AppData\Roaming\LavasoftStatistics
[2012/10/09 09:22:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2012/10/09 09:22:49 | 000,060,536 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\sbhips.sys
[2012/10/09 09:22:48 | 000,045,936 | ---- | C] (GFI Software) -- C:\Windows\SysNative\sbbd.exe
[2012/10/09 09:22:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2012/10/09 09:22:05 | 000,000,000 | ---D | C] -- C:\Users\Meineke\AppData\Local\Downloaded Installations
[2012/10/09 09:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\blekko toolbars
[2012/10/09 09:21:28 | 000,000,000 | ---D | C] -- C:\Users\Meineke\AppData\Local\adawarebp
[2012/10/09 09:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012/10/09 09:21:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2012/10/09 09:21:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adawaretb
[2012/10/09 09:21:01 | 000,000,000 | ---D | C] -- C:\Users\Meineke\AppData\Roaming\Ad-Aware Antivirus
[2012/10/09 09:03:13 | 000,000,000 | ---D | C] -- C:\FRST
[2012/10/08 22:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
[2012/10/08 18:44:51 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/10/08 12:43:03 | 000,000,000 | ---D | C] -- C:\Users\Meineke\Documents\Neat Dataold
[2012/10/08 07:52:35 | 000,148,480 | ---- | C] (Two Pilots) -- C:\Windows\VPDAgent_x64.exe
[2012/10/08 07:52:35 | 000,000,000 | ---D | C] -- C:\Program Files\Send To Neat
[2012/10/06 16:58:31 | 000,000,000 | ---D | C] -- C:\Users\Meineke\Desktop\PDF FILES
[2011/05/10 12:35:09 | 006,649,496 | ---- | C] (Snap-on Business Solutions ) -- C:\Users\Meineke\imgrdwnld.exe

========== Files - Modified Within 30 Days ==========

[2012/10/22 17:30:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Meineke\Desktop\OTL.exe
[2012/10/22 16:38:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/22 13:20:31 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/22 13:20:31 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/22 13:12:52 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/22 13:12:49 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/10/22 13:12:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/22 13:12:30 | 2214,027,264 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/22 12:38:04 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/10/22 12:25:19 | 000,027,745 | ---- | M] () -- C:\Users\Meineke\Desktop\error.jpg
[2012/10/22 12:12:34 | 004,986,434 | R--- | M] (Swearware) -- C:\Users\Meineke\Desktop\ComboFix.exe
[2012/10/22 10:06:02 | 000,001,652 | ---- | M] () -- C:\PartOrderResp.xml
[2012/10/22 10:05:59 | 000,001,551 | ---- | M] () -- C:\PartOrderReq.xml
[2012/10/22 10:05:59 | 000,001,478 | ---- | M] () -- C:\PartInqResp.xml
[2012/10/22 10:05:58 | 000,001,403 | ---- | M] () -- C:\PartInqReq.xml
[2012/10/22 07:39:29 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMeineke.job
[2012/10/17 19:30:06 | 000,001,854 | ---- | M] () -- C:\Users\Meineke\AppData\Roaming\GhostObjGAFix.xml
[2012/10/15 14:01:43 | 000,429,180 | ---- | M] () -- C:\Users\Meineke\Desktop\subpoena.pdf
[2012/10/15 11:03:37 | 000,402,537 | ---- | M] () -- C:\Users\Meineke\Desktop\TSANG.pdf
[2012/10/15 09:01:04 | 000,000,512 | ---- | M] () -- C:\Users\Meineke\Desktop\MBR.dat
[2012/10/15 08:24:20 | 010,524,080 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Meineke\Desktop\mbam-setup-1.65.0.1400.exe
[2012/10/15 08:03:36 | 000,001,190 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/10/10 11:40:57 | 000,273,837 | ---- | M] () -- C:\Users\Meineke\Desktop\10-6-12.pdf
[2012/10/09 15:58:24 | 000,000,017 | ---- | M] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/10/09 15:48:04 | 000,117,227 | ---- | M] () -- C:\Users\Meineke\Desktop\merchant.pdf
[2012/10/09 15:48:00 | 000,110,625 | ---- | M] () -- C:\Users\Meineke\Desktop\thomas.pdf
[2012/10/09 12:59:23 | 1061,002,028 | ---- | M] () -- C:\Users\Meineke\Desktop\10-9-2012_Neat.nbak
[2012/10/09 09:03:35 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/10/09 09:03:35 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/10/09 08:03:32 | 000,002,589 | ---- | M] () -- C:\Users\Public\Desktop\MKey.lnk
[2012/10/03 13:35:37 | 000,000,219 | ---- | M] () -- C:\ProgramData\RmUserCfg.ini
[2012/10/03 13:35:37 | 000,000,061 | ---- | M] () -- C:\ProgramData\IpAndPort.fig
[2012/09/29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/10/22 12:25:18 | 000,027,745 | ---- | C] () -- C:\Users\Meineke\Desktop\error.jpg
[2012/10/22 12:16:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/22 12:16:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/22 12:16:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/22 12:16:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/22 12:16:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/15 14:01:43 | 000,429,180 | ---- | C] () -- C:\Users\Meineke\Desktop\subpoena.pdf
[2012/10/15 11:03:37 | 000,402,537 | ---- | C] () -- C:\Users\Meineke\Desktop\TSANG.pdf
[2012/10/15 09:01:04 | 000,000,512 | ---- | C] () -- C:\Users\Meineke\Desktop\MBR.dat
[2012/10/15 08:03:36 | 000,001,190 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/10/10 11:40:57 | 000,273,837 | ---- | C] () -- C:\Users\Meineke\Desktop\10-6-12.pdf
[2012/10/09 15:58:24 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/10/09 15:48:03 | 000,117,227 | ---- | C] () -- C:\Users\Meineke\Desktop\merchant.pdf
[2012/10/09 15:48:00 | 000,110,625 | ---- | C] () -- C:\Users\Meineke\Desktop\thomas.pdf
[2012/10/09 12:34:33 | 1061,002,028 | ---- | C] () -- C:\Users\Meineke\Desktop\10-9-2012_Neat.nbak
[2012/10/08 07:52:27 | 000,054,784 | ---- | C] () -- C:\Windows\SysNative\sdtnpm.dll
[2012/03/05 16:46:42 | 000,102,912 | ---- | C] () -- C:\Windows\agent_x64.exe
[2011/05/31 07:48:06 | 000,000,000 | ---- | C] () -- C:\Users\Meineke\AppData\Local\{F5C5544C-CD37-4A9E-B7D8-15A1BA050752}
[2011/05/23 15:43:27 | 000,010,180 | -HS- | C] () -- C:\Users\Meineke\AppData\Local\h0387md7ekpl3vuk24yy
[2011/05/23 15:43:27 | 000,010,180 | -HS- | C] () -- C:\ProgramData\h0387md7ekpl3vuk24yy
[2011/05/19 12:00:31 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/05/19 12:00:31 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/05/19 11:14:33 | 000,001,854 | ---- | C] () -- C:\Users\Meineke\AppData\Roaming\GhostObjGAFix.xml
[2011/01/10 16:53:20 | 000,000,219 | ---- | C] () -- C:\ProgramData\RmUserCfg.ini
[2011/01/10 16:53:20 | 000,000,061 | ---- | C] () -- C:\ProgramData\IpAndPort.fig
[2011/01/04 07:59:45 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/01/04 06:52:20 | 000,000,121 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/01/04 06:14:58 | 000,743,932 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/12/28 04:27:00 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\AVCDecoder.dll
[2010/12/27 04:13:42 | 004,497,993 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2010/12/27 04:13:42 | 000,142,291 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2010/12/19 02:34:04 | 007,276,032 | ---- | C] () -- C:\Windows\SysWow64\avcodec.dll
[2010/12/19 02:34:04 | 000,742,220 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/12/19 02:34:04 | 000,666,624 | ---- | C] () -- C:\Windows\SysWow64\avformat.dll
[2010/12/19 02:34:04 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\avutil.dll

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2010/07/27 10:59:11 | 014,162,944 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/07/27 10:59:11 | 014,162,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/07/27 10:03:24 | 012,867,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/10/09 09:34:40 | 000,000,000 | ---D | M] -- C:\Users\Meineke\AppData\Roaming\Ad-Aware Antivirus
[2012/03/05 16:54:14 | 000,000,000 | ---D | M] -- C:\Users\Meineke\AppData\Roaming\Neat
[2012/03/05 16:54:09 | 000,000,000 | ---D | M] -- C:\Users\Meineke\AppData\Roaming\Nuance
[2012/09/21 09:14:05 | 000,000,000 | ---D | M] -- C:\Users\Meineke\AppData\Roaming\PDF Writer
[2011/05/19 11:02:17 | 000,000,000 | ---D | M] -- C:\Users\Meineke\AppData\Roaming\PictureMover
[2012/10/22 07:35:25 | 000,000,000 | ---D | M] -- C:\Users\Meineke\AppData\Roaming\SoftGrid Client
[2011/11/14 13:23:39 | 000,000,000 | ---D | M] -- C:\Users\Meineke\AppData\Roaming\TightVNC
[2011/09/19 10:31:23 | 000,000,000 | -H-D | M] -- C:\Users\Meineke\AppData\Roaming\TP
[2011/01/27 09:16:20 | 000,000,000 | -H-D | M] -- C:\Users\Meineke\AppData\Roaming\WinBatch
[2012/04/25 10:33:49 | 000,000,000 | -H-D | M] -- C:\Users\Meineke\AppData\Roaming\Windows Live Writer
[2012/07/30 16:34:08 | 000,000,000 | ---D | M] -- C:\Users\Meineke\AppData\Roaming\ZumoDrive

========== Purity Check ==========


< End of report >

OTL Extras logfile created on: 10/22/2012 5:31:34 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Meineke\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.75 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 55.68% Memory free
5.50 Gb Paging File | 3.84 Gb Available in Paging File | 69.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.01 Gb Total Space | 452.76 Gb Free Space | 77.53% Space Free | Partition Type: NTFS
Drive D: | 12.06 Gb Total Space | 1.48 Gb Free Space | 12.23% Space Free | Partition Type: NTFS
Drive E: | 339.08 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 14.90 Gb Total Space | 6.82 Gb Free Space | 45.76% Space Free | Partition Type: FAT32

Computer Name: MEINEKE-HP | User Name: Meineke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system |
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system |
"{5A471EF1-2EA1-40F3-841B-712BA1DF35D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system |
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system |
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system |
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C46EEC52-C429-452D-8FB5-F74A91ECF699}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system |
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system |
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{6ADC8D84-61AE-4944-8EB2-5FB7F7F6819E}C:\program files (x86)\jumi\jumi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jumi\jumi.exe |
"TCP Query User{E4396648-A6A4-430E-96BA-E9E894A257F7}C:\program files (x86)\jumi\jumi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jumi\jumi.exe |
"UDP Query User{4D34D32A-0959-4190-A6A0-683E9E19B8A9}C:\program files (x86)\jumi\jumi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jumi\jumi.exe |
"UDP Query User{B02D50B2-774F-408D-AA98-229BAD394BA8}C:\program files (x86)\jumi\jumi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jumi\jumi.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{237E305C-B625-466A-88CE-1E121BF4FDB1}" = Send To Neat
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}" = ATI Catalyst Install Manager
"{7EA2D88A-C8B7-4102-8644-0A437B6FC143}" = Neat Mobile Scanner Driver
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8A2BC7D4-A7D3-45D5-B3D2-394718C53C41}" = Neat ADF Scanner 2008 Driver
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}" = Neat ADF Scanner Driver
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D1108D4B-72F8-419F-88C5-ABB8DC09B3C7}" = Neat Mobile Scanner (Silver) Driver
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DDE25FC9-892D-4D24-9325-3BAA5C15ACA9}" = Neat Mobile Scanner 2008 Driver
"{E735E90E-FE0B-4B10-90D5-4AC6D3899BFD}" = Microsoft SQL Server Management Objects Collection
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD9560A8-CB02-1F28-CB9C-487244A28A8B}" = ccc-utility64
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 8.4.0.1425
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02AF1BD5-BCFC-4D6C-8824-AF5AADF7C6B6}" = NGISCT
"{0655C185-FD48-5EBA-484A-CD530291F44D}" = CCC Help Hungarian
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0818FAA3-2553-4E5A-B558-76E71C32290B}" = Mkey3
"{08A881E0-9DBA-4C3C-A703-EBEACA62E082}" = NGISCT
"{08DB3902-2CE0-474D-BCE3-0177766CE9F1}" = HP Support Assistant
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BF71387-5AFD-F71B-7353-3AEBD3E8F5F3}" = Catalyst Control Center Graphics Full Existing
"{0E1C256F-6B90-E5A5-F62E-5DAE1AEAE294}" = ccc-core-static
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B01541D-B1B8-8B7E-E82B-70551A1AF961}" = CCC Help Chinese Standard
"{1E171C7E-C140-4E05-9ECE-BE4DAE4093B3}" = NGISCT
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{1FDC8149-87DC-4261-8935-75BE95A0F8F2}" = NGISRD
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22139F5D-9405-455A-BDEB-658B1A4E4861}" = Catalyst Control Center - Branding
"{236DDF04-6B5A-4A56-A298-A425680B4BDB}" = NGISCT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26070CDA-A7C5-2114-0533-38DE06C65E7F}" = CCC Help Polish
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 30
"{2726B6FF-D8F9-8F29-2A7D-8192AAE79D3F}" = Catalyst Control Center Localization All
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MPACTSQL)
"{2C9195E9-3BE3-4030-A55C-08D720D350B6}" = NGISCT
"{2CE4119A-FF7F-3EE6-42A4-EB53C6057FFE}" = Zinio Reader 4
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3088B508-7EE1-EC64-4FFD-C4901378CE7D}" = CCC Help Russian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3778B802-8E2C-04B0-2C1B-7C2A8F981824}" = CCC Help Finnish
"{3A6CC46F-4E48-41B8-A2CD-A1A02C4DEB52}" = NGISCT
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{48CA048A-3C5B-391E-7FF0-F36F434CB1B6}" = CCC Help Thai
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{52CD3425-C5E8-C49D-B776-AC85F018C0F6}" = Catalyst Control Center Graphics Previews Vista
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54355060-9A23-11D4-9D4B-00010240F659}" = NGIS
"{58B56F83-827A-4A51-AF31-C2F907E0C643}" = NGISCT
"{597CE475-4F62-89EE-A81E-DB509DA0CBB2}" = CCC Help English
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E7A925A-CCE1-4ED5-A0DD-4A821A3F9BC2}" = Catalyst Control Center Core Implementation
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{674DAE26-3C3C-2D20-1BB4-82B380142E78}" = CCC Help Greek
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6a4b0a4f-58d0-430c-becc-aa50733cd761}" = Ad-Aware Antivirus
"{6A9EF47E-D49A-2EFC-20A1-A92DE7F826DF}" = CCC Help Czech
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{713C3B3F-63FE-48B6-9683-11D21C534D49}" = NGISCT
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77745D46-9FB3-4189-9FA5-591C8BFA249C}" = MLink 4.6
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{7A9C67EF-05A8-499F-56A2-C467A4FE6DEE}" = CCC Help Italian
"{7D7E84A4-3B55-475F-A1E9-CA4F9D2A8A4E}" = NGISCT
"{7DA0C5CE-9817-CDB2-F061-F72D0CB6EEB3}" = CCC Help German
"{7DB63154-92A4-12AE-364F-DE9C7B459720}" = CCC Help Spanish
"{7EF432B0-6091-4508-A2EA-E81D94915EA7}" = NGISCT
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{85E0AFF3-641A-40C7-9E7B-EA1296EC9E0F}" = NGISCT
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2A81D8-AABF-673B-08BE-EF7A80295F14}" = CCC Help French
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{912CED74-88D3-4C5B-ACB0-13231864975D}" = PressReader
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93F043DA-5758-4517-BB1B-99E8058700FD}" = Mkey3
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981F6BCD-252E-6A64-9C6D-4E3B10B1B126}" = Catalyst Control Center InstallProxy
"{99432E4C-1189-4887-9D75-DAA796015FFD}" = Neat Core Files
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7CEA571-43AC-95FE-4F08-22C401FC2824}" = CCC Help Japanese
"{A826CCC4-C0BA-97B4-F1DB-E68CD45D1133}" = CCC Help Danish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AC9A3F48-8936-40CD-A0B2-7CFA76906143}" = Catalyst Control Center Graphics Full New
"{B2BF6842-FFC6-4183-A294-2F08DC70A7E5}" = Microsoft Store Download Manager
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B68D391C-32C6-798E-C78F-83C1797B162A}" = CCC Help Swedish
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BDDA1E1E-204E-4368-B0C2-737F16B76307}" = HP MediaSmart/TouchSmart Netflix
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0EEC9ED-1D71-482E-B20F-F8EC93840B02}" = NGISCT
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DC47D46D-8874-D83A-6612-9DA3175861B2}" = CCC Help Korean
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DF09BCD9-3556-77A6-8984-1CA95F8E1078}" = CCC Help Portuguese
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0DE2996-A443-5FEA-30B7-9395E0F3A7CC}" = CCC Help Chinese Traditional
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EA8DD520-112E-4802-BDE9-49B4070C41B1}" = NGISCT
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EDFA892D-594D-C921-35FF-B6E5CFD2487C}" = CCC Help Dutch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F12B3251-FE57-4847-A2AA-04466364F197}" = NGISCT
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F518CC16-FEDC-497D-BA4D-629171468A01}" = Mkey Handler
"{F56BBEB1-E982-0A07-0004-1CBC8E5B534E}" = CCC Help Turkish
"{F600ED39-BA0C-A127-EAB7-057DF0A327E0}" = CCC Help Norwegian
"{F84B7A2F-2328-A610-89F6-2CC78CF00FFE}" = Catalyst Control Center Graphics Light
"{F9886B58-236B-473E-BA1C-AAB731D1EFF0}" = NGISCT
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FDC8065B-80DE-4466-B90B-2581F6D77DFF}" = Image Plugin
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"adawaretb" = Ad-Aware Security Add-on
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AVIGenerator" = AVIGenerator 1.8.0.0
"Bodog Poker_is1" = Bodog Poker
"DynUpdater" = Dyn Updater
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Kobo" = Kobo
"LaserCat" = LaserCat
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MLink_is1" = MLink HostName Fix V2
"My HP Game Console" = HP Game Console
"Neat" = Neat
"NetViewer" = NetViewer 2.1.359.0
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PDF Complete" = PDF Complete Special Edition
"ST6UNST #1" = M.Key Appointment Book v2
"TightVNC" = TightVNC 2.0.4
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WORLDPAC speedDIAL_is1" = WORLDPAC speedDIAL
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1723799115-427907230-1844215600-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1723799115-427907230-1844215600-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/12/2012 10:37:51 AM | Computer Name = Meineke-HP | Source = Application Virtualization Client | ID = 5009
Description = {hap=12:app=OfficeVirt 9014006604090000:tid=D48} The Application Virtualization
Client could not connect to stream URL 'http://c2r.microsoft.com/ConsumerC2R/en-us/14.0.4763.1000/ConsumerC2R.en-us_14.0.6120.5005.sft'
(rc 00000729-00000020, original rc 00000729-00000020).

Error - 10/12/2012 10:37:52 AM | Computer Name = Meineke-HP | Source = Application Virtualization Client | ID = 3008
Description = {hap=12:app=OfficeVirt 9014006604090000:tid=D48} The client was unable
to connect to an Application Virtualization Server (rc 00000729-00000020)

Error - 10/12/2012 10:47:31 AM | Computer Name = Meineke-HP | Source = CVHSVC | ID = 100
Description = Information only. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 10/13/2012 7:27:56 AM | Computer Name = Meineke-HP | Source = Application Error | ID = 1000
Description = Faulting application name: jumi.exe, version: 1.0.0.1, time stamp:
0x5069aa27 Faulting module name: jumi.exe, version: 1.0.0.1, time stamp: 0x5069aa27
Exception
code: 0xc0000005 Fault offset: 0x00205897 Faulting process id: 0xab8 Faulting application
start time: 0x01cda887173d0bd2 Faulting application path: C:\Program Files (x86)\Jumi\jumi.exe
Faulting
module path: C:\Program Files (x86)\Jumi\jumi.exe Report Id: 08760709-1529-11e2-8f51-d485649fe414

Error - 10/14/2012 6:28:21 AM | Computer Name = Meineke-HP | Source = CVHSVC | ID = 100
Description = Information only. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 10/14/2012 7:28:28 AM | Computer Name = Meineke-HP | Source = Application Error | ID = 1000
Description = Faulting application name: jumi.exe, version: 1.0.0.1, time stamp:
0x5069aa27 Faulting module name: KERNELBASE.dll, version: 6.1.7600.16385, time stamp:
0x4a5bdbdf Exception code: 0xe06d7363 Fault offset: 0x0000b727 Faulting process id:
0x27a4 Faulting application start time: 0x01cda935c569c3eb Faulting application path:
C:\Program Files (x86)\Jumi\jumi.exe Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report
Id: 45b2714d-15f2-11e2-8f51-d485649fe414

Error - 10/15/2012 8:10:07 AM | Computer Name = Meineke-HP | Source = CVHSVC | ID = 100
Description = Information only. Too many failures while downloading ranges: 2

Error - 10/15/2012 8:10:41 AM | Computer Name = Meineke-HP | Source = CVHSVC | ID = 100
Description = Information only. (Stream product id=0x0066): Streaming Failed

Error - 10/15/2012 8:18:44 AM | Computer Name = Meineke-HP | Source = CVHSVC | ID = 100
Description = Information only. Error: Initialization failed 0x80070424 Type: 88::UnexpectedError.


Error - 10/15/2012 9:13:52 AM | Computer Name = Meineke-HP | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 910 Start
Time: 01cdaacfd7799bc2 Termination Time: 19 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 10/15/2012 10:25:06 AM | Computer Name = Meineke-HP | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 39c Start
Time: 01cdaacf96d9ffa5 Termination Time: 142 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

[ Hewlett-Packard Events ]
Error - 8/29/2012 7:13:40 PM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Access to the path 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml' is denied. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String
filename, Encoding encoding) at System.Xml.XmlDocument.Save(String filename)
at ? .? . ()

Error - 9/4/2012 1:11:52 AM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Access to the path 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml' is denied. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String
filename, Encoding encoding) at System.Xml.XmlDocument.Save(String filename)
at ? .? . ()

Error - 9/6/2012 7:53:06 AM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Access to the path 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml' is denied. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String
filename, Encoding encoding) at System.Xml.XmlDocument.Save(String filename)
at ? .? . ()

Error - 9/12/2012 7:08:38 PM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Access to the path 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml' is denied. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String
filename, Encoding encoding) at System.Xml.XmlDocument.Save(String filename)
at ? .? . ()

Error - 9/19/2012 7:52:28 PM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Access to the path 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml' is denied. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String
filename, Encoding encoding) at System.Xml.XmlDocument.Save(String filename)
at ? .? . ()

Error - 9/26/2012 7:27:37 PM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Access to the path 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml' is denied. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String
filename, Encoding encoding) at System.Xml.XmlDocument.Save(String filename)
at ? .? . ()

Error - 10/3/2012 7:22:58 PM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101203072252.xml
File not created by asset agent

Error - 10/3/2012 7:23:09 PM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Access to the path 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml' is denied. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String
filename, Encoding encoding) at System.Xml.XmlDocument.Save(String filename)
at ? .? . ()

Error - 10/10/2012 7:32:33 PM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101210073227.xml
File not created by asset agent

Error - 10/10/2012 7:32:40 PM | Computer Name = Meineke-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Access to the path 'C:\Program Files (x86)\Hewlett-Packard\HP
Support Framework\Logs\SystemInfoSI.xml' is denied. mscorlib at System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode
mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode
mode, FileAccess access, FileShare share) at System.Xml.XmlDOMTextWriter..ctor(String
filename, Encoding encoding) at System.Xml.XmlDocument.Save(String filename)
at ? .? . ()

[ System Events ]
Error - 10/22/2012 12:35:44 PM | Computer Name = Meineke-HP | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 10/22/2012 12:36:09 PM | Computer Name = Meineke-HP | Source = Service Control Manager | ID = 7038
Description = The AConneX Part Fulfillment Svc 1 service was unable to log on as
.\ACX with the currently configured password due to the following error: %%50 To
ensure that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 10/22/2012 12:36:09 PM | Computer Name = Meineke-HP | Source = Service Control Manager | ID = 7000
Description = The AConneX Part Fulfillment Svc 1 service failed to start due to
the following error: %%1069

Error - 10/22/2012 12:38:41 PM | Computer Name = Meineke-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Presentation Foundation Font Cache 3.0.0.0 service failed
to start due to the following error: %%31

Error - 10/22/2012 12:38:44 PM | Computer Name = Meineke-HP | Source = WMPNetworkSvc | ID = 866314
Description =

Error - 10/22/2012 12:38:44 PM | Computer Name = Meineke-HP | Source = WMPNetworkSvc | ID = 866314
Description =

Error - 10/22/2012 12:39:45 PM | Computer Name = Meineke-HP | Source = Service Control Manager | ID = 7000
Description = The HP Health Check Service service failed to start due to the following
error: %%31

Error - 10/22/2012 12:55:26 PM | Computer Name = Meineke-HP | Source = Service Control Manager | ID = 7031
Description = The AConneX Part Fulfillment Svc 1 service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
500000 milliseconds: Restart the service.

Error - 10/22/2012 1:13:52 PM | Computer Name = Meineke-HP | Source = WMPNetworkSvc | ID = 866314
Description =

Error - 10/22/2012 1:13:52 PM | Computer Name = Meineke-HP | Source = WMPNetworkSvc | ID = 866314
Description =


< End of report >

Computer is running good. only issue is I have "catalyst host error" on startup.

also it seems as if computer sits for 2 days idle when I get in monday it is super slow and programs stop responding and it takes me about 5 min to get it to reboot.

other than that great

I am still here. Please don't close. I will do his tomorrow.

I know. I am sorry for delay. Trust me I want to get this resolved.

I know you probably don't care about excuses but I live in Florida and hunting season just opened for deer. That may sound irrelevant but my store managers all take a lot of vacation for hunting season so I have been covering the other stores.

I can understand if you need to close it but I will definitely be at that location on Monday and will be attempting to finish.