mywebsearch and f3scrctr.dll error

[mlott132]

I have a laptop running windows vista that keeps giving me an error about f3scrctr.dll every thime it starts up. Also, whenever I do a search it is trying to use mywebsearch. I have looked and cannot find this search program on my computer. I have attached the results from my dds report.

Here are the contents of my log files. Any help would be appreciated.

dds.txt

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by TERRY at 17:01:30 on 2011-12-21

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3837.1096 [GMT -6:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\lxdfcoms.exe

C:\Windows\system32\spool\DRIVERS\x64\3\lxebserv.exe

C:\Windows\system32\lxebcoms.exe

C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\PROGRA~2\TVvie_4g\bar\1.bin\4gbarsvc.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio64.exe

C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe

C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe

C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe

C:\Windows\ehome\ehtray.exe

C:\ProgramData\GameXN\GameXNGO.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Camera Assistant Software for Gateway\traybar.exe

C:\Program Files (x86)\Nova Development\Photo Explosion 3.0 SE\CalCheck.exe

C:\Program Files (x86)\QuickTime\qttask.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe

C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe

C:\Program Files (x86)\TVvie_4g\bar\1.bin\4gbrmon.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files (x86)\SFT\GuardedID\GIDD.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\SFT\GuardedID\x64\GIDD.exe

C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\system32\msiexec.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://att.my.yahoo.com/

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=m-2626u

mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=m-2626u

mSearchAssistant = hxxp://toolbar.inbox.com/search/ie.aspx?tbid=80114&lng=en

mCustomizeSearch = hxxp://toolbar.inbox.com/help/sa_customize.aspx?tbid=80114

uURLSearchHooks: N/A: {308e3a5f-a22a-43c7-8e23-7b1895409fff} - C:\Program Files (x86)\TVvie_4g\bar\1.bin\4gSrcAs.dll

mWinlogon: Userinit=userinit.exe,

BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: EpicPlay Games: {56e4076b-a42b-4745-ba35-34da8ac4c2f2} - C:\Program Files (x86)\EpicPlay\epicPlayGames.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Search Assistant BHO: {89150cb7-b723-40e4-9ca5-736523889530} - C:\Program Files (x86)\TVvie_4g\bar\1.bin\4gSrcAs.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Constant Guard Protection Suite (COM): {b84cdbe7-1b46-494b-a188-01d4c52deb61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll

BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files\Lexmark Printable Web\bho.dll

BHO: Toolbar BHO: {d3b02e0d-c0a3-4fcf-9a3e-82e6002a19c3} - C:\PROGRA~2\TVvie_4g\bar\1.bin\4gbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll

TB: TVvie: {5fc8ff1f-c136-4abb-9a78-9c7cd19d21e2} - C:\Program Files (x86)\TVvie_4g\bar\1.bin\4gbar.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File

uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe

uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"

uRun: [msnmsgr] "C:\PROGRA~2\MSNMES~1\msnmsgr.exe" /background

uRun: [GameXN (update)] "C:\ProgramData\GameXN\GameXNGO.exe" /u

uRun: [GameXN (news)] "C:\ProgramData\GameXN\GameXNGO.exe" /n

uRun: [GameXN] "C:\ProgramData\GameXN\GameXNGO.exe" /silent

uRun: [PopularScreensaversWallpaper] rundll32 C:\PROGRA~2\MYWEBS~1\bar\2.bin\F3SCRCTR.DLL,LES

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe

mRun: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Gateway\traybar.exe"

mRun: [eRecoveryService]

mRun: [PhotoExplosionCalCheck] C:\Program Files (x86)\Nova Development\Photo Explosion 3.0 SE\calcheck.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime

mRun: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"

mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

mRun: [TVvie_4g Browser Plugin Loader] C:\PROGRA~2\TVvie_4g\bar\1.bin\4gbrmon.exe

mRun: [ALUAlert] "c:\Program Files (x86)\Symantec\LiveUpdate\ALuNotify.exe" "/LOWDISKSPACE C"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s

dRunOnce: [<NO NAME>] OSK.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONSTA~1.LNK - C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{7E884334-E11C-48BA-96F3-C370C42D58B3} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{AA7D8DAB-FABB-4A0B-8882-9592D56C5505} : DhcpNameServer = 192.168.0.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

mASetup: {9191979D-821C-4EA8-B021-2DA1D859A7C5}-3Reg - C:\Program Files (x86)\SFT\GuardedID\gidi.exe /v

BHO-X64: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: EpicPlay Games: {56E4076B-A42B-4745-BA35-34DA8AC4C2F2} - C:\Program Files (x86)\EpicPlay\epicPlayGames.dll

BHO-X64: EpicPlay Games - No File

BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

BHO-X64: Symantec NCO BHO - No File

BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\IPS\IPSBHO.DLL

BHO-X64: Symantec Intrusion Prevention - No File

BHO-X64: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: Search Assistant BHO: {89150cb7-b723-40e4-9ca5-736523889530} - C:\Program Files (x86)\TVvie_4g\bar\1.bin\4gSrcAs.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Constant Guard Protection Suite (COM): {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll

BHO-X64: Constant Guard Protection Suite (COM) - No File

BHO-X64: Lexmark Printable Web: {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll

BHO-X64: Toolbar BHO: {d3b02e0d-c0a3-4fcf-9a3e-82e6002a19c3} - C:\PROGRA~2\TVvie_4g\bar\1.bin\4gbar.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Lexmark Toolbar: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll

TB-X64: TVvie: {5fc8ff1f-c136-4abb-9a78-9c7cd19d21e2} - C:\Program Files (x86)\TVvie_4g\bar\1.bin\4gbar.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coIEPlg.dll

TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Trigger New Acer AlaunchX] c:\Acer\Preload\Command\AlaunchX\AppInRun.exe

mRun-x64: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Gateway\traybar.exe"

mRun-x64: [eRecoveryService]

mRun-x64: [PhotoExplosionCalCheck] C:\Program Files (x86)\Nova Development\Photo Explosion 3.0 SE\calcheck.exe

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime

mRun-x64: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"

mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

mRun-x64: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

mRun-x64: [TVvie_4g Browser Plugin Loader] C:\PROGRA~2\TVvie_4g\bar\1.bin\4gbrmon.exe

mRun-x64: [ALUAlert] "c:\Program Files (x86)\Symantec\LiveUpdate\ALuNotify.exe" "/LOWDISKSPACE C"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe /s

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111210.003\BHDrvx64.sys [2011-12-10 1156216]

R1 GIDv2;GIDv2;C:\Windows\system32\drivers\GIDv2.sys --> C:\Windows\system32\drivers\GIDv2.sys [?]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111220.001\IDSviA64.sys [2011-12-20 488568]

R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMTDIV.SYS --> C:\Windows\system32\Drivers\N360x64\0501000.01D\SYMTDIV.SYS [?]

R2 ETService;Empowering Technology Service;C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe [2008-10-31 24576]

R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

R2 IDVaultSvc;CGPS Service;C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe [2011-12-17 63048]

R2 lxdf_device;lxdf_device;C:\Windows\system32\lxdfcoms.exe -service --> C:\Windows\system32\lxdfcoms.exe -service [?]

R2 lxeb_device;lxeb_device;C:\Windows\system32\lxebcoms.exe -service --> C:\Windows\system32\lxebcoms.exe -service [?]

R2 lxebCATSCustConnectService;lxebCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxebserv.exe [2010-1-18 33960]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-19 366152]

R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe [2011-12-21 130008]

R2 TVvie_4gService;TVvie Service;C:\PROGRA~2\TVvie_4g\bar\1.bin\4gbarsvc.exe [2011-5-12 36864]

R3 CAXHWAZL;CAXHWAZL;C:\Windows\system32\DRIVERS\CAXHWAZL.sys --> C:\Windows\system32\DRIVERS\CAXHWAZL.sys [?]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-12-19 17152]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]

R3 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2mdx64.sys --> C:\Windows\system32\DRIVERS\o2mdx64.sys [?]

R3 O2SDRDR;O2SDRDR;C:\Windows\system32\DRIVERS\o2sdx64.sys --> C:\Windows\system32\DRIVERS\o2sdx64.sys [?]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]

R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-11-3 2152152]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-25 89920]

.

=============== File Associations ===============

.

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2011-12-21 22:22:53 432760 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symtdiv.sys

2011-12-21 22:22:52 912504 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symefa64.sys

2011-12-21 22:22:52 744568 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\srtsp64.sys

2011-12-21 22:22:52 450680 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symds64.sys

2011-12-21 22:22:52 40568 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\srtspx64.sys

2011-12-21 22:22:52 382584 ----a-w- C:\Windows\System32\drivers\N360x64\0501000.01D\symnets.sys

2011-12-21 22:22:51 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0501000.01D\ironx64.sys

2011-12-21 22:22:21 -------- d-----w- C:\Windows\System32\drivers\N360x64\0501000.01D

2011-12-21 22:18:03 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2011-12-21 22:17:59 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2011-12-21 22:17:58 -------- d-----w- C:\Program Files\Symantec

2011-12-21 22:17:58 -------- d-----w- C:\Program Files\Common Files\Symantec Shared

2011-12-21 22:17:19 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2011-12-21 22:17:10 -------- d-----w- C:\Windows\System32\drivers\N360x64

2011-12-21 22:17:09 -------- d-----w- C:\Program Files (x86)\Norton Security Suite

2011-12-21 22:16:38 -------- d-----w- C:\ProgramData\NortonInstaller

2011-12-21 22:16:38 -------- d-----w- C:\Program Files (x86)\NortonInstaller

2011-12-21 22:13:45 -------- d-----w- C:\ProgramData\Norton

2011-12-21 21:50:41 -------- d-----w- C:\Users\TERRY\AppData\Local\ID Vault

2011-12-21 21:50:41 -------- d-----w- C:\ProgramData\IsolatedStorage

2011-12-21 21:50:09 -------- d-----w- C:\Users\TERRY\AppData\Roaming\ID Vault

2011-12-21 21:49:42 29288 ------w- C:\Windows\System32\drivers\gidv2.sys

2011-12-21 21:49:41 65816 ------w- C:\Windows\System32\GIDLogonCP64.dll

2011-12-21 21:49:41 446752 ------w- C:\Windows\System32\GIDHookLogon64.dll

2011-12-21 21:49:41 109064 ------w- C:\Windows\System32\EasyHook64.dll

2011-12-21 21:49:40 467224 ------w- C:\Windows\System32\GIDHOOK64.DLL

2011-12-21 21:49:40 206608 ------w- C:\Windows\System32\GIDBIN1.DLL

2011-12-21 21:49:40 102160 ------w- C:\Windows\System32\GIDBIN3.DLL

2011-12-21 21:49:38 -------- d-----w- C:\ProgramData\GID

2011-12-21 21:49:31 -------- d-----w- C:\Program Files (x86)\SFT

2011-12-21 21:49:02 -------- d-----w- C:\Program Files (x86)\Constant Guard Protection Suite

2011-12-21 21:48:47 -------- d-----w- C:\ProgramData\White Sky, Inc

2011-12-20 23:50:10 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2011-12-20 23:50:10 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2011-12-20 23:17:01 -------- d-----w- C:\Users\TERRY\AppData\Roaming\Curiolab

2011-12-20 05:11:11 16432 ----a-w- C:\Windows\System32\lsdelete.exe

2011-12-20 04:22:12 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys

2011-12-20 04:19:26 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys

2011-12-20 04:19:11 -------- d-----w- C:\Program Files (x86)\Lavasoft

2011-12-19 23:01:55 -------- d-----w- C:\Users\TERRY\AppData\Roaming\Malwarebytes

2011-12-19 23:01:47 -------- d-----w- C:\ProgramData\Malwarebytes

2011-12-19 23:01:43 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-12-19 23:01:42 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-12-17 04:53:39 85504 ----a-w- C:\Windows\System32\csrsrv.dll

2011-12-17 04:53:37 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2011-12-17 04:53:37 2048 ----a-w- C:\Windows\System32\tzres.dll

2011-12-17 04:53:33 559616 ----a-w- C:\Windows\System32\EncDec.dll

2011-12-17 04:53:33 429056 ----a-w- C:\Windows\SysWow64\EncDec.dll

2011-12-17 04:53:32 2764800 ----a-w- C:\Windows\System32\win32k.sys

2011-12-17 04:53:31 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat

2011-12-17 04:53:31 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat

2011-12-10 19:09:19 1409 ----a-w- C:\Windows\QTFont.for

2011-12-08 03:11:21 1507328 ----a-w- C:\ProgramData\SPL65A.tmp

2011-12-03 18:59:14 0 ---ha-w- C:\Users\TERRY\AppData\Local\BIT96E3.tmp

2011-11-27 01:56:22 -------- d-----w- C:\Users\TERRY\AppData\Local\APN

2011-11-27 01:55:49 -------- d-----w- C:\Program Files (x86)\EpicPlay

.

==================== Find3M ====================

.

2011-12-21 21:55:48 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll

2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-10-18 02:51:31 11225273 ----a-w- C:\ProgramData\SPLAC39.tmp

.

============= FINISH: 17:02:15.79 ===============

attach.txt

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 10/31/2008 5:12:48 AM

System Uptime: 12/21/2011 4:24:58 PM (1 hours ago)

.

Motherboard: Gateway | |

Processor: AMD Turion X2 Dual-Core Mobile RM-72 | Socket M2/S1G1 | 1100/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 70 GiB total, 2.547 GiB free.

D: is FIXED (NTFS) - 70 GiB total, 69.242 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP362: 12/21/2011 4:48:53 PM - Installed HiJackThis

RP363: 12/21/2011 4:57:18 PM - Removed HiJackThis

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

ABBYY FineReader 6.0 Sprint

Acrobat.com

Ad-Aware

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader 9.4.7

AMD USB Audio Driver Filter

Apple Software Update

AQUAZONE DESKTOP GARDEN

ArcSoft MediaImpression for Kodak

Bing Rewards Client Installer

Camera Assistant Software for Gateway

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center Localization Chinese Standard

Catalyst Control Center Localization Chinese Traditional

Catalyst Control Center Localization Czech

Catalyst Control Center Localization Danish

Catalyst Control Center Localization Dutch

Catalyst Control Center Localization Finnish

Catalyst Control Center Localization French

Catalyst Control Center Localization German

Catalyst Control Center Localization Greek

Catalyst Control Center Localization Hungarian

Catalyst Control Center Localization Italian

Catalyst Control Center Localization Japanese

Catalyst Control Center Localization Korean

Catalyst Control Center Localization Norwegian

Catalyst Control Center Localization Polish

Catalyst Control Center Localization Portuguese

Catalyst Control Center Localization Russian

Catalyst Control Center Localization Spanish

Catalyst Control Center Localization Swedish

Catalyst Control Center Localization Thai

Catalyst Control Center Localization Turkish

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Compatibility Pack for the 2007 Office system

Constant Guard Protection Suite

Coupon Printer for Windows

CyberLink LabelPrint

CyberLink Power2Go

DHTML Editing Component

EpicPlay

Family Tree Heritage

Family Tree Heritage Collaboration Support

GameXN GO

Gateway Games

Gateway Recovery Management

GearDrvs

GuardedID

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hoyle Casino

Hoyle Puzzle and Board Games

Java Auto Updater

Java 6 Update 24

Lexmark Printable Web

Lexmark Toolbar

Lexmark Tools for Office

Malwarebytes' Anti-Malware version 1.51.2.1300

Microsoft Default Manager

Microsoft Money Shared Libraries

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft UI Engine

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Web Publishing Wizard 1.52

Microsoft Works

Mozilla Sunbird (0.9)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Napster

Napster Burn Engine

Norton Security Suite

Photo Explosion 3.0 Special Edition

Professor Teaches Windows Vista Premium

QuickTime

Reader Library by Sony

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Serif DrawPlus X2

Serif PanoramaPlus 3

Serif PhotoPlus X2

Skins

Skype Click to Call

Skype™ 5.5

Total 3D Home and Landscape Deluxe Suite

TVvie

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update Installer for WildTangent Games App

WildTangent Games App (Gateway Games)

.

==== Event Viewer Messages From Past Week ========

.

12/21/2011 4:40:27 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

12/21/2011 4:27:46 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

12/21/2011 3:59:42 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

12/21/2011 3:50:23 PM, Error: Service Control Manager [7030] - The CGPS Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

12/20/2011 5:21:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

12/20/2011 5:21:03 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

12/20/2011 4:56:47 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/19/2011 6:35:10 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

12/19/2011 6:35:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

12/19/2011 5:36:06 PM, Error: EventLog [6008] - The previous system shutdown at 5:33:57 PM on 12/19/2011 was unexpected.

12/19/2011 4:59:34 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

12/19/2011 4:59:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

12/19/2011 4:59:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

12/19/2011 4:58:53 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: eeCtrl spldr SRTSPX SYMTDI Wanarpv6

12/19/2011 4:58:53 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

12/19/2011 4:58:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

12/19/2011 4:58:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

12/19/2011 4:57:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

12/19/2011 10:22:48 PM, Error: Service Control Manager [7034] - The Application Updater service terminated unexpectedly. It has done this 1 time(s).

12/18/2011 3:26:12 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC eeCtrl NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr SRTSPX SymIM SYMTDI tdx Wanarpv6

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.

12/18/2011 3:24:50 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.

12/18/2011 3:24:36 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}

12/18/2011 3:24:36 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}

12/18/2011 3:23:38 AM, Error: EventLog [6008] - The previous system shutdown at 3:20:39 AM on 12/18/2011 was unexpected.

12/18/2011 2:23:31 AM, Error: Service Control Manager [7023] - The Windows Modules Installer service terminated with the following error: Log space is exhausted.

12/18/2011 1:46:58 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office PowerPoint 2007 (KB2596764).

12/18/2011 1:40:48 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office Excel 2007 (KB2596596).

12/16/2011 11:02:13 PM, Error: EventLog [6008] - The previous system shutdown at 10:59:39 PM on 12/16/2011 was unexpected.

12/16/2011 10:50:31 PM, Error: O2SDRDR [117] -

.

==== End Of File ===========================

DDS.txt

Attach.txt

[MrCharlie]

Welcome to the forum.

Go to your control panels add/remove programs and uninstall:

TVvie

Reboot and .......

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTL.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC

[mlott132]

otl.txt

OTL Extras logfile created on: 12/22/2011 4:32:13 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\TERRY\Desktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 35.93% Memory free

7.69 Gb Paging File | 5.15 Gb Available in Paging File | 67.01% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 69.52 Gb Total Space | 14.95 Gb Free Space | 21.50% Space Free | Partition Type: NTFS

Drive D: | 69.52 Gb Total Space | 69.24 Gb Free Space | 99.59% Space Free | Partition Type: NTFS

Computer Name: TERRY-PC | User Name: TERRY | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

"VistaSp2" = 7A 7C 7D 99 FE 9A CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{13A1DEE7-1A14-403F-B497-CF42426CA011}" = rport=445 | protocol=6 | dir=out | app=system |

"{166ED66F-9F80-4505-889B-C0592157E1C4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{3FCF5329-EE41-4793-AD45-062E2F6A65D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{4CB77A14-E8DA-41A8-BEE3-9A152E454AA8}" = lport=138 | protocol=17 | dir=in | app=system |

"{8721F367-BAF6-4996-A0F2-C59690E9E5AD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{93728D79-1645-434F-BC84-1B9CF7311BFA}" = rport=138 | protocol=17 | dir=out | app=system |

"{9CE6020D-12DD-4FF7-8AA8-0E4969A24F55}" = lport=139 | protocol=6 | dir=in | app=system |

"{B9DDA3F1-07C7-4300-AC36-2781D780FE4F}" = rport=139 | protocol=6 | dir=out | app=system |

"{C8A7600A-E0C5-4FA4-B1B7-D9296371B681}" = lport=8097 | protocol=6 | dir=in | name=earthlink uhp modem support |

"{E549AAC3-4FFD-4837-8FCB-073C2729749C}" = lport=445 | protocol=6 | dir=in | app=system |

"{F54B4517-A961-489E-A683-4B2357F11978}" = lport=2869 | protocol=6 | dir=in | app=system |

"{F6CB9FC0-3471-424C-8C58-214C82F82907}" = lport=137 | protocol=17 | dir=in | app=system |

"{F7635589-05E9-44A7-B424-E852660A7718}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02B76C05-F813-4F7B-91A3-120FF682B07A}" = protocol=17 | dir=in | app=c:\program files (x86)\earthlink totalaccess\taskpanl.exe |

"{14199CD8-6661-4E41-B0A4-459CD7E85734}" = protocol=6 | dir=in | app=c:\users\terry\appdata\local\temp\lxdf\wireless\english\lxdfwpss.exe |

"{1B4E7558-D1B6-4544-AD4F-167AFDBBB0B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{27312A51-009C-4FDE-B100-77CEA04DB65F}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfjswx.exe |

"{290E7F24-CC2F-474F-8AF5-4076202E05E8}" = dir=in | app=c:\windows\system32\lxebcoms.exe |

"{369A22BF-142F-4099-ABEC-2113CBFDDF72}" = protocol=17 | dir=in | app=c:\windows\system32\lxdfcfg.exe |

"{37E9F06D-A89E-403D-B335-E4EFC72B76CA}" = dir=in | app=c:\windows\system32\lxebcoms.exe |

"{39ED1706-5FD4-458F-9850-811CA9667438}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdfcoms.exe |

"{3D91E00D-1AFC-4768-92D8-74CAB353E395}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{40C09322-B8D9-4333-8F71-9CB4DBC7CC28}" = protocol=17 | dir=in | app=c:\users\terry\appdata\local\temp\lxdf\wireless\english\lxdfwpss.exe |

"{46498B80-A018-43F3-B6A4-2D9237CEC303}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe |

"{4652EF79-F0FF-4C91-B723-83F40732D8FC}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe |

"{4C1C513C-5D81-47C7-AAC8-271CC1AEED93}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{4C6B9926-6A7F-480D-BEB1-5F54E3DFBA50}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{50B47AEA-4387-4F34-871F-3C0947D47309}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{5F885062-6D09-4349-979D-83CC9D870845}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfjswx.exe |

"{6E80529B-7EFF-4C40-AC51-BB85280F70F9}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe |

"{7524C38E-28A2-47ED-A2E9-ED7D232FE922}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe |

"{794D5A4D-37C1-40FC-B069-842621B94A52}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{7C07A56B-B076-4BED-8549-FDFAA87C018F}" = protocol=17 | dir=in | app=c:\windows\system32\lxdfcoms.exe |

"{7D4D8BC6-D4EF-4761-9841-6958FD4449F5}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe |

"{80D94C69-3A2E-4662-9FF7-1E8C6EF35D28}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe |

"{8536C422-6E7A-4695-8493-62E1A9AD7BC4}" = protocol=6 | dir=in | app=c:\windows\system32\lxdfcfg.exe |

"{910B5D0B-A43C-4314-B6BE-B6CB2DE68443}" = dir=in | app=c:\program files (x86)\msn messenger\livecall.exe |

"{95B8E9FA-2CC9-4234-8AD9-668646395519}" = protocol=6 | dir=in | app=c:\windows\system32\lxdfcoms.exe |

"{966D5700-92FE-4900-8CE3-A80248EFC64D}" = dir=in | app=c:\windows\system32\lxebcoms.exe |

"{974E1F18-E025-413E-80F0-B8085D714BB0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{9EDD2C88-8038-447B-9C1A-CA18680E810B}" = dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe |

"{A0EA8728-DCFC-4B8C-98EB-D3298C5CF0DF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{B2CA7427-29F8-4E9A-BB96-5C0243B2C6DE}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe |

"{BB8C18E6-00C6-41DC-8C21-9DC0C86866B4}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdfcoms.exe |

"{C88AC799-3ADD-463F-8DB7-62B2CD3F2FFD}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdftime.exe |

"{D07BC0F2-8030-4240-9B16-71395B76FCEA}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdftime.exe |

"{DDAB485A-17EA-4E7E-89B1-205E2F389474}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe |

"{DE09C007-6CD3-4F7D-9930-46169DA037BF}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe |

"{E28F7904-304F-479D-9A44-4A2B5E852BE2}" = protocol=6 | dir=in | app=c:\program files (x86)\earthlink totalaccess\taskpanl.exe |

"{F2068C89-000C-400B-A70B-D83C17AB64A0}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe |

"{FBD4B1F0-D792-4F86-88F7-E36105B9F5E8}" = dir=in | app=c:\windows\system32\lxebcoms.exe |

"{FF22783D-4270-4721-86F7-863A00A7B1BF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{5254156F-AA77-499A-B7C1-D5581D44E788}" = Marvell Miniport Driver

"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{A1417AC5-5D45-4B10-A391-FFECD3BE6BA9}" = O2Micro Flash Memory Card Reader Driver (x64)

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D454E8CA-7926-8B8F-147D-E5C2D1BFE850}" = ccc-utility64

"{E49D58C9-4FC5-4A87-AA45-2B1A0BA95322}" = ATI Catalyst Install Manager

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CNXT_AUDIO_HDA" = Conexant HD Audio

"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP

"doPDF 6 printer_is1" = doPDF 6.2 printer

"Lexmark Pro200-S500 Series" = Lexmark Pro200-S500 Series

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"PDF-XChange 3_is1" = PDF-XChange 3

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR

"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime

"{0BDF0D64-0791-D5C8-8904-177D50152818}" = Catalyst Control Center Graphics Previews Vista

"{0BFC5CD5-166D-FB21-8382-B439FFB67455}" = CCC Help Chinese Traditional

"{0C08F3FD-4639-D634-0B7A-6DA2547FCD0F}" = Catalyst Control Center Graphics Full New

"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar

"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office

"{1207CB6C-E041-3A8B-7ECF-246C8B75EDE2}" = CCC Help Polish

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{1C3FCB4B-F5F0-089E-3B9F-12BD9A6B19DD}" = CCC Help French

"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager

"{21DFBF7E-DC05-4E87-A7D1-D5631A23ECED}" = AQUAZONE DESKTOP GARDEN

"{2673C091-F2CC-68F0-90A8-544A4A1C70FA}" = Catalyst Control Center Localization Russian

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24

"{27C60509-23A7-BB98-5456-FD297A543FF5}" = Catalyst Control Center Localization Thai

"{28326C0E-6F73-4E06-C5AD-E5DCA8206887}" = CCC Help Japanese

"{2849583C-1839-05AC-17EE-BEB8863DC015}" = Catalyst Control Center Localization Swedish

"{2E5B7C38-EEFB-D89C-D5CD-E4F24AA0575A}" = Catalyst Control Center Localization Czech

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3018B943-C76C-44B0-B078-790A28CEF67E}" = Microsoft UI Engine

"{322DD63E-D33C-065F-64E3-8B24C0383832}" = CCC Help Danish

"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway

"{39BC4A43-061F-8405-CAF2-0B342EFFC57A}" = Catalyst Control Center Core Implementation

"{3A000E8A-594B-475B-B05D-D0228E03D4F2}" = Catalyst Control Center Localization Hungarian

"{3BBF8324-0EA6-83EA-3F41-7F4E9EED122E}" = Catalyst Control Center Localization Italian

"{3D53AEE1-FCBC-6944-7B7A-E70530B2B552}" = Catalyst Control Center Localization Chinese Traditional

"{3F99D180-34C3-4151-8C6C-86FC5D7BDFBD}" = Hoyle Casino

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{46A76112-BDB8-EBD5-B929-1A982B2A9A9C}" = CCC Help Thai

"{47F2684A-EC51-A92A-DDC1-2FF6A8504CE5}" = Skins

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4AADCCB4-D071-4A3F-F126-9B97A2A59B72}" = CCC Help Swedish

"{4D013091-3AB7-544E-B9AE-AC66CFB06ED2}" = Catalyst Control Center Localization Korean

"{4D9DD45B-E79A-4F04-898E-B2C3769AB729}" = Serif DrawPlus X2

"{502BAC44-1AC4-E228-2AAA-E4A1C7CEF223}" = Catalyst Control Center Localization Portuguese

"{50BD0B15-5197-4EAF-8BCD-81117D1324B1}" = Family Tree Heritage Collaboration Support

"{5577FFE3-E0A2-7EF6-614A-5167C894F60E}" = Catalyst Control Center Localization Japanese

"{55CB46D1-0D47-3556-B7B1-A03F451B8BC4}" = Catalyst Control Center Localization Spanish

"{5BED7068-888C-91E6-9956-1368859ADA6F}" = Catalyst Control Center Localization Chinese Standard

"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries

"{60B1CD71-1338-C995-7404-FAFB405C61B7}" = CCC Help Hungarian

"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer

"{64893BC9-D912-4A2D-A47A-E38650112781}" = Serif PanoramaPlus 3

"{6A53188E-FA39-01F6-7810-8F6058F524F0}" = Catalyst Control Center Localization Norwegian

"{6CC271F8-0F8E-CCA8-531B-8A2EA5A15350}" = CCC Help English

"{6FE52CBC-91F2-3A7C-7911-B8F50316C57A}" = CCC Help Portuguese

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-gateway" = WildTangent Games App (Gateway Games)

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71B32D19-0A2A-D4E3-06E1-3C4CDAA08061}" = CCC Help Korean

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{73EDA479-0AC7-FB96-3553-988A6176B6AD}" = Catalyst Control Center Localization Polish

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{7D94AAAF-906C-F427-335B-528BD6614664}" = ccc-core-static

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management

"{893C8307-1FB4-38AF-C514-5596EB63B23C}" = Catalyst Control Center Graphics Light

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B90C62B-6940-880D-5EB0-F345529BE772}" = CCC Help Russian

"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine

"{8E3D2DDE-9F57-1FA6-4FD9-F1E00B35815A}" = Catalyst Control Center Localization Greek

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{9191979D-821C-4EA8-B021-2DA1D859A7C5}" = GuardedID

"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{98C2E677-2329-6997-C917-B4E1EB82204F}" = Catalyst Control Center Localization Danish

"{9DEDFA43-1EF3-9DE9-A22A-45BEED0DC85E}" = CCC Help Spanish

"{9F3C325B-4F1A-6895-821E-B95230861363}" = CCC Help Dutch

"{A260B422-70E1-41E2-957D-F76FA21266D5}" = Apple Software Update

"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter

"{A98788C1-8CB6-401F-4FB8-EA51F6FB875D}" = Catalyst Control Center Localization German

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.7

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{B399A079-EBF8-8A2D-2F32-D6872F7F33C6}" = Catalyst Control Center Localization Finnish

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B70E5793-F912-4C62-AFE2-C4F0B078FD31}" = Reader Library by Sony

"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster

"{BC0B1721-9FF5-E1E0-B76D-FD9DBC4A585A}" = CCC Help Italian

"{C304A027-8FF4-C996-B42E-6B793C62C26C}" = CCC Help Norwegian

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C778BD4F-0DEA-4D39-B7C1-992E1BFFD351}" = Photo Explosion 3.0 Special Edition

"{CA72A82C-7DBC-4814-8CCB-E5BFAC59FAEF}" = ArcSoft MediaImpression for Kodak

"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs

"{CC735442-681B-C508-644B-BCEA9E84AD1C}" = CCC Help German

"{D11BCEFE-6EB6-2BAE-56E7-98E991A126F8}" = CCC Help Greek

"{D2634429-551C-83D9-2146-9D5F73866A45}" = CCC Help Czech

"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web

"{D57F8A1D-2353-AAE2-550D-9911428AD035}" = CCC Help Finnish

"{DF4F05E6-4372-CFAA-9E0B-5328E77B89CC}" = Catalyst Control Center Graphics Full Existing

"{DFC7E5A7-0FD4-EBE5-0BD3-0CAE92D2EB58}" = CCC Help Turkish

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E5473A00-9960-C463-051F-94B49D4B8403}" = Catalyst Control Center Localization French

"{ED301157-F110-723F-9010-F42D4FEC5101}" = Catalyst Control Center Localization Turkish

"{EE09948F-A299-F4F2-186A-1B86BBEE7447}" = CCC Help Chinese Standard

"{EF44638E-D4EF-7110-4596-EECA30E6EEE3}" = Catalyst Control Center Localization Dutch

"{F8024EB8-5B34-46FE-B15D-20ACF26FC20E}" = Hoyle Puzzle and Board Games

"{FC935397-C56E-4EE3-B9BC-1F7F3EA6CE41}" = Serif PhotoPlus X2

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows

"EpicPlay" = EpicPlay

"Family Tree Heritage" = Family Tree Heritage

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"ID Vault" = Constant Guard Protection Suite

"InstallShield_{50BD0B15-5197-4EAF-8BCD-81117D1324B1}" = Family Tree Heritage Collaboration Support

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300

"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)

"N360" = Norton Security Suite

"Professor Teaches Windows Vista Premium" = Professor Teaches Windows Vista Premium

"Total 3D Home and Landscape Deluxe Suite" = Total 3D Home and Landscape Deluxe Suite

"WebPost" = Microsoft Web Publishing Wizard 1.52

"WildTangent gateway Master Uninstall" = Gateway Games

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1558845740-2615022061-3524861312-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Game Organizer" = GameXN GO

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 3/20/2011 10:09:44 PM | Computer Name = TERRY-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 3/20/2011 10:09:40 PM | Computer Name = TERRY-PC | Source = WinMgmt | ID = 10

Description =

Error - 3/20/2011 10:28:28 PM | Computer Name = TERRY-PC | Source = MsiInstaller | ID = 1013

Description =

Error - 3/20/2011 10:30:05 PM | Computer Name = TERRY-PC | Source = EventSystem | ID = 4621

Description =

Error - 3/20/2011 10:31:44 PM | Computer Name = TERRY-PC | Source = WinMgmt | ID = 10

Description =

Error - 3/20/2011 10:31:46 PM | Computer Name = TERRY-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 3/20/2011 10:31:51 PM | Computer Name = TERRY-PC | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp

0x4d0c3d4c, faulting module kernel32.dll, version 6.0.6002.18005, time stamp 0x49e038c0,

exception code 0xe06d7363, fault offset 0x0001e124, process id 0x36c, application

start time 0x01cbe770202c88b0.

Error - 3/20/2011 10:34:32 PM | Computer Name = TERRY-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 3/20/2011 10:34:33 PM | Computer Name = TERRY-PC | Source = WinMgmt | ID = 10

Description =

Error - 3/20/2011 10:39:29 PM | Computer Name = TERRY-PC | Source = EventSystem | ID = 4621

Description =

[ Media Center Events ]

Error - 7/20/2009 7:27:05 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 9/7/2009 5:28:53 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 3/13/2010 11:30:32 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 3/27/2010 11:39:39 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/19/2011 10:17:31 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/20/2011 8:59:07 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]

Error - 12/21/2011 9:53:29 PM | Computer Name = TERRY-PC | Source = volsnap | ID = 393252

Description = The shadow copies of volume C: were aborted because the shadow copy

storage could not grow due to a user imposed limit.

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = DCOM | ID = 10005

Description =

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7009

Description =

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7009

Description =

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 12/21/2011 11:16:59 PM | Computer Name = TERRY-PC | Source = DCOM | ID = 10016

Description =

Error - 12/21/2011 11:20:35 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7022

Description =

Error - 12/22/2011 6:25:01 PM | Computer Name = TERRY-PC | Source = DCOM | ID = 10016

Description =

Error - 12/22/2011 6:28:57 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7022

Description =

< End of report >

[mlott132]

extras.txt

OTL Extras logfile created on: 12/22/2011 4:32:13 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\TERRY\Desktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 35.93% Memory free

7.69 Gb Paging File | 5.15 Gb Available in Paging File | 67.01% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 69.52 Gb Total Space | 14.95 Gb Free Space | 21.50% Space Free | Partition Type: NTFS

Drive D: | 69.52 Gb Total Space | 69.24 Gb Free Space | 99.59% Space Free | Partition Type: NTFS

Computer Name: TERRY-PC | User Name: TERRY | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

"VistaSp2" = 7A 7C 7D 99 FE 9A CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{13A1DEE7-1A14-403F-B497-CF42426CA011}" = rport=445 | protocol=6 | dir=out | app=system |

"{166ED66F-9F80-4505-889B-C0592157E1C4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{3FCF5329-EE41-4793-AD45-062E2F6A65D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{4CB77A14-E8DA-41A8-BEE3-9A152E454AA8}" = lport=138 | protocol=17 | dir=in | app=system |

"{8721F367-BAF6-4996-A0F2-C59690E9E5AD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{93728D79-1645-434F-BC84-1B9CF7311BFA}" = rport=138 | protocol=17 | dir=out | app=system |

"{9CE6020D-12DD-4FF7-8AA8-0E4969A24F55}" = lport=139 | protocol=6 | dir=in | app=system |

"{B9DDA3F1-07C7-4300-AC36-2781D780FE4F}" = rport=139 | protocol=6 | dir=out | app=system |

"{C8A7600A-E0C5-4FA4-B1B7-D9296371B681}" = lport=8097 | protocol=6 | dir=in | name=earthlink uhp modem support |

"{E549AAC3-4FFD-4837-8FCB-073C2729749C}" = lport=445 | protocol=6 | dir=in | app=system |

"{F54B4517-A961-489E-A683-4B2357F11978}" = lport=2869 | protocol=6 | dir=in | app=system |

"{F6CB9FC0-3471-424C-8C58-214C82F82907}" = lport=137 | protocol=17 | dir=in | app=system |

"{F7635589-05E9-44A7-B424-E852660A7718}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02B76C05-F813-4F7B-91A3-120FF682B07A}" = protocol=17 | dir=in | app=c:\program files (x86)\earthlink totalaccess\taskpanl.exe |

"{14199CD8-6661-4E41-B0A4-459CD7E85734}" = protocol=6 | dir=in | app=c:\users\terry\appdata\local\temp\lxdf\wireless\english\lxdfwpss.exe |

"{1B4E7558-D1B6-4544-AD4F-167AFDBBB0B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{27312A51-009C-4FDE-B100-77CEA04DB65F}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfjswx.exe |

"{290E7F24-CC2F-474F-8AF5-4076202E05E8}" = dir=in | app=c:\windows\system32\lxebcoms.exe |

"{369A22BF-142F-4099-ABEC-2113CBFDDF72}" = protocol=17 | dir=in | app=c:\windows\system32\lxdfcfg.exe |

"{37E9F06D-A89E-403D-B335-E4EFC72B76CA}" = dir=in | app=c:\windows\system32\lxebcoms.exe |

"{39ED1706-5FD4-458F-9850-811CA9667438}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdfcoms.exe |

"{3D91E00D-1AFC-4768-92D8-74CAB353E395}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{40C09322-B8D9-4333-8F71-9CB4DBC7CC28}" = protocol=17 | dir=in | app=c:\users\terry\appdata\local\temp\lxdf\wireless\english\lxdfwpss.exe |

"{46498B80-A018-43F3-B6A4-2D9237CEC303}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe |

"{4652EF79-F0FF-4C91-B723-83F40732D8FC}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe |

"{4C1C513C-5D81-47C7-AAC8-271CC1AEED93}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{4C6B9926-6A7F-480D-BEB1-5F54E3DFBA50}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{50B47AEA-4387-4F34-871F-3C0947D47309}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{5F885062-6D09-4349-979D-83CC9D870845}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfjswx.exe |

"{6E80529B-7EFF-4C40-AC51-BB85280F70F9}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe |

"{7524C38E-28A2-47ED-A2E9-ED7D232FE922}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe |

"{794D5A4D-37C1-40FC-B069-842621B94A52}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |

"{7C07A56B-B076-4BED-8549-FDFAA87C018F}" = protocol=17 | dir=in | app=c:\windows\system32\lxdfcoms.exe |

"{7D4D8BC6-D4EF-4761-9841-6958FD4449F5}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe |

"{80D94C69-3A2E-4662-9FF7-1E8C6EF35D28}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfmon.exe |

"{8536C422-6E7A-4695-8493-62E1A9AD7BC4}" = protocol=6 | dir=in | app=c:\windows\system32\lxdfcfg.exe |

"{910B5D0B-A43C-4314-B6BE-B6CB2DE68443}" = dir=in | app=c:\program files (x86)\msn messenger\livecall.exe |

"{95B8E9FA-2CC9-4234-8AD9-668646395519}" = protocol=6 | dir=in | app=c:\windows\system32\lxdfcoms.exe |

"{966D5700-92FE-4900-8CE3-A80248EFC64D}" = dir=in | app=c:\windows\system32\lxebcoms.exe |

"{974E1F18-E025-413E-80F0-B8085D714BB0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{9EDD2C88-8038-447B-9C1A-CA18680E810B}" = dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe |

"{A0EA8728-DCFC-4B8C-98EB-D3298C5CF0DF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{B2CA7427-29F8-4E9A-BB96-5C0243B2C6DE}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdfamon.exe |

"{BB8C18E6-00C6-41DC-8C21-9DC0C86866B4}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdfcoms.exe |

"{C88AC799-3ADD-463F-8DB7-62B2CD3F2FFD}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdftime.exe |

"{D07BC0F2-8030-4240-9B16-71395B76FCEA}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdftime.exe |

"{DDAB485A-17EA-4E7E-89B1-205E2F389474}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 6500 series\lxdffax.exe |

"{DE09C007-6CD3-4F7D-9930-46169DA037BF}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 6500 series\frun.exe |

"{E28F7904-304F-479D-9A44-4A2B5E852BE2}" = protocol=6 | dir=in | app=c:\program files (x86)\earthlink totalaccess\taskpanl.exe |

"{F2068C89-000C-400B-A70B-D83C17AB64A0}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdfpswx.exe |

"{FBD4B1F0-D792-4F86-88F7-E36105B9F5E8}" = dir=in | app=c:\windows\system32\lxebcoms.exe |

"{FF22783D-4270-4721-86F7-863A00A7B1BF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{5254156F-AA77-499A-B7C1-D5581D44E788}" = Marvell Miniport Driver

"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{A1417AC5-5D45-4B10-A391-FFECD3BE6BA9}" = O2Micro Flash Memory Card Reader Driver (x64)

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D454E8CA-7926-8B8F-147D-E5C2D1BFE850}" = ccc-utility64

"{E49D58C9-4FC5-4A87-AA45-2B1A0BA95322}" = ATI Catalyst Install Manager

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"CNXT_AUDIO_HDA" = Conexant HD Audio

"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP

"doPDF 6 printer_is1" = doPDF 6.2 printer

"Lexmark Pro200-S500 Series" = Lexmark Pro200-S500 Series

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"PDF-XChange 3_is1" = PDF-XChange 3

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR

"{08094E03-AFE4-4853-9D31-6D0743DF5328}" = QuickTime

"{0BDF0D64-0791-D5C8-8904-177D50152818}" = Catalyst Control Center Graphics Previews Vista

"{0BFC5CD5-166D-FB21-8382-B439FFB67455}" = CCC Help Chinese Traditional

"{0C08F3FD-4639-D634-0B7A-6DA2547FCD0F}" = Catalyst Control Center Graphics Full New

"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar

"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office

"{1207CB6C-E041-3A8B-7ECF-246C8B75EDE2}" = CCC Help Polish

"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works

"{1C3FCB4B-F5F0-089E-3B9F-12BD9A6B19DD}" = CCC Help French

"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager

"{21DFBF7E-DC05-4E87-A7D1-D5631A23ECED}" = AQUAZONE DESKTOP GARDEN

"{2673C091-F2CC-68F0-90A8-544A4A1C70FA}" = Catalyst Control Center Localization Russian

"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24

"{27C60509-23A7-BB98-5456-FD297A543FF5}" = Catalyst Control Center Localization Thai

"{28326C0E-6F73-4E06-C5AD-E5DCA8206887}" = CCC Help Japanese

"{2849583C-1839-05AC-17EE-BEB8863DC015}" = Catalyst Control Center Localization Swedish

"{2E5B7C38-EEFB-D89C-D5CD-E4F24AA0575A}" = Catalyst Control Center Localization Czech

"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3018B943-C76C-44B0-B078-790A28CEF67E}" = Microsoft UI Engine

"{322DD63E-D33C-065F-64E3-8B24C0383832}" = CCC Help Danish

"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway

"{39BC4A43-061F-8405-CAF2-0B342EFFC57A}" = Catalyst Control Center Core Implementation

"{3A000E8A-594B-475B-B05D-D0228E03D4F2}" = Catalyst Control Center Localization Hungarian

"{3BBF8324-0EA6-83EA-3F41-7F4E9EED122E}" = Catalyst Control Center Localization Italian

"{3D53AEE1-FCBC-6944-7B7A-E70530B2B552}" = Catalyst Control Center Localization Chinese Traditional

"{3F99D180-34C3-4151-8C6C-86FC5D7BDFBD}" = Hoyle Casino

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{46A76112-BDB8-EBD5-B929-1A982B2A9A9C}" = CCC Help Thai

"{47F2684A-EC51-A92A-DDC1-2FF6A8504CE5}" = Skins

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4AADCCB4-D071-4A3F-F126-9B97A2A59B72}" = CCC Help Swedish

"{4D013091-3AB7-544E-B9AE-AC66CFB06ED2}" = Catalyst Control Center Localization Korean

"{4D9DD45B-E79A-4F04-898E-B2C3769AB729}" = Serif DrawPlus X2

"{502BAC44-1AC4-E228-2AAA-E4A1C7CEF223}" = Catalyst Control Center Localization Portuguese

"{50BD0B15-5197-4EAF-8BCD-81117D1324B1}" = Family Tree Heritage Collaboration Support

"{5577FFE3-E0A2-7EF6-614A-5167C894F60E}" = Catalyst Control Center Localization Japanese

"{55CB46D1-0D47-3556-B7B1-A03F451B8BC4}" = Catalyst Control Center Localization Spanish

"{5BED7068-888C-91E6-9956-1368859ADA6F}" = Catalyst Control Center Localization Chinese Standard

"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries

"{60B1CD71-1338-C995-7404-FAFB405C61B7}" = CCC Help Hungarian

"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer

"{64893BC9-D912-4A2D-A47A-E38650112781}" = Serif PanoramaPlus 3

"{6A53188E-FA39-01F6-7810-8F6058F524F0}" = Catalyst Control Center Localization Norwegian

"{6CC271F8-0F8E-CCA8-531B-8A2EA5A15350}" = CCC Help English

"{6FE52CBC-91F2-3A7C-7911-B8F50316C57A}" = CCC Help Portuguese

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-gateway" = WildTangent Games App (Gateway Games)

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71B32D19-0A2A-D4E3-06E1-3C4CDAA08061}" = CCC Help Korean

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{73EDA479-0AC7-FB96-3553-988A6176B6AD}" = Catalyst Control Center Localization Polish

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com

"{7D94AAAF-906C-F427-335B-528BD6614664}" = ccc-core-static

"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management

"{893C8307-1FB4-38AF-C514-5596EB63B23C}" = Catalyst Control Center Graphics Light

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B90C62B-6940-880D-5EB0-F345529BE772}" = CCC Help Russian

"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine

"{8E3D2DDE-9F57-1FA6-4FD9-F1E00B35815A}" = Catalyst Control Center Localization Greek

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{9191979D-821C-4EA8-B021-2DA1D859A7C5}" = GuardedID

"{932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}" = Ad-Aware

"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)

"{98C2E677-2329-6997-C917-B4E1EB82204F}" = Catalyst Control Center Localization Danish

"{9DEDFA43-1EF3-9DE9-A22A-45BEED0DC85E}" = CCC Help Spanish

"{9F3C325B-4F1A-6895-821E-B95230861363}" = CCC Help Dutch

"{A260B422-70E1-41E2-957D-F76FA21266D5}" = Apple Software Update

"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter

"{A98788C1-8CB6-401F-4FB8-EA51F6FB875D}" = Catalyst Control Center Localization German

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.7

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{B399A079-EBF8-8A2D-2F32-D6872F7F33C6}" = Catalyst Control Center Localization Finnish

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B70E5793-F912-4C62-AFE2-C4F0B078FD31}" = Reader Library by Sony

"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster

"{BC0B1721-9FF5-E1E0-B76D-FD9DBC4A585A}" = CCC Help Italian

"{C304A027-8FF4-C996-B42E-6B793C62C26C}" = CCC Help Norwegian

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C778BD4F-0DEA-4D39-B7C1-992E1BFFD351}" = Photo Explosion 3.0 Special Edition

"{CA72A82C-7DBC-4814-8CCB-E5BFAC59FAEF}" = ArcSoft MediaImpression for Kodak

"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs

"{CC735442-681B-C508-644B-BCEA9E84AD1C}" = CCC Help German

"{D11BCEFE-6EB6-2BAE-56E7-98E991A126F8}" = CCC Help Greek

"{D2634429-551C-83D9-2146-9D5F73866A45}" = CCC Help Czech

"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web

"{D57F8A1D-2353-AAE2-550D-9911428AD035}" = CCC Help Finnish

"{DF4F05E6-4372-CFAA-9E0B-5328E77B89CC}" = Catalyst Control Center Graphics Full Existing

"{DFC7E5A7-0FD4-EBE5-0BD3-0CAE92D2EB58}" = CCC Help Turkish

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E5473A00-9960-C463-051F-94B49D4B8403}" = Catalyst Control Center Localization French

"{ED301157-F110-723F-9010-F42D4FEC5101}" = Catalyst Control Center Localization Turkish

"{EE09948F-A299-F4F2-186A-1B86BBEE7447}" = CCC Help Chinese Standard

"{EF44638E-D4EF-7110-4596-EECA30E6EEE3}" = Catalyst Control Center Localization Dutch

"{F8024EB8-5B34-46FE-B15D-20ACF26FC20E}" = Hoyle Puzzle and Board Games

"{FC935397-C56E-4EE3-B9BC-1F7F3EA6CE41}" = Serif PhotoPlus X2

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows

"EpicPlay" = EpicPlay

"Family Tree Heritage" = Family Tree Heritage

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"ID Vault" = Constant Guard Protection Suite

"InstallShield_{50BD0B15-5197-4EAF-8BCD-81117D1324B1}" = Family Tree Heritage Collaboration Support

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300

"Mozilla Sunbird (0.9)" = Mozilla Sunbird (0.9)

"N360" = Norton Security Suite

"Professor Teaches Windows Vista Premium" = Professor Teaches Windows Vista Premium

"Total 3D Home and Landscape Deluxe Suite" = Total 3D Home and Landscape Deluxe Suite

"WebPost" = Microsoft Web Publishing Wizard 1.52

"WildTangent gateway Master Uninstall" = Gateway Games

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1558845740-2615022061-3524861312-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Game Organizer" = GameXN GO

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 3/20/2011 10:09:44 PM | Computer Name = TERRY-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 3/20/2011 10:09:40 PM | Computer Name = TERRY-PC | Source = WinMgmt | ID = 10

Description =

Error - 3/20/2011 10:28:28 PM | Computer Name = TERRY-PC | Source = MsiInstaller | ID = 1013

Description =

Error - 3/20/2011 10:30:05 PM | Computer Name = TERRY-PC | Source = EventSystem | ID = 4621

Description =

Error - 3/20/2011 10:31:44 PM | Computer Name = TERRY-PC | Source = WinMgmt | ID = 10

Description =

Error - 3/20/2011 10:31:46 PM | Computer Name = TERRY-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 3/20/2011 10:31:51 PM | Computer Name = TERRY-PC | Source = Application Error | ID = 1000

Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp

0x4d0c3d4c, faulting module kernel32.dll, version 6.0.6002.18005, time stamp 0x49e038c0,

exception code 0xe06d7363, fault offset 0x0001e124, process id 0x36c, application

start time 0x01cbe770202c88b0.

Error - 3/20/2011 10:34:32 PM | Computer Name = TERRY-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083

Description =

Error - 3/20/2011 10:34:33 PM | Computer Name = TERRY-PC | Source = WinMgmt | ID = 10

Description =

Error - 3/20/2011 10:39:29 PM | Computer Name = TERRY-PC | Source = EventSystem | ID = 4621

Description =

[ Media Center Events ]

Error - 7/20/2009 7:27:05 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 9/7/2009 5:28:53 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 3/13/2010 11:30:32 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 3/27/2010 11:39:39 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/19/2011 10:17:31 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 6/20/2011 8:59:07 PM | Computer Name = TERRY-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]

Error - 12/21/2011 9:53:29 PM | Computer Name = TERRY-PC | Source = volsnap | ID = 393252

Description = The shadow copies of volume C: were aborted because the shadow copy

storage could not grow due to a user imposed limit.

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = DCOM | ID = 10005

Description =

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7009

Description =

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7009

Description =

Error - 12/21/2011 10:04:06 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7000

Description =

Error - 12/21/2011 11:16:59 PM | Computer Name = TERRY-PC | Source = DCOM | ID = 10016

Description =

Error - 12/21/2011 11:20:35 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7022

Description =

Error - 12/22/2011 6:25:01 PM | Computer Name = TERRY-PC | Source = DCOM | ID = 10016

Description =

Error - 12/22/2011 6:28:57 PM | Computer Name = TERRY-PC | Source = Service Control Manager | ID = 7022

Description =

< End of report >

[MrCharlie]

OTL.txt <---I need to see this one

You posted the extras twice, MrC

[mlott132]

Sorry about that. Here it is.

OTL logfile created on: 12/22/2011 4:32:13 PM - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\TERRY\Desktop

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 1.35 Gb Available Physical Memory | 35.93% Memory free

7.69 Gb Paging File | 5.15 Gb Available in Paging File | 67.01% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 69.52 Gb Total Space | 14.95 Gb Free Space | 21.50% Space Free | Partition Type: NTFS

Drive D: | 69.52 Gb Total Space | 69.24 Gb Free Space | 99.59% Space Free | Partition Type: NTFS

Computer Name: TERRY-PC | User Name: TERRY | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/22 16:31:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\TERRY\Desktop\OTL.exe

PRC - [2011/12/21 15:55:47 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe

PRC - [2011/12/17 11:15:17 | 000,063,048 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe

PRC - [2011/12/17 11:15:12 | 004,689,992 | ---- | M] (White Sky, Inc.) -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe

PRC - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2011/11/03 12:06:56 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

PRC - [2011/08/31 20:03:18 | 000,347,008 | ---- | M] (EasyBits Software AS) -- C:\ProgramData\GameXN\GameXNGO.exe

PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011/07/05 10:24:06 | 000,395,528 | ---- | M] (StrikeForce Technologies Inc.) -- C:\Program Files (x86)\SFT\GuardedID\GIDD.exe

PRC - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccsvchst.exe

PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

PRC - [2010/08/25 10:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

PRC - [2010/07/13 01:34:46 | 000,906,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe

PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

PRC - [2009/08/10 05:39:06 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe

PRC - [2009/08/10 05:39:04 | 000,766,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe

PRC - [2008/03/28 18:43:42 | 000,638,976 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Gateway\traybar.exe

PRC - [2008/02/15 15:07:48 | 004,840,960 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe

PRC - [2007/02/12 02:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe

PRC - [2006/09/20 11:54:24 | 000,069,632 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Nova Development\Photo Explosion 3.0 SE\CalCheck.exe

========== Modules (No Company Name) ==========

MOD - [2011/12/17 11:15:16 | 000,091,720 | ---- | M] () -- C:\Program Files (x86)\Constant Guard Protection Suite\IdVaultCore.XmlSerializers.dll

MOD - [2011/10/17 19:40:18 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\22e853d2fe1435baa459685dee7ce7b7\WindowsFormsIntegration.ni.dll

MOD - [2011/10/17 19:40:12 | 001,316,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\6dabb1ffbb64fc70a68dab460e675d2d\System.WorkflowServices.ni.dll

MOD - [2011/10/17 19:39:46 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ecfad34a8e869b6d7ed9d3ead3a0e97d\System.ServiceModel.Web.ni.dll

MOD - [2011/10/17 19:32:31 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5aab9bc687029a908fc01473f8e5f77b\UIAutomationProvider.ni.dll

MOD - [2011/10/17 19:32:13 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll

MOD - [2011/10/17 19:31:32 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d72212e0e98b6ea4339d453bf540b5a6\CustomMarshalers.ni.dll

MOD - [2011/10/17 19:31:29 | 001,070,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\dbcb4baf3d2ed9e62645bd332fc221f2\System.IdentityModel.ni.dll

MOD - [2011/10/17 19:31:26 | 002,346,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\4b4c359912c1241246f50a4c47dbab3c\System.Runtime.Serialization.ni.dll

MOD - [2011/10/17 19:31:23 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\a800035f1686fdb0b7a019b954a37cfe\SMDiagnostics.ni.dll

MOD - [2011/10/17 19:31:22 | 017,404,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\6b2ee1fdc6a182722db04af9c3cd10c3\System.ServiceModel.ni.dll

MOD - [2011/10/17 19:30:55 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8645de531003807d00822e03986a075d\System.ServiceProcess.ni.dll

MOD - [2011/10/17 19:30:49 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6b88a2bf58d8529fc33f8f3437a7ff06\System.Web.Services.ni.dll

MOD - [2011/10/17 19:30:46 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\e00630ec1e225a2376fdd430645e20f7\System.Web.ni.dll

MOD - [2011/10/17 19:30:32 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\8f3b3ab45e3e5fa61aa6cbfe2a8b61af\System.Transactions.ni.dll

MOD - [2011/10/17 19:30:26 | 000,679,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\cbfa4bf002c1abaf94ba8634139727eb\System.Security.ni.dll

MOD - [2011/10/17 19:30:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll

MOD - [2011/10/17 19:30:15 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll

MOD - [2011/10/13 20:14:17 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll

MOD - [2011/10/13 20:13:45 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll

MOD - [2011/10/13 20:13:31 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll

MOD - [2011/10/13 20:13:11 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\9e53d9921c4bb153f1ffbe1ae0e1b615\System.Data.ni.dll

MOD - [2011/10/13 20:12:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\231b0b42eff55de5c7d7debe555c16b7\PresentationFramework.Aero.ni.dll

MOD - [2011/10/13 20:12:53 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\94f892556ec9fa7a508fc9d214ceaedf\PresentationFramework.ni.dll

MOD - [2011/10/13 20:12:27 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53f949f4664bb316f9b7a00d73a6e290\PresentationCore.ni.dll

MOD - [2011/10/13 20:11:52 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\fd2c727bcef2e019eb96c1145f423701\WindowsBase.ni.dll

MOD - [2011/10/13 20:11:45 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll

MOD - [2010/07/13 01:29:42 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\connectionDetector.dll

MOD - [2010/07/13 01:28:42 | 000,856,064 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\fsk.dll

MOD - [2010/07/13 01:26:12 | 000,018,432 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\FskNetInterface.dll

MOD - [2010/07/13 01:25:56 | 000,008,704 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\FskTimeHardware.dll

MOD - [2010/07/13 01:25:50 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ticket.dll

MOD - [2010/07/13 01:25:42 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ebookDeviceNotifier.dll

MOD - [2010/07/13 01:22:36 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\FskinLocalize.dll

MOD - [2010/07/13 01:22:02 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\FskPower.dll

MOD - [2010/07/13 01:16:16 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\FskDocumentViewer.dll

MOD - [2010/07/13 01:15:58 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\FskMobileMediaDevice.dll

MOD - [2010/07/13 01:15:52 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\Fskin.dll

MOD - [2010/07/13 01:13:42 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\FskMediaPlayers.dll

MOD - [2010/07/13 01:10:56 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\USBDetector.dll

MOD - [2010/04/02 21:23:36 | 000,815,104 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\FskSecurity.dll

MOD - [2010/04/02 20:44:16 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\ebookUsb.dll

MOD - [2009/08/10 05:39:06 | 000,139,944 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe

MOD - [2009/08/10 05:39:04 | 000,766,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe

MOD - [2009/07/17 06:33:27 | 001,159,168 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdrs.dll

MOD - [2009/07/17 06:32:35 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll

MOD - [2009/06/12 16:32:16 | 000,104,456 | ---- | M] () -- C:\Windows\SysWOW64\EasyHook32.dll

MOD - [2009/05/27 06:16:50 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll

MOD - [2009/04/07 13:25:27 | 000,409,600 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\iptk.dll

MOD - [2009/03/30 06:37:47 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epoemdll.dll

MOD - [2009/03/30 06:37:46 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epstring.dll

MOD - [2009/03/30 06:37:44 | 002,203,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epwizres.dll

MOD - [2009/03/30 06:37:28 | 000,708,608 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epwizard.dll

MOD - [2009/03/30 06:35:40 | 000,159,744 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\customui.dll

MOD - [2009/03/30 06:35:22 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\epfunct.dll

MOD - [2009/03/30 06:35:17 | 000,118,784 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\eputil.dll

MOD - [2009/03/30 06:35:05 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\imagutil.dll

MOD - [2009/03/29 22:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll

MOD - [2009/03/29 22:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll

MOD - [2009/03/29 22:42:11 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll

MOD - [2009/03/09 23:43:49 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll

MOD - [2009/03/02 08:25:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebptp.dll

MOD - [2009/02/20 02:48:43 | 000,023,552 | ---- | M] () -- C:\Windows\SysWOW64\LXEBsmr.dll

MOD - [2009/02/20 02:48:03 | 000,299,008 | ---- | M] () -- C:\Windows\SysWOW64\LXEBsm.dll

MOD - [2008/08/19 21:36:54 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll

MOD - [2008/02/15 15:07:48 | 004,840,960 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe

MOD - [2006/09/20 11:51:58 | 000,569,344 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Photo Explosion 3.0 SE\uviplPX.dll

MOD - [2006/09/20 11:51:58 | 000,020,480 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Photo Explosion 3.0 SE\uvipl.dll

MOD - [2006/09/20 11:51:28 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Photo Explosion 3.0 SE\Cpuinf32.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/04/14 19:56:24 | 001,052,328 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxebcoms.exe -- (lxeb_device)

SRV:64bit: - [2010/04/14 19:56:14 | 000,045,736 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxebserv.exe -- (lxebCATSCustConnectService)

SRV:64bit: - [2008/07/08 09:25:14 | 000,901,120 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)

SRV:64bit: - [2008/06/11 12:18:30 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe -- (ETService)

SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2007/10/18 00:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)

SRV:64bit: - [2007/05/29 12:06:06 | 001,053,104 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdfcoms.exe -- (lxdf_device)

SRV - [2011/12/17 11:15:17 | 000,063,048 | ---- | M] (White Sky, Inc.) [Auto | Running] -- C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe -- (IDVaultSvc)

SRV - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [unknown | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe -- (N360)

SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

SRV - [2010/04/02 21:34:12 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)

SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009/07/29 08:53:27 | 000,602,792 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxebcoms.exe -- (lxeb_device)

SRV - [2009/03/29 22:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/11/04 03:41:00 | 000,437,248 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)

SRV - [2007/02/12 02:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/12/21 16:22:54 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)

DRV:64bit: - [2011/11/03 12:06:56 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\Lbd.sys -- (Lbd)

DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011/07/05 10:18:38 | 000,029,288 | ---- | M] (StrikeForce Technologies, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gidv2.sys -- (GIDv2)

DRV:64bit: - [2011/03/30 21:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0501000.01D\SRTSP64.SYS -- (SRTSP)

DRV:64bit: - [2011/03/30 21:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)

DRV:64bit: - [2011/03/21 18:39:49 | 000,432,760 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0501000.01D\SYMTDIV.SYS -- (SYMTDIv)

DRV:64bit: - [2011/03/14 20:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMEFA64.SYS -- (SymEFA)

DRV:64bit: - [2011/01/27 00:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\SYMDS64.SYS -- (SymDS)

DRV:64bit: - [2010/11/15 19:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Ironx64.SYS -- (SymIRON)

DRV:64bit: - [2010/08/20 22:59:12 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009/08/03 13:54:46 | 000,670,720 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr28x.sys -- (netr28x)

DRV:64bit: - [2008/11/04 03:40:46 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)

DRV:64bit: - [2008/10/15 08:57:50 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)

DRV:64bit: - [2008/10/15 08:53:44 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)

DRV:64bit: - [2008/10/15 08:52:24 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)

DRV:64bit: - [2008/09/18 03:15:28 | 000,325,120 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)

DRV:64bit: - [2008/07/08 10:47:00 | 004,599,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2008/05/28 18:54:18 | 000,026,168 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)

DRV:64bit: - [2008/04/27 19:25:06 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)

DRV:64bit: - [2008/04/01 01:00:40 | 000,341,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RTL8187Se.sys -- (RTL8187Se)

DRV:64bit: - [2008/03/03 19:12:46 | 000,058,456 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)

DRV:64bit: - [2008/03/02 19:32:22 | 000,051,672 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)

DRV:64bit: - [2008/02/21 11:55:00 | 000,393,728 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)

DRV:64bit: - [2008/01/20 20:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)

DRV:64bit: - [2008/01/20 20:46:57 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2008/01/20 20:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)

DRV:64bit: - [2007/07/26 04:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2007/05/23 18:47:28 | 000,020,784 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)

DRV:64bit: - [2007/04/26 03:38:44 | 000,305,976 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)

DRV:64bit: - [2006/06/18 23:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)

DRV - [2011/12/21 01:00:00 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111221.003\ex64.sys -- (NAVEX15)

DRV - [2011/12/21 01:00:00 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)

DRV - [2011/12/21 01:00:00 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2011/12/21 01:00:00 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111221.003\eng64.sys -- (NAVENG)

DRV - [2011/12/20 09:25:44 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111221.001\IDSviA64.sys -- (IDSVia64)

DRV - [2011/12/19 22:22:12 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)

DRV - [2011/12/10 02:24:18 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111221.003\BHDrvx64.sys -- (BHDrvx64)

DRV - [2008/06/11 12:13:24 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=m-2626u

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=m-2626u

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=m-2626u

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=1008&m=m-2626u

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_customize.aspx?tbid=80114

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx?tbid=80114&lng=en

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.my.yahoo.com/

IE - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010/12/02 15:09:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/12/21 16:29:44 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\ [2011/12/21 16:22:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2009/01/17 22:22:10 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins

[2011/11/26 19:55:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TERRY\AppData\Roaming\Mozilla\Extensions

[2009/01/17 22:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TERRY\AppData\Roaming\Mozilla\Sunbird\Profiles\cqwdncl5.default\extensions

[2009/01/17 22:22:17 | 000,000,000 | ---D | M] (Lightning stub extension for Sunbird) -- C:\PROGRAM FILES (X86)\MOZILLA SUNBIRD\EXTENSIONS\{E2FDA1A4-762B-4020-B5AD-A41DF1933103}

[2009/01/17 22:22:09 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES (X86)\MOZILLA SUNBIRD\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG

[2009/01/17 22:22:11 | 000,000,000 | ---D | M] (Talkback) -- C:\PROGRAM FILES (X86)\MOZILLA SUNBIRD\EXTENSIONS\TALKBACK@MOZILLA.ORG

========== Chrome ==========

CHR - default_search_provider: Yahoo! ()

CHR - default_search_provider: search_url = http://search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}

CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\gcswf32.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.1.6 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll

CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\pdf.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\2.bin\NPMyWebS.dll

CHR - plugin: Reader Library (Enabled) = C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll

CHR - plugin: TVvie Plugin Stub (Enabled) = C:\Program Files (x86)\TVvie_4g\bar\1.bin\NP4gStub.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: EpicPlay = C:\Users\TERRY\AppData\Local\Google\Chrome\User Data\Default\Extensions\plccnhhjonaiagjelpfkclblmlppjcik\

O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()

O2 - BHO: (EpicPlay Games) - {56E4076B-A42B-4745-BA35-34DA8AC4C2F2} - C:\Program Files (x86)\EpicPlay\epicPlayGames.dll (EpicPlay LLC)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Constant Guard Protection Suite (COM)) - {B84CDBE7-1B46-494B-A188-01D4C52DEB61} - C:\Program Files (x86)\Constant Guard Protection Suite\NativeBHO.dll (WhiteSky)

O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()

O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)

O3 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()

O3 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()

O3 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe ()

O4:64bit: - HKLM..\Run: [lxebmon.exe] C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe ()

O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [ALUAlert] "c:\Program Files (x86)\Symantec\LiveUpdate\ALuNotify.exe" "/LOWDISKSPACE C" File not found

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)

O4 - HKLM..\Run: [eRecoveryService] File not found

O4 - HKLM..\Run: [GIDDesktop] C:\Program Files (x86)\SFT\GuardedID\gidd.exe (StrikeForce Technologies Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PhotoExplosionCalCheck] C:\Program Files (x86)\Nova Development\Photo Explosion 3.0 SE\CalCheck.exe (Ulead Systems, Inc.)

O4 - HKLM..\Run: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe (Sony Corporation)

O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found

O4 - HKLM..\Run: [Trigger New Acer AlaunchX] c:\ACER\Preload\Command\AlaunchX\AppInRun.exe (Acer Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" File not found

O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [GameXN] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)

O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [GameXN (news)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)

O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [GameXN (update)] C:\ProgramData\GameXN\GameXNGO.exe (EasyBits Software AS)

O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [msnmsgr] "C:\PROGRA~2\MSNMES~1\msnmsgr.exe" /background File not found

O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [PopularScreensaversWallpaper] rundll32 C:\PROGRA~2\MYWEBS~1\bar\2.bin\F3SCRCTR.DLL,LES File not found

O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found

O4 - HKU\.DEFAULT..\RunOnce: [] C:\Windows\SysWow64\osk.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\RunOnce: [] C:\Windows\SysWow64\osk.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E884334-E11C-48BA-96F3-C370C42D58B3}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA7D8DAB-FABB-4A0B-8882-9592D56C5505}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\TERRY\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\TERRY\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{110be312-2cbc-11e0-b8d7-00e0b8ea57d8}\Shell\AutoRun\command - "" = I:\Windows\bin\eblSetup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (lsdelete)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/22 16:31:28 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\TERRY\Desktop\OTL.exe

[2011/12/21 19:32:59 | 000,000,000 | ---D | C] -- C:\Users\TERRY\AppData\Roaming\PC Cleaners

[2011/12/21 19:32:50 | 005,122,320 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe

[2011/12/21 19:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\PC1Data

[2011/12/21 16:58:11 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\TERRY\Desktop\dds.scr

[2011/12/21 16:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hijackthis

[2011/12/21 16:22:53 | 000,432,760 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symtdiv.sys

[2011/12/21 16:22:52 | 000,912,504 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.sys

[2011/12/21 16:22:52 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys

[2011/12/21 16:22:52 | 000,450,680 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.sys

[2011/12/21 16:22:52 | 000,382,584 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys

[2011/12/21 16:22:52 | 000,040,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys

[2011/12/21 16:22:51 | 000,171,128 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\ironx64.sys

[2011/12/21 16:22:21 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D

[2011/12/21 16:17:59 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2011/12/21 16:17:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared

[2011/12/21 16:17:58 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec

[2011/12/21 16:17:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64

[2011/12/21 16:17:09 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite

[2011/12/21 16:17:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Suite

[2011/12/21 16:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2011/12/21 16:16:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller

[2011/12/21 16:16:36 | 000,000,000 | ---D | C] -- C:\Users\TERRY\Documents\Symantec

[2011/12/21 16:13:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2011/12/21 15:50:41 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage

[2011/12/21 15:50:41 | 000,000,000 | ---D | C] -- C:\Users\TERRY\AppData\Local\ID Vault

[2011/12/21 15:50:09 | 000,000,000 | ---D | C] -- C:\Users\TERRY\AppData\Roaming\ID Vault

[2011/12/21 15:49:42 | 000,029,288 | ---- | C] (StrikeForce Technologies, Inc.) -- C:\Windows\SysNative\drivers\gidv2.sys

[2011/12/21 15:49:41 | 000,446,752 | ---- | C] (StrikeForce Technologies Inc.) -- C:\Windows\SysNative\GIDHookLogon64.dll

[2011/12/21 15:49:41 | 000,065,816 | ---- | C] (StrikeForce Technologies Inc.) -- C:\Windows\SysNative\GIDLogonCP64.dll

[2011/12/21 15:49:40 | 000,467,224 | ---- | C] (StrikeForce Technologies Inc.) -- C:\Windows\SysNative\GIDHOOK64.DLL

[2011/12/21 15:49:40 | 000,206,608 | ---- | C] (StrikeForce Technologies Inc.) -- C:\Windows\SysNative\GIDBIN1.DLL

[2011/12/21 15:49:40 | 000,102,160 | ---- | C] (StrikeForce Technologies Inc.) -- C:\Windows\SysNative\GIDBIN3.DLL

[2011/12/21 15:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\GID

[2011/12/21 15:49:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SFT

[2011/12/21 15:49:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Constant Guard Protection Suite

[2011/12/21 15:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\White Sky, Inc

[2011/12/20 17:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011/12/20 17:50:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy

[2011/12/20 17:21:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe

[2011/12/20 17:17:01 | 000,000,000 | ---D | C] -- C:\Users\TERRY\AppData\Roaming\Curiolab

[2011/12/19 22:22:12 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys

[2011/12/19 22:19:26 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys

[2011/12/19 22:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft

[2011/12/19 22:19:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft

[2011/12/19 22:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft

[2011/12/19 17:01:55 | 000,000,000 | ---D | C] -- C:\Users\TERRY\AppData\Roaming\Malwarebytes

[2011/12/19 17:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/12/19 17:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/12/19 17:01:43 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2011/12/19 17:01:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011/11/26 19:56:22 | 000,000,000 | ---D | C] -- C:\Users\TERRY\AppData\Local\APN

[2011/11/26 19:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EpicPlay

[2010/01/18 17:35:42 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebinpa.dll

[2010/01/18 17:35:42 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebiesc.dll

[2010/01/18 17:35:41 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebpmui.dll

[2010/01/18 17:35:40 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebusb1.dll

[2010/01/18 17:35:39 | 001,056,768 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebserv.dll

[2010/01/18 17:35:39 | 000,581,632 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeblmpm.dll

[2010/01/18 17:35:38 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebhbn3.dll

[2010/01/18 17:35:38 | 000,602,792 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcoms.exe

[2010/01/18 17:35:38 | 000,328,360 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebih.exe

[2010/01/18 17:35:37 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomc.dll

[2010/01/18 17:35:37 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcomm.dll

[2010/01/18 17:35:36 | 000,369,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxebcfg.exe

[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\Users\TERRY\AppData\Local\*.tmp files -> C:\Users\TERRY\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/22 16:31:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\TERRY\Desktop\OTL.exe

[2011/12/22 16:27:05 | 000,000,283 | ---- | M] () -- C:\Windows\ulead32.ini

[2011/12/22 16:23:50 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/12/22 16:23:49 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/12/22 16:23:46 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml

[2011/12/22 16:23:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/12/22 16:23:32 | 4024,877,056 | -HS- | M] () -- C:\hiberfil.sys

[2011/12/21 21:32:27 | 002,997,700 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB

[2011/12/21 19:32:29 | 005,122,320 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe

[2011/12/21 16:58:47 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\TERRY\Desktop\dds.scr

[2011/12/21 16:26:59 | 000,002,329 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk

[2011/12/21 16:22:54 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS

[2011/12/21 16:22:54 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2011/12/21 16:22:54 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2011/12/21 16:13:46 | 000,000,905 | ---- | M] () -- C:\Users\TERRY\Desktop\Norton Installation Files.lnk

[2011/12/21 15:49:07 | 000,002,146 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk

[2011/12/21 15:49:07 | 000,002,128 | ---- | M] () -- C:\Users\Public\Desktop\Constant Guard.lnk

[2011/12/20 17:22:58 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2011/12/20 16:49:59 | 000,516,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011/12/19 22:22:12 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys

[2011/12/19 22:22:11 | 000,016,432 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe

[2011/12/19 22:19:29 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk

[2011/12/19 17:01:49 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/12/19 16:31:05 | 000,010,898 | -HS- | M] () -- C:\ProgramData\63770g56ne81shr88ulk37k8lq5j6

[2011/12/19 16:31:04 | 000,010,898 | -HS- | M] () -- C:\Users\TERRY\AppData\Local\63770g56ne81shr88ulk37k8lq5j6

[2011/12/10 13:09:19 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn

[2011/12/10 13:09:19 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for

[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[10 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

[1 C:\Users\TERRY\AppData\Local\*.tmp files -> C:\Users\TERRY\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/21 16:25:07 | 002,997,700 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\Cat.DB

[2011/12/21 16:22:52 | 000,007,877 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnetv64.cat

[2011/12/21 16:22:52 | 000,007,462 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.cat

[2011/12/21 16:22:52 | 000,007,460 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.cat

[2011/12/21 16:22:52 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnet64.cat

[2011/12/21 16:22:52 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa.inf

[2011/12/21 16:22:52 | 000,002,792 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds.inf

[2011/12/21 16:22:52 | 000,001,474 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnetv.inf

[2011/12/21 16:22:52 | 000,001,446 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnet.inf

[2011/12/21 16:22:52 | 000,001,422 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.inf

[2011/12/21 16:22:51 | 000,007,492 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\iron.cat

[2011/12/21 16:22:51 | 000,007,458 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.cat

[2011/12/21 16:22:51 | 000,001,438 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.inf

[2011/12/21 16:22:51 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\iron.inf

[2011/12/21 16:22:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.cat

[2011/12/21 16:22:21 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\isolate.ini

[2011/12/21 16:17:59 | 000,007,488 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT

[2011/12/21 16:17:59 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF

[2011/12/21 16:17:43 | 000,002,329 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk

[2011/12/21 16:13:46 | 000,000,905 | ---- | C] () -- C:\Users\TERRY\Desktop\Norton Installation Files.lnk

[2011/12/21 15:49:41 | 000,109,064 | ---- | C] () -- C:\Windows\SysNative\EasyHook64.dll

[2011/12/21 15:49:07 | 000,002,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk

[2011/12/21 15:49:07 | 000,002,140 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Constant Guard.lnk

[2011/12/21 15:49:07 | 000,002,128 | ---- | C] () -- C:\Users\Public\Desktop\Constant Guard.lnk

[2011/12/20 17:21:37 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk

[2011/12/20 17:21:37 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2011/12/19 23:11:11 | 000,016,432 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe

[2011/12/19 22:19:29 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk

[2011/12/19 17:36:00 | 4024,877,056 | -HS- | C] () -- C:\hiberfil.sys

[2011/12/19 17:01:49 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/12/18 03:00:53 | 000,010,898 | -HS- | C] () -- C:\Users\TERRY\AppData\Local\63770g56ne81shr88ulk37k8lq5j6

[2011/12/18 03:00:53 | 000,010,898 | -HS- | C] () -- C:\ProgramData\63770g56ne81shr88ulk37k8lq5j6

[2011/12/10 13:09:19 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn

[2011/12/10 13:09:19 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for

[2011/10/17 20:33:45 | 000,000,000 | ---- | C] () -- C:\Users\TERRY\AppData\Local\{63E80E08-2DB8-4294-8C63-ADB845ADD000}

[2011/10/17 19:04:39 | 000,000,000 | ---- | C] () -- C:\Users\TERRY\AppData\Local\{084645A0-2306-4748-A0B9-5728F6F50076}

[2010/11/20 16:38:19 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE

[2010/05/19 22:00:55 | 000,000,680 | ---- | C] () -- C:\Users\TERRY\AppData\Local\d3d9caps.dat

[2010/01/18 17:35:43 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\LXEBinst.dll

[2010/01/18 17:35:43 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxebcomx.dll

[2010/01/18 17:35:42 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\lxebinsr.dll

[2010/01/18 17:35:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxebjswr.dll

[2010/01/18 17:35:41 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxebinsb.dll

[2010/01/18 17:35:41 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxebcur.dll

[2010/01/18 17:35:40 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxebins.dll

[2010/01/18 17:35:40 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxebcu.dll

[2010/01/18 17:35:40 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxebcub.dll

[2010/01/15 17:04:26 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LXEBsmr.dll

[2010/01/15 17:04:25 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXEBsm.dll

[2009/12/25 23:41:17 | 000,000,026 | ---- | C] () -- C:\Windows\wb08d2se.INI

[2009/12/25 21:59:54 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll

[2009/12/25 21:59:06 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin

[2009/12/25 21:58:27 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009/12/22 17:37:20 | 000,007,168 | ---- | C] () -- C:\Users\TERRY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/06/12 16:32:16 | 000,104,456 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll

[2009/01/17 22:13:51 | 000,000,139 | ---- | C] () -- C:\Windows\ODBC.INI

[2009/01/17 22:13:50 | 000,000,167 | ---- | C] () -- C:\Windows\ODBCINST.INI

[2009/01/17 21:09:04 | 000,000,283 | ---- | C] () -- C:\Windows\ulead32.ini

[2008/12/28 16:11:51 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2008/12/28 15:41:05 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin

[2008/10/31 04:07:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2008/08/19 21:14:11 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat

[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

[2006/11/02 09:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 06:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2006/11/02 06:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2006/11/02 06:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2006/11/02 03:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2002/03/13 14:46:46 | 000,053,248 | R--- | C] () -- C:\Windows\SysWow64\zlib.dll

========== LOP Check ==========

[2009/01/13 16:49:17 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\6500 Series

[2011/12/20 17:17:01 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Curiolab

[2011/06/10 23:21:49 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Earthlink

[2011/12/22 16:26:50 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\go

[2011/02/25 21:45:04 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Hoyle Casino

[2010/12/18 20:12:51 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Hoyle FaceCreator

[2011/10/20 16:21:17 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Hoyle Puzzle and Board Games

[2011/12/21 16:13:05 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\ID Vault

[2011/02/19 16:58:42 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Individual Software

[2009/01/16 00:01:22 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Lexmark Productivity Studio

[2011/12/21 19:32:59 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\PC Cleaners

[2010/12/30 16:56:24 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Runes of Avalon

[2011/12/21 15:45:45 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Sammsoft

[2009/12/25 15:13:11 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Serif

[2009/01/17 22:44:38 | 000,000,000 | ---D | M] -- C:\Users\TERRY\AppData\Roaming\Software MacKiev

[2011/12/21 21:34:38 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

[MrCharlie]

Please do this:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  
  :OTL
  O4 - HKLM..\Run: [ALUAlert] "c:\Program Files (x86)\Symantec\LiveUpdate\ALuNotify.exe" "/LOWDISKSPACE C" File not found
  O4 - HKLM..\Run: [eRecoveryService] File not found
  O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
  O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" File not found
  O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [msnmsgr] "C:\PROGRA~2\MSNMES~1\msnmsgr.exe" /background File not found
  O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [PopularScreensaversWallpaper] rundll32 C:\PROGRA~2\MYWEBS~1\bar\2.bin\F3SCRCTR.DLL,LES File not found
  O4 - HKU\S-1-5-21-1558845740-2615022061-3524861312-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
  [2011/12/19 16:31:05 | 000,010,898 | -HS- | M] () -- C:\ProgramData\63770g56ne81shr88ulk37k8lq5j6
  [2011/12/19 16:31:04 | 000,010,898 | -HS- | M] () -- C:\Users\TERRY\AppData\Local\63770g56ne81shr88ulk37k8lq5j6
  
  :Commands
  [emptytemp]
  [createrestorepoint]
  

  
  

• Then click the Run Fix button at the top
  
• Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  
• Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
  

MrC

[mlott132]

Here is the log file that was created.

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ALUAlert deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1558845740-2615022061-3524861312-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DW6 deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1558845740-2615022061-3524861312-1000\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1558845740-2615022061-3524861312-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PopularScreensaversWallpaper deleted successfully.

Registry value HKEY_USERS\S-1-5-21-1558845740-2615022061-3524861312-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.

C:\ProgramData\63770g56ne81shr88ulk37k8lq5j6 moved successfully.

C:\Users\TERRY\AppData\Local\63770g56ne81shr88ulk37k8lq5j6 moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: TERRY

->Temp folder emptied: 68929043 bytes

->Temporary Internet Files folder emptied: 17952603 bytes

->Java cache emptied: 32155717 bytes

->Google Chrome cache emptied: 7370198 bytes

->Flash cache emptied: 1930 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 51865 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 17444639 bytes

%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 13691495 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes

RecycleBin emptied: 41290 bytes

Total Files Cleaned = 150.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.31.0 log created on 12222011_180500

Files\Folders moved on Reboot...

C:\Users\TERRY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VFGGKJHN\index[1].htm moved successfully.

C:\Users\TERRY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

Registry entries deleted on Reboot...

[MrCharlie]

How is it now? MrC

[mlott132]

Seems to run much quicker and I am not getting the dll error on startup.

[MrCharlie]

Just to be sure.....

Please Update and run a Quick Scan with MBAM, post the report and let me know how it is, MrC

[mlott132]

Here is the result of the scan. Computer is running much better. Is there anything else I need to do? If not, thanks for your help and have a Merry Christmas and Happy New Year!!

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 911122301

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

12/22/2011 6:39:28 PM

mbam-log-2011-12-22 (18-39-28).txt

Scan type: Quick scan

Objects scanned: 177570

Time elapsed: 5 minute(s), 5 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

[MrCharlie]

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any questions...please post back.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Have a Good Holiday and New Year!

[MrCharlie]

Great

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any questions...please post back.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Have a Good Holiday and New Year!

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!