Active 80070424

[Active] 80070424

I have searched the net for solutions to this problem. And I stlll can't update windows. I downloaded and ran the DDS, heres the log files:


DDS (Ver_09-12-01.01) - NTFSX64
Run by Sirduke at 16:10:47.38 on Thu 02/25/2010
Internet Explorer: 8.0.6001.18813
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6002.2.1252.1.1033.18.2814.1044 [GMT -6:00]

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\lxdncoms.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio64.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe
C:\Program Files (x86)\Lexmark 2600 Series\lxdnMsdMon.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\CONEXANT\SmartAudio\SmAudio.exe
C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Sirduke\Documents\IT\Technician\WindowsBBS Scanner\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1663344
uSearch Bar = Preserve
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0209&m=md2614u&c=BB
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vp64&d=0209&m=md2614u&c=BB
mLocal Page = c:\windows\syswow64\blank.htm
uURLSearchHooks: CXRchess Toolbar: {9866d349-b0a8-4de5-8b05-7ccfa1eecb8d} - c:\program files (x86)\cxrchess\tbCXRc.dll
mURLSearchHooks: CXRchess Toolbar: {9866d349-b0a8-4de5-8b05-7ccfa1eecb8d} - c:\program files (x86)\cxrchess\tbCXRc.dll
mWinlogon: Userinit=userinit.exe
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files (x86)\lexmark toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: CXRchess Toolbar: {9866d349-b0a8-4de5-8b05-7ccfa1eecb8d} - c:\program files (x86)\cxrchess\tbCXRc.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files (x86)\lexmark toolbar\toolband.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: CXRchess Toolbar: {9866d349-b0a8-4de5-8b05-7ccfa1eecb8d} - c:\program files (x86)\cxrchess\tbCXRc.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [SmAudio] c:\program files\conexant\smartaudio\SmAudio.exe -c
uRun: [Power2GoExpress] "c:\program files (x86)\cyberlink\power2go\Power2GoExpress.exe" /Startup
uRun: [WMPNSCFG] c:\program files (x86)\windows media player\WMPNSCFG.exe
mRun: [StartCCC] "c:\program files (x86)\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for gateway\traybar.exe "
mRun: [RoxWatchTray] "c:\program files (x86)\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe "
mRun: [GrooveMonitor] "c:\program files (x86)\microsoft office\office12\GrooveMonitor.exe "
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [FaxCenterServer] "c:\program files (x86)\lexmark fax solutions\fm3032.exe" /s
mRun: [SunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe "
mRun: [Mobile Connectivity Suite] "c:\program files (x86)\htc\htc sync\application launcher\Application Launcher.exe" /startoptions
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe "
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
DPF: {63F5866B-A7C5-40B4-9A89-0CCA99726C8D} - hxxps://secure.logmeinrescue.com/Customer/x86/RescueDownloader.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?40150.3012962963
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg64.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
TB-X64: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {9866D349-B0A8-4DE5-8B05-7CCFA1EECB8D} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun-x64: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun-x64: [lxdnmon.exe] "c:\program files (x86)\lexmark 2600 series\lxdnmon.exe "
mRun-x64: [lxdnamon] "c:\program files (x86)\lexmark 2600 series\lxdnamon.exe "
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-6-27 52856]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-2 89680]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-2 22096]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-9-2 65616]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-9-2 138680]
R2 ETService;Empowering Technology Service;c:\program files\gateway\gateway recovery management\service\ETService.exe [2009-6-5 24576]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2008-1-20 27648]
R2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe -service --> c:\windows\system32\lxdncoms.exe -service [?]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atipmdag.sys [2008-10-23 4709888]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2008-10-23 86528]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-9-2 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-9-2 352920]
R3 CAXHWAZL;CAXHWAZL;c:\windows\system32\drivers\CAXHWAZL.sys [2008-10-15 292864]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2mdx64.sys [2008-7-15 62296]
R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sdx64.sys [2008-6-11 51800]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2009-6-5 26168]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk60x64.sys [2008-4-29 392192]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-1-30 135664]
S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\drivers\x64\3\lxdnserv.exe [2008-2-27 33960]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-8-5 89920]
S3 HTCAND64;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-2-2 31744]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-20 19968]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\drivers\pnetmdm64.sys [2009-11-27 17920]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 22528]

============== File Associations ===============

JSEFile=c:\windows\syswow64\WScript.exe "%1" %*

=============== Created Last 30 ================

2010-02-06 16:38:28 0 dc----w- c:\programdata\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-27 22:39:50 0 dc----w- c:\programdata\Sun
2010-01-27 22:39:29 153376 -c--a-w- c:\windows\syswow64\javaws.exe
2010-01-27 22:39:29 145184 -c--a-w- c:\windows\syswow64\javaw.exe
2010-01-27 22:39:29 145184 -c--a-w- c:\windows\syswow64\java.exe

==================== Find3M ====================

2010-02-24 15:16:06 212864 -c----w- c:\windows\system32\MpSigStub.exe
2009-12-17 23:14:00 411368 -c--a-w- c:\windows\syswow64\deploytk.dll
2009-12-14 19:15:14 2146304 -c--a-w- c:\windows\syswow64\GPhotos.scr
2009-12-08 03:38:27 86016 ----a-w- c:\windows\inf\infstor.dat
2009-12-08 03:38:27 51200 ----a-w- c:\windows\inf\infpub.dat
2009-12-08 03:38:26 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-08-05 11:47:16 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 -c--a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 -c--a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 -c--a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 -c--a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 -c--a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 -c--a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 -c--a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 -c--a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-07-25 06:59:48 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-07-19 20:33:29 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-07-19 20:33:29 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5

\index.dat
2009-07-19 20:33:29 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
2009-07-19 20:33:29 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat
2009-07-14 20:34:02 245760 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat

============= FINISH: 16:12:23.76 ===============


And:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vistaâ„¢ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/27/2009 4:21:28 PM
System Uptime: 2/25/2010 11:12:45 AM (5 hours ago)

Motherboard: Gateway | |
Processor: AMD Turion(tm) X2 Dual-Core Mobile RM-72 | Socket M2/S1G1 | 2100/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 111 GiB total, 37.47 GiB free.
D: is FIXED (NTFS) - 111 GiB total, 106.092 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

ABBYY FineReader 6.0 Sprint
Adobe Flash Player 10 ActiveX
Adobe Reader 9.3
Advanced SystemCare 3
AMD USB Audio Driver Filter
avast! Antivirus
BibleDesktop 1.6
BlackBerry Desktop Software 4.2.2
Camera Assistant Software for Gateway
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chess Openings Wizard - Professional build 34
ChessBase 9
ChessBase Reader
Compatibility Pack for the 2007 Office system
CPT 4 Technical Preview
CXRchess Toolbar
CyberLink LabelPrint
CyberLink Power2Go
Dasher
Dia (remove only)
Fritz11
Gateway Games
Gateway Recovery Management
GearDrvs
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HTC Driver
HTC Sync
Java Auto Updater
Java(TM) 6 Update 18
Java(TM) 6 Update 5
Junk Mail filter update
Lexmark Toolbar
Lexmark Tools for Office
Marvell Miniport Driver
MasterChess 5000 build 1
MasterChess 5000 Extreme Graphics
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft Choice Guard
Microsoft Money Essentials
Microsoft Money Shared Libraries
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.4
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB954430)
Online Bible 11.99.01
Picasa 3
Playchess
PowerXpressHybrid
Roxio Media Manager
SeaTools for Windows
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB969604)
Skins
Spelling Dictionaries Support For Adobe Reader 9
Sweet Home 3D version 2.0
The Rainbow Study Bible Software Edition
TSP_CODEC
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB974810)
VideoLAN VLC media player 0.8.4a
VirtualDub
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Wireless LAN Adapter

==== End Of File ===========================

 

Ok. Let's try this first;

Download Malwarebytes' Anti-Malware (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Download the update from here if you have problems.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Make sure that you restart the computer.

=============

Download OTL to your Desktop.

* Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
* Under the Custom Scan box paste this in:


netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\System32\config\*.sav
CREATERESTOREPOINT


* Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

========

Read & follow instructions from this article: Error message when you use Windows Update or Microsoft Update Web sites to install updates: 0x80070424

 

Malwarebytes' Anti-Malware 1.44
Database version: 3794
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18813

2/25/2010 11:55:32 PM
mbam-log-2010-02-25 (23-55-32).txt

Scan type: Full Scan (C:\|E:\|F:\|)
Objects scanned: 367518
Time elapsed: 1 hour(s), 10 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

 

OTL Extras logfile created on: 2/26/2010 12:52:06 AM - Run 1
OTL by OldTimer - Version 3.1.30.2 Folder = C:\Users\Sirduke\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 59.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.44 Gb Total Space | 37.54 Gb Free Space | 33.69% Space Free | Partition Type: NTFS
Drive D: | 111.44 Gb Total Space | 106.09 Gb Free Space | 95.20% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BIGMAMADADDY
Current User Name: Sirduke
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll ",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1 ",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 9D 85 52 58 C4 15 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0536877D-3142-46A9-AE77-EEAAAAA7E291}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{06689185-CABE-4B99-AC68-2C0B622694D4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{13A0DD88-F652-4595-A2DA-F35D36E8CE8F}" = lport=445 | protocol=6 | dir=in | app=system |
"{1C2FFD9D-8622-4030-A933-D74E71445650}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1C451592-0EA2-44BA-B3E6-2B7BE9E8D9DC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{1C933950-0827-4DA5-AEDE-A216DBBDBA6F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2424739F-10CB-4F51-AA7C-80EC1A1F3079}" = lport=3702 | protocol=17 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{25809D41-55AC-495E-B403-6831C3B222B1}" = rport=139 | protocol=6 | dir=out | app=system |
"{3D0D78BF-9EEF-402F-85D3-E8A3CD0EBADF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{40B6F799-F1EC-4D5E-BABB-BEE70F54C468}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{46108FF9-AA93-4880-9967-161C9F8FAF39}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4C71426B-1749-43A6-AED4-DF4882683286}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5A38DBA9-CE06-47BC-A0EF-C0941CC330F6}" = lport=rpc | protocol=6 | dir=in | svc=bits | app=c:\windows\system32\svchost.exe |
"{5D04671D-52F4-4DE3-96E5-556744E1D7DA}" = rport=3702 | protocol=17 | dir=out | svc=bits | app=c:\windows\system32\svchost.exe |
"{5E881840-6409-4173-9865-B24E554B549C}" = lport=137 | protocol=17 | dir=in | app=system |
"{6733E745-B89C-42FB-A2D8-DEC4D1D434E7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7D7B8A3C-CFE9-46AC-9995-44FD97CF5E8C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7E875D49-FACD-40FD-ABDA-8F9B5DDF1922}" = lport=10243 | protocol=6 | dir=in | app=system |
"{80EA9F51-C2A5-4833-8804-51C79F512806}" = rport=2178 | protocol=6 | dir=out | app=system |
"{84F1B84D-508E-4CD6-B396-2C9F56DC6946}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{896AAE44-AA45-42CA-ABC9-E7B12F9CE02D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{89AB9957-1A3F-4669-AB3C-495CFA1EB1EA}" = rport=445 | protocol=6 | dir=out | app=system |
"{906C83C6-8AAC-4E76-9D47-81C413DE82C5}" = rport=137 | protocol=17 | dir=out | app=system |
"{9189DAA4-B919-463C-8E22-41D559D78CCF}" = lport=2178 | protocol=6 | dir=in | app=system |
"{969B4A1D-5BBA-40AE-81BB-1DD1BE99AE27}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9A897435-6387-4E9E-8FEE-C92FEE76BCC9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B1A63987-E30E-4E10-A767-0C80E2002E50}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C56769FE-DAA4-4BCB-B23B-248D23695151}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D07A4876-3326-4B28-9C78-608ED39E2B6B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D9C6B1AB-D05A-4151-B669-9AB7E7C2B685}" = lport=139 | protocol=6 | dir=in | app=system |
"{DDC9A722-F11C-4B9C-90F1-9698BCD5DB28}" = rport=138 | protocol=17 | dir=out | app=system |
"{E12F33B6-C3ED-43B5-96C9-4528A5BFCC83}" = lport=138 | protocol=17 | dir=in | app=system |
"{E39AD98B-B762-4A86-A994-30BA307476BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E45B7FC2-7AE5-485D-A987-77EFB5463983}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EF83C977-AE4C-4261-83CD-9498998994A7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F7E1C594-08E0-41B0-80C9-452CB774EDAC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03A50A7A-C3B1-42D4-8F41-4B08402216C0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{150B158B-E31B-49B4-A01E-3BE9FA6412FE}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{1686942E-A970-4AD5-B92F-022BDD94C013}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1713DA23-9E98-4D1B-B28F-B4F2C9E7F0D2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{186B23A8-0390-4B1D-9331-8EFD49CCA597}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{18817234-142A-465D-919D-E522183B0F58}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnjswx.exe |
"{2AA2D9AE-A828-46B3-9EC8-1367D3D44E4B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{2D196306-C861-4B0A-98E4-BEAC757F56A8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3885BF43-D55C-4B66-B412-DA84B28EC874}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdntime.exe |
"{41351AC7-BB75-46F9-ACEC-540B61D89A78}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{471BDE8B-1529-416F-882C-3EE5A697D04B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{479913F5-132D-4830-9128-25A4861C8AD3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{49B67823-7713-4AB9-9BBA-477E383E16C6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C3C9528-B8CD-47DE-A660-13BD5556F32B}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{4D2250F9-031D-4932-BD00-2A4C73DFCE3C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4E360670-FA4C-4F09-86C1-2AEBCB5D2983}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5555D8AB-4D1C-454D-AC31-46230E55F475}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5B2C3292-14F2-4A04-933A-0B02B758356D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5B2F9CAC-3B9D-40A6-953A-E2F5E4AF181B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5FD83446-0A6D-48D9-AFE1-529BF679B229}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{626A7C9A-5328-4CAC-BF10-69420C1410EC}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
"{68078547-010E-491B-8C9A-BC0319E56A36}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{69BCBD76-9131-45CE-8851-8B8D5AC35F15}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{6F059289-7618-49D8-A0B9-3B7A47BF1287}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{80C09A47-F026-42BF-B39B-919C9AB51884}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnamon.exe |
"{851FCABF-4BF6-44EE-B253-470B9BEA4A06}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{92DCB040-2EC5-401A-BD55-D10CE3E85847}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"{9497D87F-DA7C-4F96-8387-47019EC4E79B}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{94D5AF9F-9203-4A3C-9C87-8BF204CD3C98}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{97C3AC89-D5C8-439B-8B5A-55877F4F5820}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9DA14ACB-AEE8-41E3-9C37-6AA5A8CCB0D0}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\frun.exe |
"{9FC23631-693D-44EA-9F85-B32ED5C4E812}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A13503A6-E6F8-4B54-B2D7-A089B0898083}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdncoms.exe |
"{B099899B-661D-40C4-9E83-9A8FF74407C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B686BF7A-F2DC-47E4-90BF-861F0C797C47}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdncoms.exe |
"{B951A4E8-C9D9-46E1-846D-A328232987ED}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7F0ABBB-88DE-4F25-8380-C953747B33BF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CA227E75-2283-4741-8E44-74D28BAD9CD4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CA3CD802-9628-4026-ACD4-5596977E7BAE}" = protocol=6 | dir=out | app=system |
"{CC256D79-8EB2-4DF0-8496-5725496F052D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CEB7060E-7C46-456B-947D-5D9EF0B20CBA}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{CFF2D25F-3263-425E-9023-21EF9E37BE3C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4E540BD-7D6A-45F6-8A4C-D992678B8956}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"{D5E3B326-184F-4E09-AAAB-BCC01B159B6A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DD1F93AD-7280-4B62-9C53-0ADC412DE273}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DFAE77AD-F749-4EBE-AC7B-1810CEE93CE7}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{E4B1C2AC-EAFB-4225-BAC5-39752E203F24}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdntime.exe |
"{E9900431-9FAB-4AC2-B8B3-40AA4D3E2995}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{EB1F5886-9844-4787-9195-4A222109A634}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EC25D34E-3438-42A7-A1E6-6AEF8682C5C0}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{F4DA9022-C23D-4A4C-9E3F-73C3DF6963FE}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnjswx.exe |
"{FCBF0986-EC7D-4799-BE8B-F815B3F22A97}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{153D4E61-1889-4DF5-9231-09B9AECA9EE9}C:\program files (x86)\lexmark 2600 series\lxdnmon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |
"TCP Query User{16790DD3-9FDF-4E9A-B442-52B5B9372DEA}C:\windows\lmi734d.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\windows\lmi734d.tmp\lmi_rescue.exe |
"TCP Query User{35F5035E-B472-47F7-B9AB-1195F60DDBBC}\\bigmcmath3\bitlord\bitlord.exe" = protocol=6 | dir=in | app=\\bigmcmath3\bitlord\bitlord.exe |
"UDP Query User{36E85064-FF38-4800-946C-852BBD6CAAD1}C:\windows\lmi734d.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\windows\lmi734d.tmp\lmi_rescue.exe |
"UDP Query User{88D6055A-3641-4E17-8D39-8A35EAC9E664}\\bigmcmath3\bitlord\bitlord.exe" = protocol=17 | dir=in | app=\\bigmcmath3\bitlord\bitlord.exe |
"UDP Query User{D94A8190-BCAF-44DA-8D1D-3FE0AD2C7FB2}C:\program files (x86)\lexmark 2600 series\lxdnmon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2600 series\lxdnmon.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{79A9A1B5-9445-8AB4-483B-1309DE21E1A4}" = ATI Catalyst Install Manager
"{8B8515E0-26E1-4140-948F-505D0D859180}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A6F1A083-4B12-47E8-9954-E4820C9A65C2}" = O2Micro Flash Memory Card Reader Driver (x64)
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Lexmark 2600 Series" = Lexmark 2600 Series
"Lexmark Fax Solutions" = Lexmark Fax Solutions
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08787EDB-6B6D-6421-9433-FEEDA62E0824}" = CCC Help Chinese Standard
"{097E024D-BE30-4D95-B5F3-B6AE9C1568D4}" = PowerXpressHybrid
"{09E22784-F786-3B6E-EC9B-A4AEC99A1999}" = Catalyst Control Center Localization Japanese
"{0D1C8BE3-4290-141E-9A4D-B68A88132440}" = Catalyst Control Center Localization Portuguese
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{13D8E863-E52A-1E90-372F-80FA439AC246}" = Catalyst Control Center Localization German
"{16640F67-0F0A-4627-C291-FFA6C6E7A8AA}" = Catalyst Control Center Localization Turkish
"{1730F6AB-FDD8-7478-C799-D198E216DEB1}" = Catalyst Control Center Localization Chinese Traditional
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A637513-CC46-4C3B-8114-1E4F1D71CF42}" = Fritz11
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 18
"{28943890-AE6E-881B-73E0-C936EBF377DA}" = CCC Help Danish
"{2AA9C0CD-12AF-0DAA-DCCC-73A52E1235B2}" = CCC Help Korean
"{2E4BE496-40D5-BCD2-34E7-1837F73B39BF}" = CCC Help French
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{38D0ECB6-89FF-1DFD-2B07-C20D821E3387}" = CCC Help Greek
"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FD2223E-C8A2-48C4-AA81-0A0EC47B7860}" = ChessBase 9
"{405EF5A6-AAAD-4859-80E1-2D7EFF68141B}" = Wireless LAN Adapter
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4941B24B-461E-4EE0-B757-4077A973C000}" = Catalyst Control Center - Branding
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A30AF87-8452-C12B-ABC0-1E28C8997705}" = CCC Help Russian
"{4C32C8CE-0363-2267-0BD6-51A68B558B40}" = Catalyst Control Center Localization French
"{4FD5EDAA-D7BD-C079-9A3C-7FE27E921045}" = CCC Help Chinese Traditional
"{58728D42-C8D7-00D4-D269-BFC6B185893B}" = Catalyst Control Center Localization Swedish
"{5887C385-6217-B494-5CF7-BBC61C9DDD20}" = Catalyst Control Center Localization Hungarian
"{59C11F89-E284-9A01-1F3C-862B2D2C24EE}" = Catalyst Control Center Localization Czech
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{61B6A9B0-FF4C-4C20-AFB9-9690B9078656}" = CPT 4 Technical Preview
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{66D171AA-670F-4309-9C74-5BA7F7DBA0B3}" = Roxio Media Manager
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{6C3A4C09-6DDC-AE90-2385-89F018882A2C}" = CCC Help Dutch
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver
"{6ECA793F-680B-03AD-37EA-FB66112FCE47}" = Catalyst Control Center Localization Thai
"{70D9854A-CEF5-4BCF-B37A-0AA1AB0A83CF}" = Playchess
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{732261F5-DB99-79F9-0DE4-FF6056BACE3B}" = Catalyst Control Center Graphics Previews Vista
"{74D4D679-B37F-839E-B5BA-BA0D3781929A}" = ccc-core-static
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BDA3F25-059A-927A-FD9D-AA664A042B10}" = Catalyst Control Center Localization Finnish
"{7DA95350-1619-6B54-7E60-3640C7F962BD}" = CCC Help Hungarian
"{7EDD9443-D74A-47CD-9DF0-6E1ED9327906}" = ChessBase Reader
"{7F74B16F-5E85-27F6-EBC9-A46D30243B53}" = Catalyst Control Center Localization Dutch
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{80B18932-7112-F5F0-87F9-F24DAB131A84}" = CCC Help Finnish
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82A0A92A-B528-E644-72D2-3E6B7CC14C2E}" = Catalyst Control Center Graphics Full Existing
"{83139B24-6B77-3B8C-CD19-407BF0F04A29}" = CCC Help Czech
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{919C7FBB-ACD0-2862-6F47-FF7B8D50B9A1}" = CCC Help Japanese
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96D34C42-DE41-B474-F695-0158558973AF}" = CCC Help Norwegian
"{97DB07C0-7E43-4C4A-8766-26396935F177}" = Playchess
"{98605CAA-5F52-44EC-8AF7-2EC1A4C35F2D}" = BlackBerry Desktop Software 4.2.2
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A9016221-F830-CD39-1F95-9BB54D470AFD}" = Catalyst Control Center Localization Russian
"{A90C03D6-08E1-4C59-B93B-6919A6C0AC19}" = TSP_CODEC
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC03ABCC-7626-5695-B98F-F327ECB4C7A4}" = Catalyst Control Center InstallProxy
"{AC3433B1-B013-127B-E062-72EE4CC40730}" = Skins
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B508310E-0690-4DC9-BB05-F01F5AB71B10}" = Fritz11
"{B66F4D09-5374-23CD-3119-F2A5DCA083CD}" = Catalyst Control Center Localization Chinese Standard
"{B77D2189-EFB5-1948-3785-1390CDC46C53}" = CCC Help German
"{BA271AAB-C19A-2A19-F703-73CEE2AE4826}" = CCC Help English
"{BBABC4C4-52D8-2125-6E7D-0E1383FBDC32}" = Catalyst Control Center Localization Polish
"{BCE850E5-AFE1-C9BD-FEFB-BFC92089EA93}" = CCC Help Thai
"{BD3A1E0B-97E4-ED68-2A44-5DD537218C59}" = CCC Help Portuguese
"{BD4B29A3-1218-DD0C-74EA-4585865C5490}" = Catalyst Control Center Localization Norwegian
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE4A7A4B-D813-61CC-C447-BB79C5A6CBC4}" = CCC Help Polish
"{BF499ABF-C634-296C-3E7C-1F5CF807D85C}" = Catalyst Control Center Localization Spanish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{D10C7632-2BEE-0F2C-27B6-C8CBC5285DBC}" = Catalyst Control Center Localization Italian
"{D5AF36E3-D72D-4E30-AB64-48A98BDDEE73}" = HTC Sync
"{D6330700-4083-48DD-A03C-E209674E7836}" = ChessBase Reader
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{DF428B55-D77B-06F0-4310-45F2D677C92D}" = Catalyst Control Center Localization Greek
"{E00723C2-D1B5-9EC5-9457-1B77453C8EA9}" = CCC Help Italian
"{E04B0937-27D8-DD05-AC42-4BA43B52F944}" = CCC Help Turkish
"{E2CBED58-B9BB-4644-24C5-312D7B9FBFB1}" = CCC Help Spanish
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E0DB0D-12F0-CE4C-8CD9-5C4913E3C902}" = Catalyst Control Center Graphics Light
"{E4035624-7B25-6648-079D-39B832F498EF}" = CCC Help Swedish
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E8EBE848-D0E2-502B-9CE5-1ED898F82126}" = Catalyst Control Center Localization Korean
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F703025D-72C0-3468-3F46-08D0A2F893FF}" = Catalyst Control Center Core Implementation
"{F83B2A4D-4D0D-2804-3A40-31E3D148F4C2}" = Catalyst Control Center Localization Danish
"{F880A830-E5DD-BF3E-3755-8BB30DF96966}" = Catalyst Control Center Graphics Full New
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"avast!" = avast! Antivirus
"BibleDesktop" = BibleDesktop 1.6
"BlackBerry_{98605CAA-5F52-44EC-8AF7-2EC1A4C35F2D}" = BlackBerry Desktop Software 4.2.2
"ChessOpeningsWizardProfessional_is1" = Chess Openings Wizard - Professional build 34
"CXRchess Toolbar" = CXRchess Toolbar
"Dasher" = Dasher
"DE03150F-A0A2-43F0-8870-9437C6660B69" = VirtualDub
"Dia" = Dia (remove only)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"MasterChess 5000 Extreme Graphics_is1" = MasterChess 5000 Extreme Graphics
"MasterChess 5000_is1" = MasterChess 5000 build 1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Money2007b" = Microsoft Money Essentials
"OnlineBible" = Online Bible 11.99.01
"Picasa 3" = Picasa 3
"Sweet Home 3D_is1" = Sweet Home 3D version 2.0
"The Rainbow Study Bible Software Edition" = The Rainbow Study Bible Software Edition
"VLC media player" = VideoLAN VLC media player 0.8.4a
"WildTangent gateway Master Uninstall" = Gateway Games
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"OnlineBible" = Online Bible 11.99.01

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 2/20/2010 12:44:15 AM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Temp\~DFC7F9.tmp failed, 00000005.

Error - 2/20/2010 12:44:16 AM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Temp\~DF49A8.tmp failed, 00000005.

Error - 2/20/2010 12:44:17 AM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Microsoft\Windows Live Contacts\{4d379e56-2dc7-4972-b03a-52f49ab1e5ac}\DBStore\tempedb.edb
failed, 00000005.

Error - 2/20/2010 12:44:19 AM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
failed, 00000005.

Error - 2/20/2010 11:51:42 AM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{AD3B8B9D-1E2E-11DF-85C1-00238B6195B7}.dat
failed, 00000005.

Error - 2/20/2010 11:51:42 AM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PPDHLABP\Fragments(video=48279231000)[1]
failed, 00000005.

Error - 2/20/2010 11:51:43 AM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Temp\~DFBE9.tmp failed, 00000005.

Error - 2/22/2010 3:38:36 AM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Microsoft\Windows Live Contacts\{4d379e56-2dc7-4972-b03a-52f49ab1e5ac}\DBStore\tempedb.edb
failed, 00000005.

Error - 2/24/2010 6:34:08 PM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{239B56C4-459C-447A-A392-D095AE256641}.tmp
failed, 00000005.

Error - 2/26/2010 2:26:15 AM | Computer Name = BigMamaDaddy | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\Sirduke\AppData\Local\Temp\~DF2297.tmp failed, 00000005.

[ Application Events ]
Error - 1/9/2010 10:29:53 AM | Computer Name = BigMamaDaddy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe ".
Dependent
Assembly msadctls,processorArchitecture= "x86 ",type= "win32 ",version= "1.0.1801.0 "
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/9/2010 10:29:53 AM | Computer Name = BigMamaDaddy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe ".
Dependent
Assembly msadctls,processorArchitecture= "x86 ",type= "win32 ",version= "1.0.1801.0 "
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/9/2010 10:29:53 AM | Computer Name = BigMamaDaddy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe ".
Dependent
Assembly msadctls,processorArchitecture= "x86 ",type= "win32 ",version= "1.0.1801.0 "
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/9/2010 10:29:53 AM | Computer Name = BigMamaDaddy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe ".
Dependent
Assembly msadctls,processorArchitecture= "x86 ",type= "win32 ",version= "1.0.1801.0 "
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/9/2010 10:29:53 AM | Computer Name = BigMamaDaddy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe ".
Dependent
Assembly msadctls,processorArchitecture= "x86 ",type= "win32 ",version= "1.0.1801.0 "
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/9/2010 10:29:53 AM | Computer Name = BigMamaDaddy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe ".
Dependent
Assembly msadctls,processorArchitecture= "x86 ",type= "win32 ",version= "1.0.1801.0 "
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/9/2010 10:29:53 AM | Computer Name = BigMamaDaddy | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe ".
Dependent
Assembly msadctls,processorArchitecture= "x86 ",type= "win32 ",version= "1.0.1801.0 "
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 1/9/2010 10:29:56 AM | Computer Name = BigMamaDaddy | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe ".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture= "AMD64 ",type= "win32 ",version= "1.0.0.1 ". Definition
is WLMFDS,processorArchitecture= "x86 ",type= "win32 ",version= "1.0.0.1 ". Please use
sxstrace.exe for detailed diagnosis.

Error - 1/9/2010 10:29:56 AM | Computer Name = BigMamaDaddy | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe ".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture= "AMD64 ",type= "win32 ",version= "1.0.0.1 ". Definition
is WLMFDS,processorArchitecture= "x86 ",type= "win32 ",version= "1.0.0.1 ". Please use
sxstrace.exe for detailed diagnosis.

Error - 1/9/2010 1:44:01 PM | Computer Name = BigMamaDaddy | Source = Application Error | ID = 1000
Description = Faulting application AcroRd32.exe, version 9.2.0.124, time stamp 0x4ac7307c,
faulting module Updater.api_unloaded, version 0.0.0.0, time stamp 0x4ac71d2c, exception
code 0xc0000005, fault offset 0x6d36cfe9, process id 0xaec, application start time
0x01ca91534b2bd7b0.

[ OSession Events ]
Error - 9/15/2009 10:00:32 AM | Computer Name = BigMamaDaddy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4811
seconds with 1320 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 2/25/2010 11:12:09 PM | Computer Name = BigMamaDaddy | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:50:06 PM on 2/25/2010 was unexpected.

Error - 2/25/2010 11:12:00 PM | Computer Name = BigMamaDaddy | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 2/25/2010 11:13:18 PM | Computer Name = BigMamaDaddy | Source = DCOM | ID = 10016
Description =

Error - 2/25/2010 11:13:35 PM | Computer Name = BigMamaDaddy | Source = Service Control Manager | ID = 7009
Description =

Error - 2/25/2010 11:13:35 PM | Computer Name = BigMamaDaddy | Source = Service Control Manager | ID = 7000
Description =

Error - 2/26/2010 2:27:24 AM | Computer Name = BigMamaDaddy | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 2/26/2010 2:27:37 AM | Computer Name = BigMamaDaddy | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 2/26/2010 2:28:53 AM | Computer Name = BigMamaDaddy | Source = DCOM | ID = 10016
Description =

Error - 2/26/2010 2:29:15 AM | Computer Name = BigMamaDaddy | Source = Service Control Manager | ID = 7009
Description =

Error - 2/26/2010 2:29:15 AM | Computer Name = BigMamaDaddy | Source = Service Control Manager | ID = 7000
Description =


< End of report >

 

How did you go with this?

==

Please go to Jotti's or to virustotal and have this file scanned. Post the results back here.

C:\Windows\SysWow64\ymxyrnyd.dll

 

Jotti's

Filename: ymxyrnyd.dll
Status: Scan finished. 0 out of 20 scanners reported malware.
Scan taken on: Fri 26 Feb 2010 16:56:57 (CET) Permalink

 

Ok, file looks ok, but I repeat, how did you go with the remedies from the link I gave you?

 

Ok, sorry for the delay. I work long hours 12 to 16 hrs a day. Its been a long weekend+. I did follow the link to BITs and It's started. But the Automatic Update is missing. I tried to in stall the update from a run command, for Microsoft article no:883614. Installation failed, error message pops up. and also from the windows update agent installer online, i get, update agent installer encountered unrecoverable error message.

Is there another way to install the automatic update agent or best how can I find why im getting the error messages.

 

Do you have your Vista instal CD? You could try sfc /scannow from the Start | Run textbox, or a Windows repair.
I will do some checking to see if there is another way to remedy this.

Does C:\Windows\System32\wuauclt.exe exist on the pc?

 

No Vista install CD the system came preinstall. I ran sfc /scannow, a command line box pops up and fades quickly. The wuauclt is in the system32 folder. I tried to update again and still the same error message.

 

Can you bring up the event viewer and take a look at any errors in the 'application log.' Look for anything with "Faulting application svchost.exe_BITS" in the description of the error.
If you find any. let me know.

Are you sure that UAC is not interfering with any of the fixes you have attempted?