Jump to content

System Restore disabled and msimg32.dll failed to register


Recommended Posts

First off,

Thank you to anyone whom replies. Your help is already greatly appreciated. I can't seem to get System Restore to re-enable. Also, (may or may not be related) when I attempt to run two programs that run very intense scripts...I get an error "msimg32.dll failed to register" I can recreate the error every time I run one of the two programs, but the second just fails to run completely. I can also still run the first program just have to click ignore once and after I ignore it the first time I have to cancle it 10-15 times before it actually starts the program, but it starts nonetheless.

Again a HUGE Thanks-In-Advance!

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Mr. Incredible at 20:17:13.82 on Sun 03/27/2011

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2498 [GMT -5:00]

.

.

============== Running Processes ===============

.

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

I:\WINDOWS\system32\svchost.exe -k netsvcs

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\spoolsv.exe

I:\WINDOWS\Explorer.EXE

I:\Program Files\Bonjour\mDNSResponder.exe

I:\WINDOWS\system32\IProsetMonitor.exe

I:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

I:\Program Files\Java\jre6\bin\jqs.exe

I:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

I:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe

I:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe

I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

I:\WINDOWS\system32\wuauclt.exe

I:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe

I:\WINDOWS\system32\svchost.exe -k imgsvc

I:\Program Files\PeerBlock\peerblock.exe

I:\WINDOWS\system32\ctfmon.exe

I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

svchost.exe

I:\Documents and Settings\Mr. Incredible\My Documents\Downloads\dds (1).com

.

============== Pseudo HJT Report ===============

.

uStart Page = www.google.com

uSearch Page = hxxp://www.google.com/

uDefault_Search_URL = hxxp://www.google.com/

uDefault_Page_URL = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

mWinlogon: SfcDisable=-99 (0xffffff9d)

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - i:\progra~1\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - i:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - i:\program files\lastpass\LPBar.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - i:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - i:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - i:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - i:\program files\lastpass\LPBar.dll

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - i:\program files\daemon tools toolbar\DTToolbar.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - i:\progra~1\yahoo!\companion\installs\cpn\yt.dll

uRun: [PeerBlock] i:\program files\peerblock\peerblock.exe

uRun: [ctfmon.exe] i:\windows\system32\ctfmon.exe

uRun: [sUPERAntiSpyware] i:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [sBAMTray] "i:\program files\sunbelt software\vipre\SBAMTray.exe"

mRun: [iDTSysTrayApp] sttray.exe

mRun: [<NO NAME>]

mRun: [startCCC] "i:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [TaskTray]

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

dRun: [ctfmon.exe] ctfmon.exe

dRun: [iDMan] i:\program files\internet download manager\IDMan.exe /s

dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

uPolicies-explorer: NoResolveTrack = 1 (0x1)

uPolicies-explorer: NoInstrumentation = 1 (0x1)

uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

uPolicies-explorer: LegacyDrive = 262a9b001d90c4b0c4ab8290191452372048160d7311bb60f94219b4f6a71a5a443c1f44df9d9f17a7be118262dc0dce01b4aeb724f23a7be0ec0530bf90925a089bfcbd410c9470f3d9cc33dbade054024b2082ea7829f71c72d180400d293a0cfbb0fa144ac6ebe42e63794c01086efb88f65b4f789e3a6c395a518ce95a5995a4e1e0f103b1ec9ae2c3e174673ca5e03f9d018e2b3a4b92d2bced42bb5a0b39208b9778fb72b6dfbb9663cc54e5643fdaf97d3c4e9ae371b783f31975692420d3393b88dba1be0b6ed3aa0294866885103dfed437cb82f50317d59f641d8d57d63533d938ec98afb9dc20004adb4f31bfab938890f3c8001f9dfff99c2d7e2f265207e933bb5e72312c05cd6dd14aa535d283833927994337aec3c9d87b94f0d46f38c35d0cfaf0bb870a79341f7ead2eaeed9657977e4435855decac1af468b9ab544f2b21d277109f15b86d646df332f466536c729ed3bd51d301092b400173f12ad48845b6dab924fd960fc862b21acd23432a922f4dc2e2388a4ad408df6704ef185041925f2dd593682dc827a7c24e020decfabfdabb2e81b30fd6dbf4a356ed474ac0d075784b347d030148e32bb7da4bd842c04624e8766c191508abbc4f33de4a6cc7a2c1034f65eda220f4bff63c9f068f6c5e1d90d8098c2f6f25d6bad90806d8ad3e8c12e52c47928ef3e32ac4976597de610408e6823bda4cf81ca6dbb6e77debffdb72d9134c59b40df6cf390c917a0291a5c292fa28a0a1144b26873d83a8c08ed038eac74b9c81f90aa1ee8244b1c03eb5a839fc44e40c2fe49b65e6b8722aff7a4b80971d5e92c4b18b8d8788eeeffc97b502d41e2ea3058b2448c09c6cae42a4c5bb3e31d1ba127fcb5db7301f7091a3fd72f76afea7efff0a6939b279bf90e678312c7dafda8b9120be7165535e2d9bb08a1fa72c77778328113fa495929c2d5d545164fee384627857c5c50e6ae14c4c78a38271efc5c3faacc5637e3a0eefe23acdb5cc0800865a9bcfba13ad20751e1c6629b191b95ccd5f2cac29ae5b106bd843609e135718e151cf585c64443079667a1b50587ce3c96209ef228b39a08732ff5f5bc36810c25f61ffa8d1d77405c51c8760348d36922372b5cd8d2505dd9e76c8ad214f540c3c9406b15b4dd97d6a07370147770e40776127b617b8b4991607279a5ea20f4b7fe0b28d7ce0109a1fd0ef300570602d5ac59fede4123cd243047824772df21ca2b3833b0f4a66e0745f9c1a74968ebb6877f5ae5f64f78a63cf9266fea93eeffd1eceb9747f98d3f80380d59e57a34adff3f4281230f7320182df1d96fe003cee19875daeb369ed9a54996364b57edcc182a403c25eb23462279ce15b7c19343f7d58f6c3d2eeaf5eef130f13960f8c8a9def4d66f9f17c47d3db6ea65e82dc6e0ab1f762a0dbf824465d579f53023ea262cc3dcda5f23fb17c25bd3347173131783ece69ecd56e967b25ccdbce02f3657098f64c2868e2bb878df151bd4400c7b0ddab43d250c9384b24cfd98d299d161edd888292975b4dad199b72c868103176db80c06773be3e8c6ae3e87b0fdc8f16d025496799d367cf5dd8a860f183ac872146aceefebc67a075ea606e26a4c5469272f5b493d6d91a6878cbfbe000a55a42a9846e3098cc9dd16c6ca82e166324ddeb8229ddf7744ec295fdd4123c7f21ee9cc270f5eaf4c86578ef2a8388bb0f3e6254110fa4ade923dacbf499bc4e18ead4218919049b3ecea5c0fd4d3524d7f0fc00f1d5ef848bd4d46f3ab4a7de789e3d615fd12754b298d96d1d790b91beb060ece3db464016f71d7d578b9b93a8236f84cf0024bdd4570e49a6d816cf787835b24eb28ddb7f563a452cd1886015af63b3b15e0ec47d35183c94b48d47800e693a50e45278ea548696a33212bd0d954450109664cf3d549ffc5e3b443c5287333f18950391e32917c1560b01907b2363b090cafe680da4bd89cf2df5a47595eb7a0bce97b4e5e3a7d5ce8bc76c62fe208eb9071e83465b77c0fe296915bcf24228e49b262246c10da8464c0b0d3a4795d4c614ee7f1e41098a2ad0791f00d711952413a73a43ce6a5024067555dbcba58740e9a8a89fc757ffb18f469fcb8f99eb56df195a7f4586782f552f2e3eddc142e3805d2170a0eddd3c81b7bf72e0ac324da692190f3e72bf8eb37da21c9e37420c99203473f794722cb2f0f51fa5f686c2fc73d1dfe81ebb9897c4f5a963a2d1ee4a1255259e6b8ef4fd22272e84353a5240c96655e51122f2a1c373515df5e616efdc9fe9bfcbeceb3e04607627e430f9055add03f69d139dae1fd1ddbfbccbb817380d18cae8e02e11aff10a932cb069e432f7ce4c79ecd4c99328c2572119606e46a40995cd5c0f0276e61f0afac67d32f6b05eefdedf636ef907be27ad8a97b5fdeeaee5508f410d7491309fe2195ffd44bd5c8f343842134763dd354a610e60cb1971d3dbe93ef713986df0d58d1e72ead43f37d6d7ed4f6db98fcb14b50c4608e0ad36fcf7d2cd695be41e265a8a8138b02038eb4e6453215a73d0eb76f50756459445872bb2b80b555b8b68fa7851f8e046a7f7210715da2ff736e2d1168219f201b4e69d00f1c58408e6fbdf3bbf56596a9bcc21d93d5f3e420443221c1d43831cf76166fdf7bd7d7d6eb8b2a8c858045805ee92fd6df7f59a8041d3102d4eb19f44fd09aa2c679d95bad9080ac6f91fa0b26e57711501a6a83f55761d7b190326918204af8ff98d8dc910340f1fbb72d67ebd4de7a96034ff3a692b26e34b2787fa9bbc7f35c4f5f4b2fc83e83a771b4ec6da191cab42f269a192a6a719d32a857fe3766ea223f7687b7b843fbe9f93e0af91ad0337671f0d374ff3341cd01ee4b353fb613fe1f8aeca2e8faeb8d7798aa2e81e5261a14fe7687a371857648f0bcefb5212df7ff8318f88d2071aff698fe1ced21550c177eac0dd195c9cf416e5c376e8a32e8aef08d35d70d3c9badd3facdc577a43807158603d374908186e88d4531e9697874ee741f20fdb0412c2bcefb5737f3574c517018f31d9e6a4edf5e1060ffbd3629f9e35a3efb707122f8c09c23c532e2bb9f24e1561091bb79b3256214f8742d7f9655abffc703f3d38d8f49cdeda4db08389a5b97495ced08b4aae50ecbecbcc3ebe2ebd5dbf436bcb5625180b021c7b4a4c6470441331ed6621ef383001ce57de157ec847e3377305b0fdddd650229e423c0c157fe5385a91487f74b5c399cd0027fbdfe2440e553f336fe7abc76ff3a0e07a08fe2f93edff54e8e66e43aa3214ec1bd8731be9a4b79dba6ceaa40897676c2fe0911fc458c5f629aa8ca25ea316ea1af2e4951b2cc48aba120236c29517dd2e821d3816218092c13255389988f4b9424cb39b7a4cf54c4496645b45467ae86e9c465adb526d4ffb2c6fd9f2d02be73bd8a501922608391177e75e993bc87273a4e35e37fe27e5ed3e957ed773dd52871ee7507ea44e6c713a852571f94a0a6286c37daef2cdb73adf910c9ae558708033a03b7b7a6f29de06e7a5fd2e1b47a0ef219bb1d4682438194ca0890fe88ebcc22cee5eda2fd14866bfc6ef6b01558714f6e5c5cfa57776c6e298c30ebb36b32213b2f1918d36d0f3ab498c2137a1d2a6e33883702ca1b5cb849dfb90afeae79a6e5bcd7a5b2dc96c149903899ba6313efd419b5efc328fea314582d378b4ab320c1a4f09830bbc3bb940dddc0af40dabc48d29dddb7fe91ddf6e70d02c92219d6060b52d13678a2fc2783ea00b097d4920db178976db5654bd468e7c1511f5aa2f7f88b5c1913540ac6e03e4d6f6a39f123a2f34e8330e7e99b317055e9bf9cff14fda784e673e85bba72bf606328a1a0efad1a8847bdf0af3a927fcfe271156e9b99d265cfc4a026355369df2b82786974549089ae5b717a26b87c09ce51f223321a61be771b8215fac5e6d00753d5fbec00d1e32914d7eed0735280d9aedf40da1fc9ae117038a439eab1848c4dcdc36862f599912a7dc94d7d19ba776a5f74f8d6fa5633fd5454e5642247f9c2e6cc7a89f9802f7f02bf93ed1a287ff8fa7fb5b9587be2733e635429fb1e9253a55e6bb142f6073b1439d940e300ed1df63bf1e1b8cf2c29cba4e07acbd3ba00a70ff0218ecdbbd36df568f3e902f86141d95657f079a4937f1e68c3ea5a8ea7458d2e2662f865f6801cb98e35f8535efd2a4b325639b09ae61148ca05ee2108b7b37504eece5178f30a00c802c841c648b85f872b837767b519041ce7af0cf597660941278177695b643800fc006da5a10bef969e28913e74508d61b7364590f5e8f53f18bcd8ab923728f0c48eda961a5ef050f6249635a95b551393b33c167786a91dab5300d3d439fb6a1416b4170bf72e3a22395cc33ccc7f1d4f6630fe0dec3ed93260ee1767a51951e74d20b16bda0df1a766fcd86d6a3720d14abda57ae87902be40bce501ea862996e6e245385a35782df217f6c3bf9725c4e5cb2a0b8bcfad4372e17621b13f94afaf70a1fa4b9be5259ec6cb33a7e5c35fe9721f2e6c4296ff355922056033fcf2f28d72c795b46fed9f1a1dfaa6bad8887858d9f5520e944848049e691b7c25cd061d5316892943f9f0d067f58b7cd1fd94b06d5d24e71749b46d2bcbe279777b50ebac1f531e9a82b16e5f5ffc5042848b4b7ca6b7058a5e03dacb7bcad8cc9b867954e8626208e61057504e8f93b042c9f33a0083827cdb1f11cc28d68cfa1496d6059250548cb93b5902b01fd45aaf32227525430a1310e9540feb9d8f7d9674f4fd5a3499a8fe766c3d124e7d80862c4c5f9a6f862af1820b1b86544609163f5965ef398ecde2c01b89fb644926e73c71112659cd63acc0eccb38e7aaddedc60c96213babe031ee08d1c61a8bd345e27258dda57e7932893011957fc22e6aa1cbb7048c958e7354c317581c3fcc4c0c406c2b94382a162b621210d76e311dc692c137ade1aa10db8164d66cfa94d7b9391953618f21508d17c956b3bc665385c0cdb3b5f1aa7378c6c632b78946bd479dcef735d2d47d05c2f867f4ab25162114df26f5f44a8b49caf41981fd9eb63a1e74801f2bac002ea151be6a3034fbb98e5739638e226c41d24cbd81bc368d101dbfbc3663d6129a665787d27ac8006e1bfc8f11d5086a47c0c064f3ccc07c4b70f61882ca8ec2ac2b49ed3cacff31f4587922ba6112defd83ba9cf9583a27f6c8c2562c0da9a216a60bfd04658732241cc261a6c5b8ee34e3a9bfb7f79ae977288054493f97aca92876e55fe5800d7157f82a8dbc52d6f69a9134688a556197eb3984f2810b2ad49f340a9772252ddd843658483a06b579be72d8bd0118f03cb3716c4cda8a7a9933892587cdace74ed728614f5e4d5752d71ceebe343c01e7746b872043a47c743068563ad50552ce04aeb1b44cfcc8cedeeae951cc546bf0de353a18b3d077674875c21b252a96e6d78749b7fb9881729a6478904be41143ad805daf5c036bf1825e26f2db310a29f7c989e2a9c38fe8f1de3b38c185c480b1d04956a9ad5f0a71be63f76bd17ab782bb55dfd023506ca891a2b199c19c0e2ea7cf95961c45db8e5921c3e48c8a27877eb6cbff1cb1b027e67c7c51d0b956a3ebb8cb031d4a479dff120d0b80c1ed72aece56decdea89e2ed5ca5ebff53402696fa36476f44fee726fcaf433f32c4717f26d078db112b8d7f80c980d0edd3066e4fc2ab3917b622cfee73f6fe36f44c6f249e2a9515291844ef51e95b94f4d47e9078e856ff0a1292ef50eaa8d6e1f3ebf5242a748a8b050bd3f4c98cb9fce6e7a3f201eb3f9086a00ba08dd947e825c8b7c20fe729d731d0a33dbae49e8a6cda2f47c9c8694fa4eb72bb79d7f8cfae2c7b1d6ab8e3018e522f49268063d111e8de88e68a8f1a9bdfd365294397eca85a6b9caab0089014c8402c4bc4bae027ed6d576adeafb209a9ea9f5b7b271d6b4222cbfe7fbc28641f16ebd329f23a5a20ecff0121309ace1d9590d07cc936d05b663911c28282ebe1c06ab42d83629db16a1c1cb61ae0cd4c258e9f09c837a41d590704b362f89611574565d312d4294dd7495d00a618024e19dc0c518ef2ba17257d152b3d9b79f1223e146ec70b0f8b6ac6ea635d928fbf1b1bc29e78d32e97e8550bdbcd96879ba8f7501555e665427cbbacab5924d99ea47729ec53d41bf5b4ea7323ccefdeb1e3fa2571102c3f85dd0827ec4f3549807b6a70aab1ac800fdca05a254510ee8968ba1b0fe59670e1c9919e31d56e6b14c3b19add94ef716d9dae6c68fadd506ea84d7a7f34ec4114e976bd7105c45123f7063e583afc9902cf76794c6744b17ee21148b658baa8b63d82c052e092a9eea7c1552b3b5f35be95d5755cb8b919f48432204113c729bf3e7c6eb64ac6c535cd37738a966733422f6159472fd5de834bb59958bd4ea860aa7ca1fd1dbce73f93a69b633c372f5abfa2704338371b89def695768d61c4d9f268b21ffbaf6a7582f5b7635f3399cbf9e9991df86e34f6aa38d7e4fe33e5a2f241932b2bc2aad7037e05360fa1d5093268a7522c02d80640e3d9d6544352d945f27c5bc52537a3660f85c5cc96a4040a865c39e1ca18b10a6a6d081d2e21be41af9954e26075ce561991d7b52e901900d0dd789ef3c09f8d532711e8bd66eae871b36d4d8246e7659abf8ba2aa30cc8611c8ad1fc688e501a7c45906b98006ee62b8760baf0b0b6865e3020cc3fb0aa71a39e23a2ade7581a494acb2c0a60c1e2671194f9b4b54b2c50796db5210517123d5c4d05ea038edec965abfc4e76d892739704a7aeb9666120c659820f3c6933961bae009b02582502958c9c0820216f0673837f7290462adb5c0b998e7f2ecd5c16a6ee9ea82de0755ca1165669ababc7cd9eaf6342a2be246e11d8e25a216c1625c4b6e4facc4b593f53f3f10f5ab65cebb03a81ac154cb5c4bca0bc84865e6ee82b3caedc7727c4561371c8defc77b84d3381c8d5b6e9f941b080ed7eed2dfa5b90d77d8d088571f640c440261649d8230fd802654964ef25b17814d875d538f6bc5dcc95ff95307ac02e1400d2471a3f65e67e8f3b4bd056f72651d99808a052411896423b076e083c4629b3ea7630159b1f3c185fa673554079d3e3c88dd46dc40a498848448843f3eecaff748ad581b74d24d845d74096158711c6db6fecbab408fb40452e36c6526c8fc18c7a6d4eab045c1abdad0380be5456f268960c9a4c94544122f6c46f5e2f92d4030306e6bc472fcc29e9d67b7730b01f33f144d7bc60f07b15c7a7d5cd8ec55dcc0c183de4dc9f05b43091a0cd68a18714e481346716a5da84db4953260bb55a704ec0fa8f3293469c7baf4bbfba31439a22550be5963ad85506e525c3fcae87ef8a72032531e7ab5a4ab24abe9995684c7995c9457c0937dc52f28133ec8ac486e01fe9a610226faa867b6be1a320cd0a79e6e4c87597255041442865e8ddf3863cfe7b66740c689c1a81fa199c2584e8e661bdaf7d18678a9beba7dfa3011c9c5764b7c04ba7cd1d99cc6a5cd766e94146fbc1304caca2f12518c1b0d57d6f486120f1c03ef08c160a66df3c7aaf7561940d9b711e7b6fdfdf568f3aa2e3a5007d0c3a5584289671dc55ae87c26d4853cf3660f27ad9cbf7de961abbbdb5c1f4c6c0788a13efe2a6f6e46d0bf59879a91396bc6f5167e562754d7fec0a331976a8e5a43895767d1c50ec1d6a12dee48aa0b61ae9ba00ae11d72de387749046f4acade38409b3b88c9a476a6f458337c25f3f2cae7a8f98967e8cc0fafb58d49cbe5c22e1a3d48a79a98e32424cee7a6a0fbf3633d458040bbe801c4ca02b68c757d53d0a82aee0da2da849ddacce2796cad7239624fb69f1cf0565f041aaca056e19d90431d3e08feebd01d2757334712ae08fbf630bc5311234ee12a42095867829b1b776b4b9db9305103c7b65e51ff5d25102155c3221b3cf363f1b9236a206cfc660cad40ad9cdbaca853f44c9f00909530200d616845f4e32e074d3932899aa7f5a66596be3255413e16186d9caad94190e19e8985ff61dd6515a832fe11f1800052fb40b86ff831d125ab8ed8d608048a9ce356bb680d5b0bb33b26ec5906b1a7f661ab20338cf5bf0f73e48bd10b4df4da94f17c395286f2597f66857e9827940168802158a93f157d5c07eb200c6182521339f642df8d37b0e280db3f5fd2cb9f21cd3fdc11ad259e73ee1f3fe8994644ef38b1a9df8e9fa4753084a910a6bcf3aa1aaf53253d458a851f8cfd2616110e2fb727c00ba2f9aec6bfec3e463af1fc816bbcf7ce6c96c8e3977b119ce5674e95136dbdf2da5cc97a1b2a54916f62eedb0d6cba32302f751c841ed8eeffe71a8bf77c90e7f9d62684512f6164050e781862d83506eb186df3a25e0edfa6cb994ac96b37fa8b36f573ce5527e93b98900dbb84ac7a6385d0e9178dc1724ed3721fad67a942216d380c443d14e4508fbe4933377b4961362906a9eebbbd5d619f135ef5ea8b7b47096ca275473d468bb0023d89248267dd526dda8a4078ed698f1bad557c44f2866c11fab3f48917aa4e69610328edfac39f7274df9cb47aaed133f96f2e857c444a25a669a2d56e5085b9dd6247f0f2968379ca4d7890490e332e1b38f3ae87ed1cc6c863a452338d88b2dc95ca0526d78778cc98b06c5aa809ce1f7f37595ffe4968bfc69d4b039f3b4da9f59ffbee011a5a0ffa45d69125f8cfa464c68c025605d8814f6af95207c62f0fa6d57003f7fb75afd1d94da7317cef319993443e059ec6bbb15151d5e3daa76ed46ecaa8ff91d764f8f1c7a83713a0f3061c5a027bb380cdbfaae4c707d9d56148bc041929655a924bc8955899331175826baf4943b638580d8a99db505032c71d2d064329c8e1a848d4c6e17b36262ae14715f78b1ea431f035def50147cd9f63622045a9795308f15084d0d5365369c0c499c74a74f40a20c9166adb76c867a0a84446de808a2d17f37757a652415a8e7b6592f9df2c3d542ed7df7fcc35c728196ff78e34d7e4ea86b22aafc7627689c4ec07ef2bc5c32814e288a8463d505d2829b8805f07e9bdb81d0d5dcaef7953ee870f3052c14f76ed89a088ebd5ea73775605d1bf6e890f1346849df63341b06575ecda1b014a2786487dc5762f97fc0761757dd6d8a3cb879c995aed6311b21ae57df6e3b9d8f1f2b03f5614840c0b8581187f142d20b58734bbd2c80cc80500d7cacaf43edee62528af5ed0d88baaaf7a50bf981e4f6843aea97c840a82ed0fa3a7444090f30a37b4b05cd42698ec4e525acb376991f30c4a654bed1957e9687fee8a7a6e98adb0134da9cea34e4a096eb9f9dbfb6aa75955f6e2ba7c990e5575e2180de04c325914c0e1d62ec32e6a96fdd86252b5f1f3d740bc48c0fe18b9de96be3f309e5284dc4a0752730a8ba84daa50eebbcff46b06946c6bd748bd097ef8fa4baed9f96bc97d1b48bf49ee188b095c0dd1b50d41174a8e5d96825a532d6b893acd5ad2009f8db1006d01e2479b307f69cbcd124a91397b0a76fc5a783d9cc0162b21bc936d0f74a7d8fc498b8b417970ef3d726383515a071d591531fb38034b6848cd0da6c1d86c3ced7f4e66263afd289733758de002aee0ed6b755e953567ab96cb69ad2f0f7aa6a111af6ab20b60807ec98eccbcc5e9cf0f847d9914edb9b15a959b45391fa06fa0c7af230b6d51379144e2ddb26b6603f3beba21b099f6b4efd5bb24bd0c3197a5b1b65dbac0a30ed599ee2ce1491dda380cbf83a439a272fee5d7a98ccb8d199f300fb5941b448742c7e8ff3edc0767be46fedc43824fc4dbe70bf4f1c70aeef2ea222b7a8f71547fd2a2a48804feda2c9af5bef5bd3a52f83df31bd8321e281f0eaf29968599dfc11290576c9cfec7eba1ce91d5fec79aa3b0851d8cb4bf3f3b9048067529ccd823a79b87b5f21bdb22ba3c439fe323d94db146fbd61ba0d6bfe310b945fb9af312bb2eb41f0c0eada105d27e9b9b37748ea766ee1e7681a98d2b73e332976f76c904a9f45d166f29c21b96fffa46501c13474df4e5ec6b1bbae4ef4a22d7e9f2c2700076f32a700fb6ba545af03fe1ad1fb3c2f5ed52b65c89f892a1bfda861f9167fb6b1116c9d322e788a6fa1dd6508a0c53826bb552ba66ceab37befa3064d531fd266d1882ecf5ed0d1b67c3a8213551dcf8b0ae40295495a51db1d2455e30be08fbdee5a8d4421b2f9e0e2e9233d8519886928f6e1d1db5e606c04323636026558e0115283c66e537d21bb8f9e7ea413906ec3245380c1d4846cbfd4de91f48901a29762729cff68e4fb0817efb62dba6cbc47253f42f78fd34eb9d2ac264effa0126a473163ad1c1ab4d5932870320d4b945a16edb71d8d8247bc056115556cd214a2ea685de30c917719226bd675e5d9a1105ed6b8dc030a97f6db229bb38f83468eb148ae692519f4b42e7e87efdf8c3e6ad2c4a4501b3892e37fef0409e28b2508ff29ac8e5c896bf47c6f25c35649a1780611fc84c37543971136411e37ce960af45509ded46ea520be6bbded5bc3632a51150d885eba024599f7bdfdfb7792c21df8936e4344b5389a632f86be0f23027f6880f0e5e927bf719b4ddea68820d0c873ad83e4c601de10cc8e99f420d151bd8a6632dc21382cdaa863ad8c2954c0e994cd69efbedcd038a90ea2cd06e0b53ef876ebf31b9058bdc5b9a7b08cc1b935086e905bd96f6c6eec9133cbfb3516f2530272dddad7f490500401f2cad5b955dbacbeea6e3e651ba962be093adb093e952271904366f7487dd2ac84f90e23da0408263ed1f4a8261191fbebc3af43734eee2b0dcdc8d69caad218f86e3ee791d7a50c562b031ed5cdcf03b1a30e7ecbfe453e97b122075e383fd8b225f86eedc27d0adaf82574b16f064049f7c2508927a39a1f43eb00

mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)

dPolicies-explorer: NoResolveTrack = 1 (0x1)

dPolicies-explorer: NoInstrumentation = 1 (0x1)

dPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)

dPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

IE: Append Link Target to Existing PDF - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: LastPass - file://i:\program files\lastpass\context.html?cmd=lastpass

IE: LastPass Fill Forms - file://i:\program files\lastpass\context.html?cmd=fillforms

IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "i:\program files\fiddler2\Fiddler.exe"

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - i:\program files\pokerstars.net\PokerStarsUpdate.exe

IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - i:\program files\lastpass\LPBar.dll

Trusted Zone: intuit.com\ttlc

DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Notify: !SASWinLogon - i:\program files\superantispyware\SASWINLO.DLL

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - i:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - i:\program files\superantispyware\SASSEH.DLL

SecurityProviders: schannel.dll, credssp.dll, digest.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - i:\docume~1\mra16f~1.inc\applic~1\mozilla\firefox\profiles\r6so5yhc.default\

FF - prefs.js: browser.startup.homepage - www.google.com

FF - component: i:\documents and settings\mr. incredible\application data\mozilla\firefox\profiles\r6so5yhc.default\extensions\support@lastpass.com\platform\winnt_x86-msvc\components\lpxpcom.dll

FF - component: i:\program files\adobe\acrobat 10.0\acrobat\browser\wcfirefoxextn\components\WCFirefoxExtn.dll

FF - plugin: i:\documents and settings\mr. incredible\local settings\application data\flock\update\1.2.213.0\npFlockOneClick8.dll

FF - plugin: i:\documents and settings\mr. incredible\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: i:\documents and settings\mr. incredible\local settings\application data\rockmelt\update\1.2.189.1\npRockMeltOneClick8.dll

FF - plugin: i:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: i:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

FF - plugin: i:\program files\nos\bin\np_gp.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - i:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - i:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - i:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Java Quick Starter: jqs@sun.com - i:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - i:\program files\adobe\acrobat 10.0\acrobat\browser\WCFirefoxExtn

FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - i:\program files\fiddler2\FiddlerHook

FF - Ext: Live HTTP Headers: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} - %profile%\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}

FF - Ext: LastPass: support@lastpass.com - %profile%\extensions\support@lastpass.com

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;i:\windows\system32\drivers\Lbd.sys [2010-12-28 64288]

R1 SASDIFSV;SASDIFSV;i:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]

R1 SASKUTIL;SASKUTIL;i:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]

R1 SbFw;SbFw;i:\windows\system32\drivers\SbFw.sys [2010-10-24 331992]

R1 SBRE;SBRE;i:\windows\system32\drivers\SBREDrv.sys [2010-5-13 98392]

R1 sbtis;SbTis;i:\windows\system32\drivers\sbtis.sys [2010-10-24 212568]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;i:\windows\system32\IPROSetMonitor.exe [2011-3-20 109728]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;i:\program files\common files\pc tools\smonitor\StartManSvc.exe [2011-1-2 632792]

R2 SBAMSvc;VIPRE Antivirus Premium;i:\program files\sunbelt software\vipre\SBAMSvc.exe [2010-8-20 2763080]

R2 SBPIMSvc;SB Recovery Service;i:\program files\sunbelt software\vipre\SBPIMSvc.exe [2010-8-20 181584]

R3 pbfilter;pbfilter;i:\program files\peerblock\pbfilter.sys [2010-10-24 19056]

R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;i:\windows\system32\drivers\SbFwIm.sys [2010-10-24 68696]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 CGVPNCliSrvc;CyberGhost VPN Client;i:\program files\s.a.d\cyberghost vpn\CGVPNCliService.exe [2010-11-1 2421384]

S3 IDriveE Service;IDriveE Service;i:\program files\idrive\IDriveE Service.exe [2011-1-1 148936]

S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;i:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 1405384]

S3 nosGetPlusHelper;getPlus® Helper 3004;i:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-4-14 14336]

S3 pneteth;PdaNet Broadband;i:\windows\system32\drivers\pneteth.sys [2011-3-5 13312]

S3 PSI;PSI;i:\windows\system32\drivers\psi_mf.sys [2010-7-7 14904]

S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;i:\windows\system32\drivers\SbFwIm.sys [2010-10-24 68696]

S3 sbhips;sbhips;i:\windows\system32\drivers\sbhips.sys [2010-10-24 94040]

S3 SbieDrv;SbieDrv;i:\program files\sandboxie\SbieDrv.sys [2010-10-17 124648]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);i:\windows\system32\drivers\ssadbus.sys [2011-3-5 96416]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;i:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-03-23 23:27:20 -------- d-----w- i:\program files\Fiddler2

2011-03-23 02:59:23 -------- d-----w- i:\windows\pss

2011-03-21 17:59:28 -------- d-----w- i:\windows\Internet Logs

2011-03-20 18:05:19 109728 ----a-w- i:\windows\system32\IPROSetMonitor.exe

2011-03-20 17:09:48 53248 ----a-w- i:\windows\system32\CSVer.dll

2011-03-20 17:09:40 -------- d-----w- I:\Intel

2011-03-20 17:06:13 91448 ----a-w- i:\windows\system32\bcmwlcoi.dll

2011-03-20 17:06:13 3363384 ----a-w- i:\windows\system32\drivers\BCMWL5.SYS

2011-03-20 17:06:09 -------- d-----w- i:\program files\Lenovo

2011-03-19 17:38:23 -------- d-----w- i:\program files\Transparent Screen Lock

2011-03-19 06:17:48 -------- d-----w- i:\windows\system32\Adobe

2011-03-15 22:33:40 -------- d-----w- i:\docume~1\mra16f~1.inc\applic~1\Dropbox

2011-03-13 06:52:53 -------- d-----w- i:\docume~1\mra16f~1.inc\locals~1\applic~1\Yahoo

2011-03-13 06:51:05 -------- d-----w- i:\program files\Yahoo!

2011-03-12 03:58:09 -------- d-----w- i:\program files\PokerStars.NET

2011-03-09 23:29:40 -------- d-----w- i:\windows\ie8updates

2011-03-09 23:28:32 -------- d--h--w- i:\windows\$hf_mig$

2011-03-09 23:21:55 730112 ------w- i:\windows\system32\dllcache\lsasrv.dll

2011-03-09 23:21:52 1864064 ------w- i:\windows\system32\dllcache\win32k.sys

2011-03-09 23:21:49 439808 ------w- i:\windows\system32\dllcache\shimgvw.dll

2011-03-09 23:21:48 8463360 ------w- i:\windows\system32\dllcache\shell32.dll

2011-03-09 23:21:45 301568 ------w- i:\windows\system32\dllcache\kerberos.dll

2011-03-09 23:21:42 253952 ------w- i:\windows\system32\dllcache\odbc32.dll

2011-03-09 23:21:42 200704 ------w- i:\windows\system32\dllcache\msadox.dll

2011-03-09 23:21:42 180224 ------w- i:\windows\system32\dllcache\msadomd.dll

2011-03-09 23:21:42 143360 ------w- i:\windows\system32\dllcache\msadco.dll

2011-03-09 23:21:42 102400 ------w- i:\windows\system32\dllcache\msjro.dll

2011-03-09 23:21:36 40960 ------w- i:\windows\system32\dllcache\ndproxy.sys

2011-03-09 23:21:33 81920 ------w- i:\windows\system32\dllcache\isign32.dll

2011-03-09 23:21:30 45568 ------w- i:\windows\system32\dllcache\wab.exe

2011-03-09 22:58:51 4608 ----a-w- i:\windows\system32\Copy of msimg32.dll

2011-03-08 02:15:49 -------- d-----w- i:\program files\Playlist Creator 3.6.2

2011-03-07 21:59:31 -------- d-----w- i:\docume~1\mra16f~1.inc\applic~1\Softplicity

2011-03-07 21:59:29 -------- d-----w- i:\program files\TotalAudioConverter

2011-03-07 06:19:08 -------- d-----w- i:\docume~1\alluse~1\applic~1\MumboJumbo

2011-03-07 06:16:20 -------- d-----w- i:\program files\Elf Bowling The Last Insult

2011-03-07 06:16:02 -------- d-----w- i:\program files\Elf Bowling - Hawaiian Vacation

2011-03-07 06:15:32 -------- d-----w- i:\program files\Elf Bowling Holiday Bundle

2011-03-06 07:34:09 -------- d-----w- i:\program files\Free M4a to MP3 Converter

2011-03-06 07:29:12 -------- d-----w- i:\program files\NCH Software

2011-03-06 07:28:31 -------- d-----w- i:\program files\NCH Swift Sound

2011-03-05 18:16:53 98560 ----a-w- i:\windows\system32\drivers\sscdbus.sys

2011-03-05 18:16:53 14848 ----a-w- i:\windows\system32\drivers\sscdmdfl.sys

2011-03-05 18:16:53 12416 ----a-w- i:\windows\system32\drivers\sscdcmnt.sys

2011-03-05 18:16:53 12416 ----a-w- i:\windows\system32\drivers\sscdcm.sys

2011-03-05 18:16:53 123648 ----a-w- i:\windows\system32\drivers\sscdmdm.sys

2011-03-05 18:16:53 12288 ----a-w- i:\windows\system32\drivers\sscdwhnt.sys

2011-03-05 18:16:53 12288 ----a-w- i:\windows\system32\drivers\sscdwh.sys

2011-03-05 18:16:53 100352 ----a-w- i:\windows\system32\drivers\sscdserd.sys

2011-03-05 18:16:52 -------- d-----w- i:\program files\SAMSUNG

2011-03-05 18:16:49 -------- d-----w- i:\docume~1\alluse~1\applic~1\Samsung

2011-03-05 18:16:43 53248 ----a-r- i:\docume~1\mra16f~1.inc\applic~1\microsoft\installer\{64c85b95-e971-4705-b3ed-d4a0153c0d5b}\ARPPRODUCTICON.exe

2011-03-05 18:01:33 -------- d-----w- i:\program files\SAMSUNG CDMA Modem

2011-03-05 17:59:40 -------- d-----w- i:\program files\QPST

2011-03-05 17:58:22 14640 ------w- i:\windows\system32\spmsgXP_2k3.dll

2011-03-05 17:56:41 96416 ----a-w- i:\windows\system32\drivers\ssadbus.sys

2011-03-05 17:56:41 581192 ----a-w- i:\windows\system32\WinUSBCoInstaller.dll

2011-03-05 17:56:41 13312 ----a-w- i:\windows\system32\drivers\pneteth.sys

2011-03-05 17:56:41 1112288 ----a-w- i:\windows\system32\WdfCoInstaller01007.dll

2011-03-05 17:56:41 10144 ----a-w- i:\windows\system32\drivers\ssadwhnt.sys

2011-03-05 17:56:41 10144 ----a-w- i:\windows\system32\drivers\ssadwh.sys

2011-03-05 17:56:41 -------- d-----w- i:\program files\PdaNet for Android

2011-02-27 07:32:27 77824 ----a-w- i:\windows\system32\xvid.ax

2011-02-27 07:19:44 -------- d-----w- i:\program files\Photo Stamp Remover

2011-02-26 17:36:17 -------- d-----w- i:\docume~1\mra16f~1.inc\applic~1\DVDVideoSoft

2011-02-26 17:36:16 -------- d-----w- i:\program files\DVDVideoSoft

2011-02-26 17:36:16 -------- d-----w- i:\program files\common files\DVDVideoSoft

2011-02-26 17:32:38 -------- d-----w- i:\program files\3GP to MP3 Converter

2011-02-26 17:12:45 -------- d-----w- i:\program files\Audacity

2011-02-26 08:31:52 -------- d-----w- i:\docume~1\mra16f~1.inc\applic~1\SUPERAntiSpyware.com

2011-02-26 08:31:52 -------- d-----w- i:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2011-02-26 08:31:47 -------- d-----w- i:\program files\SUPERAntiSpyware

2011-02-26 07:40:55 -------- d-----w- i:\docume~1\mra16f~1.inc\applic~1\Malwarebytes

2011-02-26 07:40:51 38224 ----a-w- i:\windows\system32\drivers\mbamswissarmy.sys

2011-02-26 07:40:51 -------- d-----w- i:\docume~1\alluse~1\applic~1\Malwarebytes

2011-02-26 07:40:48 20952 ----a-w- i:\windows\system32\drivers\mbam.sys

2011-02-26 07:40:48 -------- d-----w- i:\program files\Malwarebytes' Anti-Malware

2011-02-26 07:38:15 -------- d-----w- i:\docume~1\mra16f~1.inc\applic~1\Logishrd

2011-02-26 07:12:51 -------- d-----w- i:\program files\ATI Stream

.

==================== Find3M ====================

.

2011-02-15 02:10:53 165058 ----a-w- i:\windows\Audio Converter Pro Uninstaller.exe

2011-02-09 13:53:52 270848 ----a-w- i:\windows\system32\sbe.dll

2011-02-09 13:53:52 186880 ----a-w- i:\windows\system32\encdec.dll

2011-02-08 23:42:30 659576 ----a-w- i:\windows\system32\ncs2dmix.dll

2011-02-08 23:42:24 514168 ----a-w- i:\windows\system32\accesor.dll

2011-02-08 23:19:22 135288 ----a-w- i:\windows\system32\ncs2instutility.dll

2011-02-08 23:02:02 1941624 ----a-w- i:\windows\system32\ncscolib.dll

2011-02-08 12:55:21 16432 ----a-w- i:\windows\system32\lsdelete.exe

2011-02-03 02:40:23 472808 ----a-w- i:\windows\system32\deployJava1.dll

2011-02-03 00:19:39 73728 ----a-w- i:\windows\system32\javacpl.cpl

2011-01-28 15:52:18 183296 ----a-w- i:\windows\system32\Ncs2Setp.dll

2011-01-28 15:19:28 266440 ----a-w- i:\windows\system32\Prounstl.exe

2011-01-27 04:51:44 302080 ----a-w- i:\windows\system32\ati2dvag.dll

2011-01-27 04:42:02 4029824 ----a-w- i:\windows\system32\ati3duag.dll

2011-01-27 04:32:14 212992 ----a-w- i:\windows\system32\atipdlxx.dll

2011-01-27 04:31:44 43520 ----a-w- i:\windows\system32\ati2edxx.dll

2011-01-27 04:31:30 188416 ----a-w- i:\windows\system32\ati2evxx.dll

2011-01-27 04:30:10 638976 ----a-w- i:\windows\system32\ati2evxx.exe

2011-01-27 04:27:08 2673280 ----a-w- i:\windows\system32\ativvaxx.dll

2011-01-27 04:23:52 651264 ----a-w- i:\windows\system32\atikvmag.dll

2011-01-27 04:21:34 196608 ----a-w- i:\windows\system32\atiadlxx.dll

2011-01-27 04:21:32 483328 ----a-w- i:\windows\system32\atiok3x2.dll

2011-01-27 04:15:14 847872 ----a-w- i:\windows\system32\ati2cqag.dll

2011-01-26 23:05:56 17252352 ----a-w- i:\windows\system32\atioglxx.dll

2011-01-26 23:01:00 57344 ----a-w- i:\windows\system32\aticalrt.dll

2011-01-26 23:00:54 53248 ----a-w- i:\windows\system32\aticalcl.dll

2011-01-26 22:59:36 4636672 ----a-w- i:\windows\system32\aticaldd.dll

2011-01-26 22:52:46 462848 ----a-w- i:\windows\system32\ATIDEMGX.dll

2011-01-26 22:41:32 311296 ----a-w- i:\windows\system32\atiiiexx.dll

2011-01-26 22:35:04 1112576 ----a-w- i:\windows\system32\ativvamv.dll

2011-01-26 22:31:58 155648 ----a-w- i:\windows\system32\Oemdspif.dll

2011-01-26 22:31:50 26112 ----a-w- i:\windows\system32\Ati2mdxx.exe

2011-01-26 22:28:44 53248 ----a-w- i:\windows\system32\ATIDDC.DLL

2011-01-26 22:27:50 143360 ----a-w- i:\windows\system32\atiapfxx.exe

2011-01-26 22:21:08 17408 ----a-w- i:\windows\system32\atitvo32.dll

2011-01-26 22:12:58 64512 ----a-w- i:\windows\system32\atimpc32.dll

2011-01-26 22:12:58 64512 ----a-w- i:\windows\system32\amdpcom32.dll

2011-01-21 14:42:25 439808 ----a-w- i:\windows\system32\shimgvw.dll

2011-01-07 14:09:31 290048 ----a-w- i:\windows\system32\atmfd.dll

2010-12-31 13:14:45 1864064 ----a-w- i:\windows\system32\win32k.sys

.

============= FINISH: 20:17:40.60 ===============

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

Thanks for the quick response!

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6199

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

3/28/2011 3:25:17 PM

mbam-log-2011-03-28 (15-25-17).txt

Scan type: Quick scan

Objects scanned: 164526

Time elapsed: 2 minute(s), 15 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

ComboFix 11-03-28.01 - Mr. Incredible 03/28/2011 15:33:51.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2433 [GMT -5:00]

Running from: i:\documents and settings\Mr. Incredible\Desktop\ComboFix.exe

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

i:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat

i:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

i:\program files\WinPCap

.

----- BITS: Possible infected sites -----

.

hxxp://update.flock.com

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_NPF

.

.

((((((((((((((((((((((((( Files Created from 2011-02-28 to 2011-03-28 )))))))))))))))))))))))))))))))

.

.

2011-03-28 20:36 . 2011-03-28 20:36 -------- d-----w- i:\windows\system32\xircom

2011-03-28 20:36 . 2011-03-28 20:36 -------- d-----w- i:\windows\system32\wbem\snmp

2011-03-28 20:36 . 2011-03-28 20:36 -------- d-----w- i:\windows\srchasst

2011-03-28 20:36 . 2011-03-28 20:36 -------- d-----w- i:\program files\microsoft frontpage

2011-03-27 20:35 . 2011-03-27 20:36 -------- d-----w- i:\documents and settings\Administrator

2011-03-23 23:27 . 2011-03-23 23:27 -------- d-----w- i:\program files\Fiddler2

2011-03-21 17:59 . 2011-03-21 17:59 -------- d-----w- i:\windows\Internet Logs

2011-03-20 18:05 . 2011-01-17 21:00 109728 ----a-w- i:\windows\system32\IPROSetMonitor.exe

2011-03-20 17:09 . 2011-03-20 18:05 -------- d-----w- i:\program files\Intel

2011-03-20 17:09 . 2011-02-28 13:09 53248 ----a-w- i:\windows\system32\CSVer.dll

2011-03-20 17:09 . 2011-03-20 17:09 -------- d-----w- I:\Intel

2011-03-20 17:06 . 2010-10-29 05:15 91448 ----a-w- i:\windows\system32\bcmwlcoi.dll

2011-03-20 17:06 . 2010-10-29 05:05 3363384 ----a-w- i:\windows\system32\drivers\BCMWL5.SYS

2011-03-20 17:06 . 2011-03-20 17:06 -------- d-----w- i:\program files\Lenovo

2011-03-19 17:38 . 2011-03-19 17:38 -------- d-----w- i:\program files\Transparent Screen Lock

2011-03-19 06:17 . 2011-03-19 06:17 -------- d-----w- i:\windows\system32\Adobe

2011-03-19 05:46 . 2011-03-19 05:46 -------- d-----w- i:\program files\Common Files\Java

2011-03-19 05:45 . 2011-03-19 05:45 -------- d-----w- i:\documents and settings\All Users\Application Data\McAfee

2011-03-15 22:33 . 2011-03-21 20:47 -------- d-----w- i:\documents and settings\Mr. Incredible\Application Data\Dropbox

2011-03-13 06:52 . 2011-03-13 06:52 -------- d-----w- i:\documents and settings\Mr. Incredible\Local Settings\Application Data\Yahoo

2011-03-13 06:51 . 2011-03-19 06:14 -------- d-----w- i:\documents and settings\All Users\Application Data\Yahoo! Companion

2011-03-13 06:51 . 2011-03-13 06:52 -------- d-----w- i:\documents and settings\Mr. Incredible\Application Data\Yahoo!

2011-03-13 06:51 . 2011-03-13 06:51 -------- d-----w- i:\documents and settings\All Users\Application Data\Yahoo!

2011-03-13 06:51 . 2011-03-13 06:51 -------- d-----w- i:\program files\Yahoo!

2011-03-12 03:58 . 2011-03-26 06:40 -------- d-----w- i:\program files\PokerStars.NET

2011-03-09 23:21 . 2010-12-20 17:24 730112 ------w- i:\windows\system32\dllcache\lsasrv.dll

2011-03-09 23:21 . 2010-12-31 13:14 1864064 ------w- i:\windows\system32\dllcache\win32k.sys

2011-03-09 23:21 . 2011-01-21 14:42 439808 ------w- i:\windows\system32\dllcache\shimgvw.dll

2011-03-09 23:21 . 2011-01-21 14:42 8463360 ------w- i:\windows\system32\dllcache\shell32.dll

2011-03-09 23:21 . 2010-12-22 12:32 301568 ------w- i:\windows\system32\dllcache\kerberos.dll

2011-03-09 23:21 . 2010-11-09 14:50 253952 ------w- i:\windows\system32\dllcache\odbc32.dll

2011-03-09 23:21 . 2010-11-09 14:50 200704 ------w- i:\windows\system32\dllcache\msadox.dll

2011-03-09 23:21 . 2010-11-09 14:50 180224 ------w- i:\windows\system32\dllcache\msadomd.dll

2011-03-09 23:21 . 2010-11-09 14:50 143360 ------w- i:\windows\system32\dllcache\msadco.dll

2011-03-09 23:21 . 2010-11-09 14:50 102400 ------w- i:\windows\system32\dllcache\msjro.dll

2011-03-09 23:21 . 2010-11-02 15:17 40960 ------w- i:\windows\system32\dllcache\ndproxy.sys

2011-03-09 23:21 . 2010-11-18 18:12 81920 ------w- i:\windows\system32\dllcache\isign32.dll

2011-03-09 23:21 . 2010-10-11 14:59 45568 ------w- i:\windows\system32\dllcache\wab.exe

2011-03-09 22:58 . 2006-11-02 09:46 4608 ----a-w- i:\windows\system32\Copy of msimg32.dll

2011-03-08 02:15 . 2011-03-08 02:15 -------- d-----w- i:\program files\Playlist Creator 3.6.2

2011-03-07 21:59 . 2011-03-07 21:59 -------- d-----w- i:\documents and settings\Mr. Incredible\Application Data\Softplicity

2011-03-07 21:59 . 2011-03-07 21:59 -------- d-----w- i:\program files\TotalAudioConverter

2011-03-07 06:19 . 2011-03-07 21:50 -------- d-----w- i:\documents and settings\All Users\Application Data\MumboJumbo

2011-03-07 06:16 . 2011-03-07 06:16 -------- d-----w- i:\program files\Elf Bowling The Last Insult

2011-03-07 06:16 . 2011-03-07 06:16 -------- d-----w- i:\program files\Elf Bowling - Hawaiian Vacation

2011-03-07 06:15 . 2011-03-07 06:15 -------- d-----w- i:\program files\Elf Bowling Holiday Bundle

2011-03-06 07:34 . 2011-03-06 07:34 -------- d-----w- i:\program files\Free M4a to MP3 Converter

2011-03-06 07:29 . 2011-03-06 07:29 -------- d-----w- i:\program files\NCH Software

2011-03-06 07:28 . 2011-03-06 07:28 -------- d-----w- i:\documents and settings\All Users\Application Data\NCH Swift Sound

2011-03-06 07:28 . 2011-03-06 07:28 -------- d-----w- i:\program files\NCH Swift Sound

2011-03-06 07:28 . 2011-03-06 07:28 -------- d-----w- i:\documents and settings\Mr. Incredible\Application Data\NCH Swift Sound

2011-03-05 18:16 . 2010-01-14 07:02 14848 ----a-w- i:\windows\system32\drivers\sscdmdfl.sys

2011-03-05 18:16 . 2010-01-14 07:02 12416 ----a-w- i:\windows\system32\drivers\sscdcmnt.sys

2011-03-05 18:16 . 2010-01-14 07:02 12416 ----a-w- i:\windows\system32\drivers\sscdcm.sys

2011-03-05 18:16 . 2010-01-14 07:02 12288 ----a-w- i:\windows\system32\drivers\sscdwhnt.sys

2011-03-05 18:16 . 2010-01-14 07:02 12288 ----a-w- i:\windows\system32\drivers\sscdwh.sys

2011-03-05 18:16 . 2010-01-14 07:02 98560 ----a-w- i:\windows\system32\drivers\sscdbus.sys

2011-03-05 18:16 . 2010-01-14 07:02 123648 ----a-w- i:\windows\system32\drivers\sscdmdm.sys

2011-03-05 18:16 . 2010-01-14 07:02 100352 ----a-w- i:\windows\system32\drivers\sscdserd.sys

2011-03-05 18:16 . 2011-03-05 18:16 -------- d-----w- i:\program files\SAMSUNG

2011-03-05 18:16 . 2011-03-05 18:16 -------- d-----w- i:\documents and settings\All Users\Application Data\Samsung

2011-03-05 18:16 . 2011-03-05 18:16 53248 ----a-r- i:\documents and settings\Mr. Incredible\Application Data\Microsoft\Installer\{64C85B95-E971-4705-B3ED-D4A0153C0D5B}\ARPPRODUCTICON.exe

2011-03-05 18:01 . 2011-03-05 18:01 -------- d-----w- i:\program files\SAMSUNG CDMA Modem

2011-03-05 17:59 . 2011-03-05 17:59 -------- d-----w- i:\program files\QPST

2011-03-05 17:58 . 2008-03-21 19:57 14640 ------w- i:\windows\system32\spmsgXP_2k3.dll

2011-03-05 17:56 . 2011-03-05 17:56 -------- d-----w- i:\program files\PdaNet for Android

2011-03-05 17:56 . 2010-09-02 22:49 13312 ----a-w- i:\windows\system32\drivers\pneteth.sys

2011-03-05 17:56 . 2010-01-29 20:39 10144 ----a-w- i:\windows\system32\drivers\ssadwhnt.sys

2011-03-05 17:56 . 2010-01-29 20:39 10144 ----a-w- i:\windows\system32\drivers\ssadwh.sys

2011-03-05 17:56 . 2010-01-29 20:39 96416 ----a-w- i:\windows\system32\drivers\ssadbus.sys

2011-03-05 17:56 . 2009-11-08 07:41 581192 ----a-w- i:\windows\system32\WinUSBCoInstaller.dll

2011-03-05 17:56 . 2009-11-08 07:41 1112288 ----a-w- i:\windows\system32\WdfCoInstaller01007.dll

2011-02-27 07:32 . 2007-08-01 19:05 77824 ----a-w- i:\windows\system32\xvid.ax

2011-02-27 07:19 . 2011-03-05 01:12 -------- d-----w- i:\program files\Photo Stamp Remover

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-22 00:02 . 2010-10-24 14:47 431672 ----a-w- i:\windows\system32\drivers\sptd.sys

2011-02-15 02:10 . 2011-02-15 02:10 165058 ----a-w- i:\windows\Audio Converter Pro Uninstaller.exe

2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- i:\windows\system32\sbe.dll

2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- i:\windows\system32\encdec.dll

2011-02-08 23:42 . 2011-02-08 23:42 659576 ----a-w- i:\windows\system32\ncs2dmix.dll

2011-02-08 23:42 . 2011-02-08 23:42 514168 ----a-w- i:\windows\system32\accesor.dll

2011-02-08 23:19 . 2011-02-08 23:19 135288 ----a-w- i:\windows\system32\ncs2instutility.dll

2011-02-08 23:02 . 2011-02-08 23:02 1941624 ----a-w- i:\windows\system32\ncscolib.dll

2011-02-08 12:55 . 2010-12-28 05:53 16432 ----a-w- i:\windows\system32\lsdelete.exe

2011-02-03 02:40 . 2010-10-24 14:47 472808 ----a-w- i:\windows\system32\deployJava1.dll

2011-02-03 00:19 . 2011-01-12 01:40 73728 ----a-w- i:\windows\system32\javacpl.cpl

2011-01-31 14:03 . 2011-01-31 14:03 119504 ----a-w- i:\windows\system32\drivers\ianswxp.sys

2011-01-28 15:52 . 2011-01-28 15:52 183296 ----a-w- i:\windows\system32\Ncs2Setp.dll

2011-01-28 15:19 . 2010-10-24 15:04 266440 ----a-w- i:\windows\system32\Prounstl.exe

2011-01-27 04:51 . 2011-02-21 23:18 302080 ----a-w- i:\windows\system32\ati2dvag.dll

2011-01-27 04:42 . 2011-02-21 23:18 4029824 ----a-w- i:\windows\system32\ati3duag.dll

2011-01-27 04:32 . 2011-02-21 23:18 212992 ----a-w- i:\windows\system32\atipdlxx.dll

2011-01-27 04:31 . 2011-02-21 23:18 43520 ----a-w- i:\windows\system32\ati2edxx.dll

2011-01-27 04:31 . 2011-02-21 23:18 188416 ----a-w- i:\windows\system32\ati2evxx.dll

2011-01-27 04:30 . 2011-02-21 23:18 638976 ----a-w- i:\windows\system32\ati2evxx.exe

2011-01-27 04:27 . 2011-02-21 23:18 2673280 ----a-w- i:\windows\system32\ativvaxx.dll

2011-01-27 04:23 . 2011-02-21 23:18 651264 ----a-w- i:\windows\system32\atikvmag.dll

2011-01-27 04:21 . 2011-02-21 23:18 196608 ----a-w- i:\windows\system32\atiadlxx.dll

2011-01-27 04:21 . 2011-02-21 23:18 483328 ----a-w- i:\windows\system32\atiok3x2.dll

2011-01-27 04:15 . 2011-02-21 23:18 847872 ----a-w- i:\windows\system32\ati2cqag.dll

2011-01-26 23:34 . 2011-02-21 23:18 6406656 ----a-w- i:\windows\system32\drivers\ati2mtag.sys

2011-01-26 23:05 . 2011-02-21 23:19 17252352 ----a-w- i:\windows\system32\atioglxx.dll

2011-01-26 23:01 . 2011-02-21 23:18 57344 ----a-w- i:\windows\system32\aticalrt.dll

2011-01-26 23:00 . 2011-02-21 23:18 53248 ----a-w- i:\windows\system32\aticalcl.dll

2011-01-26 22:59 . 2011-02-21 23:18 4636672 ----a-w- i:\windows\system32\aticaldd.dll

2011-01-26 22:52 . 2011-02-21 23:18 462848 ----a-w- i:\windows\system32\ATIDEMGX.dll

2011-01-26 22:41 . 2011-02-21 23:19 311296 ----a-w- i:\windows\system32\atiiiexx.dll

2011-01-26 22:35 . 2011-02-21 23:18 1112576 ----a-w- i:\windows\system32\ativvamv.dll

2011-01-26 22:31 . 2011-02-21 23:18 155648 ----a-w- i:\windows\system32\Oemdspif.dll

2011-01-26 22:31 . 2011-02-21 23:18 26112 ----a-w- i:\windows\system32\Ati2mdxx.exe

2011-01-26 22:28 . 2011-02-21 23:18 53248 ----a-w- i:\windows\system32\ATIDDC.DLL

2011-01-26 22:27 . 2011-02-21 23:18 143360 ----a-w- i:\windows\system32\atiapfxx.exe

2011-01-26 22:21 . 2011-02-21 23:18 17408 ----a-w- i:\windows\system32\atitvo32.dll

2011-01-26 22:12 . 2011-02-21 23:18 64512 ----a-w- i:\windows\system32\atimpc32.dll

2011-01-26 22:12 . 2011-02-21 23:18 64512 ----a-w- i:\windows\system32\amdpcom32.dll

2011-01-26 22:12 . 2011-02-21 23:18 53248 ----a-w- i:\windows\system32\drivers\ati2erec.dll

2011-01-21 14:42 . 2008-04-14 12:00 439808 ----a-w- i:\windows\system32\shimgvw.dll

2011-01-18 16:37 . 2011-01-18 16:37 30368 ----a-w- i:\windows\system32\drivers\iqvw32.sys

2011-01-07 14:09 . 2010-09-01 11:48 290048 ----a-w- i:\windows\system32\atmfd.dll

2010-12-31 13:14 . 2010-08-31 13:38 1864064 ----a-w- i:\windows\system32\win32k.sys

.

.

------- Sigcheck -------

.

[-] 2010-10-13 . 474D3DCCB57DEFCD917311EEC47204B9 . 361600 . . [5.1.2600.6009] . . i:\windows\system32\drivers\tcpip.sys

.

.

i:\windows\System32\wscntfy.exe ... is missing !!

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- i:\documents and settings\Mr. Incredible\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- i:\documents and settings\Mr. Incredible\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- i:\documents and settings\Mr. Incredible\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- i:\documents and settings\Mr. Incredible\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PeerBlock"="i:\program files\PeerBlock\peerblock.exe" [2010-11-07 1867888]

"SUPERAntiSpyware"="i:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-03-19 2423752]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SBAMTray"="i:\program files\Sunbelt Software\VIPRE\SBAMTray.exe" [2010-08-20 1348944]

"IDTSysTrayApp"="sttray.exe" [2007-09-06 405504]

"StartCCC"="i:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 98304]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="ctfmon.exe" [2008-04-14 15360]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"_nltide_3"="advpack.dll" [2009-03-07 128512]

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveTrack"= 1 (0x1)

"NoRecentDocsNetHood"= 1 (0x1)

"LegacyDrive"= 262a9b001d90c4b0c4ab8290191452372048160d7311bb60f94219b4f6a71a5a443c1f44df9d9f17a7be118262dc0dce01b4aeb724f23a7be0ec0530bf90925a089bfcbd410c9470f3d9cc33dbade054024b2082ea7829f71c72d180400d293a0cfbb0fa144ac6ebe42e63794c01086efb88f65b4f789e3a6c395a518ce95a5995a4e1e0f103b1ec9ae2c3e174673ca5e03f9d018e2b3a4b92d2bced42bb5a0b39208b9778fb72b6dfbb9663cc54e5643fdaf97d3c4e9ae371b783f31975692420d3393b88dba1be0b6ed3aa0294866885103dfed437cb82f50317d59f641d8d57d63533d938ec98afb9dc20004adb4f31bfab938890f3c8001f9dfff99c2d7e2f265207e933bb5e72312c05cd6dd14aa535d283833927994337aec3c9d87b94f0d46f38c35d0cfaf0bb870a79341f7ead2eaeed9657977e4435855decac1af468b9ab544f2b21d277109f15b86d646df332f466536c729ed3bd51d301092b400173f12ad48845b6dab924fd960fc862b21acd23432a922f4dc2e2388a4ad408df6704ef185041925f2dd593682dc827a7c24e020decfabfdabb2e81b30fd6dbf4a356ed474ac0d075784b347d030148e32bb7da4bd842c04624e8766c191508abbc4f33de4a6cc7a2c1034f65eda220f4bff63c9f068f6c5e1d90d8098c2f6f25d6bad90806d8ad3e8c12e52c47928ef3e32ac4976597de610408e6823bda4cf81ca6dbb6e77debffdb72d9134c59b40df6cf390c917a0291a5c292fa28a0a1144b26873d83a8c08ed038eac74b9c81f90aa1ee8244b1c03eb5a839fc44e40c2fe49b65e6b8722aff7a4b80971d5e92c4b18b8d8788eeeffc97b502d41e2ea3058b2448c09c6cae42a4c5bb3e31d1ba127fcb5db7301f7091a3fd72f76afea7efff0a6939b279bf90e678312c7dafda8b9120be7165535e2d9bb08a1fa72c77778328113fa495929c2d5d545164fee384627857c5c50e6ae14c4c78a38271efc5c3faacc5637e3a0eefe23acdb5cc0800865a9bcfba13ad20751e1c6629b191b95ccd5f2cac29ae5b106bd843609e135718e151cf585c64443079667a1b50587ce3c96209ef228b39a08732ff5f5bc36810c25f61ffa8d1d77405c51c8760348d36922372b5cd8d2505dd9e76c8ad214f540c3c9406b15b4dd97d6a07370147770e40776127b617b8b4991607279a5ea20f4b7fe0b28d7ce0109a1fd0ef300570602d5ac59fede4123cd243047824772df21ca2b3833b0f4a66e0745f9c1a74968ebb6877f5ae5f64f78a63cf9266fea93eeffd1eceb9747f98d3f80380d59e57a34adff3f4281230f7320182df1d96fe003cee19875daeb369ed9a54996364b57edcc182a403c25eb23462279ce15b7c19343f7d58f6c3d2eeaf5eef130f13960f8c8a9def4d66f9f17c47d3db6ea65e82dc6e0ab1f762a0dbf824465d579f53023ea262cc3dcda5f23fb17c25bd3347173131783ece69ecd56e967b25ccdbce02f3657098f64c2868e2bb878df151bd4400c7b0ddab43d250c9384b24cfd98d299d161edd888292975b4dad199b72c868103176db80c06773be3e8c6ae3e87b0fdc8f16d025496799d367cf5dd8a860f183ac872146aceefebc67a075ea606e26a4c5469272f5b493d6d91a6878cbfbe000a55a42a9846e3098cc9dd16c6ca82e166324ddeb8229ddf7744ec295fdd4123c7f21ee9cc270f5eaf4c86578ef2a8388bb0f3e6254110fa4ade923dacbf499bc4e18ead4218919049b3ecea5c0fd4d3524d7f0fc00f1d5ef848bd4d46f3ab4a7de789e3d615fd12754b298d96d1d790b91beb060ece3db464016f71d7d578b9b93a8236f84cf0024bdd4570e49a6d816cf787835b24eb28ddb7f563a452cd1886015af63b3b15e0ec47d35183c94b48d47800e693a50e45278ea548696a33212bd0d954450109664cf3d549ffc5e3b443c5287333f18950391e32917c1560b01907b2363b090cafe680da4bd89cf2df5a47595eb7a0bce97b4e5e3a7d5ce8bc76c62fe208eb9071e83465b77c0fe296915bcf24228e49b262246c10da8464c0b0d3a4795d4c614ee7f1e41098a2ad0791f00d711952413a73a43ce6a5024067555dbcba58740e9a8a89fc757ffb18f469fcb8f99eb56df195a7f4586782f552f2e3eddc142e3805d2170a0eddd3c81b7bf72e0ac324da692190f3e72bf8eb37da21c9e37420c99203473f794722cb2f0f51fa5f686c2fc73d1dfe81ebb9897c4f5a963a2d1ee4a1255259e6b8ef4fd22272e84353a5240c96655e51122f2a1c373515df5e616efdc9fe9bfcbeceb3e04607627e430f9055add03f69d139dae1fd1ddbfbccbb817380d18cae8e02e11aff10a932cb069e432f7ce4c79ecd4c99328c2572119606e46a40995cd5c0f0276e61f0afac67d32f6b05eefdedf636ef907be27ad8a97b5fdeeaee5508f410d7491309fe2195ffd44bd5c8f343842134763dd354a610e60cb1971d3dbe93ef713986df0d58d1e72ead43f37d6d7ed4f6db98fcb14b50c4608e0ad36fcf7d2cd695be41e265a8a8138b02038eb4e6453215a73d0eb76f50756459445872bb2b80b555b8b68fa7851f8e046a7f7210715da2ff736e2d1168219f201b4e69d00f1c58408e6fbdf3bbf56596a9bcc21d93d5f3e420443221c1d43831cf76166fdf7bd7d7d6eb8b2a8c858045805ee92fd6df7f59a8041d3102d4eb19f44fd09aa2c679d95bad9080ac6f91fa0b26e57711501a6a83f55761d7b190326918204af8ff98d8dc910340f1fbb72d67ebd4de7a96034ff3a692b26e34b2787fa9bbc7f35c4f5f4b2fc83e83a771b4ec6da191cab42f269a192a6a719d32a857fe3766ea223f7687b7b843fbe9f93e0af91ad0337671f0d374ff3341cd01ee4b353fb613fe1f8aeca2e8faeb8d7798aa2e81e5261a14fe7687a371857648f0bcefb5212df7ff8318f88d2071aff698fe1ced21550c177eac0dd195c9cf416e5c376e8a32e8aef08d35d70d3c9badd3facdc577a43807158603d374908186e88d4531e9697874ee741f20fdb0412c2bcefb5737f3574c517018f31d9e6a4edf5e1060ffbd3629f9e35a3efb707122f8c09c23c532e2bb9f24e1561091bb79b3256214f8742d7f9655abffc703f3d38d8f49cdeda4db08389a5b97495ced08b4aae50ecbecbcc3ebe2ebd5dbf436bcb5625180b021c7b4a4c6470441331ed6621ef383001ce57de157ec847e3377305b0fdddd650229e423c0c157fe5385a91487f74b5c399cd0027fbdfe2440e553f336fe7abc76ff3a0e07a08fe2f93edff54e8e66e43aa3214ec1bd8731be9a4b79dba6ceaa40897676c2fe0911fc458c5f629aa8ca25ea316ea1af2e4951b2cc48aba120236c29517dd2e821d3816218092c13255389988f4b9424cb39b7a4cf54c4496645b45467ae86e9c465adb526d4ffb2c6fd9f2d02be73bd8a501922608391177e75e993bc87273a4e35e37fe27e5ed3e957ed773dd52871ee7507ea44e6c713a852571f94a0a6286c37daef2cdb73adf910c9ae558708033a03b7b7a6f29de06e7a5fd2e1b47a0ef219bb1d4682438194ca0890fe88ebcc22cee5eda2fd14866bfc6ef6b01558714f6e5c5cfa57776c6e298c30ebb36b32213b2f1918d36d0f3ab498c2137a1d2a6e33883702ca1b5cb849dfb90afeae79a6e5bcd7a5b2dc96c149903899ba6313efd419b5efc328fea314582d378b4ab320c1a4f09830bbc3bb940dddc0af40dabc48d29dddb7fe91ddf6e70d02c92219d6060b52d13678a2fc2783ea00b097d4920db178976db5654bd468e7c1511f5aa2f7f88b5c1913540ac6e03e4d6f6a39f123a2f34e8330e7e99b317055e9bf9cff14fda784e673e85bba72bf606328a1a0efad1a8847bdf0af3a927fcfe271156e9b99d265cfc4a026355369df2b82786974549089ae5b717a26b87c09ce51f223321a61be771b8215fac5e6d00753d5fbec00d1e32914d7eed0735280d9aedf40da1fc9ae117038a439eab1848c4dcdc36862f599912a7dc94d7d19ba776a5f74f8d6fa5633fd5454e5642247f9c2e6cc7a89f9802f7f02bf93ed1a287ff8fa7fb5b9587be2733e635429fb1e9253a55e6bb142f6073b1439d940e300ed1df63bf1e1b8cf2c29cba4e07acbd3ba00a70ff0218ecdbbd36df568f3e902f86141d95657f079a4937f1e68c3ea5a8ea7458d2e2662f865f6801cb98e35f8535efd2a4b325639b09ae61148ca05ee2108b7b37504eece5178f30a00c802c841c648b85f872b837767b519041ce7af0cf597660941278177695b643800fc006da5a10bef969e28913e74508d61b7364590f5e8f53f18bcd8ab923728f0c48eda961a5ef050f6249635a95b551393b33c167786a91dab5300d3d439fb6a1416b4170bf72e3a22395cc33ccc7f1d4f6630fe0dec3ed93260ee1767a51951e74d20b16bda0df1a766fcd86d6a3720d14abda57ae87902be40bce501ea862996e6e245385a35782df217f6c3bf9725c4e5cb2a0b8bcfad4372e17621b13f94afaf70a1fa4b9be5259ec6cb33a7e5c35fe9721f2e6c4296ff355922056033fcf2f28d72c795b46fed9f1a1dfaa6bad8887858d9f5520e944848049e691b7c25cd061d5316892943f9f0d067f58b7cd1fd94b06d5d24e71749b46d2bcbe279777b50ebac1f531e9a82b16e5f5ffc5042848b4b7ca6b7058a5e03dacb7bcad8cc9b867954e8626208e61057504e8f93b042c9f33a0083827cdb1f11cc28d68cfa1496d6059250548cb93b5902b01fd45aaf32227525430a1310e9540feb9d8f7d9674f4fd5a3499a8fe766c3d124e7d80862c4c5f9a6f862af1820b1b86544609163f5965ef398ecde2c01b89fb644926e73c71112659cd63acc0eccb38e7aaddedc60c96213babe031ee08d1c61a8bd345e27258dda57e7932893011957fc22e6aa1cbb7048c958e7354c317581c3fcc4c0c406c2b94382a162b621210d76e311dc692c137ade1aa10db8164d66cfa94d7b9391953618f21508d17c956b3bc665385c0cdb3b5f1aa7378c6c632b78946bd479dcef735d2d47d05c2f867f4ab25162114df26f5f44a8b49caf41981fd9eb63a1e74801f2bac002ea151be6a3034fbb98e5739638e226c41d24cbd81bc368d101dbfbc3663d6129a665787d27ac8006e1bfc8f11d5086a47c0c064f3ccc07c4b70f61882ca8ec2ac2b49ed3cacff31f4587922ba6112defd83ba9cf9583a27f6c8c2562c0da9a216a60bfd04658732241cc261a6c5b8ee34e3a9bfb7f79ae977288054493f97aca92876e55fe5800d7157f82a8dbc52d6f69a9134688a556197eb3984f2810b2ad49f340a9772252ddd843658483a06b579be72d8bd0118f03cb3716c4cda8a7a9933892587cdace74ed728614f5e4d5752d71ceebe343c01e7746b872043a47c743068563ad50552ce04aeb1b44cfcc8cedeeae951cc546bf0de353a18b3d077674875c21b252a96e6d78749b7fb9881729a6478904be41143ad805daf5c036bf1825e26f2db310a29f7c989e2a9c38fe8f1de3b38c185c480b1d04956a9ad5f0a71be63f76bd17ab782bb55dfd023506ca891a2b199c19c0e2ea7cf95961c45db8e5921c3e48c8a27877eb6cbff1cb1b027e67c7c51d0b956a3ebb8cb031d4a479dff120d0b80c1ed72aece56decdea89e2ed5ca5ebff53402696fa36476f44fee726fcaf433f32c4717f26d078db112b8d7f80c980d0edd3066e4fc2ab3917b622cfee73f6fe36f44c6f249e2a9515291844ef51e95b94f4d47e9078e856ff0a1292ef50eaa8d6e1f3ebf5242a748a8b050bd3f4c98cb9fce6e7a3f201eb3f9086a00ba08dd947e825c8b7c20fe729d731d0a33dbae49e8a6cda2f47c9c8694fa4eb72bb79d7f8cfae2c7b1d6ab8e3018e522f49268063d111e8de88e68a8f1a9bdfd365294397eca85a6b9caab0089014c8402c4bc4bae027ed6d576adeafb209a9ea9f5b7b271d6b4222cbfe7fbc28641f16ebd329f23a5a20ecff0121309ace1d9590d07cc936d05b663911c28282ebe1c06ab42d83629db16a1c1cb61ae0cd4c258e9f09c837a41d590704b362f89611574565d312d4294dd7495d00a618024e19dc0c518ef2ba17257d152b3d9b79f1223e146ec70b0f8b6ac6ea635d928fbf1b1bc29e78d32e97e8550bdbcd96879ba8f7501555e665427cbbacab5924d99ea47729ec53d41bf5b4ea7323ccefdeb1e3fa2571102c3f85dd0827ec4f3549807b6a70aab1ac800fdca05a254510ee8968ba1b0fe59670e1c9919e31d56e6b14c3b19add94ef716d9dae6c68fadd506ea84d7a7f34ec4114e976bd7105c45123f7063e583afc9902cf76794c6744b17ee21148b658baa8b63d82c052e092a9eea7c1552b3b5f35be95d5755cb8b919f48432204113c729bf3e7c6eb64ac6c535cd37738a966733422f6159472fd5de834bb59958bd4ea860aa7ca1fd1dbce73f93a69b633c372f5abfa2704338371b89def695768d61c4d9f268b21ffbaf6a7582f5b7635f3399cbf9e9991df86e34f6aa38d7e4fe33e5a2f241932b2bc2aad7037e05360fa1d5093268a7522c02d80640e3d9d6544352d945f27c5bc52537a3660f85c5cc96a4040a865c39e1ca18b10a6a6d081d2e21be41af9954e26075ce561991d7b52e901900d0dd789ef3c09f8d532711e8bd66eae871b36d4d8246e7659abf8ba2aa30cc8611c8ad1fc688e501a7c45906b98006ee62b8760baf0b0b6865e3020cc3fb0aa71a39e23a2ade7581a494acb2c0a60c1e2671194f9b4b54b2c50796db5210517123d5c4d05ea038edec965abfc4e76d892739704a7aeb9666120c659820f3c6933961bae009b02582502958c9c0820216f0673837f7290462adb5c0b998e7f2ecd5c16a6ee9ea82de0755ca1165669ababc7cd9eaf6342a2be246e11d8e25a216c1625c4b6e4facc4b593f53f3f10f5ab65cebb03a81ac154cb5c4bca0bc84865e6ee82b3caedc7727c4561371c8defc77b84d3381c8d5b6e9f941b080ed7eed2dfa5b90d77d8d088571f640c440261649d8230fd802654964ef25b17814d875d538f6bc5dcc95ff95307ac02e1400d2471a3f65e67e8f3b4bd056f72651d99808a052411896423b076e083c4629b3ea7630159b1f3c185fa673554079d3e3c88dd46dc40a498848448843f3eecaff748ad581b74d24d845d74096158711c6db6fecbab408fb40452e36c6526c8fc18c7a6d4eab045c1abdad0380be5456f268960c9a4c94544122f6c46f5e2f92d4030306e6bc472fcc29e9d67b7730b01f33f144d7bc60f07b15c7a7d5cd8ec55dcc0c183de4dc9f05b43091a0cd68a18714e481346716a5da84db4953260bb55a704ec0fa8f3293469c7baf4bbfba31439a22550be5963ad85506e525c3fcae87ef8a72032531e7ab5a4ab24abe9995684c7995c9457c0937dc52f28133ec8ac486e01fe9a610226faa867b6be1a320cd0a79e6e4c87597255041442865e8ddf3863cfe7b66740c689c1a81fa199c2584e8e661bdaf7d18678a9beba7dfa3011c9c5764b7c04ba7cd1d99cc6a5cd766e94146fbc1304caca2f12518c1b0d57d6f486120f1c03ef08c160a66df3c7aaf7561940d9b711e7b6fdfdf568f3aa2e3a5007d0c3a5584289671dc55ae87c26d4853cf3660f27ad9cbf7de961abbbdb5c1f4c6c0788a13efe2a6f6e46d0bf59879a91396bc6f5167e562754d7fec0a331976a8e5a43895767d1c50ec1d6a12dee48aa0b61ae9ba00ae11d72de387749046f4acade38409b3b88c9a476a6f458337c25f3f2cae7a8f98967e8cc0fafb58d49cbe5c22e1a3d48a79a98e32424cee7a6a0fbf3633d458040bbe801c4ca02b68c757d53d0a82aee0da2da849ddacce2796cad7239624fb69f1cf0565f041aaca056e19d90431d3e08feebd01d2757334712ae08fbf630bc5311234ee12a42095867829b1b776b4b9db9305103c7b65e51ff5d25102155c3221b3cf363f1b9236a206cfc660cad40ad9cdbaca853f44c9f00909530200d616845f4e32e074d3932899aa7f5a66596be3255413e16186d9caad94190e19e8985ff61dd6515a832fe11f1800052fb40b86ff831d125ab8ed8d608048a9ce356bb680d5b0bb33b26ec5906b1a7f661ab20338cf5bf0f73e48bd10b4df4da94f17c395286f2597f66857e9827940168802158a93f157d5c07eb200c6182521339f642df8d37b0e280db3f5fd2cb9f21cd3fdc11ad259e73ee1f3fe8994644ef38b1a9df8e9fa4753084a910a6bcf3aa1aaf53253d458a851f8cfd2616110e2fb727c00ba2f9aec6bfec3e463af1fc816bbcf7ce6c96c8e3977b119ce5674e95136dbdf2da5cc97a1b2a54916f62eedb0d6cba32302f751c841ed8eeffe71a8bf77c90e7f9d62684512f6164050e781862d83506eb186df3a25e0edfa6cb994ac96b37fa8b36f573ce5527e93b98900dbb84ac7a6385d0e9178dc1724ed3721fad67a942216d380c443d14e4508fbe4933377b4961362906a9eebbbd5d619f135ef5ea8b7b47096ca275473d468bb0023d89248267dd526dda8a4078ed698f1bad557c44f2866c11fab3f48917aa4e69610328edfac39f7274df9cb47aaed133f96f2e857c444a25a669a2d56e5085b9dd6247f0f2968379ca4d7890490e332e1b38f3ae87ed1cc6c863a452338d88b2dc95ca0526d78778cc98b06c5aa809ce1f7f37595ffe4968bfc69d4b039f3b4da9f59ffbee011a5a0ffa45d69125f8cfa464c68c025605d8814f6af95207c62f0fa6d57003f7fb75afd1d94da7317cef319993443e059ec6bbb15151d5e3daa76ed46ecaa8ff91d764f8f1c7a83713a0f3061c5a027bb380cdbfaae4c707d9d56148bc041929655a924bc8955899331175826baf4943b638580d8a99db505032c71d2d064329c8e1a848d4c6e17b36262ae14715f78b1ea431f035def50147cd9f63622045a9795308f15084d0d5365369c0c499c74a74f40a20c9166adb76c867a0a84446de808a2d17f37757a652415a8e7b6592f9df2c3d542ed7df7fcc35c728196ff78e34d7e4ea86b22aafc7627689c4ec07ef2bc5c32814e288a8463d505d2829b8805f07e9bdb81d0d5dcaef7953ee870f3052c14f76ed89a088ebd5ea73775605d1bf6e890f1346849df63341b06575ecda1b014a2786487dc5762f97fc0761757dd6d8a3cb879c995aed6311b21ae57df6e3b9d8f1f2b03f5614840c0b8581187f142d20b58734bbd2c80cc80500d7cacaf43edee62528af5ed0d88baaaf7a50bf981e4f6843aea97c840a82ed0fa3a7444090f30a37b4b05cd42698ec4e525acb376991f30c4a654bed1957e9687fee8a7a6e98adb0134da9cea34e4a096eb9f9dbfb6aa75955f6e2ba7c990e5575e2180de04c325914c0e1d62ec32e6a96fdd86252b5f1f3d740bc48c0fe18b9de96be3f309e5284dc4a0752730a8ba84daa50eebbcff46b06946c6bd748bd097ef8fa4baed9f96bc97d1b48bf49ee188b095c0dd1b50d41174a8e5d96825a532d6b893acd5ad2009f8db1006d01e2479b307f69cbcd124a91397b0a76fc5a783d9cc0162b21bc936d0f74a7d8fc498b8b417970ef3d726383515a071d591531fb38034b6848cd0da6c1d86c3ced7f4e66263afd289733758de002aee0ed6b755e953567ab96cb69ad2f0f7aa6a111af6ab20b60807ec98eccbcc5e9cf0f847d9914edb9b15a959b45391fa06fa0c7af230b6d51379144e2ddb26b6603f3beba21b099f6b4efd5bb24bd0c3197a5b1b65dbac0a30ed599ee2ce1491dda380cbf83a439a272fee5d7a98ccb8d199f300fb5941b448742c7e8ff3edc0767be46fedc43824fc4dbe70bf4f1c70aeef2ea222b7a8f71547fd2a2a48804feda2c9af5bef5bd3a52f83df31bd8321e281f0eaf29968599dfc11290576c9cfec7eba1ce91d5fec79aa3b0851d8cb4bf3f3b9048067529ccd823a79b87b5f21bdb22ba3c439fe323d94db146fbd61ba0d6bfe310b945fb9af312bb2eb41f0c0eada105d27e9b9b37748ea766ee1e7681a98d2b73e332976f76c904a9f45d166f29c21b96fffa46501c13474df4e5ec6b1bbae4ef4a22d7e9f2c2700076f32a700fb6ba545af03fe1ad1fb3c2f5ed52b65c89f892a1bfda861f9167fb6b1116c9d322e788a6fa1dd6508a0c53826bb552ba66ceab37befa3064d531fd266d1882ecf5ed0d1b67c3a8213551dcf8b0ae40295495a51db1d2455e30be08fbdee5a8d4421b2f9e0e2e9233d8519886928f6e1d1db5e606c04323636026558e0115283c66e537d21bb8f9e7ea413906ec3245380c1d4846cbfd4de91f48901a29762729cff68e4fb0817efb62dba6cbc47253f42f78fd34eb9d2ac264effa0126a473163ad1c1ab4d5932870320d4b945a16edb71d8d8247bc056115556cd214a2ea685de30c917719226bd675e5d9a1105ed6b8dc030a97f6db229bb38f83468eb148ae692519f4b42e7e87efdf8c3e6ad2c4a4501b3892e37fef0409e28b2508ff29ac8e5c896bf47c6f25c35649a1780611fc84c37543971136411e37ce960af45509ded46ea520be6bbded5bc3632a51150d885eba024599f7bdfdfb7792c21df8936e4344b5389a632f86be0f23027f6880f0e5e927bf719b4ddea68820d0c873ad83e4c601de10cc8e99f420d151bd8a6632dc21382cdaa863ad8c2954c0e994cd69efbedcd038a90ea2cd06e0b53ef876ebf31b9058bdc5b9a7b08cc1b935086e905bd96f6c6eec9133cbfb3516f2530272dddad7f490500401f2cad5b955dbacbeea6e3e651ba962be093adb093e952271904366f7487dd2ac84f90e23da0408263ed1f4a8261191fbebc3af43734eee2b0dcdc8d69caad218f86e3ee791d7a50c562b031ed5cdcf03b1a30e7ecbfe453e97b122075e383fd8b225f86eedc27d0adaf82574b16f064049f7c2508927a39a1f43eb00

.

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"ForceClassicControlPanel"= 1 (0x1)

"NoResolveTrack"= 1 (0x1)

"NoRecentDocsNetHood"= 1 (0x1)

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "i:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 22:21 548352 ----a-w- i:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

SecurityProviders schannel.dll, credssp.dll, digest.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\I:^Documents and Settings^Mr. Incredible^Start Menu^Programs^Startup^Dropbox.lnk]

path=i:\documents and settings\Mr. Incredible\Start Menu\Programs\Startup\Dropbox.lnk

backup=i:\windows\pss\Dropbox.lnkStartup

.

[HKLM\~\startupfolder\I:^Documents and Settings^Mr. Incredible^Start Menu^Programs^Startup^GmoteServer.lnk]

path=i:\documents and settings\Mr. Incredible\Start Menu\Programs\Startup\GmoteServer.lnk

backup=i:\windows\pss\GmoteServer.lnkStartup

.

[HKLM\~\startupfolder\I:^Documents and Settings^Mr. Incredible^Start Menu^Programs^Startup^PdaNet Desktop.lnk]

path=i:\documents and settings\Mr. Incredible\Start Menu\Programs\Startup\PdaNet Desktop.lnk

backup=i:\windows\pss\PdaNet Desktop.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2010-10-29 19:49 249064 ----a-w- i:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"FreeRAM XP"="i:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"QuickTime Task"="i:\program files\QuickTime\QTTask.exe" -atboottime

"ATICustomerCare"="i:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"

"iTunesHelper"="i:\program files\iTunes\iTunesHelper.exe"

"Adobe Acrobat Speed Launcher"="i:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"i:\\Program Files\\uTorrent\\uTorrent.exe"=

"i:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"i:\\Program Files\\iTunes\\iTunes.exe"=

"i:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=

"c:\\FarmHelper\\FVBot.exe"=

"i:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

"i:\\Documents and Settings\\Mr. Incredible\\Application Data\\Dropbox\\bin\\Dropbox.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1054:TCP"= 1054:TCP:Akamai NetSession Interface

"5000:UDP"= 5000:UDP:Akamai NetSession Interface

.

R0 Lbd;Lbd;i:\windows\system32\drivers\Lbd.sys [12/28/2010 12:38 AM 64288]

R1 SASDIFSV;SASDIFSV;i:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 1:25 PM 12872]

R1 SASKUTIL;SASKUTIL;i:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 1:41 PM 67656]

R1 SbFw;SbFw;i:\windows\system32\drivers\SbFw.sys [10/24/2010 9:32 PM 331992]

R1 SBRE;SBRE;i:\windows\system32\drivers\SBREDrv.sys [5/13/2010 7:56 AM 98392]

R1 sbtis;SbTis;i:\windows\system32\drivers\sbtis.sys [10/24/2010 9:32 PM 212568]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;i:\windows\system32\IPROSetMonitor.exe [3/20/2011 1:05 PM 109728]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;i:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [1/2/2011 1:16 PM 632792]

R2 SBPIMSvc;SB Recovery Service;i:\program files\Sunbelt Software\VIPRE\SBPIMSvc.exe [8/20/2010 9:15 AM 181584]

R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;i:\windows\system32\drivers\SbFwIm.sys [10/24/2010 9:32 PM 68696]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]

S2 SBAMSvc;VIPRE Antivirus Premium;i:\program files\Sunbelt Software\VIPRE\SBAMSvc.exe [8/20/2010 9:16 AM 2763080]

S3 CGVPNCliSrvc;CyberGhost VPN Client;i:\program files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [11/1/2010 7:37 PM 2421384]

S3 IDriveE Service;IDriveE Service;i:\program files\IDrive\IDriveE Service.exe [1/1/2011 6:57 PM 148936]

S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;i:\program files\Lavasoft\Ad-Aware\AAWService.exe [12/3/2010 4:05 AM 1405384]

S3 nosGetPlusHelper;getPlus® Helper 3004;i:\windows\System32\svchost.exe -k nosGetPlusHelper [4/14/2008 7:00 AM 14336]

S3 pneteth;PdaNet Broadband;i:\windows\system32\drivers\pneteth.sys [3/5/2011 12:56 PM 13312]

S3 PSI;PSI;i:\windows\system32\drivers\psi_mf.sys [7/7/2010 9:05 AM 14904]

S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;i:\windows\system32\drivers\SbFwIm.sys [10/24/2010 9:32 PM 68696]

S3 sbhips;sbhips;i:\windows\system32\drivers\sbhips.sys [10/24/2010 9:32 PM 94040]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);i:\windows\system32\drivers\ssadbus.sys [3/5/2011 12:56 PM 96416]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;i:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]

S4 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

Contents of the 'Scheduled Tasks' folder

.

2011-03-27 i:\windows\Tasks\Ad-Aware Scan (Schedule).job

- i:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 13:06]

.

2011-03-28 i:\windows\Tasks\Ad-Aware Update (Daily 1).job

- i:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 13:06]

.

2011-03-28 i:\windows\Tasks\Ad-Aware Update (Daily 2).job

- i:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 13:06]

.

2011-03-28 i:\windows\Tasks\Ad-Aware Update (Daily 3).job

- i:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 13:06]

.

2011-03-26 i:\windows\Tasks\Ad-Aware Update (Daily 4).job

- i:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 13:06]

.

2011-03-28 i:\windows\Tasks\AWC AutoSweep.job

- i:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2011-01-02 20:11]

.

2011-03-27 i:\windows\Tasks\AWC Update.job

- i:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2011-01-02 21:24]

.

2011-03-28 i:\windows\Tasks\FlockUpdateTaskUserS-1-5-21-57989841-492894223-1417001333-1003Core.job

- i:\documents and settings\Mr. Incredible\Local Settings\Application Data\Flock\Update\FlockUpdate.exe [2010-12-09 06:52]

.

2011-03-28 i:\windows\Tasks\FlockUpdateTaskUserS-1-5-21-57989841-492894223-1417001333-1003UA.job

- i:\documents and settings\Mr. Incredible\Local Settings\Application Data\Flock\Update\FlockUpdate.exe [2010-12-09 06:52]

.

2011-03-26 i:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-492894223-1417001333-1003Core.job

- i:\documents and settings\Mr. Incredible\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-24 23:26]

.

2011-03-28 i:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-492894223-1417001333-1003UA.job

- i:\documents and settings\Mr. Incredible\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-24 23:26]

.

2011-03-28 i:\windows\Tasks\RMSmartUpdate.job

- i:\program files\Registry Mechanic\Update.exe [2011-01-02 18:10]

.

2011-03-26 i:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-57989841-492894223-1417001333-1003Core.job

- i:\documents and settings\Mr. Incredible\Local Settings\Application Data\RockMelt\Update\RockMeltUpdate.exe [2011-01-02 23:17]

.

2011-03-28 i:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-57989841-492894223-1417001333-1003UA.job

- i:\documents and settings\Mr. Incredible\Local Settings\Application Data\RockMelt\Update\RockMeltUpdate.exe [2011-01-02 23:17]

.

2011-03-09 i:\windows\Tasks\switchShakeIcon.job

- i:\program files\NCH Swift Sound\Switch\switch.exe [2011-03-06 07:28]

.

.

------- Supplementary Scan -------

.

uStart Page = www.google.com

uDefault_Search_URL = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

IE: Append Link Target to Existing PDF - i:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - i:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - i:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - i:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: LastPass - file://i:\program files\LastPass\context.html?cmd=lastpass

IE: LastPass Fill Forms - file://i:\program files\LastPass\context.html?cmd=fillforms

IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - i:\program files\PokerStars.NET\PokerStarsUpdate.exe

Trusted Zone: intuit.com\ttlc

DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab

FF - ProfilePath - i:\documents and settings\Mr. Incredible\Application Data\Mozilla\Firefox\Profiles\r6so5yhc.default\

FF - prefs.js: browser.startup.homepage - www.google.com

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - i:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - i:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Java Quick Starter: jqs@sun.com - i:\program files\Java\jre6\lib\deploy\jqs\ff

FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - i:\program files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - i:\program files\Fiddler2\FiddlerHook

FF - Ext: Live HTTP Headers: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} - %profile%\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}

FF - Ext: LastPass: support@lastpass.com - %profile%\extensions\support@lastpass.com

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-TaskTray - (no file)

HKU-Default-Run-IDMan - i:\program files\Internet Download Manager\IDMan.exe

AddRemove-Octoshape add-in for Adobe Flash Player - i:\documents and settings\Mr. Incredible\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-03-28 15:37

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@i:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="i:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1684)

i:\program files\SUPERAntiSpyware\SASWINLO.DLL

i:\windows\system32\WININET.dll

i:\windows\system32\Ati2evxx.dll

i:\windows\system32\atiadlxx.dll

i:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll

.

- - - - - - - > 'explorer.exe'(1344)

i:\windows\system32\WININET.dll

i:\documents and settings\Mr. Incredible\Application Data\Dropbox\bin\DropboxExt.14.dll

i:\program files\MediaMonkey\DeskPlayer.dll

i:\windows\system32\wpdshext.dll

i:\windows\system32\PortableDeviceApi.dll

i:\windows\system32\audiodev.dll

i:\windows\system32\WMVCore.DLL

i:\windows\system32\WMASF.DLL

i:\windows\system32\ieframe.dll

i:\windows\system32\msi.dll

i:\windows\system32\webcheck.dll

i:\windows\system32\WPDShServiceObj.dll

i:\windows\system32\PortableDeviceTypes.dll

.

------------------------ Other Running Processes ------------------------

.

i:\windows\system32\Ati2evxx.exe

i:\windows\system32\Ati2evxx.exe

i:\program files\Bonjour\mDNSResponder.exe

i:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

i:\program files\Java\jre6\bin\jqs.exe

i:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe

i:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

i:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

.

**************************************************************************

.

Completion time: 2011-03-28 15:41:39 - machine was rebooted

ComboFix-quarantined-files.txt 2011-03-28 20:41

.

Pre-Run: 231,356,297,216 bytes free

Post-Run: 231,212,584,960 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /noexecute=alwaysoff

.

- - End Of File - - D865F9CCA2D5AA8850FC8A29360E508F

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by Mr. Incredible at 15:57:24.53 on Mon 03/28/2011

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_24

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2444 [GMT -5:00]

.

.

============== Running Processes ===============

.

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

I:\WINDOWS\system32\svchost.exe -k netsvcs

I:\WINDOWS\system32\Ati2evxx.exe

I:\WINDOWS\system32\spoolsv.exe

I:\Program Files\Bonjour\mDNSResponder.exe

I:\WINDOWS\system32\IProsetMonitor.exe

I:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

I:\Program Files\Java\jre6\bin\jqs.exe

I:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

I:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe

I:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

I:\WINDOWS\system32\svchost.exe -k imgsvc

I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

svchost.exe

I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

I:\WINDOWS\explorer.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

I:\Documents and Settings\Mr. Incredible\My Documents\Downloads\dds.com

.

============== Pseudo HJT Report ===============

.

uStart Page = www.google.com

uDefault_Search_URL = hxxp://www.google.com/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - i:\progra~1\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - i:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: LastPass Browser Helper Object: {95d9ecf5-2a4d-4550-be49-70d42f71296e} - i:\program files\lastpass\LPBar.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - i:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - i:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - i:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - i:\program files\lastpass\LPBar.dll

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - i:\program files\daemon tools toolbar\DTToolbar.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - i:\progra~1\yahoo!\companion\installs\cpn\yt.dll

uRun: [PeerBlock] i:\program files\peerblock\peerblock.exe

uRun: [sUPERAntiSpyware] i:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [sBAMTray] "i:\program files\sunbelt software\vipre\SBAMTray.exe"

mRun: [iDTSysTrayApp] sttray.exe

mRun: [startCCC] "i:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

dRun: [ctfmon.exe] ctfmon.exe

dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

uPolicies-explorer: NoResolveTrack = 1 (0x1)

uPolicies-explorer: NoInstrumentation = 1 (0x1)

uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)

uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

uPolicies-explorer: LegacyDrive = 262a9b001d90c4b0c4ab8290191452372048160d7311bb60f94219b4f6a71a5a443c1f44df9d9f17a7be118262dc0dce01b4aeb724f23a7be0ec0530bf90925a089bfcbd410c9470f3d9cc33dbade054024b2082ea7829f71c72d180400d293a0cfbb0fa144ac6ebe42e63794c01086efb88f65b4f789e3a6c395a518ce95a5995a4e1e0f103b1ec9ae2c3e174673ca5e03f9d018e2b3a4b92d2bced42bb5a0b39208b9778fb72b6dfbb9663cc54e5643fdaf97d3c4e9ae371b783f31975692420d3393b88dba1be0b6ed3aa0294866885103dfed437cb82f50317d59f641d8d57d63533d938ec98afb9dc20004adb4f31bfab938890f3c8001f9dfff99c2d7e2f265207e933bb5e72312c05cd6dd14aa535d283833927994337aec3c9d87b94f0d46f38c35d0cfaf0bb870a79341f7ead2eaeed9657977e4435855decac1af468b9ab544f2b21d277109f15b86d646df332f466536c729ed3bd51d301092b400173f12ad48845b6dab924fd960fc862b21acd23432a922f4dc2e2388a4ad408df6704ef185041925f2dd593682dc827a7c24e020decfabfdabb2e81b30fd6dbf4a356ed474ac0d075784b347d030148e32bb7da4bd842c04624e8766c191508abbc4f33de4a6cc7a2c1034f65eda220f4bff63c9f068f6c5e1d90d8098c2f6f25d6bad90806d8ad3e8c12e52c47928ef3e32ac4976597de610408e6823bda4cf81ca6dbb6e77debffdb72d9134c59b40df6cf390c917a0291a5c292fa28a0a1144b26873d83a8c08ed038eac74b9c81f90aa1ee8244b1c03eb5a839fc44e40c2fe49b65e6b8722aff7a4b80971d5e92c4b18b8d8788eeeffc97b502d41e2ea3058b2448c09c6cae42a4c5bb3e31d1ba127fcb5db7301f7091a3fd72f76afea7efff0a6939b279bf90e678312c7dafda8b9120be7165535e2d9bb08a1fa72c77778328113fa495929c2d5d545164fee384627857c5c50e6ae14c4c78a38271efc5c3faacc5637e3a0eefe23acdb5cc0800865a9bcfba13ad20751e1c6629b191b95ccd5f2cac29ae5b106bd843609e135718e151cf585c64443079667a1b50587ce3c96209ef228b39a08732ff5f5bc36810c25f61ffa8d1d77405c51c8760348d36922372b5cd8d2505dd9e76c8ad214f540c3c9406b15b4dd97d6a07370147770e40776127b617b8b4991607279a5ea20f4b7fe0b28d7ce0109a1fd0ef300570602d5ac59fede4123cd243047824772df21ca2b3833b0f4a66e0745f9c1a74968ebb6877f5ae5f64f78a63cf9266fea93eeffd1eceb9747f98d3f80380d59e57a34adff3f4281230f7320182df1d96fe003cee19875daeb369ed9a54996364b57edcc182a403c25eb23462279ce15b7c19343f7d58f6c3d2eeaf5eef130f13960f8c8a9def4d66f9f17c47d3db6ea65e82dc6e0ab1f762a0dbf824465d579f53023ea262cc3dcda5f23fb17c25bd3347173131783ece69ecd56e967b25ccdbce02f3657098f64c2868e2bb878df151bd4400c7b0ddab43d250c9384b24cfd98d299d161edd888292975b4dad199b72c868103176db80c06773be3e8c6ae3e87b0fdc8f16d025496799d367cf5dd8a860f183ac872146aceefebc67a075ea606e26a4c5469272f5b493d6d91a6878cbfbe000a55a42a9846e3098cc9dd16c6ca82e166324ddeb8229ddf7744ec295fdd4123c7f21ee9cc270f5eaf4c86578ef2a8388bb0f3e6254110fa4ade923dacbf499bc4e18ead4218919049b3ecea5c0fd4d3524d7f0fc00f1d5ef848bd4d46f3ab4a7de789e3d615fd12754b298d96d1d790b91beb060ece3db464016f71d7d578b9b93a8236f84cf0024bdd4570e49a6d816cf787835b24eb28ddb7f563a452cd1886015af63b3b15e0ec47d35183c94b48d47800e693a50e45278ea548696a33212bd0d954450109664cf3d549ffc5e3b443c5287333f18950391e32917c1560b01907b2363b090cafe680da4bd89cf2df5a47595eb7a0bce97b4e5e3a7d5ce8bc76c62fe208eb9071e83465b77c0fe296915bcf24228e49b262246c10da8464c0b0d3a4795d4c614ee7f1e41098a2ad0791f00d711952413a73a43ce6a5024067555dbcba58740e9a8a89fc757ffb18f469fcb8f99eb56df195a7f4586782f552f2e3eddc142e3805d2170a0eddd3c81b7bf72e0ac324da692190f3e72bf8eb37da21c9e37420c99203473f794722cb2f0f51fa5f686c2fc73d1dfe81ebb9897c4f5a963a2d1ee4a1255259e6b8ef4fd22272e84353a5240c96655e51122f2a1c373515df5e616efdc9fe9bfcbeceb3e04607627e430f9055add03f69d139dae1fd1ddbfbccbb817380d18cae8e02e11aff10a932cb069e432f7ce4c79ecd4c99328c2572119606e46a40995cd5c0f0276e61f0afac67d32f6b05eefdedf636ef907be27ad8a97b5fdeeaee5508f410d7491309fe2195ffd44bd5c8f343842134763dd354a610e60cb1971d3dbe93ef713986df0d58d1e72ead43f37d6d7ed4f6db98fcb14b50c4608e0ad36fcf7d2cd695be41e265a8a8138b02038eb4e6453215a73d0eb76f50756459445872bb2b80b555b8b68fa7851f8e046a7f7210715da2ff736e2d1168219f201b4e69d00f1c58408e6fbdf3bbf56596a9bcc21d93d5f3e420443221c1d43831cf76166fdf7bd7d7d6eb8b2a8c858045805ee92fd6df7f59a8041d3102d4eb19f44fd09aa2c679d95bad9080ac6f91fa0b26e57711501a6a83f55761d7b190326918204af8ff98d8dc910340f1fbb72d67ebd4de7a96034ff3a692b26e34b2787fa9bbc7f35c4f5f4b2fc83e83a771b4ec6da191cab42f269a192a6a719d32a857fe3766ea223f7687b7b843fbe9f93e0af91ad0337671f0d374ff3341cd01ee4b353fb613fe1f8aeca2e8faeb8d7798aa2e81e5261a14fe7687a371857648f0bcefb5212df7ff8318f88d2071aff698fe1ced21550c177eac0dd195c9cf416e5c376e8a32e8aef08d35d70d3c9badd3facdc577a43807158603d374908186e88d4531e9697874ee741f20fdb0412c2bcefb5737f3574c517018f31d9e6a4edf5e1060ffbd3629f9e35a3efb707122f8c09c23c532e2bb9f24e1561091bb79b3256214f8742d7f9655abffc703f3d38d8f49cdeda4db08389a5b97495ced08b4aae50ecbecbcc3ebe2ebd5dbf436bcb5625180b021c7b4a4c6470441331ed6621ef383001ce57de157ec847e3377305b0fdddd650229e423c0c157fe5385a91487f74b5c399cd0027fbdfe2440e553f336fe7abc76ff3a0e07a08fe2f93edff54e8e66e43aa3214ec1bd8731be9a4b79dba6ceaa40897676c2fe0911fc458c5f629aa8ca25ea316ea1af2e4951b2cc48aba120236c29517dd2e821d3816218092c13255389988f4b9424cb39b7a4cf54c4496645b45467ae86e9c465adb526d4ffb2c6fd9f2d02be73bd8a501922608391177e75e993bc87273a4e35e37fe27e5ed3e957ed773dd52871ee7507ea44e6c713a852571f94a0a6286c37daef2cdb73adf910c9ae558708033a03b7b7a6f29de06e7a5fd2e1b47a0ef219bb1d4682438194ca0890fe88ebcc22cee5eda2fd14866bfc6ef6b01558714f6e5c5cfa57776c6e298c30ebb36b32213b2f1918d36d0f3ab498c2137a1d2a6e33883702ca1b5cb849dfb90afeae79a6e5bcd7a5b2dc96c149903899ba6313efd419b5efc328fea314582d378b4ab320c1a4f09830bbc3bb940dddc0af40dabc48d29dddb7fe91ddf6e70d02c92219d6060b52d13678a2fc2783ea00b097d4920db178976db5654bd468e7c1511f5aa2f7f88b5c1913540ac6e03e4d6f6a39f123a2f34e8330e7e99b317055e9bf9cff14fda784e673e85bba72bf606328a1a0efad1a8847bdf0af3a927fcfe271156e9b99d265cfc4a026355369df2b82786974549089ae5b717a26b87c09ce51f223321a61be771b8215fac5e6d00753d5fbec00d1e32914d7eed0735280d9aedf40da1fc9ae117038a439eab1848c4dcdc36862f599912a7dc94d7d19ba776a5f74f8d6fa5633fd5454e5642247f9c2e6cc7a89f9802f7f02bf93ed1a287ff8fa7fb5b9587be2733e635429fb1e9253a55e6bb142f6073b1439d940e300ed1df63bf1e1b8cf2c29cba4e07acbd3ba00a70ff0218ecdbbd36df568f3e902f86141d95657f079a4937f1e68c3ea5a8ea7458d2e2662f865f6801cb98e35f8535efd2a4b325639b09ae61148ca05ee2108b7b37504eece5178f30a00c802c841c648b85f872b837767b519041ce7af0cf597660941278177695b643800fc006da5a10bef969e28913e74508d61b7364590f5e8f53f18bcd8ab923728f0c48eda961a5ef050f6249635a95b551393b33c167786a91dab5300d3d439fb6a1416b4170bf72e3a22395cc33ccc7f1d4f6630fe0dec3ed93260ee1767a51951e74d20b16bda0df1a766fcd86d6a3720d14abda57ae87902be40bce501ea862996e6e245385a35782df217f6c3bf9725c4e5cb2a0b8bcfad4372e17621b13f94afaf70a1fa4b9be5259ec6cb33a7e5c35fe9721f2e6c4296ff355922056033fcf2f28d72c795b46fed9f1a1dfaa6bad8887858d9f5520e944848049e691b7c25cd061d5316892943f9f0d067f58b7cd1fd94b06d5d24e71749b46d2bcbe279777b50ebac1f531e9a82b16e5f5ffc5042848b4b7ca6b7058a5e03dacb7bcad8cc9b867954e8626208e61057504e8f93b042c9f33a0083827cdb1f11cc28d68cfa1496d6059250548cb93b5902b01fd45aaf32227525430a1310e9540feb9d8f7d9674f4fd5a3499a8fe766c3d124e7d80862c4c5f9a6f862af1820b1b86544609163f5965ef398ecde2c01b89fb644926e73c71112659cd63acc0eccb38e7aaddedc60c96213babe031ee08d1c61a8bd345e27258dda57e7932893011957fc22e6aa1cbb7048c958e7354c317581c3fcc4c0c406c2b94382a162b621210d76e311dc692c137ade1aa10db8164d66cfa94d7b9391953618f21508d17c956b3bc665385c0cdb3b5f1aa7378c6c632b78946bd479dcef735d2d47d05c2f867f4ab25162114df26f5f44a8b49caf41981fd9eb63a1e74801f2bac002ea151be6a3034fbb98e5739638e226c41d24cbd81bc368d101dbfbc3663d6129a665787d27ac8006e1bfc8f11d5086a47c0c064f3ccc07c4b70f61882ca8ec2ac2b49ed3cacff31f4587922ba6112defd83ba9cf9583a27f6c8c2562c0da9a216a60bfd04658732241cc261a6c5b8ee34e3a9bfb7f79ae977288054493f97aca92876e55fe5800d7157f82a8dbc52d6f69a9134688a556197eb3984f2810b2ad49f340a9772252ddd843658483a06b579be72d8bd0118f03cb3716c4cda8a7a9933892587cdace74ed728614f5e4d5752d71ceebe343c01e7746b872043a47c743068563ad50552ce04aeb1b44cfcc8cedeeae951cc546bf0de353a18b3d077674875c21b252a96e6d78749b7fb9881729a6478904be41143ad805daf5c036bf1825e26f2db310a29f7c989e2a9c38fe8f1de3b38c185c480b1d04956a9ad5f0a71be63f76bd17ab782bb55dfd023506ca891a2b199c19c0e2ea7cf95961c45db8e5921c3e48c8a27877eb6cbff1cb1b027e67c7c51d0b956a3ebb8cb031d4a479dff120d0b80c1ed72aece56decdea89e2ed5ca5ebff53402696fa36476f44fee726fcaf433f32c4717f26d078db112b8d7f80c980d0edd3066e4fc2ab3917b622cfee73f6fe36f44c6f249e2a9515291844ef51e95b94f4d47e9078e856ff0a1292ef50eaa8d6e1f3ebf5242a748a8b050bd3f4c98cb9fce6e7a3f201eb3f9086a00ba08dd947e825c8b7c20fe729d731d0a33dbae49e8a6cda2f47c9c8694fa4eb72bb79d7f8cfae2c7b1d6ab8e3018e522f49268063d111e8de88e68a8f1a9bdfd365294397eca85a6b9caab0089014c8402c4bc4bae027ed6d576adeafb209a9ea9f5b7b271d6b4222cbfe7fbc28641f16ebd329f23a5a20ecff0121309ace1d9590d07cc936d05b663911c28282ebe1c06ab42d83629db16a1c1cb61ae0cd4c258e9f09c837a41d590704b362f89611574565d312d4294dd7495d00a618024e19dc0c518ef2ba17257d152b3d9b79f1223e146ec70b0f8b6ac6ea635d928fbf1b1bc29e78d32e97e8550bdbcd96879ba8f7501555e665427cbbacab5924d99ea47729ec53d41bf5b4ea7323ccefdeb1e3fa2571102c3f85dd0827ec4f3549807b6a70aab1ac800fdca05a254510ee8968ba1b0fe59670e1c9919e31d56e6b14c3b19add94ef716d9dae6c68fadd506ea84d7a7f34ec4114e976bd7105c45123f7063e583afc9902cf76794c6744b17ee21148b658baa8b63d82c052e092a9eea7c1552b3b5f35be95d5755cb8b919f48432204113c729bf3e7c6eb64ac6c535cd37738a966733422f6159472fd5de834bb59958bd4ea860aa7ca1fd1dbce73f93a69b633c372f5abfa2704338371b89def695768d61c4d9f268b21ffbaf6a7582f5b7635f3399cbf9e9991df86e34f6aa38d7e4fe33e5a2f241932b2bc2aad7037e05360fa1d5093268a7522c02d80640e3d9d6544352d945f27c5bc52537a3660f85c5cc96a4040a865c39e1ca18b10a6a6d081d2e21be41af9954e26075ce561991d7b52e901900d0dd789ef3c09f8d532711e8bd66eae871b36d4d8246e7659abf8ba2aa30cc8611c8ad1fc688e501a7c45906b98006ee62b8760baf0b0b6865e3020cc3fb0aa71a39e23a2ade7581a494acb2c0a60c1e2671194f9b4b54b2c50796db5210517123d5c4d05ea038edec965abfc4e76d892739704a7aeb9666120c659820f3c6933961bae009b02582502958c9c0820216f0673837f7290462adb5c0b998e7f2ecd5c16a6ee9ea82de0755ca1165669ababc7cd9eaf6342a2be246e11d8e25a216c1625c4b6e4facc4b593f53f3f10f5ab65cebb03a81ac154cb5c4bca0bc84865e6ee82b3caedc7727c4561371c8defc77b84d3381c8d5b6e9f941b080ed7eed2dfa5b90d77d8d088571f640c440261649d8230fd802654964ef25b17814d875d538f6bc5dcc95ff95307ac02e1400d2471a3f65e67e8f3b4bd056f72651d99808a052411896423b076e083c4629b3ea7630159b1f3c185fa673554079d3e3c88dd46dc40a498848448843f3eecaff748ad581b74d24d845d74096158711c6db6fecbab408fb40452e36c6526c8fc18c7a6d4eab045c1abdad0380be5456f268960c9a4c94544122f6c46f5e2f92d4030306e6bc472fcc29e9d67b7730b01f33f144d7bc60f07b15c7a7d5cd8ec55dcc0c183de4dc9f05b43091a0cd68a18714e481346716a5da84db4953260bb55a704ec0fa8f3293469c7baf4bbfba31439a22550be5963ad85506e525c3fcae87ef8a72032531e7ab5a4ab24abe9995684c7995c9457c0937dc52f28133ec8ac486e01fe9a610226faa867b6be1a320cd0a79e6e4c87597255041442865e8ddf3863cfe7b66740c689c1a81fa199c2584e8e661bdaf7d18678a9beba7dfa3011c9c5764b7c04ba7cd1d99cc6a5cd766e94146fbc1304caca2f12518c1b0d57d6f486120f1c03ef08c160a66df3c7aaf7561940d9b711e7b6fdfdf568f3aa2e3a5007d0c3a5584289671dc55ae87c26d4853cf3660f27ad9cbf7de961abbbdb5c1f4c6c0788a13efe2a6f6e46d0bf59879a91396bc6f5167e562754d7fec0a331976a8e5a43895767d1c50ec1d6a12dee48aa0b61ae9ba00ae11d72de387749046f4acade38409b3b88c9a476a6f458337c25f3f2cae7a8f98967e8cc0fafb58d49cbe5c22e1a3d48a79a98e32424cee7a6a0fbf3633d458040bbe801c4ca02b68c757d53d0a82aee0da2da849ddacce2796cad7239624fb69f1cf0565f041aaca056e19d90431d3e08feebd01d2757334712ae08fbf630bc5311234ee12a42095867829b1b776b4b9db9305103c7b65e51ff5d25102155c3221b3cf363f1b9236a206cfc660cad40ad9cdbaca853f44c9f00909530200d616845f4e32e074d3932899aa7f5a66596be3255413e16186d9caad94190e19e8985ff61dd6515a832fe11f1800052fb40b86ff831d125ab8ed8d608048a9ce356bb680d5b0bb33b26ec5906b1a7f661ab20338cf5bf0f73e48bd10b4df4da94f17c395286f2597f66857e9827940168802158a93f157d5c07eb200c6182521339f642df8d37b0e280db3f5fd2cb9f21cd3fdc11ad259e73ee1f3fe8994644ef38b1a9df8e9fa4753084a910a6bcf3aa1aaf53253d458a851f8cfd2616110e2fb727c00ba2f9aec6bfec3e463af1fc816bbcf7ce6c96c8e3977b119ce5674e95136dbdf2da5cc97a1b2a54916f62eedb0d6cba32302f751c841ed8eeffe71a8bf77c90e7f9d62684512f6164050e781862d83506eb186df3a25e0edfa6cb994ac96b37fa8b36f573ce5527e93b98900dbb84ac7a6385d0e9178dc1724ed3721fad67a942216d380c443d14e4508fbe4933377b4961362906a9eebbbd5d619f135ef5ea8b7b47096ca275473d468bb0023d89248267dd526dda8a4078ed698f1bad557c44f2866c11fab3f48917aa4e69610328edfac39f7274df9cb47aaed133f96f2e857c444a25a669a2d56e5085b9dd6247f0f2968379ca4d7890490e332e1b38f3ae87ed1cc6c863a452338d88b2dc95ca0526d78778cc98b06c5aa809ce1f7f37595ffe4968bfc69d4b039f3b4da9f59ffbee011a5a0ffa45d69125f8cfa464c68c025605d8814f6af95207c62f0fa6d57003f7fb75afd1d94da7317cef319993443e059ec6bbb15151d5e3daa76ed46ecaa8ff91d764f8f1c7a83713a0f3061c5a027bb380cdbfaae4c707d9d56148bc041929655a924bc8955899331175826baf4943b638580d8a99db505032c71d2d064329c8e1a848d4c6e17b36262ae14715f78b1ea431f035def50147cd9f63622045a9795308f15084d0d5365369c0c499c74a74f40a20c9166adb76c867a0a84446de808a2d17f37757a652415a8e7b6592f9df2c3d542ed7df7fcc35c728196ff78e34d7e4ea86b22aafc7627689c4ec07ef2bc5c32814e288a8463d505d2829b8805f07e9bdb81d0d5dcaef7953ee870f3052c14f76ed89a088ebd5ea73775605d1bf6e890f1346849df63341b06575ecda1b014a2786487dc5762f97fc0761757dd6d8a3cb879c995aed6311b21ae57df6e3b9d8f1f2b03f5614840c0b8581187f142d20b58734bbd2c80cc80500d7cacaf43edee62528af5ed0d88baaaf7a50bf981e4f6843aea97c840a82ed0fa3a7444090f30a37b4b05cd42698ec4e525acb376991f30c4a654bed1957e9687fee8a7a6e98adb0134da9cea34e4a096eb9f9dbfb6aa75955f6e2ba7c990e5575e2180de04c325914c0e1d62ec32e6a96fdd86252b5f1f3d740bc48c0fe18b9de96be3f309e5284dc4a0752730a8ba84daa50eebbcff46b06946c6bd748bd097ef8fa4baed9f96bc97d1b48bf49ee188b095c0dd1b50d41174a8e5d96825a532d6b893acd5ad2009f8db1006d01e2479b307f69cbcd124a91397b0a76fc5a783d9cc0162b21bc936d0f74a7d8fc498b8b417970ef3d726383515a071d591531fb38034b6848cd0da6c1d86c3ced7f4e66263afd289733758de002aee0ed6b755e953567ab96cb69ad2f0f7aa6a111af6ab20b60807ec98eccbcc5e9cf0f847d9914edb9b15a959b45391fa06fa0c7af230b6d51379144e2ddb26b6603f3beba21b099f6b4efd5bb24bd0c3197a5b1b65dbac0a30ed599ee2ce1491dda380cbf83a439a272fee5d7a98ccb8d199f300fb5941b448742c7e8ff3edc0767be46fedc43824fc4dbe70bf4f1c70aeef2ea222b7a8f71547fd2a2a48804feda2c9af5bef5bd3a52f83df31bd8321e281f0eaf29968599dfc11290576c9cfec7eba1ce91d5fec79aa3b0851d8cb4bf3f3b9048067529ccd823a79b87b5f21bdb22ba3c439fe323d94db146fbd61ba0d6bfe310b945fb9af312bb2eb41f0c0eada105d27e9b9b37748ea766ee1e7681a98d2b73e332976f76c904a9f45d166f29c21b96fffa46501c13474df4e5ec6b1bbae4ef4a22d7e9f2c2700076f32a700fb6ba545af03fe1ad1fb3c2f5ed52b65c89f892a1bfda861f9167fb6b1116c9d322e788a6fa1dd6508a0c53826bb552ba66ceab37befa3064d531fd266d1882ecf5ed0d1b67c3a8213551dcf8b0ae40295495a51db1d2455e30be08fbdee5a8d4421b2f9e0e2e9233d8519886928f6e1d1db5e606c04323636026558e0115283c66e537d21bb8f9e7ea413906ec3245380c1d4846cbfd4de91f48901a29762729cff68e4fb0817efb62dba6cbc47253f42f78fd34eb9d2ac264effa0126a473163ad1c1ab4d5932870320d4b945a16edb71d8d8247bc056115556cd214a2ea685de30c917719226bd675e5d9a1105ed6b8dc030a97f6db229bb38f83468eb148ae692519f4b42e7e87efdf8c3e6ad2c4a4501b3892e37fef0409e28b2508ff29ac8e5c896bf47c6f25c35649a1780611fc84c37543971136411e37ce960af45509ded46ea520be6bbded5bc3632a51150d885eba024599f7bdfdfb7792c21df8936e4344b5389a632f86be0f23027f6880f0e5e927bf719b4ddea68820d0c873ad83e4c601de10cc8e99f420d151bd8a6632dc21382cdaa863ad8c2954c0e994cd69efbedcd038a90ea2cd06e0b53ef876ebf31b9058bdc5b9a7b08cc1b935086e905bd96f6c6eec9133cbfb3516f2530272dddad7f490500401f2cad5b955dbacbeea6e3e651ba962be093adb093e952271904366f7487dd2ac84f90e23da0408263ed1f4a8261191fbebc3af43734eee2b0dcdc8d69caad218f86e3ee791d7a50c562b031ed5cdcf03b1a30e7ecbfe453e97b122075e383fd8b225f86eedc27d0adaf82574b16f064049f7c2508927a39a1f43eb00

mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)

dPolicies-explorer: NoResolveTrack = 1 (0x1)

dPolicies-explorer: NoInstrumentation = 1 (0x1)

dPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)

dPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)

IE: Append Link Target to Existing PDF - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - i:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: LastPass - file://i:\program files\lastpass\context.html?cmd=lastpass

IE: LastPass Fill Forms - file://i:\program files\lastpass\context.html?cmd=fillforms

IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "i:\program files\fiddler2\Fiddler.exe"

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - i:\program files\pokerstars.net\PokerStarsUpdate.exe

IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - i:\program files\lastpass\LPBar.dll

Trusted Zone: intuit.com\ttlc

DPF: {070DC617-E3B7-468B-A29C-D4E84FAE938C} - hxxp://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Notify: !SASWinLogon - i:\program files\superantispyware\SASWINLO.DLL

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - i:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - i:\program files\superantispyware\SASSEH.DLL

SecurityProviders: schannel.dll, credssp.dll, digest.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - i:\docume~1\mra16f~1.inc\applic~1\mozilla\firefox\profiles\r6so5yhc.default\

FF - prefs.js: browser.startup.homepage - www.google.com

FF - component: i:\documents and settings\mr. incredible\application data\mozilla\firefox\profiles\r6so5yhc.default\extensions\support@lastpass.com\platform\winnt_x86-msvc\components\lpxpcom.dll

FF - component: i:\program files\adobe\acrobat 10.0\acrobat\browser\wcfirefoxextn\components\WCFirefoxExtn.dll

FF - plugin: i:\documents and settings\mr. incredible\local settings\application data\flock\update\1.2.213.0\npFlockOneClick8.dll

FF - plugin: i:\documents and settings\mr. incredible\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: i:\documents and settings\mr. incredible\local settings\application data\rockmelt\update\1.2.189.1\npRockMeltOneClick8.dll

FF - plugin: i:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: i:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

FF - plugin: i:\program files\nos\bin\np_gp.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - i:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - i:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - i:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Java Quick Starter: jqs@sun.com - i:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: Adobe Acrobat - Create PDF: web2pdfextension@web2pdf.adobedotcom - i:\program files\adobe\acrobat 10.0\acrobat\browser\WCFirefoxExtn

FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - i:\program files\fiddler2\FiddlerHook

FF - Ext: Live HTTP Headers: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} - %profile%\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}

FF - Ext: LastPass: support@lastpass.com - %profile%\extensions\support@lastpass.com

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;i:\windows\system32\drivers\Lbd.sys [2010-12-28 64288]

R1 SASDIFSV;SASDIFSV;i:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]

R1 SASKUTIL;SASKUTIL;i:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]

R1 SbFw;SbFw;i:\windows\system32\drivers\SbFw.sys [2010-10-24 331992]

R1 SBRE;SBRE;i:\windows\system32\drivers\SBREDrv.sys [2010-5-13 98392]

R1 sbtis;SbTis;i:\windows\system32\drivers\sbtis.sys [2010-10-24 212568]

R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;i:\windows\system32\IPROSetMonitor.exe [2011-3-20 109728]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;i:\program files\common files\pc tools\smonitor\StartManSvc.exe [2011-1-2 632792]

R2 SBPIMSvc;SB Recovery Service;i:\program files\sunbelt software\vipre\SBPIMSvc.exe [2010-8-20 181584]

R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;i:\windows\system32\drivers\SbFwIm.sys [2010-10-24 68696]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;i:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SBAMSvc;VIPRE Antivirus Premium;i:\program files\sunbelt software\vipre\SBAMSvc.exe [2010-8-20 2763080]

S3 CGVPNCliSrvc;CyberGhost VPN Client;i:\program files\s.a.d\cyberghost vpn\CGVPNCliService.exe [2010-11-1 2421384]

S3 IDriveE Service;IDriveE Service;i:\program files\idrive\IDriveE Service.exe [2011-1-1 148936]

S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;i:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 1405384]

S3 nosGetPlusHelper;getPlus® Helper 3004;i:\windows\system32\svchost.exe -k nosGetPlusHelper [2008-4-14 14336]

S3 pneteth;PdaNet Broadband;i:\windows\system32\drivers\pneteth.sys [2011-3-5 13312]

S3 PSI;PSI;i:\windows\system32\drivers\psi_mf.sys [2010-7-7 14904]

S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;i:\windows\system32\drivers\SbFwIm.sys [2010-10-24 68696]

S3 sbhips;sbhips;i:\windows\system32\drivers\sbhips.sys [2010-10-24 94040]

S3 SbieDrv;SbieDrv;i:\program files\sandboxie\SbieDrv.sys [2010-10-17 124648]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);i:\windows\system32\drivers\ssadbus.sys [2011-3-5 96416]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;i:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-03-28 20:36:57 -------- d-----w- i:\windows\system32\xircom

2011-03-28 20:36:57 -------- d-----w- i:\windows\system32\wbem\snmp

2011-03-28 20:36:57 -------- d-----w- i:\windows\srchasst

2011-03-28 20:30:30 98816 ----a-w- i:\windows\sed.exe

2011-03-28 20:30:30 89088 ----a-w- i:\windows\MBR.exe

2011-03-28 20:30:30 256512 ----a-w- i:\windows\PEV.exe

2011-03-28 20:30:30 161792 ----a-w- i:\windows\SWREG.exe

2011-03-23 23:27:20 -------- d-----w- i:\program files\Fiddler2

2011-03-23 02:59:23 -------- d-----w- i:\windows\pss

2011-03-21 17:59:28 -------- d-----w- i:\windows\Internet Logs

2011-03-20 18:05:19 109728 ----a-w- i:\windows\system32\IPROSetMonitor.exe

2011-03-20 17:09:48 53248 ----a-w- i:\windows\system32\CSVer.dll

2011-03-20 17:09:40 -------- d-----w- I:\Intel

2011-03-20 17:06:13 91448 ----a-w- i:\windows\system32\bcmwlcoi.dll

2011-03-20 17:06:13 3363384 ----a-w- i:\windows\system32\drivers\BCMWL5.SYS

2011-03-20 17:06:09 -------- d-----w- i:\program files\Lenovo

2011-03-19 17:38:23 -------- d-----w- i:\program files\Transparent Screen Lock

2011-03-19 06:17:48 -------- d-----w- i:\windows\system32\Adobe

2011-03-15 22:33:40 -------- d-----w- i:\docume~1\mra16f~1.inc\applic~1\Dropbox

2011-03-13 06:52:53 -------- d-----w- i:\docume~1\mra16f~1.inc\locals~1\applic~1\Yahoo

2011-03-13 06:51:05 -------- d-----w- i:\program files\Yahoo!

2011-03-12 03:58:09 -------- d-----w- i:\program files\PokerStars.NET

2011-03-09 23:29:40 -------- d-----w- i:\windows\ie8updates

2011-03-09 23:28:32 -------- d--h--w- i:\windows\$hf_mig$

2011-03-09 23:21:55 730112 ------w- i:\windows\system32\dllcache\lsasrv.dll

2011-03-09 23:21:52 1864064 ------w- i:\windows\system32\dllcache\win32k.sys

2011-03-09 23:21:49 439808 ------w- i:\windows\system32\dllcache\shimgvw.dll

2011-03-09 23:21:48 8463360 ------w- i:\windows\system32\dllcache\shell32.dll

2011-03-09 23:21:45 301568 ------w- i:\windows\system32\dllcache\kerberos.dll

2011-03-09 23:21:42 253952 ------w- i:\windows\system32\dllcache\odbc32.dll

2011-03-09 23:21:42 200704 ------w- i:\windows\system32\dllcache\msadox.dll

2011-03-09 23:21:42 180224 ------w- i:\windows\system32\dllcache\msadomd.dll

2011-03-09 23:21:42 143360 ------w- i:\windows\system32\dllcache\msadco.dll

2011-03-09 23:21:42 102400 ------w- i:\windows\system32\dllcache\msjro.dll

2011-03-09 23:21:36 40960 ------w- i:\windows\system32\dllcache\ndproxy.sys

2011-03-09 23:21:33 81920 ------w- i:\windows\system32\dllcache\isign32.dll

2011-03-09 23:21:30 45568 ------w- i:\windows\system32\dllcache\wab.exe

2011-03-09 22:58:51 4608 ----a-w- i:\windows\system32\Copy of msimg32.dll

2011-03-08 02:15:49 -------- d-----w- i:\program files\Playlist Creator 3.6.2

2011-03-07 21:59:31 -------- d-----w- i:\docume~1\mra16f~1.inc\applic~1\Softplicity

2011-03-07 21:59:29 -------- d-----w- i:\program files\TotalAudioConverter

2011-03-07 06:19:08 -------- d-----w- i:\docume~1\alluse~1\applic~1\MumboJumbo

2011-03-07 06:16:20 -------- d-----w- i:\program files\Elf Bowling The Last Insult

2011-03-07 06:16:02 -------- d-----w- i:\program files\Elf Bowling - Hawaiian Vacation

2011-03-07 06:15:32 -------- d-----w- i:\program files\Elf Bowling Holiday Bundle

2011-03-06 07:34:09 -------- d-----w- i:\program files\Free M4a to MP3 Converter

2011-03-06 07:29:12 -------- d-----w- i:\program files\NCH Software

2011-03-06 07:28:31 -------- d-----w- i:\program files\NCH Swift Sound

2011-03-05 18:16:53 98560 ----a-w- i:\windows\system32\drivers\sscdbus.sys

2011-03-05 18:16:53 14848 ----a-w- i:\windows\system32\drivers\sscdmdfl.sys

2011-03-05 18:16:53 12416 ----a-w- i:\windows\system32\drivers\sscdcmnt.sys

2011-03-05 18:16:53 12416 ----a-w- i:\windows\system32\drivers\sscdcm.sys

2011-03-05 18:16:53 123648 ----a-w- i:\windows\system32\drivers\sscdmdm.sys

2011-03-05 18:16:53 12288 ----a-w- i:\windows\system32\drivers\sscdwhnt.sys

2011-03-05 18:16:53 12288 ----a-w- i:\windows\system32\drivers\sscdwh.sys

2011-03-05 18:16:53 100352 ----a-w- i:\windows\system32\drivers\sscdserd.sys

2011-03-05 18:16:52 -------- d-----w- i:\program files\SAMSUNG

2011-03-05 18:16:49 -------- d-----w- i:\docume~1\alluse~1\applic~1\Samsung

2011-03-05 18:16:43 53248 ----a-r- i:\docume~1\mra16f~1.inc\applic~1\microsoft\installer\{64c85b95-e971-4705-b3ed-d4a0153c0d5b}\ARPPRODUCTICON.exe

2011-03-05 18:01:33 -------- d-----w- i:\program files\SAMSUNG CDMA Modem

2011-03-05 17:59:40 -------- d-----w- i:\program files\QPST

2011-03-05 17:58:22 14640 ------w- i:\windows\system32\spmsgXP_2k3.dll

2011-03-05 17:56:41 96416 ----a-w- i:\windows\system32\drivers\ssadbus.sys

2011-03-05 17:56:41 581192 ----a-w- i:\windows\system32\WinUSBCoInstaller.dll

2011-03-05 17:56:41 13312 ----a-w- i:\windows\system32\drivers\pneteth.sys

2011-03-05 17:56:41 1112288 ----a-w- i:\windows\system32\WdfCoInstaller01007.dll

2011-03-05 17:56:41 10144 ----a-w- i:\windows\system32\drivers\ssadwhnt.sys

2011-03-05 17:56:41 10144 ----a-w- i:\windows\system32\drivers\ssadwh.sys

2011-03-05 17:56:41 -------- d-----w- i:\program files\PdaNet for Android

2011-02-27 07:32:27 77824 ----a-w- i:\windows\system32\xvid.ax

2011-02-27 07:19:44 -------- d-----w- i:\program files\Photo Stamp Remover

.

==================== Find3M ====================

.

2011-02-15 02:10:53 165058 ----a-w- i:\windows\Audio Converter Pro Uninstaller.exe

2011-02-09 13:53:52 270848 ----a-w- i:\windows\system32\sbe.dll

2011-02-09 13:53:52 186880 ----a-w- i:\windows\system32\encdec.dll

2011-02-08 23:42:30 659576 ----a-w- i:\windows\system32\ncs2dmix.dll

2011-02-08 23:42:24 514168 ----a-w- i:\windows\system32\accesor.dll

2011-02-08 23:19:22 135288 ----a-w- i:\windows\system32\ncs2instutility.dll

2011-02-08 23:02:02 1941624 ----a-w- i:\windows\system32\ncscolib.dll

2011-02-08 12:55:21 16432 ----a-w- i:\windows\system32\lsdelete.exe

2011-02-03 02:40:23 472808 ----a-w- i:\windows\system32\deployJava1.dll

2011-02-03 00:19:39 73728 ----a-w- i:\windows\system32\javacpl.cpl

2011-01-28 15:52:18 183296 ----a-w- i:\windows\system32\Ncs2Setp.dll

2011-01-28 15:19:28 266440 ----a-w- i:\windows\system32\Prounstl.exe

2011-01-27 04:51:44 302080 ----a-w- i:\windows\system32\ati2dvag.dll

2011-01-27 04:42:02 4029824 ----a-w- i:\windows\system32\ati3duag.dll

2011-01-27 04:32:14 212992 ----a-w- i:\windows\system32\atipdlxx.dll

2011-01-27 04:31:44 43520 ----a-w- i:\windows\system32\ati2edxx.dll

2011-01-27 04:31:30 188416 ----a-w- i:\windows\system32\ati2evxx.dll

2011-01-27 04:30:10 638976 ----a-w- i:\windows\system32\ati2evxx.exe

2011-01-27 04:27:08 2673280 ----a-w- i:\windows\system32\ativvaxx.dll

2011-01-27 04:23:52 651264 ----a-w- i:\windows\system32\atikvmag.dll

2011-01-27 04:21:34 196608 ----a-w- i:\windows\system32\atiadlxx.dll

2011-01-27 04:21:32 483328 ----a-w- i:\windows\system32\atiok3x2.dll

2011-01-27 04:15:14 847872 ----a-w- i:\windows\system32\ati2cqag.dll

2011-01-26 23:05:56 17252352 ----a-w- i:\windows\system32\atioglxx.dll

2011-01-26 23:01:00 57344 ----a-w- i:\windows\system32\aticalrt.dll

2011-01-26 23:00:54 53248 ----a-w- i:\windows\system32\aticalcl.dll

2011-01-26 22:59:36 4636672 ----a-w- i:\windows\system32\aticaldd.dll

2011-01-26 22:52:46 462848 ----a-w- i:\windows\system32\ATIDEMGX.dll

2011-01-26 22:41:32 311296 ----a-w- i:\windows\system32\atiiiexx.dll

2011-01-26 22:35:04 1112576 ----a-w- i:\windows\system32\ativvamv.dll

2011-01-26 22:31:58 155648 ----a-w- i:\windows\system32\Oemdspif.dll

2011-01-26 22:31:50 26112 ----a-w- i:\windows\system32\Ati2mdxx.exe

2011-01-26 22:28:44 53248 ----a-w- i:\windows\system32\ATIDDC.DLL

2011-01-26 22:27:50 143360 ----a-w- i:\windows\system32\atiapfxx.exe

2011-01-26 22:21:08 17408 ----a-w- i:\windows\system32\atitvo32.dll

2011-01-26 22:12:58 64512 ----a-w- i:\windows\system32\atimpc32.dll

2011-01-26 22:12:58 64512 ----a-w- i:\windows\system32\amdpcom32.dll

2011-01-21 14:42:25 439808 ----a-w- i:\windows\system32\shimgvw.dll

2011-01-07 14:09:31 290048 ----a-w- i:\windows\system32\atmfd.dll

2010-12-31 13:14:45 1864064 ----a-w- i:\windows\system32\win32k.sys

.

============= FINISH: 15:57:37.59 ===============

Link to post
Share on other sites

  • Staff

Hi,

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    wscntfy.exe
    tcpip.sys


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Link to post
Share on other sites

Hi,

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :filefind
    wscntfy.exe
    tcpip.sys


  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Thanks Screen!

SystemLook 04.09.10 by jpshortstuff

Log created at 17:09 on 30/03/2011 by Mr. Incredible

Administrator - Elevation successful

========== filefind ==========

Searching for "wscntfy.exe"

No files found.

Searching for "tcpip.sys"

I:\WINDOWS\system32\drivers\tcpip.sys --a---- 361600 bytes [04:47 13/10/2010] [04:47 13/10/2010] 474D3DCCB57DEFCD917311EEC47204B9

-= EOF =-

Link to post
Share on other sites

  • Staff

Hi,

I'd like you to download Service Pack 3 from here and save it to your Desktop:

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=5b33b5a8-5e76-401f-be08-1e1555d4f3d4&displaylang=en

Do not run it yet.

Now uninstall Service Pack 3 from Add or Remove Programs; ensure that your security programs are disabled and that you're disconnected from the Internet.

When it completes, restart your computer and run the Service Pack 3 installation you previously downloaded.

When it all completes, restart your computer, run DDS, and post DDS.txt here.

Link to post
Share on other sites

  • 4 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.