coled Posted April 13, 2010 ID:232143 Share Posted April 13, 2010 My girlfriend was browsing the web and pressed OK to some message which came up on my screen and ever since Sunday I've been having problems galore.I had Norton Anti Virus installed and there were tons of Symantec pop ups coming on my screen, I deleted Norton but I was still having problems with internet explorer and firefox both timing out, I couldn't even get onto this site.I managed to get a download of Trend Micro's Anti Virus 30 day free trial and scanned the pc, a few infections noted, winupd01.exe being 1 of them.It cleaned it up enough for me to come on this site and download your MBAM, a few more infections were being listed so the Trend Micro obviously didnt get them all.My Firefox is stil running extremely slow and times out every now and then, certainly not running as smootly as it was prior to Sunday.Can you help me at all?? Link to post Share on other sites More sharing options...
coled Posted April 14, 2010 Author ID:232756 Share Posted April 14, 2010 MBAM Log from yesterday if that helpsMalwarebytes' Anti-Malware 1.44Database version: 3510Windows 5.1.2600 Service Pack 2Internet Explorer 8.0.6001.1870213/04/2010 22:02:13mbam-log-2010-04-13 (22-02-13).txtScan type: Quick ScanObjects scanned: 126238Time elapsed: 25 minute(s), 46 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 1Registry Data Items Infected: 0Folders Infected: 0Files Infected: 0Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\disableconfig (Windows.Tool.Disabled) -> Delete on reboot.Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:(No malicious items detected) Link to post Share on other sites More sharing options...
Maniac Posted April 14, 2010 ID:232850 Share Posted April 14, 2010 Hello coled! Welcome to MalwareBytes' Anti-Malware Forums!My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following: The process of cleaning your system may take some time, so please be patient.Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.Instructions that I give are for your system only!If you don't know or can't understand something please ask. Do not install any software or hardware, while work on.Your version of MalwareBytes' Anti-Malware is old and your database version is old too.Step 1:1. Uninstall Malwarebytes' Anti-Malware using Add/Remove programs in the control panel.2. Restart your computer (very important).3. It will ask to restart your computer (please allow it to).4. After the computer restarts, install the latest version from here. mbam-setup.exeNote: You will need to reactivate the program using the license you were sent Launch the program and set the Protection and Registration. Then go to the UPDATE tab if not done during installation and check for updates.Restart the computer again and verify that MBAM is in the task tray and that you can run a quick scan and all is working as expected.Step 2:Launch Malwarebytes' Anti-MalwareGo to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.Step 3:Download DDS and save it to your desktop from here or here or here.Disable any script blocker, and then double click dds.scr to run the tool. When done, DDS will open two (2) logs: DDS.txt Attach.txt[*]Save both reports to your desktop. Post them back to your topic.Step 4:Please download GMER from one of the following locations and save it to your desktop:Main MirrorThis version will download a randomly named file (Recommended)Zipped MirrorThis version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running GMER in Safe Mode.In your next reply, please include these log(s):* MalwareBytes' Anti-Malware log* DDS log with Attach.txt* GMER log Link to post Share on other sites More sharing options...
coled Posted April 17, 2010 Author ID:234275 Share Posted April 17, 2010 1. Malwarebytes' Anti-Malware 1.45www.malwarebytes.orgDatabase version: 3999Windows 5.1.2600 Service Pack 2Internet Explorer 8.0.6001.1870216/04/2010 23:10:05mbam-log-2010-04-16 (23-10-05).txtScan type: Quick scanObjects scanned: 116227Time elapsed: 26 minute(s), 58 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 2Registry Values Infected: 1Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Fci (Rootkit.Agent) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapidrv (Rootkit.Agent) -> Quarantined and deleted successfully.Registry Values Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\disableconfig (Windows.Tool.Disabled) -> Delete on reboot.Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\WINDOWS\system32\drivers\AtapiDrv.sys (Rootkit.Agent) -> Quarantined and deleted successfully.2. I couldn't download DDS, I had to use my sister's computer at my mothers house (I live at another address) to download the programs and email them to myself as attachments, when I went to my inbox to download the DDS it wasn't attached, I dont know if src files don't send as email attachments or something?If you can't work without the DDS log could you send me a download to this email address please:kerrynb@hotmail.co.uk3.GMER 1.0.15.15281 - http://www.gmer.netRootkit scan 2010-04-17 11:23:35Windows 5.1.2600 Service Pack 2Running: ljfw50gq.exe; Driver: C:\DOCUME~1\RIMACA~1\LOCALS~1\Temp\fgldapog.sys---- System - GMER 1.0.15 ----SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKey [0x804D70B3]SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70B3] ZwCreateKey [0x804D70B3]SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteKey [0x804D70BD]SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70BD] ZwDeleteKey [0x804D70BD]SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteValueKey [0x804D70AE]SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70AE] ZwDeleteValueKey [0x804D70AE]SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateKey [0x804D70C2]SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70C2] ZwEnumerateKey [0x804D70C2]SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateValueKey [0x804D70C7]SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70C7] ZwEnumerateValueKey [0x804D70C7]SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKey [0x804D70D6]SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70D6] ZwOpenKey [0x804D70D6]SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryKey [0x804D70D1]SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70D1] ZwQueryKey [0x804D70D1]SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryValueKey [0x804D70CC]SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70CC] ZwQueryValueKey [0x804D70CC]SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetValueKey [0x804D70B8]SSDT \WINDOWS\system32\ntkrnlpa.exe[unknown section] [804D70B8] ZwSetValueKey [0x804D70B8]INT 0x03 \WINDOWS\system32\ntkrnlpa.exe[unknown section] 804D70DB---- Kernel code sections - GMER 1.0.15 ----? ksvqygn.sys The system cannot find the file specified. !.text C:\WINDOWS\system32\drivers\aksfridge.sys section is writeable [0x9DA9E000, 0x44527, 0xE0000020].init C:\WINDOWS\system32\drivers\aksfridge.sys entry point in ".init" section [0x9DAF0224].init C:\WINDOWS\system32\drivers\aksfridge.sys unknown last code section [0x9DAF0000, 0x7000, 0xE20000E0].text C:\WINDOWS\system32\drivers\hardlock.sys section is writeable [0x9D8C2400, 0x88182, 0xE8000020].protect Link to post Share on other sites More sharing options...
Maniac Posted April 17, 2010 ID:234276 Share Posted April 17, 2010 Let us use an alternative to DDS.Step 1:Click here to download HJTInstall.exeSave HJTInstall.exe to your desktop.Doubleclick on the HJTInstall.exe icon on your desktop.By default it will install to C:\Program Files\Trend Micro\HijackThis . Click on Install.It will create a HijackThis icon on the desktop.Once installed, it will launch Hijackthis.Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.Come back here to this thread and Paste the log in your next reply.DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.Step 2:Also, I would like you to generate a "Add/Remove Software list" log using the HijackThis application. Here is how you can do this:To get an Uninstall List from HijackThis:Open HijackThis, click Config, click Misc ToolsClick "Open Uninstall Manager"Click "Save List" (generates uninstall_list.txt)Click Save, copy and paste the results in your next post.Let me know how are things now.In your next reply, please include these log(s):* HijackThis Uninstall List* HijackThis log (new) Link to post Share on other sites More sharing options...
coled Posted April 22, 2010 Author ID:237738 Share Posted April 22, 2010 Finally got the DDS to workDDS (Ver_10-03-17.01) - NTFSx86 Run by Rimac Anthonye at 0:16:06.44 on 23/04/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1014.399 [GMT 1:00]AV: Trend Micro Internet Security Pro *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Bonjour\mDNSResponder.exesvchost.exeC:\WINDOWS\system32\hasplms.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files\Trend Micro\Internet Security\SfCtlCom.exesvchost.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC:\WINDOWS\system32\mqsvc.exeC:\WINDOWS\system32\mqtgsvc.exeC:\Program Files\Trend Micro\Internet Security\TmProxy.exeC:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exeC:\Program Files\Trend Micro\BM\TMBMSRV.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\Program Files\Common Files\AOL\ACS\AOLDial.exeC:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXEC:\Program Files\Common Files\AOL\1165261327\ee\AOLSoftware.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXEC:\Program Files\BroadJump\Client Foundation\CFD.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\iTunes\iTunesHelper.exeC:\PROGRA~1\hpq\Shared\HPQTOA~1.EXEC:\Program Files\SyncroSoft\Pos\H2O\cledx.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exeC:\DOCUME~1\RIMACA~1\LOCALS~1\Temp\oldbot.exeC:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exeC:\Program Files\Craft ROBO Controller\CRSSupervisor.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\HP\Digital Imaging\bin\hpqimzone.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exeC:\Program Files\Trend Micro\TrendSecure\TISProToolbar\PlatformDependent\ProToolbarComm.exeC:\Documents and Settings\Rimac Anthonye\Desktop\dds.scr============== Pseudo HJT Report ===============uSearch Bar = hxxp://www.google.com/ieuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=presario&pf=laptopuInternet Settings,ProxyOverride = <local>;*.localuSearchURL,(Default) = hxxp://www.google.com/search?q=%smWinlogon: Taskman=c:\documents and settings\rimac anthonye\csrss.exeuWinlogon: Shell=explorer.exe,c:\documents and settings\rimac anthonye\csrss.exeBHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dllTB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dllTB: {C4069E3A-68F1-403E-B40E-20066696354B} - No FileTB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dllTB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No FileTB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dlluRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exeuRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduleruRun: [oldbot] c:\docume~1\rimaca~1\locals~1\temp\oldbot.exeuRun: [OE] "c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe"uRun: [Google Update] "c:\documents and settings\rimac anthonye\local settings\application data\google\update\GoogleUpdate.exe" /cmRun: [ehTray] c:\windows\ehome\ehtray.exemRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exemRun: [igfxtray] c:\windows\system32\igfxtray.exemRun: [igfxhkcmd] c:\windows\system32\hkcmd.exemRun: [igfxpers] c:\windows\system32\igfxpers.exemRun: [MsmqIntCert] regsvr32 /s mqrt.dllmRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exemRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartmRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exemRun: [RecGuard] c:\windows\sminst\RecGuard.exemRun: [Reminder] c:\windows\creator\Remind_XP.exemRun: [speedTouch USB Diagnostics] "c:\program files\thomson\speedtouch usb\Dragdiag.exe" /iconmRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exemRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"mRun: [EPSON Stylus C48 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /O6 "USB001" /M "Stylus C48"mRun: [HostManager] c:\program files\common files\aol\1165261327\ee\AOLSoftware.exemRun: [iPHSend] c:\program files\common files\aol\iphsend\IPHSend.exemRun: [EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB002" /M "Stylus Photo R300"mRun: [bJCFD] c:\program files\broadjump\client foundation\CFD.exemRun: [workflow] e:\installs\workflow.exemRun: [WinampAgent] "c:\program files\winamp\winampa.exe"mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentmRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exemRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exemRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osbootmRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"mRun: [ctfmon.exe] ctfmon.exemRun: [ufSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXEStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol90t~1.lnk - c:\program files\aol 9.0\aoltray.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\craftr~1.lnk - c:\program files\craft robo controller\CRSSupervisor.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXEStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exeIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - c:\progra~1\nuclea~1\videoget\plugins\VIDEOG~1.DLLIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLLDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cabDPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cabDPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabDPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.1.4.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cabDPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader.cabDPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cabDPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194423345296DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cabDPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabDPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader4_5.cabDPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} - hxxp://members.driverguide.com/director/dispatch_getfile.php?mode=toolkit_liteHandler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dllNotify: acpiz - acpiz.dllNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllHosts: 121.254.96.92 msnfix.changelog.frHosts: 121.254.96.92 www.incodesolutions.comHosts: 121.254.96.92 virusinfo.prevx.comHosts: 121.254.96.92 download.bleepingcomputer.comHosts: 121.254.96.92 www.dazhizhu.cnNote: multiple HOSTS entries found. Please refer to Attach.txt================= FIREFOX ===================FF - ProfilePath - c:\docume~1\rimaca~1\applic~1\mozilla\firefox\profiles\7hx5bm3h.default\FF - component: c:\program files\trend micro\trendsecure\tisprotoolbar\firefoxextension\components\FFTMUFEHelper.dllFF - component: c:\program files\trend micro\trendsecure\tisprotoolbar\firefoxextension\components\FFToolbarComm.dllFF - plugin: c:\documents and settings\rimac anthonye\local settings\application data\google\update\1.2.183.23\npGoogleOneClick8.dllFF - plugin: c:\program files\microsoft\office live\npOLW.dllFF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dllFF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);============= SERVICES / DRIVERS ===============R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-26 54752]R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-6 99328]R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-9-12 1247600]R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2010-4-11 36368]R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2009-7-27 33792]R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2010-4-11 339984]R3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2010-4-11 50704]R3 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2010-4-11 689416]S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]=============== Created Last 30 ================2010-04-22 17:43:22 110592 --sh--r- c:\documents and settings\rimac anthonye\csrss.exe2010-04-16 21:34:45 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2010-04-16 21:34:41 20824 ----a-w- c:\windows\system32\drivers\mbam.sys2010-04-16 21:34:41 0 d-----w- c:\program files\Malwarebytes' Anti-Malware2010-04-12 15:35:15 0 d-----w- c:\docume~1\rimaca~1\applic~1\Malwarebytes2010-04-12 15:34:07 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes2010-04-11 15:01:55 0 d-sh--w- c:\documents and settings\rimac anthonye\PrivacIE2010-04-11 14:40:25 10752 ----a-w- c:\windows\DCEBoot.exe2010-04-11 01:07:08 0 d-sh--w- c:\documents and settings\rimac anthonye\IETldCache2010-04-11 01:05:18 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys2010-04-11 01:05:18 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys2010-04-11 01:03:56 0 d-----w- c:\windows\system32\Service2010-04-11 01:01:30 0 d-----w- c:\docume~1\alluse~1\applic~1\Trend Micro2010-04-11 01:00:43 0 d-----w- c:\program files\Trend Micro2010-04-11 00:59:43 661808 ----a-w- c:\windows\system32\UfWSC.cpl2010-04-11 00:59:27 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys2010-04-11 00:59:27 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys2010-04-11 00:59:27 339984 ----a-w- c:\windows\system32\drivers\TM_CFW.sys2010-04-11 00:59:27 230928 ----a-w- c:\windows\system32\drivers\tmxpflt.sys2010-04-11 00:59:27 1322680 ----a-w- c:\windows\system32\drivers\vsapint.sys2010-04-11 00:51:37 12800 ------w- c:\windows\system32\dllcache\xpshims.dll2010-04-11 00:51:36 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll2010-04-11 00:51:28 0 d-----w- c:\windows\ie8updates2010-04-11 00:50:53 64000 ------w- c:\windows\system32\dllcache\iecompat.dll2010-04-11 00:49:58 0 dc-h--w- c:\windows\ie82010-04-11 00:38:41 109248 ----a-w- c:\windows\system32\MSWINSCK.OCX2010-04-11 00:38:38 212992 ----a-w- c:\windows\system32\DartSock.dll2010-04-11 00:38:36 147456 ----a-w- c:\windows\system32\DartSecure2.dll2010-04-11 00:38:34 139264 ----a-w- c:\windows\system32\DartCertificate.dll2010-04-11 00:03:52 0 d-----w- c:\program files\common files\ODBC2010-04-10 23:55:28 0 d-----w- c:\program files\common files\Aladdin Shared2010-04-10 20:12:39 123 ----a-w- c:\documents and settings\rimac anthonye\file.bat2010-04-10 20:12:38 102450 ----a-w- c:\windows\system32\msvcrt2.dll2010-04-10 20:11:31 293376 ------w- c:\windows\system32\browserchoice.exe2010-04-09 07:36:27 0 ----a-w- c:\documents and settings\rimac anthonye\Desktop.ini==================== Find3M ====================2010-04-11 00:59:27 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys2010-04-10 20:12:37 14336 ----a-w- c:\windows\system32\svchost.exe2010-04-10 20:12:37 14336 ----a-w- c:\windows\system32\dllcache\svchost.exe2010-03-11 12:38:51 133120 ------w- c:\windows\system32\dllcache\extmgr.dll2010-03-10 13:18:21 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\dllcache\vbscript.dll2010-02-25 10:54:36 11070976 ------w- c:\windows\system32\dllcache\ieframe.dll2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll2010-02-25 06:24:37 916480 ------w- c:\windows\system32\dllcache\wininet.dll2010-02-25 06:24:37 611840 ------w- c:\windows\system32\dllcache\mstime.dll2010-02-25 06:24:37 206848 ------w- c:\windows\system32\dllcache\occache.dll2010-02-25 06:24:37 1209344 ------w- c:\windows\system32\dllcache\urlmon.dll2010-02-25 06:24:36 5944832 ------w- c:\windows\system32\dllcache\mshtml.dll2010-02-25 06:24:35 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll2010-02-25 06:24:35 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll2010-02-25 06:24:35 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll2010-02-25 06:24:35 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll2010-02-25 06:24:35 184320 ------w- c:\windows\system32\dllcache\iepeers.dll2010-02-25 06:24:34 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll2010-02-24 12:31:30 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys2010-02-24 12:31:30 454016 ------w- c:\windows\system32\dllcache\mrxsmb.sys2010-02-24 09:54:25 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe2010-02-19 11:55:15 197256 -c--a-w- c:\docume~1\rimaca~1\applic~1\GDIPFONTCACHEV1.DAT2010-02-17 10:57:54 2063744 ----a-w- c:\windows\system32\ntkrnlpa.exe2010-02-17 10:57:54 2063744 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe2010-02-16 17:37:57 2186880 ----a-w- c:\windows\system32\ntoskrnl.exe2010-02-16 17:37:57 2186880 ------w- c:\windows\system32\dllcache\ntoskrnl.exe2010-02-16 17:35:40 2143744 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe2010-02-16 16:57:54 2021888 ------w- c:\windows\system32\dllcache\ntkrpamp.exe2010-02-12 04:47:05 100864 ----a-w- c:\windows\system32\6to4svc.dll2010-02-12 04:47:05 100864 ------w- c:\windows\system32\dllcache\6to4svc.dll2010-02-11 12:01:43 226880 ----a-w- c:\windows\system32\dllcache\tcpip6.sys============= FINISH: 0:18:01.99 ===============UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH ITDDS (Ver_10-03-17.01)Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 02/12/2006 17:51:21System Uptime: 22/04/2010 23:38:45 (1 hours ago)Motherboard: Hewlett-Packard | | 30C6Processor: Intel® Celeron® M CPU 420 @ 1.60GHz | U1 | 1595/mhz==== Disk Partitions =========================C: is FIXED (NTFS) - 67 GiB total, 21.566 GiB free.D: is FIXED (FAT32) - 8 GiB total, 1.031 GiB free.E: is CDROM ()==== Disabled Device Manager Items ================= System Restore Points ===================RP1196: 24/01/2010 03:00:19 - Software Distribution Service 3.0RP1197: 25/01/2010 15:38:04 - System CheckpointRP1198: 26/01/2010 18:52:39 - System CheckpointRP1199: 27/01/2010 19:16:16 - System CheckpointRP1200: 28/01/2010 20:23:17 - System CheckpointRP1201: 30/01/2010 13:08:31 - System CheckpointRP1202: 31/01/2010 13:31:51 - Installed Microsoft Office Project Standard 2007RP1203: 01/02/2010 18:03:57 - System CheckpointRP1204: 01/02/2010 18:10:26 - Installed DirectXRP1205: 01/02/2010 19:10:22 - Software Distribution Service 3.0RP1206: 02/02/2010 02:59:52 - Software Distribution Service 3.0RP1207: 04/02/2010 07:12:47 - System CheckpointRP1208: 05/02/2010 11:14:32 - System CheckpointRP1209: 06/02/2010 11:46:12 - System CheckpointRP1210: 07/02/2010 14:34:36 - System CheckpointRP1211: 08/02/2010 19:05:18 - System CheckpointRP1212: 09/02/2010 19:21:58 - System CheckpointRP1213: 10/02/2010 19:52:00 - System CheckpointRP1214: 11/02/2010 00:56:01 - Software Distribution Service 3.0RP1215: 12/02/2010 11:48:24 - System CheckpointRP1216: 13/02/2010 12:33:09 - System CheckpointRP1217: 13/02/2010 19:54:22 - Removed BlackBerry Desktop Software 5.0.RP1218: 13/02/2010 20:03:53 - Removed Roxio Media ManagerRP1219: 14/02/2010 20:39:11 - System CheckpointRP1220: 15/02/2010 21:09:27 - System CheckpointRP1221: 16/02/2010 21:58:00 - System CheckpointRP1222: 18/02/2010 09:13:01 - System CheckpointRP1223: 19/02/2010 14:26:03 - System CheckpointRP1224: 20/02/2010 15:08:15 - System CheckpointRP1225: 21/02/2010 16:11:43 - System CheckpointRP1226: 22/02/2010 17:56:02 - System CheckpointRP1227: 23/02/2010 17:57:27 - System CheckpointRP1228: 24/02/2010 19:06:34 - System CheckpointRP1229: 24/02/2010 21:51:26 - Software Distribution Service 3.0RP1230: 25/02/2010 21:56:34 - System CheckpointRP1231: 26/02/2010 22:52:39 - System CheckpointRP1232: 27/02/2010 23:12:35 - System CheckpointRP1233: 01/03/2010 13:27:18 - System CheckpointRP1234: 02/03/2010 14:17:01 - System CheckpointRP1235: 03/03/2010 14:19:32 - System CheckpointRP1236: 04/03/2010 14:30:07 - System CheckpointRP1237: 05/03/2010 15:28:00 - System CheckpointRP1238: 06/03/2010 16:48:13 - System CheckpointRP1239: 07/03/2010 17:25:47 - System CheckpointRP1240: 08/03/2010 19:45:54 - System CheckpointRP1241: 09/03/2010 20:45:12 - System CheckpointRP1242: 10/03/2010 20:53:36 - System CheckpointRP1243: 10/03/2010 23:41:20 - Software Distribution Service 3.0RP1244: 11/03/2010 12:49:43 - Installed BlackBerry Device Software v4.5.0 for the BlackBerry 8310 smartphone.RP1245: 12/03/2010 12:53:26 - System CheckpointRP1246: 13/03/2010 13:26:17 - System CheckpointRP1247: 14/03/2010 14:19:35 - System CheckpointRP1248: 15/03/2010 14:29:34 - System CheckpointRP1249: 16/03/2010 14:55:54 - System CheckpointRP1250: 17/03/2010 15:01:10 - System CheckpointRP1251: 18/03/2010 17:46:35 - System CheckpointRP1252: 19/03/2010 17:16:02 - Removed Tweet AdderRP1253: 19/03/2010 17:16:13 - Installed Tweet AdderRP1254: 20/03/2010 18:45:43 - System CheckpointRP1255: 21/03/2010 18:56:19 - System CheckpointRP1256: 22/03/2010 19:08:09 - System CheckpointRP1257: 23/03/2010 19:22:56 - System CheckpointRP1258: 24/03/2010 20:32:34 - System CheckpointRP1259: 26/03/2010 14:20:16 - System CheckpointRP1260: 27/03/2010 15:46:37 - System CheckpointRP1261: 28/03/2010 17:09:56 - System CheckpointRP1262: 29/03/2010 19:07:15 - System CheckpointRP1263: 30/03/2010 19:23:31 - System CheckpointRP1264: 31/03/2010 19:59:09 - System CheckpointRP1265: 31/03/2010 23:32:55 - Software Distribution Service 3.0RP1266: 02/04/2010 00:08:19 - System CheckpointRP1267: 03/04/2010 10:29:11 - System CheckpointRP1268: 04/04/2010 10:49:53 - System CheckpointRP1269: 05/04/2010 13:41:16 - System CheckpointRP1270: 08/04/2010 09:51:40 - System CheckpointRP1271: 10/04/2010 07:25:12 - System Checkpoint==== Hosts File Hijack ======================Hosts: 121.254.96.92 msnfix.changelog.frHosts: 121.254.96.92 www.incodesolutions.comHosts: 121.254.96.92 virusinfo.prevx.comHosts: 121.254.96.92 download.bleepingcomputer.comHosts: 121.254.96.92 www.dazhizhu.cnHosts: 121.254.96.92 foro.noticias3d.comHosts: 121.254.96.92 www.spybotupdates.comHosts: 121.254.96.92 club.myce.comHosts: 121.254.96.92 www.k7computing.comHosts: 121.254.96.92 softwaresecuritysolutions.comHosts: 121.254.96.92 www.nabble.comHosts: 121.254.96.92 lurker.clamav.netHosts: 121.254.96.92 lexikon.ikarus.atHosts: 121.254.96.92 research.sunbelt-software.comHosts: 121.254.96.92 www.virusdoctor.jpHosts: 121.254.96.92 www.elitepvpers.deHosts: 121.254.96.92 guru.avg.comHosts: 121.254.96.92 downloads.sophos.comHosts: 121.254.96.92 share.skype.comHosts: 121.254.96.92 myantispyware.comHosts: 121.254.96.92 www.computerhilfen.deHosts: 121.254.96.92 www.superuser.co.krHosts: 121.254.96.92 ntfaq.co.krHosts: 121.254.96.92 v.dreamwiz.comHosts: 121.254.96.92 cit.kookmin.ac.krHosts: 121.254.96.92 forums.whatthetech.comHosts: 121.254.96.92 forum.hijackthis.deHosts: 121.254.96.92 avg.vo.llnwd.netHosts: 121.254.96.92 ftp.drweb.comHosts: 121.254.96.92 www.zonealarm.comHosts: 121.254.96.92 smadaver.comHosts: 121.254.96.92 support.emsisoft.comHosts: 121.254.96.92 psychoski.blogspot.comHosts: 121.254.96.92 www.huaifai.go.thHosts: 121.254.96.92 www.mostz.comHosts: 121.254.96.92 www.krupunmai.comHosts: 121.254.96.92 www.cddchiangmai.netHosts: 121.254.96.92 forum.malekal.comHosts: 121.254.96.92 tech.pantip.comHosts: 121.254.96.92 sapcupgrades.comHosts: 121.254.96.92 www.elguruinformatico.comHosts: 121.254.96.92 forums.avg.comHosts: 121.254.96.92 zastita.comHosts: 121.254.96.92 support.kaspersky.comHosts: 121.254.96.92 foro.msgpluslive.esHosts: 121.254.96.92 www.247fixes.comHosts: 121.254.96.92 forum.sysinternals.comHosts: 121.254.96.92 forum.telecharger.01net.comHosts: 121.254.96.92 sophos.comHosts: 121.254.96.92 foros.softonic.comHosts: 121.254.96.92 avast-home.uptodown.comHosts: 121.254.96.92 dr-web-cureit.softonic.comHosts: 121.254.96.92 heavenward.ruHosts: 121.254.96.92 forum.smadav.netHosts: 121.254.96.92 www.forum.kaspersky.comHosts: 121.254.96.92 www.dl4all.comHosts: 121.254.96.92 www.f-secure.comHosts: 121.254.96.92 www.chkrootkit.orgHosts: 121.254.96.92 diamondcs.com.auHosts: 121.254.96.92 www.rootkit.nlHosts: 121.254.96.92 www.sysinternals.comHosts: 121.254.96.92 z-oleg.comHosts: 121.254.96.92 espanol.dir.groups.yahoo.comHosts: 121.254.96.92 ftp01net.telechargement.frHosts: 121.254.96.92 modelayu.comHosts: 121.254.96.92 vaksin.comHosts: 121.254.96.92 bbs.kaspersky.com.cnHosts: 121.254.96.92 sf.tapuz.co.ilHosts: 121.254.96.92 www.castlecrops.comHosts: 121.254.96.92 www.misec.netHosts: 121.254.96.92 safecomputing.umn.eduHosts: 121.254.96.92 www.antirootkit.comHosts: 121.254.96.92 www.greatis.comHosts: 121.254.96.92 ar.answers.yahoo.comHosts: 121.254.96.92 www.elhacker.orgHosts: 121.254.96.92 research.pandasecurity.comHosts: 121.254.96.92 www.tpu.roHosts: 121.254.96.92 www.pinoyden.comHosts: 121.254.96.92 forum.avira.deHosts: 121.254.96.92 www.tanya-it.comHosts: 121.254.96.92 www.rootkit.comHosts: 121.254.96.92 www.pctools.comHosts: 121.254.96.92 www.pcsupportadvisor.comHosts: 121.254.96.92 www.resplendence.comHosts: 121.254.96.92 www.personal.psu.eduHosts: 121.254.96.92 foro.ethek.comHosts: 121.254.96.92 foro.elhacker.netHosts: 121.254.96.92 download.zonealarm.comHosts: 121.254.96.92 spywarehammer.comHosts: 121.254.96.92 www.codelain.comHosts: 121.254.96.92 www.thaicert.orgHosts: 121.254.96.92 vil.nail.comHosts: 121.254.96.92 search.mcafee.comHosts: 121.254.96.92 wwww.mcafee.comHosts: 121.254.96.92 download.nai.comHosts: 121.254.96.92 wwww.experts-exchange.comHosts: 121.254.96.92 www.bakunos.comHosts: 121.254.96.92 www.darkclockers.comHosts: 121.254.96.92 www2.gmer.netHosts: 121.254.96.92 ariefew.comHosts: 121.254.96.92 www.emsisoft.comHosts: 121.254.96.92 forum.romeonet.roHosts: 121.254.96.92 www.arenajunkies.comHosts: 121.254.96.92 www.Merijn.orgHosts: 121.254.96.92 www.spywareinfo.comHosts: 121.254.96.92 www.spybot.infoHosts: 121.254.96.92 www.viruslist.comHosts: 121.254.96.92 www.hijackthis.deHosts: 121.254.96.92 ftp.f-secure.comHosts: 121.254.96.92 forum.kaspersky.comHosts: 121.254.96.92 es.trendmicro-europe.comHosts: 121.254.96.92 www.hvaonline.netHosts: 121.254.96.92 forum.lowyat.netHosts: 121.254.96.92 kb.eset.comHosts: 121.254.96.92 www.pcwelt.deHosts: 121.254.96.92 majorgeeks.comHosts: 121.254.96.92 www.avp.comHosts: 121.254.96.92 www.virustotal.comHosts: 121.254.96.92 www.sophos.comHosts: 121.254.96.92 linhadefensiva.uol.com.brHosts: 121.254.96.92 cmmings.cnHosts: 121.254.96.92 www.sergiwa.comHosts: 121.254.96.92 www.el-hacker.comHosts: 121.254.96.92 dl2.agnitum.comHosts: 121.254.96.92 forum.smadav.netHosts: 121.254.96.92 images.malwareremoval.comHosts: 121.254.96.92 front.prevx.comHosts: 121.254.96.92 www.avg-antivirus.netHosts: 121.254.96.92 www.kaspersky-labs.comHosts: 121.254.96.92 www.kaspersky.comHosts: 121.254.96.92 www.bleepingcomputer.comHosts: 121.254.96.92 www.free.grisoft.comHosts: 121.254.96.92 alerta-antivirus.inteco.esHosts: 121.254.96.92 greatis.comHosts: 121.254.96.92 www.oprekpc.comHosts: 121.254.96.92 www.gmer.netHosts: 121.254.96.92 forum.kasperskyclub.comHosts: 121.254.96.92 computadoras.migold.comHosts: 121.254.96.92 securityresponse.symantec.comHosts: 121.254.96.92 www.analysis.seclab.tuwien.ac.atHosts: 121.254.96.92 www.symantec.comHosts: 121.254.96.92 www.kztechs.comHosts: 121.254.96.92 ad-aware-se.uptodown.comHosts: 121.254.96.92 stdio-labs.blogspot.comHosts: 121.254.96.92 forum.lrytas.ltHosts: 121.254.96.92 www.decido.deHosts: 121.254.96.92 wap.elakiri.comHosts: 121.254.96.92 ot-indo.blogspot.comHosts: 121.254.96.92 liveupdate.symantecliveupdate.comHosts: 121.254.96.92 liveupdate.symantec.comHosts: 121.254.96.92 customer.symantec.comHosts: 121.254.96.92 update.symantec.comHosts: 121.254.96.92 www.box.netHosts: 121.254.96.92 foro.el-hacker.comHosts: 121.254.96.92 acs.pandasoftware.comHosts: 121.254.96.92 egavisa.blogspot.comHosts: 121.254.96.92 angui123.cnHosts: 121.254.96.92 beta.eset.comHosts: 121.254.96.92 www.ixtorrent.comHosts: 121.254.96.92 www.mcafee.comHosts: 121.254.96.92 download.mcafee.comHosts: 121.254.96.92 mast.mcafee.comHosts: 121.254.96.92 www.tecno-soft.comHosts: 121.254.96.92 ladooscuro.esHosts: 121.254.96.92 ftp.drweb.comHosts: 121.254.96.92 download.microsoft.comHosts: 121.254.96.92 www.mypcsafe.comHosts: 121.254.96.92 www.blindedbytech.comHosts: 121.254.96.92 kaspersky.comHosts: 121.254.96.92 sis-admin.blogspot.comHosts: 121.254.96.92 www.protecus.deHosts: 121.254.96.92 guru0.grisoft.czHosts: 121.254.96.92 guru1.grisoft.czHosts: 121.254.96.92 guru2.grisoft.czHosts: 121.254.96.92 guru3.grisoft.czHosts: 121.254.96.92 download.bleepingcomputer.comHosts: 121.254.96.92 it.answers.yahoo.comHosts: 121.254.96.92 www.softonic.comHosts: 121.254.96.92 www.mycity.rsHosts: 121.254.96.92 cairopt.netHosts: 121.254.96.92 rootrepeal.googlepages.comHosts: 121.254.96.92 www.windowexe.comHosts: 121.254.96.92 guru4.grisoft.czHosts: 121.254.96.92 guru5.grisoft.czHosts: 121.254.96.92 www.virusspy.comHosts: 121.254.96.92 download.f-secure.comHosts: 121.254.96.92 www.malwareremoval.comHosts: 121.254.96.92 forums.cnet.comHosts: 121.254.96.92 foros.softonic.comHosts: 121.254.96.92 www.freedrweb.comHosts: 121.254.96.92 www.kaskus.usHosts: 121.254.96.92 rootrepeal.psikotick.comHosts: 121.254.96.92 thaicert.nectec.or.thHosts: 121.254.96.92 hjt-data.trend-braintree.comHosts: 121.254.96.92 www.pantip.comHosts: 121.254.96.92 secubox.aldria.comHosts: 121.254.96.92 www.forospyware.comHosts: 121.254.96.92 www.manuelruvalcaba.comHosts: 121.254.96.92 www.zonavirus.comHosts: 121.254.96.92 www.leforo.comHosts: 121.254.96.92 www.gsmph.comHosts: 121.254.96.92 blokvesti.netHosts: 121.254.96.92 www.viprasys.orgHosts: 121.254.96.92 forum.antivir-pe.deHosts: 121.254.96.92 www.siteadvisor.comHosts: 121.254.96.92 blog.threatfire.comHosts: 121.254.96.92 www.threatexpert.comHosts: 121.254.96.92 blog.hispasec.comHosts: 121.254.96.92 www.configurarequipos.comHosts: 121.254.96.92 sosvirus.changelog.frHosts: 121.254.96.92 www.psicofxp.comHosts: 121.254.96.92 www.gsmph.netHosts: 121.254.96.92 www.gyakorikerdesek.huHosts: 121.254.96.92 us.mcafee.comHosts: 121.254.96.92 www.malekal.comHosts: 121.254.96.92 mailcenter.rising.com.cnHosts: 121.254.96.92 mailcenter.rising.comHosts: 121.254.96.92 www.rising.com.cnHosts: 121.254.96.92 www.rising.comHosts: 121.254.96.92 www.babooforum.com.brHosts: 121.254.96.92 www.runscanner.netHosts: 121.254.96.92 www.blogschapines.comHosts: 121.254.96.92 www.zyzoom.orgHosts: 121.254.96.92 www.avsoft.ruHosts: 121.254.96.92 www.elakiri.comHosts: 121.254.96.92 forum.telecharger.01net.comHosts: 121.254.96.92 sosvirus.changelog.frHosts: 121.254.96.92 upload.changelog.frHosts: 121.254.96.92 www.raymond.ccHosts: 121.254.96.92 changelog.frHosts: 121.254.96.92 www.pcentraide.comHosts: 121.254.96.92 atazita.blogspot.comHosts: 121.254.96.92 www.thinkpad.cnHosts: 121.254.96.92 www.sunbeltsoftware.comHosts: 121.254.96.92 cert.inteco.esHosts: 121.254.96.92 www.gamexeon.comHosts: 121.254.96.92 nod32-antivirus.en.softonic.coHosts: 121.254.96.92 www.final4ever.comHosts: 121.254.96.92 files.filefont.comHosts: 121.254.96.92 www.infos-du-net.comHosts: 121.254.96.92 www.trendsecure.comHosts: 121.254.96.92 forum.hardware.frHosts: 121.254.96.92 www.utilidades-utiles.comHosts: 121.254.96.92 blogs.icerocket.comHosts: 121.254.96.92 www.spywarefri.dkHosts: 121.254.96.92 alfrasha.maktoob.comHosts: 121.254.96.92 www.eset.euHosts: 121.254.96.92 quickscan.bitdefender.comHosts: 121.254.96.92 www.spychecker.comHosts: 121.254.96.92 www.geekstogo.comHosts: 121.254.96.92 forums.maddoktor2.comHosts: 121.254.96.92 www.smokey-services.euHosts: 121.254.96.92 www.clubic.comHosts: 121.254.96.92 www.linhadefensiva.orgHosts: 121.254.96.92 www.rolandovera.comHosts: 121.254.96.92 forum.burek.comHosts: 121.254.96.92 secure.sophos.comHosts: 121.254.96.92 usa.kaspersky.comHosts: 121.254.96.92 board.softpedia.comHosts: 121.254.96.92 download.sysinternals.comHosts: 121.254.96.92 www.pcguide.comHosts: 121.254.96.92 www.thetechguide.comHosts: 121.254.96.92 www.ozzu.comHosts: 121.254.96.92 www.changedetection.comHosts: 121.254.96.92 espanol.groups.yahoo.comHosts: 121.254.96.92 www.sunbeltsecurity.comHosts: 121.254.96.92 www.quickheal.co.inHosts: 121.254.96.92 www.vivalared.comHosts: 121.254.96.92 thailand.itmylike.comHosts: 121.254.96.92 community.thaiware.comHosts: 121.254.96.92 www.avpclub.ddns.infoHosts: 121.254.96.92 www.offensivecomputing.netHosts: 121.254.96.92 www.grisoft.comHosts: 121.254.96.92 boardreader.comHosts: 121.254.96.92 www.guiadohardware.netHosts: 121.254.96.92 www.webroot.comHosts: 121.254.96.92 www.thehelper.netHosts: 121.254.96.92 www.kaldata.comHosts: 121.254.96.92 vil.nai.comHosts: 121.254.96.92 www.malwarecrypt.comHosts: 121.254.96.92 www.msnvirusremoval.comHosts: 121.254.96.92 www.cisrt.orgHosts: 121.254.96.92 fixmyim.comHosts: 121.254.96.92 samroeng.hi5.comHosts: 121.254.96.92 foro.elhacker.netHosts: 121.254.96.92 www.daboweb.comHosts: 121.254.96.92 service1.symantec.comHosts: 121.254.96.92 us3.download.comodo.comHosts: 121.254.96.92 forum.gsmhosting.comHosts: 121.254.96.92 www.computerforum.comHosts: 121.254.96.92 forum.avast.comHosts: 121.254.96.92 forums.techguy.orgHosts: 121.254.96.92 www.incodesolutions.comHosts: 121.254.96.92 hijackthis.download3000.comHosts: 121.254.96.92 www.cybertechhelp.comHosts: 121.254.96.92 www.superdicas.com.brHosts: 121.254.96.92 www.51nb.comHosts: 121.254.96.92 us4.download.comodo.comHosts: 121.254.96.92 www.jbtalks.ccHosts: 121.254.96.92 ad13.geekstogo.comHosts: 121.254.96.92 forums.eternion-wow.comHosts: 121.254.96.92 downloads.andymanchesta.comHosts: 121.254.96.92 andymanchesta.comHosts: 121.254.96.92 info.prevx.comHosts: 121.254.96.92 aknow.prevx.comHosts: 121.254.96.92 www.zonavirus.comHosts: 121.254.96.92 securitywonks.netHosts: 121.254.96.92 www.yoreparo.comHosts: 121.254.96.92 www.spywarecease.com Hosts: 121.254.96.92 forum.dobreprogramy.plHosts: 121.254.96.92 community.mcafee.comHosts: 121.254.96.92 board.protecus.deHosts: 121.254.96.92 www.lavasoft.comHosts: 121.254.96.92 www.virscan.orgHosts: 121.254.96.92 www.eeload.comHosts: 121.254.96.92 down.www.kingsoft.comHosts: 121.254.96.92 www.file.netHosts: 121.254.96.92 onecare.live.comHosts: 121.254.96.92 mvps.orgHosts: 121.254.96.92 www.laneros.comHosts: 121.254.96.92 www.pc1news.comHosts: 121.254.96.92 forum.avira.comHosts: 121.254.96.92 downloads.novirusthanks.orgHosts: 121.254.96.92 www.pinoyhackers.comHosts: 121.254.96.92 www.housecall.trendmicro.comHosts: 121.254.96.92 www.avast.comHosts: 121.254.96.92 www.free.avg.comHosts: 121.254.96.92 www.onlinescan.avast.comHosts: 121.254.96.92 www.ewido.netHosts: 121.254.96.92 www.trucoswindows.netHosts: 121.254.96.92 www.mozilla-hispano.orgHosts: 121.254.96.92 www.jackbloodforum.comHosts: 121.254.96.92 www.kosandpol.elakiri.comHosts: 121.254.96.92 www.thaivisa.comHosts: 121.254.96.92 www.futurenow.bitdefender.comHosts: 121.254.96.92 www.bitdefender.comHosts: 121.254.96.92 www.f-prot.comHosts: 121.254.96.92 www.trendsecure.comHosts: 121.254.96.92 security.symantec.comHosts: 121.254.96.92 oldtimer.geekstogo.comHosts: 121.254.96.92 sopiansantosa.blogspot.comHosts: 121.254.96.92 www.fileresearchcenter.comHosts: 121.254.96.92 www.looktr.comHosts: 121.254.96.92 www.zone-it.comHosts: 121.254.96.92 www.avira.comHosts: 121.254.96.92 www.eset.comHosts: 121.254.96.92 free.avg.comHosts: 121.254.96.92 www.free-av.comHosts: 121.254.96.92 kr.ahnlab.comHosts: 121.254.96.92 www.eset.comHosts: 121.254.96.92 forospyware.comHosts: 121.254.96.92 thejokerx.blogspot.comHosts: 121.254.96.92 cairopt.netHosts: 121.254.96.92 oolbar.cyberdefender.comHosts: 121.254.96.92 golpe.dyndns.orgHosts: 121.254.96.92 forum.aiutamici.comHosts: 121.254.96.92 solit.usHosts: 121.254.96.92 www.2-spyware.comHosts: 121.254.96.92 www.antivir.esHosts: 121.254.96.92 www.prevx.comHosts: 121.254.96.92 www.ikarus.netHosts: 121.254.96.92 bbs.s-sos.netHosts: 121.254.96.92 www.housecall.trendmicro.comHosts: 121.254.96.92 www.superdicas.com.brHosts: 121.254.96.92 www.superantispyware.comHosts: 121.254.96.92 www.unhackme.comHosts: 121.254.96.92 www.askmehelpdesk.comHosts: 121.254.96.92 forum.zebulon.frHosts: 121.254.96.92 www.forums.majorgeeks.comHosts: 121.254.96.92 www.castlecops.comHosts: 121.254.96.92 www.virusspy.comHosts: 121.254.96.92 andymanchesta.comHosts: 121.254.96.92 www.kaspersky.esHosts: 121.254.96.92 subs.geekstogo.comHosts: 121.254.96.92 www.forospanish.comHosts: 121.254.96.92 blog.rnsafe.comHosts: 121.254.96.92 www.regrun.comHosts: 121.254.96.92 irc.snahosting.netHosts: 121.254.96.92 danielorza.netHosts: 121.254.96.92 www.pchelpforum.comHosts: 121.254.96.92 www.trendmicro.comHosts: 121.254.96.92 www.fortinet.comHosts: 121.254.96.92 www.safer-networking.orgHosts: 121.254.96.92 www.fortiguardcenter.comHosts: 121.254.96.92 www.dougknox.comHosts: 121.254.96.92 www.vsantivirus.comHosts: 121.254.96.92 static.commentcamarche.netHosts: 121.254.96.92 www.gyakorikerdesek.huHosts: 121.254.96.92 www.fixya.comHosts: 121.254.96.92 www.alabamawomen.orgHosts: 121.254.96.92 www.firewallguide.comHosts: 121.254.96.92 www.auditmypc.comHosts: 121.254.96.92 www.spywaredb.comHosts: 121.254.96.92 www.mxttchina.comHosts: 121.254.96.92 www.ziggamza.netHosts: 121.254.96.92 www.forospyware.esHosts: 121.254.96.92 pogonyuto.forospanish.comHosts: 121.254.96.92 spywarefiles.prevx.comHosts: 121.254.96.92 k2r.th3kings.netHosts: 121.254.96.92 www.betterantivirus.comHosts: 121.254.96.92 www.365groups.comHosts: 121.254.96.92 www.antivirus.comodo.comHosts: 121.254.96.92 www.spywareterminator.comHosts: 121.254.96.92 www.eradicatespyware.netHosts: 121.254.96.92 www.freespywareremoval.infoHosts: 121.254.96.92 www.personalfirewall.comodo.comHosts: 121.254.96.92 wakoopa.comHosts: 121.254.96.92 forum.drweb.comHosts: 121.254.96.92 bb1.th3kings.netHosts: 121.254.96.92 www.commentcamarche.netHosts: 121.254.96.92 www.clamav.netHosts: 121.254.96.92 www.antivirus.about.comHosts: 121.254.96.92 www.pandasecurity.comHosts: 121.254.96.92 www.webphand.comHosts: 121.254.96.92 mx.answers.yahoo.comHosts: 121.254.96.92 www.securitywonks.netHosts: 121.254.96.92 www.messengeradictos.comHosts: 121.254.96.92 www.geekpolice.netHosts: 121.254.96.92 bub.th3kings.netHosts: 121.254.96.92 shield.prevx.comHosts: 121.254.96.92 www.eudict.comHosts: 121.254.96.92 www.sandboxie.comHosts: 121.254.96.92 www.clamwin.comHosts: 121.254.96.92 www.cwsandbox.orgHosts: 121.254.96.92 www.ca.comHosts: 121.254.96.92 www.arswp.comHosts: 121.254.96.92 es.answers.yahoo.comHosts: 121.254.96.92 www.trucoswindows.esHosts: 121.254.96.92 www.ipaddresser.comHosts: 121.254.96.92 www.abgenis.netHosts: 121.254.96.92 www.freefixer.comHosts: 121.254.96.92 forums.afterdawn.comHosts: 121.254.96.92 forum.torrents.roHosts: 121.254.96.92 www.networkworld.comHosts: 121.254.96.92 www.cddchiangmai.netHosts: 121.254.96.92 www.threatexpert.comHosts: 121.254.96.92 www.norman.comHosts: 121.254.96.92 espanol.answers.yahoo.comHosts: 121.254.96.92 www.tallemu.comHosts: 121.254.96.92 foro.portalhacker.netHosts: 121.254.96.92 www.groupwhere.orgHosts: 121.254.96.92 sniff.runescapetube.comHosts: 121.254.96.92 forum.p30world.comHosts: 121.254.96.92 virscan.orgHosts: 121.254.96.92 www.viruschief.comHosts: 121.254.96.92 scanner.virus.orgHosts: 121.254.96.92 www.hijackthis.deHosts: 121.254.96.92 housecall65.trendmicro.comHosts: 121.254.96.92 www.guiadohardware.netHosts: 121.254.96.92 forums.whatthetech.comHosts: 121.254.96.92 mustlovewine.comHosts: 121.254.96.92 www3.malekal.comHosts: 121.254.96.92 esetnod32antivirus.blogspot.comHosts: 121.254.96.92 hjt.networktechs.comHosts: 121.254.96.92 www.techsupportforum.comHosts: 121.254.96.92 www.whatthetech.comHosts: 121.254.96.92 www.soccersuck.comHosts: 121.254.96.92 www.pcentraide.comHosts: 121.254.96.92 comunidad.wilkinsonpc.com.coHosts: 121.254.96.92 forum.hocit.comHosts: 121.254.96.92 forum.smadav.netHosts: 121.254.96.92 fgp.e2doo.comHosts: 121.254.96.92 community.thaiware.comHosts: 121.254.96.92 irc.evoporn.comHosts: 121.254.96.92 forum.piriform.comHosts: 121.254.96.92 www.tweaksforgeeks.comHosts: 121.254.96.92 www.daniweb.comHosts: 121.254.96.92 www.geekstogo.comHosts: 121.254.96.92 es.answers.yahoo.comHosts: 121.254.96.92 www.techsupportforum.comHosts: 121.254.96.92 dnl-eu8.kaspersky-labs.comHosts: 121.254.96.92 www.oprekpc.comHosts: 121.254.96.92 shv4.ath.cxHosts: 121.254.96.92 www.pcworld.comHosts: 121.254.96.92 in.answers.yahoo.comHosts: 121.254.96.92 www.pchell.comHosts: 121.254.96.92 www.spyany.comHosts: 121.254.96.92 forums.techguy.orgHosts: 121.254.96.92 www.experts-exchange.comHosts: 121.254.96.92 www.wikio.esHosts: 121.254.96.92 www.pandasecurity.comHosts: 121.254.96.92 forums.devshed.comHosts: 121.254.96.92 devbuilds.kaspersky-labs.comHosts: 121.254.96.92 hana-ahmad.blogspot.comHosts: 121.254.96.92 www.linkmania.roHosts: 121.254.96.92 www.trojaner-board.deHosts: 121.254.96.92 forum.tweaks.comHosts: 121.254.96.92 www.wilderssecurity.comHosts: 121.254.96.92 www.techspot.comHosts: 121.254.96.92 www.thecomputerpitstop.comHosts: 121.254.96.92 es.wasalive.comHosts: 121.254.96.92 secunia.comHosts: 121.254.96.92 www.killtrojan.netHosts: 121.254.96.92 www.ulop.netHosts: 121.254.96.92 www.eliters.comHosts: 121.254.96.92 sip4.voipkosovasite.comHosts: 121.254.96.92 www.ftw.roHosts: 121.254.96.92 anggiawan.web.idHosts: 121.254.96.92 es.kioskea.netHosts: 121.254.96.92 www.taringa.netHosts: 121.254.96.92 www.cyberdefender.comHosts: 121.254.96.92 www.feedage.comHosts: 121.254.96.92 new.taringa.netHosts: 121.254.96.92 forum.zazana.comHosts: 121.254.96.92 forum.clubedohardware.com.brHosts: 121.254.96.92 mks.com.plHosts: 121.254.96.92 www.vietcaravan.usHosts: 121.254.96.92 trbotnet.sytes.netHosts: 121.254.96.92 community.norton.comHosts: 121.254.96.92 www.computing.netHosts: 121.254.96.92 discussions.virtualdr.comHosts: 121.254.96.92 forum.securitycadets.comHosts: 121.254.96.92 www.techimo.comHosts: 121.254.96.92 13iii.comHosts: 121.254.96.92 www.dicasweb.com.brHosts: 121.254.96.92 www.javacoolsoftware.netHosts: 121.254.96.92 cofradia.orgHosts: 121.254.96.92 wasteland-bg.comHosts: 121.254.96.92 www.windowexe.comHosts: 121.254.96.92 malekal.comHosts: 121.254.96.92 www.carigold.comHosts: 121.254.96.92 www.infosecpodcast.comHosts: 121.254.96.92 www.usbcleaner.cnHosts: 121.254.96.92 www.net-security.orgHosts: 121.254.96.92 www.bleedingthreats.netHosts: 121.254.96.92 acs.pandasoftware.comHosts: 121.254.96.92 www.funkytoad.comHosts: 121.254.96.92 malwarebytes.orgHosts: 121.254.96.92 sabithpocker.blogspot.comHosts: 121.254.96.92 comprolive.vox.comHosts: 121.254.96.92 www.worton.comHosts: 121.254.96.92 www.360safe.cnHosts: 121.254.96.92 www.360safe.comHosts: 121.254.96.92 bbs.360safe.cnHosts: 121.254.96.92 bbs.360safe.comHosts: 121.254.96.92 codehard.wordpress.comHosts: 121.254.96.92 forum.clubedohardware.com.brHosts: 121.254.96.92 antitrick.comHosts: 121.254.96.92 www.configurarequipos.comHosts: 121.254.96.92 www.jiwang.orgHosts: 121.254.96.92 anti-virus-software-review.toptenreviews.comHosts: 121.254.96.92 www.360.cnHosts: 121.254.96.92 www.360.comHosts: 121.254.96.92 bbs.360safe.cnHosts: 121.254.96.92 bbs.360safe.comHosts: 121.254.96.92 www.forospyware.esHosts: 121.254.96.92 p3dev.taringa.netHosts: 121.254.96.92 www.precisesecurity.comHosts: 121.254.96.92 dlpe.antivir.comHosts: 121.254.96.92 www.jvme.comHosts: 121.254.96.92 share.skype.comHosts: 121.254.96.92 comprolive.comHosts: 121.254.96.92 gotoknow.orgHosts: 121.254.96.92 www.forofantasiasmiguel.comHosts: 121.254.96.92 baike.360.cnHosts: 121.254.96.92 baike.360.comHosts: 121.254.96.92 kaba.360.cnHosts: 121.254.96.92 kaba.360.comHosts: 121.254.96.92 deckard.geekstogo.comHosts: 121.254.96.92 www.taringa.netHosts: 121.254.96.92 forums.comodo.comHosts: 121.254.96.92 www.mvps.orgHosts: 121.254.96.92 melcy.wordpress.comHosts: 121.254.96.92 forum.softpedia.comHosts: 121.254.96.92 pcvids.wordpress.comHosts: 121.254.96.92 shop.symantecstore.comHosts: 121.254.96.92 down.360safe.cnHosts: 121.254.96.92 down.360safe.comHosts: 121.254.96.92 x.360safe.comHosts: 121.254.96.92 dl.360safe.comHosts: 121.254.96.92 ftp.drweb.comHosts: 121.254.96.92 www.hotshare.netHosts: 121.254.96.92 es.wasalive.comHosts: 121.254.96.92 free.antivirus.comHosts: 121.254.96.92 forum.hocit.comHosts: 121.254.96.92 destavision-forum.comHosts: 121.254.96.92 inspiresoft.blogspot.comHosts: 121.254.96.92 universomanualidades.foroactivo.comHosts: 121.254.96.92 updatem.360safe.comHosts: 121.254.96.92 updatem.360safe.cnHosts: 121.254.96.92 update.360safe.cnHosts: 121.254.96.92 update.360safe.comHosts: 121.254.96.92 www.utilidades-utiles.comHosts: 121.254.96.92 forum.kaspersky.comHosts: 121.254.96.92 www.indowebster.web.idHosts: 121.254.96.92 zastita.comHosts: 121.254.96.92 www.sz-pet.comHosts: 121.254.96.92 foros.abcdatos.comHosts: 121.254.96.92 www.elektroda.plHosts: 121.254.96.92 bbs.duba.netHosts: 121.254.96.92 www.duba.netHosts: 121.254.96.92 zhidao.baidu.comHosts: 121.254.96.92 hi.baidu.comHosts: 121.254.96.92 www.drweb.com.esHosts: 121.254.96.92 msncleaner.softonic.comHosts: 121.254.96.92 www.javacoolsoftware.comHosts: 121.254.96.92 beniono.wordpress.comHosts: 121.254.96.92 www.4-gsmteam.comHosts: 121.254.96.92 msntubers.freehostia.comHosts: 121.254.96.92 store.norton.comHosts: 121.254.96.92 file.ikaka.comHosts: 121.254.96.92 file.ikaka.cnHosts: 121.254.96.92 bbs.ikaka.comHosts: 121.254.96.92 zhidao.ikaka.comHosts: 121.254.96.92 www.eset-la.comHosts: 121.254.96.92 download.eset.comHosts: 121.254.96.92 software-files.download.comHosts: 121.254.96.92 www.faravirusi.comHosts: 121.254.96.92 www.winbots.esHosts: 121.254.96.92 forum.chip.deHosts: 121.254.96.92 www.thailandsusu.comHosts: 121.254.96.92 debates.motos.netHosts: 121.254.96.92 www.ikaka.comHosts: 121.254.96.92 www.ikaka.cnHosts: 121.254.96.92 bbs.cfan.com.cnHosts: 121.254.96.92 www.cfan.com.cnHosts: 121.254.96.92 www.pandasecurity.comHosts: 121.254.96.92 es.mcafee.comHosts: 121.254.96.92 downloads.malwarebytes.orgHosts: 121.254.96.92 www.devirusare.comHosts: 121.254.96.92 forum.skype.comHosts: 121.254.96.92 shitit.netHosts: 121.254.96.92 www.webimmune.netHosts: 121.254.96.92 forum.swzone.itHosts: 121.254.96.92 bbs.kafan.cnHosts: 121.254.96.92 bbs.kafan.comHosts: 121.254.96.92 bbs.kpfans.comHosts: 121.254.96.92 bbs.taisha.orgHosts: 121.254.96.92 www.manuelruvalcaba.comHosts: 121.254.96.92 support.f-secure.comHosts: 121.254.96.92 bbs.winzheng.comHosts: 121.254.96.92 devirusare.comHosts: 121.254.96.92 social.microsoft.comHosts: 121.254.96.92 www.shitit.netHosts: 121.254.96.92 mx.answers.yahoo.comHosts: 121.254.96.92 darkzone.in.thHosts: 121.254.96.92 alerta-antivirus.inteco.esHosts: 121.254.96.92 foros.zonavirus.comHosts: 121.254.96.92 alerta-antivirus.red.esHosts: 121.254.96.92 www.zonavirus.comHosts: 121.254.96.92 www.malwarebytes.orgHosts: 121.254.96.92 www.commentcamarche.netHosts: 121.254.96.92 news.support.veritas.comHosts: 121.254.96.92 www.zonealarm.comHosts: 121.254.96.92 malwarebytes-anti-malware.softonic.comHosts: 121.254.96.92 www.ewido.netHosts: 121.254.96.92 www.infospyware.comHosts: 121.254.96.92 www.bitdefender.esHosts: 121.254.96.92 housecall.trendmicro.comHosts: 121.254.96.92 foros.toxico-pc.comHosts: 121.254.96.92 www.identi.esHosts: 121.254.96.92 es.kioskea.netHosts: 121.254.96.92 virusinfo.infoHosts: 121.254.96.92 forums.zonealarm.comHosts: 121.254.96.92 foro.infiernohacker.comHosts: 121.254.96.92 nitroamd.spaces.live.comHosts: 121.254.96.92 www.emsisoft.deHosts: 121.254.96.92 www.securitynewsportal.comHosts: 121.254.96.92 irc.ekizmedia.comHosts: 121.254.96.92 zone.arminboutique.comHosts: 121.254.96.92 story.dnsentrymx.com==== Installed Programs ======================AC3Filter (remove only)Acoustica CD/DVD Label MakerAdobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe Camera Raw 4.0Adobe CMapsAdobe Default Language CS3Adobe Device Central CS3Adobe Dreamweaver CS3Adobe ExtendScript Toolkit 2Adobe Extension Manager CS3Adobe Flash Player 10 ActiveXAdobe Flash Player 10 PluginAdobe Help Viewer CS3Adobe PDF Library FilesAdobe Photoshop 7.0Adobe Reader 7.0.5Adobe SetupAdobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAOL Coach Version 1.0(Build:20040229.1 uk)AOL Connectivity ServicesAOL Spyware ProtectionAOL Toolbar 5.0AOL Uninstaller (Choose which Products to Remove)AOL You've Got Pictures ScreensaverApple Mobile Device SupportApple Software UpdateArturia CS-80V v1.1Arturia Moog Modular V v1.1ASIO4ALLBackburnerBlueSenderBonjourBroadJump Client FoundationBroomstick Bass 1.0.0BufferChmCeltx (2.7)CollabCompatibility Pack for the 2007 Office systemConexant HD AudioCoreFLAC Audio Decoder+Source Filter (remove only)Coupon PrinterCP_AtenaShokunin1ConfigCP_CalendarTemplates1cp_LightScribeConfigcp_OnlineProjectsConfigCP_Package_Basic1CP_Package_Variety1CP_Package_Variety2CP_Package_Variety3CP_Panorama1Configcp_PosterPrintConfigcp_UpdateProjectsConfigCraft ROBO ControllerCritical Update for Windows Media Player 11 (KB959772)CueTourCustomer Experience EnhancementDestinationsDeviceManagementQFolderDG_screensaverDivX Content UploaderDivX Web PlayerEasy Internet Sign-upEdirol HQ Orchestral v1.01Edirol SuperQuartet v1.5EPSON Printer SoftwareEPSON ScanESPNMotionFBP - Facebook Blaster ProFileZilla Client 3.1.5.1FL Studio 8Football Manager 2010 DemoFriendBlasterProFullDPAppQFolderGemMaster MysticGoogle ChromeGoogle Toolbar for Internet ExplorerGraphtec DesignMaster Web (C:\Graphtec DesignMaster Web)HDAUDIO Soft Data Fax Modem with SmartCPHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Internet Explorer 7 (KB947864)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 10 (KB903157)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB888795)Hotfix for Windows XP (KB891593)Hotfix for Windows XP (KB895961)Hotfix for Windows XP (KB896256)Hotfix for Windows XP (KB899337)Hotfix for Windows XP (KB899510)Hotfix for Windows XP (KB902841)Hotfix for Windows XP (KB909095)Hotfix for Windows XP (KB910728)Hotfix for Windows XP (KB912436)Hotfix for Windows XP (KB914440)Hotfix for Windows XP (KB915865)Hotfix for Windows XP (KB926239)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB954708)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976002-v5)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)HouseCall 6.6HP DVD Play 2.3HP Help and SupportHP Imaging Device Functions 6.0HP Photosmart Premier Software 6.0HP Quick Launch Buttons 6.10 A1HP Software UpdateHP User Guides--System RecoveryHP User Guides 0037HP Wireless Assistant 2.00 G2HpSdpAppCoreAppHyperPrism v1.52IL Download ManagerInFlac 1.1.1InstantShareDevicesIntel® Graphics Media Accelerator DriveriTunesJ2SE Runtime Environment 5.0 Update 6Java 6 Update 17Java 6 Update 3Java 6 Update 5Java 6 Update 7Junk Mail filter updateKorg Legacy Collection VSTi v1.0.02Learn2 Player (Uninstall Only)LiveUpdate 3.0 (Symantec Corporation)LUXONIX ravity®LUXONIX ravity(S)Macromedia Dreamweaver 8Macromedia Extension ManagerMacromedia Fireworks 8Macromedia Flash 8Macromedia Flash 8 Video EncoderMacromedia Flash Player 8Macromedia Shockwave PlayerMalwarebytes' Anti-MalwareMicrosoft .NET Framework 1.0 Hotfix (KB887998)Microsoft .NET Framework 1.0 Hotfix (KB930494)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB953297)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Choice GuardMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office 2003 Web ComponentsMicrosoft Office 2007 Service Pack 2 (SP2)Microsoft Office Live Add-in 1.3Microsoft Office Project 2007 Service Pack 2 (SP2)Microsoft Office Project MUI (English) 2007Microsoft Office Project Standard 2007Microsoft Office Project Standard 2007 TrialMicrosoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office XP Professional with FrontPageMicrosoft Search Enhancement PackMicrosoft SilverlightMicrosoft Software Update for Web Folders (English) 12Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)Microsoft Sync Framework Runtime Native v1.0 (x86)Microsoft Sync Framework Services Native v1.0 (x86)Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft WorksMove Networks Player for Internet ExplorerMozilla Firefox (3.6.3)MSNMSVCRTMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 6 Service Pack 2 (KB973686)Nero 7 Ultra EditionNetWaitingNewsLeecherNovation Bass-Station VSTi v1.10Novation V-Station v1.20-H2ONuclear Coffee - VideoGetOptionalContentQFolderOttoPhotoGalleryPoiZoneQuickTimeRandMapRealPlayerRob Papen Albino 2ROBO MasterSAMSUNG Mobile Modem Driver SetSamsung Mobile phone USB driver SoftwareSAMSUNG Mobile USB Modem 1.0 SoftwareSAMSUNG Mobile USB Modem SoftwareSamsung PC Studio 3 USB Driver InstallerSecurity Update for 2007 Microsoft Office System (KB969559)Security Update for CAPICOM (KB931906)Security Update for Microsoft Office system 2007 (972581)Security Update for Microsoft Office system 2007 (KB974234)Security Update for Step By Step Interactive Training (KB898458)Security Update for Step By Step Interactive Training (KB923723)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security Update for Windows Internet Explorer 7 (KB942615)Security Update for Windows Internet Explorer 7 (KB944533)Security Update for Windows Internet Explorer 7 (KB950759)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 7 (KB972260)Security Update for Windows Internet Explorer 7 (KB974455)Security Update for Windows Internet Explorer 7 (KB976325)Security Update for Windows Internet Explorer 7 (KB978207)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Media Player (KB911564)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player 10 (KB911565)Security Update for Windows Media Player 10 (KB917734)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows Media Player 11 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows XP (KB893066)Security Update for Windows XP (KB893756)Security Update for Windows XP (KB896358)Security Update for Windows XP (KB896422)Security Update for Windows XP (KB896423)Security Update for Windows XP (KB896424)Security Update for Windows XP (KB896428)Security Update for Windows XP (KB899587)Security Update for Windows XP (KB899591)Security Update for Windows XP (KB900725)Security Update for Windows XP (KB901017)Security Update for Windows XP (KB901190)Security Update for Windows XP (KB901214)Security Update for Windows XP (KB902400)Security Update for Windows XP (KB903235)Security Update for Windows XP (KB904706)Security Update for Windows XP (KB905414)Security Update for Windows XP (KB905749)Security Update for Windows XP (KB908519)Security Update for Windows XP (KB911562)Security Update for Windows XP (KB911567)Security Update for Windows XP (KB911927)Security Update for Windows XP (KB912919)Security Update for Windows XP (KB913446)Security Update for Windows XP (KB913580)Security Update for Windows XP (KB914388)Security Update for Windows XP (KB914389)Security Update for Windows XP (KB917344)Security Update for Windows XP (KB917422)Security Update for Windows XP (KB917953)Security Update for Windows XP (KB918118)Security Update for Windows XP (KB918439)Security Update for Windows XP (KB919007)Security Update for Windows XP (KB920213)Security Update for Windows XP (KB920214)Security Update for Windows XP (KB920670)Security Update for Windows XP (KB920683)Security Update for Windows XP (KB920685)Security Update for Windows XP (KB921398)Security Update for Windows XP (KB921503)Security Update for Windows XP (KB922616)Security Update for Windows XP (KB922760)Security Update for Windows XP (KB922819)Security Update for Windows XP (KB923191)Security Update for Windows XP (KB923414)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB923694)Security Update for Windows XP (KB923980)Security Update for Windows XP (KB924191)Security Update for Windows XP (KB924270)Security Update for Windows XP (KB924496)Security Update for Windows XP (KB924667)Security Update for Windows XP (KB925454)Security Update for Windows XP (KB925486)Security Update for Windows XP (KB925902)Security Update for Windows XP (KB926255)Security Update for Windows XP (KB926436)Security Update for Windows XP (KB927779)Security Update for Windows XP (KB927802)Security Update for Windows XP (KB928090)Security Update for Windows XP (KB928255)Security Update for Windows XP (KB928843)Security Update for Windows XP (KB929123)Security Update for Windows XP (KB929969)Security Update for Windows XP (KB930178)Security Update for Windows XP (KB931261)Security Update for Windows XP (KB931768)Security Update for Windows XP (KB931784)Security Update for Windows XP (KB932168)Security Update for Windows XP (KB933566)Security Update for Windows XP (KB933729)Security Update for Windows XP (KB935839)Security Update for Windows XP (KB935840)Security Update for Windows XP (KB936021)Security Update for Windows XP (KB937143)Security Update for Windows XP (KB937894)Security Update for Windows XP (KB938127)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB938829)Security Update for Windows XP (KB939653)Security Update for Windows XP (KB941202)Security Update for Windows XP (KB941568)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB941644)Security Update for Windows XP (KB941693)Security Update for Windows XP (KB943055)Security Update for Windows XP (KB943460)Security Update for Windows XP (KB943485)Security Update for Windows XP (KB944653)Security Update for Windows XP (KB945553)Security Update for Windows XP (KB946026)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB948590)Security Update for Windows XP (KB948881)Security Update for Windows XP (KB950749)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951376)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958470)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971032)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB980232)Segoe UISkinsHP1SmartAudioSolveigMM AVI TrimmerSonic Audio ModuleSonic Copy ModuleSonic Data ModuleSonic Express LabelerSonic Foundry ACID 4.0eSonic Foundry Sound Forge 6.0eSonic MyDVD PlusSonic Update ManagerSonic_PrimoSDKSonicAC3EncoderSonicMPEGEncoderSony Media Manager 2.2Sony Vegas 7.0aSopCore 1.1.1SopFilter 3.0.5SpeedTouch USB SoftwareSSC Service Utility v4.30Steinberg Virtual Bassist v1.0.0.504Symantec KB-DocID:2003093015493306Synaptics Pointing Device DriverSyncrosoft's License ControlSyncroSoft Emu (Remove only)TellyAdderToxic BiohazardTrend Micro Internet Security ProTweet AdderUlead GIF Animator 5UnloadUpdate for 2007 Microsoft Office System (KB967642)Update for 2007 Microsoft Office System (KB981715)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 7 (KB976749)Update for Windows Internet Explorer 7 (KB980182)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Internet Explorer 8 (KB980182)Update for Windows Internet Explorer 8 (KB980302)Update for Windows Media Player 10 (KB910393)Update for Windows Media Player 10 (KB913800)Update for Windows Media Player 10 (KB926251)Update for Windows XP (KB894391)Update for Windows XP (KB896727)Update for Windows XP (KB898461)Update for Windows XP (KB900485)Update for Windows XP (KB904942)Update for Windows XP (KB908531)Update for Windows XP (KB910437)Update for Windows XP (KB911164)Update for Windows XP (KB911280)Update for Windows XP (KB912945)Update for Windows XP (KB916595)Update for Windows XP (KB920872)Update for Windows XP (KB922582)Update for Windows XP (KB925720)Update for Windows XP (KB927891)Update for Windows XP (KB929338)Update for Windows XP (KB930916)Update for Windows XP (KB931836)Update for Windows XP (KB932823-v3)Update for Windows XP (KB933360)Update for Windows XP (KB936357)Update for Windows XP (KB938828)Update for Windows XP (KB942763)Update for Windows XP (KB951072-v2)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB961503)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Update Rollup 2 for Windows XP Media Center Edition 2005VideoLAN VLC media player 0.8.6dViewpoint Media PlayerVobSub v2.23 (Remove Only)Vodei Multimedia Processor 2.10WebFldrs XPWindows Genuine Advantage Validation Tool (KB892130)Windows Imaging ComponentWindows Installer 3.1 (KB893803)Windows Internet Explorer 7Windows Internet Explorer 8Windows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live MailWindows Live MessengerWindows Live Photo GalleryWindows Live Sign-in AssistantWindows Live SyncWindows Live ToolbarWindows Live Upload ToolWindows Live WriterWindows Media Format 11 runtimeWindows Media Player 11Windows Media Player Firefox PluginWindows XP Hotfix - KB873333Windows XP Hotfix - KB873339Windows XP Hotfix - KB883667Windows XP Hotfix - KB885250Windows XP Hotfix - KB885295Windows XP Hotfix - KB885835Windows XP Hotfix - KB885836Windows XP Hotfix - KB885855Windows XP Hotfix - KB885884Windows XP Hotfix - KB886185Windows XP Hotfix - KB887472Windows XP Hotfix - KB888113Windows XP Hotfix - KB888239Windows XP Hotfix - KB888302Windows XP Hotfix - KB890546Windows XP Hotfix - KB890859Windows XP Hotfix - KB891220Windows XP Hotfix - KB891781Windows XP Hotfix - KB892559Windows XP Media Center Edition 2005 KB925766Windows XP Media Center Edition 2005 KB973768WinRAR archiverWinTopo Raster to VectorWisdom-soft AutoScreenRecorder 3.0 FreeWisdom-soft ScreenHunter 5.0 FreeXvid 1.1.2 final uninstall==== Event Viewer Messages From Past Week ========20/04/2010 20:19:35, error: Dhcp [1002] - The IP address lease 82.28.81.254 for the Network Card with network address 0016D44B22B1 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).17/04/2010 00:04:42, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AliIde PCIIde Pcmcia sptd ViaIde16/04/2010 09:26:11, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd16/04/2010 09:26:11, error: Service Control Manager [7000] - The Nsynas32 service failed to start due to the following error: The system cannot find the device specified.==== End Of File =========================== Link to post Share on other sites More sharing options...
Maniac Posted April 23, 2010 ID:237851 Share Posted April 23, 2010 Step 1:Please uninstall the following applications:Adobe Reader 7.0.5Symantec KB-DocID:2003093015493306After finish our work, please download and install the latest version of Adobe Reader from:http://www.adobe.comStep 2:Please go into the Control Panel, Add/Remove and for now remove ALL versions of JAVAThen run this tool to help cleanup any left over JavaYour Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.Please download JavaRa and unzip it to your desktop.***Please close any instances of Internet Explorer (or other web browser) before continuing!***Double-click on JavaRa.exe to start the program.From the drop-down menu, choose English and click on Select.JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.A logfile will pop up. Please save it to a convenient location and post it back when you replyThen look for the following Java folders and if found delete them.C:\Program Files\JavaC:\Program Files\Common Files\JavaC:\Windows\SunC:\Documents and Settings\All Users\Application Data\JavaC:\Documents and Settings\All Users\Application Data\Sun\JavaC:\Documents and Settings\username\Application Data\JavaC:\Documents and Settings\username\Application Data\Sun\JavaStep 3:I also see you have Viewpoint installed...Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This will change from what we know in 2006 read this article: http://www.clickz.com/news/article.php/3561546I suggest you remove the program now. Go to Start > Settings > Control Panel > Add/Remove Programs and remove the following programs if present.ViewpointViewpoint ManagerViewpoint Media PlayerStep 4:Launch Malwarebytes' Anti-MalwareGo to "Update" tab and select "Check for Updates". If an update is found, it will download and install the latest version.Go to "Scanner" tab and select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note:If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.In your next reply, please include these log(s):* JavaRa log* MalwareBytes' Anti-Malware log* a new fresh DDS log only Link to post Share on other sites More sharing options...
coled Posted April 24, 2010 Author ID:238764 Share Posted April 24, 2010 Couldn't find Symantec KB-DocID:2003093015493306JavaRa 1.15 Removal Log.Report follows after line.------------------------------------The JavaRa removal process was started on Sat Apr 24 23:19:24 2010Found and removed: C:\Documents and Settings\Rimac Anthonye\Application Data\Sun\Java\jre1.6.0_12Found and removed: C:\Documents and Settings\Rimac Anthonye\Application Data\Sun\Java\jre1.6.0_13Found and removed: C:\Documents and Settings\Rimac Anthonye\Application Data\Sun\Java\jre1.6.0_14Found and removed: C:\Documents and Settings\Rimac Anthonye\Application Data\Sun\Java\jre1.6.0_15Found and removed: Software\JavaSoft\Java2D\1.5.0_03Found and removed: Software\JavaSoft\Java2D\1.5.0_06Found and removed: SOFTWARE\Classes\JavaPlugin.150_06Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\JavaRa 1.15 Removal Log.Report follows after line.------------------------------------The JavaRa removal process was started on Sat Apr 24 23:20:06 2010------------------------------------Finished reporting.Malwarebytes' Anti-Malware 1.45www.malwarebytes.orgDatabase version: 4032Windows 5.1.2600 Service Pack 2Internet Explorer 8.0.6001.1870224/04/2010 23:46:35mbam-log-2010-04-24 (23-46-35).txtScan type: Quick scanObjects scanned: 117554Time elapsed: 14 minute(s), 26 second(s)Memory Processes Infected: 1Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 3Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:C:\Documents and Settings\Rimac Anthonye\csrss.exe (Trojan.Agent) -> Unloaded process successfully.Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Malware.Trace) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\disableconfig (Windows.Tool.Disabled) -> Delete on reboot.Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\Documents and Settings\Rimac Anthonye\csrss.exe (Trojan.Agent) -> Delete on reboot.DDS (Ver_10-03-17.01) - NTFSx86 Run by Rimac Anthonye at 23:59:03.87 on 24/04/2010Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1014.487 [GMT 1:00]AV: Trend Micro Internet Security Pro *On-access scanning enabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Bonjour\mDNSResponder.exesvchost.exeC:\WINDOWS\system32\hasplms.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files\Trend Micro\Internet Security\SfCtlCom.exesvchost.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC:\WINDOWS\system32\mqsvc.exeC:\WINDOWS\system32\mqtgsvc.exeC:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exeC:\Program Files\Trend Micro\Internet Security\TmProxy.exeC:\Program Files\Trend Micro\BM\TMBMSRV.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ehome\ehtray.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\Program Files\Common Files\AOL\ACS\AOLDial.exeC:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXEC:\Program Files\Common Files\AOL\1165261327\ee\AOLSoftware.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXEC:\Program Files\BroadJump\Client Foundation\CFD.exeC:\WINDOWS\system32\rundll32.exeC:\PROGRA~1\hpq\Shared\HPQTOA~1.EXEC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\SyncroSoft\Pos\H2O\cledx.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exeC:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exeC:\DOCUME~1\RIMACA~1\LOCALS~1\Temp\oldbot.exeC:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exeC:\Program Files\Craft ROBO Controller\CRSSupervisor.exeC:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\HP\Digital Imaging\bin\hpqimzone.exeC:\Documents and Settings\Rimac Anthonye\Desktop\dds.scr============== Pseudo HJT Report ===============uSearch Bar = hxxp://www.google.com/ieuSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=presario&pf=laptopuInternet Settings,ProxyOverride = <local>;*.localuSearchURL,(Default) = hxxp://www.google.com/search?q=%sBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: TSToolbarBHO: {43c6d902-a1c5-45c9-91f6-fd9e90337e18} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dllTB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dllTB: Trend Micro Toolbar: {ccac5586-44d7-4c43-b64a-f042461a97d2} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dllTB: {C4069E3A-68F1-403E-B40E-20066696354B} - No FileTB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dllTB: {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No FileTB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dlluRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exeuRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduleruRun: [oldbot] c:\docume~1\rimaca~1\locals~1\temp\oldbot.exeuRun: [OE] "c:\program files\trend micro\internet security\tmas_oe\TMAS_OEMon.exe"uRun: [Google Update] "c:\documents and settings\rimac anthonye\local settings\application data\google\update\GoogleUpdate.exe" /cmRun: [ehTray] c:\windows\ehome\ehtray.exemRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exemRun: [igfxtray] c:\windows\system32\igfxtray.exemRun: [igfxhkcmd] c:\windows\system32\hkcmd.exemRun: [igfxpers] c:\windows\system32\igfxpers.exemRun: [MsmqIntCert] regsvr32 /s mqrt.dllmRun: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exemRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exemRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exemRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartmRun: [Cpqset] c:\program files\hewlett-packard\default settings\cpqset.exemRun: [RecGuard] c:\windows\sminst\RecGuard.exemRun: [Reminder] c:\windows\creator\Remind_XP.exemRun: [speedTouch USB Diagnostics] "c:\program files\thomson\speedtouch usb\Dragdiag.exe" /iconmRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exemRun: [AOL Spyware Protection] "c:\progra~1\common~1\aol\aolspy~1\AOLSP Scheduler.exe"mRun: [EPSON Stylus C48 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /O6 "USB001" /M "Stylus C48"mRun: [HostManager] c:\program files\common files\aol\1165261327\ee\AOLSoftware.exemRun: [iPHSend] c:\program files\common files\aol\iphsend\IPHSend.exemRun: [EPSON Stylus Photo R300 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB002" /M "Stylus Photo R300"mRun: [bJCFD] c:\program files\broadjump\client foundation\CFD.exemRun: [workflow] e:\installs\workflow.exemRun: [WinampAgent] "c:\program files\winamp\winampa.exe"mRun: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentmRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exemRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exemRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osbootmRun: [ctfmon.exe] ctfmon.exemRun: [ufSeAgnt.exe] "c:\program files\trend micro\internet security\UfSeAgnt.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXEStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aol90t~1.lnk - c:\program files\aol 9.0\aoltray.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\craftr~1.lnk - c:\program files\craft robo controller\CRSSupervisor.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXEStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exeIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - c:\progra~1\nuclea~1\videoget\plugins\VIDEOG~1.DLLIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLLDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cabDPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cabDPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabDPF: {138E6DC9-722B-4F4B-B09D-95D191869696} - hxxp://www.bebo.com/files/BeboUploader.5.1.4.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} - hxxp://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cabDPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader.cabDPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cabDPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194423345296DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabDPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader4_5.cabDPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} - hxxp://members.driverguide.com/director/dispatch_getfile.php?mode=toolkit_liteHandler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - c:\program files\trend micro\trendsecure\tisprotoolbar\TSToolbar.dllNotify: acpiz - acpiz.dllNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllHosts: 121.254.96.92 msnfix.changelog.frHosts: 121.254.96.92 www.incodesolutions.comHosts: 121.254.96.92 virusinfo.prevx.comHosts: 121.254.96.92 download.bleepingcomputer.comHosts: 121.254.96.92 www.dazhizhu.cnNote: multiple HOSTS entries found. Please refer to Attach.txt================= FIREFOX ===================FF - ProfilePath - c:\docume~1\rimaca~1\applic~1\mozilla\firefox\profiles\7hx5bm3h.default\FF - component: c:\program files\trend micro\trendsecure\tisprotoolbar\firefoxextension\components\FFTMUFEHelper.dllFF - component: c:\program files\trend micro\trendsecure\tisprotoolbar\firefoxextension\components\FFToolbarComm.dllFF - plugin: c:\documents and settings\rimac anthonye\local settings\application data\google\update\1.2.183.23\npGoogleOneClick8.dllFF - plugin: c:\program files\microsoft\office live\npOLW.dllFF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dllFF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dllFF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);============= SERVICES / DRIVERS ===============R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-26 54752]R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-6 99328]R2 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-9-12 1247600]R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2010-4-11 36368]R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2009-7-27 33792]R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2010-4-11 339984]R3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2010-4-11 50704]R3 TmProxy;Trend Micro Proxy Service;c:\program files\trend micro\internet security\TmProxy.exe [2010-4-11 689416]S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]=============== Created Last 30 ================2010-04-24 01:35:00 1823644 ----a-w- c:\documents and settings\rimac anthonye\.websiteauditor.properties2010-04-24 01:19:29 451920 ----a-w- c:\documents and settings\rimac anthonye\.linkassistant.properties2010-04-24 01:02:57 382080 ----a-w- c:\documents and settings\rimac anthonye\.ranktracker.properties2010-04-24 00:38:12 0 d-----w- c:\program files\SEO PowerSuite2010-04-16 21:34:45 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2010-04-16 21:34:41 20824 ----a-w- c:\windows\system32\drivers\mbam.sys2010-04-16 21:34:41 0 d-----w- c:\program files\Malwarebytes' Anti-Malware2010-04-12 15:35:15 0 d-----w- c:\docume~1\rimaca~1\applic~1\Malwarebytes2010-04-12 15:34:07 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes2010-04-11 15:01:55 0 d-sh--w- c:\documents and settings\rimac anthonye\PrivacIE2010-04-11 14:40:25 10752 ----a-w- c:\windows\DCEBoot.exe2010-04-11 01:07:08 0 d-sh--w- c:\documents and settings\rimac anthonye\IETldCache2010-04-11 01:05:18 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys2010-04-11 01:05:18 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys2010-04-11 01:03:56 0 d-----w- c:\windows\system32\Service2010-04-11 01:01:30 0 d-----w- c:\docume~1\alluse~1\applic~1\Trend Micro2010-04-11 01:00:43 0 d-----w- c:\program files\Trend Micro2010-04-11 00:59:43 661808 ----a-w- c:\windows\system32\UfWSC.cpl2010-04-11 00:59:27 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys2010-04-11 00:59:27 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys2010-04-11 00:59:27 339984 ----a-w- c:\windows\system32\drivers\TM_CFW.sys2010-04-11 00:59:27 230928 ----a-w- c:\windows\system32\drivers\tmxpflt.sys2010-04-11 00:59:27 1322680 ----a-w- c:\windows\system32\drivers\vsapint.sys2010-04-11 00:51:37 12800 ------w- c:\windows\system32\dllcache\xpshims.dll2010-04-11 00:51:36 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll2010-04-11 00:51:28 0 d-----w- c:\windows\ie8updates2010-04-11 00:50:53 64000 ------w- c:\windows\system32\dllcache\iecompat.dll2010-04-11 00:49:58 0 dc-h--w- c:\windows\ie82010-04-11 00:38:41 109248 ----a-w- c:\windows\system32\MSWINSCK.OCX2010-04-11 00:38:38 212992 ----a-w- c:\windows\system32\DartSock.dll2010-04-11 00:38:36 147456 ----a-w- c:\windows\system32\DartSecure2.dll2010-04-11 00:38:34 139264 ----a-w- c:\windows\system32\DartCertificate.dll2010-04-11 00:03:52 0 d-----w- c:\program files\common files\ODBC2010-04-10 23:55:28 0 d-----w- c:\program files\common files\Aladdin Shared2010-04-10 20:12:39 123 ----a-w- c:\documents and settings\rimac anthonye\file.bat2010-04-10 20:12:38 102450 ----a-w- c:\windows\system32\msvcrt2.dll2010-04-10 20:11:31 293376 ------w- c:\windows\system32\browserchoice.exe2010-04-09 07:36:27 0 ----a-w- c:\documents and settings\rimac anthonye\Desktop.ini==================== Find3M ====================2010-04-11 00:59:27 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys2010-04-10 20:12:37 14336 ----a-w- c:\windows\system32\svchost.exe2010-04-10 20:12:37 14336 ----a-w- c:\windows\system32\dllcache\svchost.exe2010-03-11 12:38:51 133120 ------w- c:\windows\system32\dllcache\extmgr.dll2010-03-10 13:18:21 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\vbscript.dll2010-03-10 06:15:52 420352 ----a-w- c:\windows\system32\dllcache\vbscript.dll2010-02-25 10:54:36 11070976 ------w- c:\windows\system32\dllcache\ieframe.dll2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll2010-02-25 06:24:37 916480 ------w- c:\windows\system32\dllcache\wininet.dll2010-02-25 06:24:37 611840 ------w- c:\windows\system32\dllcache\mstime.dll2010-02-25 06:24:37 206848 ------w- c:\windows\system32\dllcache\occache.dll2010-02-25 06:24:37 1209344 ------w- c:\windows\system32\dllcache\urlmon.dll2010-02-25 06:24:36 5944832 ------w- c:\windows\system32\dllcache\mshtml.dll2010-02-25 06:24:35 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll2010-02-25 06:24:35 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll2010-02-25 06:24:35 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll2010-02-25 06:24:35 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll2010-02-25 06:24:35 184320 ------w- c:\windows\system32\dllcache\iepeers.dll2010-02-25 06:24:34 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll2010-02-24 12:31:30 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys2010-02-24 12:31:30 454016 ------w- c:\windows\system32\dllcache\mrxsmb.sys2010-02-24 09:54:25 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe2010-02-19 11:55:15 197256 -c--a-w- c:\docume~1\rimaca~1\applic~1\GDIPFONTCACHEV1.DAT2010-02-17 10:57:54 2063744 ----a-w- c:\windows\system32\ntkrnlpa.exe2010-02-17 10:57:54 2063744 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe2010-02-16 17:37:57 2186880 ----a-w- c:\windows\system32\ntoskrnl.exe2010-02-16 17:37:57 2186880 ------w- c:\windows\system32\dllcache\ntoskrnl.exe2010-02-16 17:35:40 2143744 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe2010-02-16 16:57:54 2021888 ------w- c:\windows\system32\dllcache\ntkrpamp.exe2010-02-12 04:47:05 100864 ----a-w- c:\windows\system32\6to4svc.dll2010-02-12 04:47:05 100864 ------w- c:\windows\system32\dllcache\6to4svc.dll2010-02-11 12:01:43 226880 ----a-w- c:\windows\system32\dllcache\tcpip6.sys============= FINISH: 0:00:26.04 ===============UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH ITDDS (Ver_10-03-17.01)Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 02/12/2006 17:51:21System Uptime: 24/04/2010 23:48:38 (1 hours ago)Motherboard: Hewlett-Packard | | 30C6Processor: Intel® Celeron® M CPU 420 @ 1.60GHz | U1 | 1596/mhz==== Disk Partitions =========================C: is FIXED (NTFS) - 67 GiB total, 21.759 GiB free.D: is FIXED (FAT32) - 8 GiB total, 1.031 GiB free.E: is CDROM ()H: is Removable==== Disabled Device Manager Items ================= System Restore Points ===================RP1196: 24/01/2010 03:00:19 - Software Distribution Service 3.0RP1197: 25/01/2010 15:38:04 - System CheckpointRP1198: 26/01/2010 18:52:39 - System CheckpointRP1199: 27/01/2010 19:16:16 - System CheckpointRP1200: 28/01/2010 20:23:17 - System CheckpointRP1201: 30/01/2010 13:08:31 - System CheckpointRP1202: 31/01/2010 13:31:51 - Installed Microsoft Office Project Standard 2007RP1203: 01/02/2010 18:03:57 - System CheckpointRP1204: 01/02/2010 18:10:26 - Installed DirectXRP1205: 01/02/2010 19:10:22 - Software Distribution Service 3.0RP1206: 02/02/2010 02:59:52 - Software Distribution Service 3.0RP1207: 04/02/2010 07:12:47 - System CheckpointRP1208: 05/02/2010 11:14:32 - System CheckpointRP1209: 06/02/2010 11:46:12 - System CheckpointRP1210: 07/02/2010 14:34:36 - System CheckpointRP1211: 08/02/2010 19:05:18 - System CheckpointRP1212: 09/02/2010 19:21:58 - System CheckpointRP1213: 10/02/2010 19:52:00 - System CheckpointRP1214: 11/02/2010 00:56:01 - Software Distribution Service 3.0RP1215: 12/02/2010 11:48:24 - System CheckpointRP1216: 13/02/2010 12:33:09 - System CheckpointRP1217: 13/02/2010 19:54:22 - Removed BlackBerry Desktop Software 5.0.RP1218: 13/02/2010 20:03:53 - Removed Roxio Media ManagerRP1219: 14/02/2010 20:39:11 - System CheckpointRP1220: 15/02/2010 21:09:27 - System CheckpointRP1221: 16/02/2010 21:58:00 - System CheckpointRP1222: 18/02/2010 09:13:01 - System CheckpointRP1223: 19/02/2010 14:26:03 - System CheckpointRP1224: 20/02/2010 15:08:15 - System CheckpointRP1225: 21/02/2010 16:11:43 - System CheckpointRP1226: 22/02/2010 17:56:02 - System CheckpointRP1227: 23/02/2010 17:57:27 - System CheckpointRP1228: 24/02/2010 19:06:34 - System CheckpointRP1229: 24/02/2010 21:51:26 - Software Distribution Service 3.0RP1230: 25/02/2010 21:56:34 - System CheckpointRP1231: 26/02/2010 22:52:39 - System CheckpointRP1232: 27/02/2010 23:12:35 - System CheckpointRP1233: 01/03/2010 13:27:18 - System CheckpointRP1234: 02/03/2010 14:17:01 - System CheckpointRP1235: 03/03/2010 14:19:32 - System CheckpointRP1236: 04/03/2010 14:30:07 - System CheckpointRP1237: 05/03/2010 15:28:00 - System CheckpointRP1238: 06/03/2010 16:48:13 - System CheckpointRP1239: 07/03/2010 17:25:47 - System CheckpointRP1240: 08/03/2010 19:45:54 - System CheckpointRP1241: 09/03/2010 20:45:12 - System CheckpointRP1242: 10/03/2010 20:53:36 - System CheckpointRP1243: 10/03/2010 23:41:20 - Software Distribution Service 3.0RP1244: 11/03/2010 12:49:43 - Installed BlackBerry Device Software v4.5.0 for the BlackBerry 8310 smartphone.RP1245: 12/03/2010 12:53:26 - System CheckpointRP1246: 13/03/2010 13:26:17 - System CheckpointRP1247: 14/03/2010 14:19:35 - System CheckpointRP1248: 15/03/2010 14:29:34 - System CheckpointRP1249: 16/03/2010 14:55:54 - System CheckpointRP1250: 17/03/2010 15:01:10 - System CheckpointRP1251: 18/03/2010 17:46:35 - System CheckpointRP1252: 19/03/2010 17:16:02 - Removed Tweet AdderRP1253: 19/03/2010 17:16:13 - Installed Tweet AdderRP1254: 20/03/2010 18:45:43 - System CheckpointRP1255: 21/03/2010 18:56:19 - System CheckpointRP1256: 22/03/2010 19:08:09 - System CheckpointRP1257: 23/03/2010 19:22:56 - System CheckpointRP1258: 24/03/2010 20:32:34 - System CheckpointRP1259: 26/03/2010 14:20:16 - System CheckpointRP1260: 27/03/2010 15:46:37 - System CheckpointRP1261: 28/03/2010 17:09:56 - System CheckpointRP1262: 29/03/2010 19:07:15 - System CheckpointRP1263: 30/03/2010 19:23:31 - System CheckpointRP1264: 31/03/2010 19:59:09 - System CheckpointRP1265: 31/03/2010 23:32:55 - Software Distribution Service 3.0RP1266: 02/04/2010 00:08:19 - System CheckpointRP1267: 03/04/2010 10:29:11 - System CheckpointRP1268: 04/04/2010 10:49:53 - System CheckpointRP1269: 05/04/2010 13:41:16 - System CheckpointRP1270: 08/04/2010 09:51:40 - System CheckpointRP1271: 10/04/2010 07:25:12 - System Checkpoint==== Hosts File Hijack ======================Hosts: 121.254.96.92 msnfix.changelog.frHosts: 121.254.96.92 www.incodesolutions.comHosts: 121.254.96.92 virusinfo.prevx.comHosts: 121.254.96.92 download.bleepingcomputer.comHosts: 121.254.96.92 www.dazhizhu.cnHosts: 121.254.96.92 foro.noticias3d.comHosts: 121.254.96.92 www.spybotupdates.comHosts: 121.254.96.92 club.myce.comHosts: 121.254.96.92 www.k7computing.comHosts: 121.254.96.92 softwaresecuritysolutions.comHosts: 121.254.96.92 www.nabble.comHosts: 121.254.96.92 lurker.clamav.netHosts: 121.254.96.92 lexikon.ikarus.atHosts: 121.254.96.92 research.sunbelt-software.comHosts: 121.254.96.92 www.virusdoctor.jpHosts: 121.254.96.92 www.elitepvpers.deHosts: 121.254.96.92 guru.avg.comHosts: 121.254.96.92 downloads.sophos.comHosts: 121.254.96.92 share.skype.comHosts: 121.254.96.92 myantispyware.comHosts: 121.254.96.92 www.computerhilfen.deHosts: 121.254.96.92 www.superuser.co.krHosts: 121.254.96.92 ntfaq.co.krHosts: 121.254.96.92 v.dreamwiz.comHosts: 121.254.96.92 cit.kookmin.ac.krHosts: 121.254.96.92 forums.whatthetech.comHosts: 121.254.96.92 forum.hijackthis.deHosts: 121.254.96.92 avg.vo.llnwd.netHosts: 121.254.96.92 ftp.drweb.comHosts: 121.254.96.92 www.zonealarm.comHosts: 121.254.96.92 smadaver.comHosts: 121.254.96.92 support.emsisoft.comHosts: 121.254.96.92 psychoski.blogspot.comHosts: 121.254.96.92 www.huaifai.go.thHosts: 121.254.96.92 www.mostz.comHosts: 121.254.96.92 www.krupunmai.comHosts: 121.254.96.92 www.cddchiangmai.netHosts: 121.254.96.92 forum.malekal.comHosts: 121.254.96.92 tech.pantip.comHosts: 121.254.96.92 sapcupgrades.comHosts: 121.254.96.92 www.elguruinformatico.comHosts: 121.254.96.92 forums.avg.comHosts: 121.254.96.92 zastita.comHosts: 121.254.96.92 support.kaspersky.comHosts: 121.254.96.92 foro.msgpluslive.esHosts: 121.254.96.92 www.247fixes.comHosts: 121.254.96.92 forum.sysinternals.comHosts: 121.254.96.92 forum.telecharger.01net.comHosts: 121.254.96.92 sophos.comHosts: 121.254.96.92 foros.softonic.comHosts: 121.254.96.92 avast-home.uptodown.comHosts: 121.254.96.92 dr-web-cureit.softonic.comHosts: 121.254.96.92 heavenward.ruHosts: 121.254.96.92 forum.smadav.netHosts: 121.254.96.92 www.forum.kaspersky.comHosts: 121.254.96.92 www.dl4all.comHosts: 121.254.96.92 www.f-secure.comHosts: 121.254.96.92 www.chkrootkit.orgHosts: 121.254.96.92 diamondcs.com.auHosts: 121.254.96.92 www.rootkit.nlHosts: 121.254.96.92 www.sysinternals.comHosts: 121.254.96.92 z-oleg.comHosts: 121.254.96.92 espanol.dir.groups.yahoo.comHosts: 121.254.96.92 ftp01net.telechargement.frHosts: 121.254.96.92 modelayu.comHosts: 121.254.96.92 vaksin.comHosts: 121.254.96.92 bbs.kaspersky.com.cnHosts: 121.254.96.92 sf.tapuz.co.ilHosts: 121.254.96.92 www.castlecrops.comHosts: 121.254.96.92 www.misec.netHosts: 121.254.96.92 safecomputing.umn.eduHosts: 121.254.96.92 www.antirootkit.comHosts: 121.254.96.92 www.greatis.comHosts: 121.254.96.92 ar.answers.yahoo.comHosts: 121.254.96.92 www.elhacker.orgHosts: 121.254.96.92 research.pandasecurity.comHosts: 121.254.96.92 www.tpu.roHosts: 121.254.96.92 www.pinoyden.comHosts: 121.254.96.92 forum.avira.deHosts: 121.254.96.92 www.tanya-it.comHosts: 121.254.96.92 www.rootkit.comHosts: 121.254.96.92 www.pctools.comHosts: 121.254.96.92 www.pcsupportadvisor.comHosts: 121.254.96.92 www.resplendence.comHosts: 121.254.96.92 www.personal.psu.eduHosts: 121.254.96.92 foro.ethek.comHosts: 121.254.96.92 foro.elhacker.netHosts: 121.254.96.92 download.zonealarm.comHosts: 121.254.96.92 spywarehammer.comHosts: 121.254.96.92 www.codelain.comHosts: 121.254.96.92 www.thaicert.orgHosts: 121.254.96.92 vil.nail.comHosts: 121.254.96.92 search.mcafee.comHosts: 121.254.96.92 wwww.mcafee.comHosts: 121.254.96.92 download.nai.comHosts: 121.254.96.92 wwww.experts-exchange.comHosts: 121.254.96.92 www.bakunos.comHosts: 121.254.96.92 www.darkclockers.comHosts: 121.254.96.92 www2.gmer.netHosts: 121.254.96.92 ariefew.comHosts: 121.254.96.92 www.emsisoft.comHosts: 121.254.96.92 forum.romeonet.roHosts: 121.254.96.92 www.arenajunkies.comHosts: 121.254.96.92 www.Merijn.orgHosts: 121.254.96.92 www.spywareinfo.comHosts: 121.254.96.92 www.spybot.infoHosts: 121.254.96.92 www.viruslist.comHosts: 121.254.96.92 www.hijackthis.deHosts: 121.254.96.92 ftp.f-secure.comHosts: 121.254.96.92 forum.kaspersky.comHosts: 121.254.96.92 es.trendmicro-europe.comHosts: 121.254.96.92 www.hvaonline.netHosts: 121.254.96.92 forum.lowyat.netHosts: 121.254.96.92 kb.eset.comHosts: 121.254.96.92 www.pcwelt.deHosts: 121.254.96.92 majorgeeks.comHosts: 121.254.96.92 www.avp.comHosts: 121.254.96.92 www.virustotal.comHosts: 121.254.96.92 www.sophos.comHosts: 121.254.96.92 linhadefensiva.uol.com.brHosts: 121.254.96.92 cmmings.cnHosts: 121.254.96.92 www.sergiwa.comHosts: 121.254.96.92 www.el-hacker.comHosts: 121.254.96.92 dl2.agnitum.comHosts: 121.254.96.92 forum.smadav.netHosts: 121.254.96.92 images.malwareremoval.comHosts: 121.254.96.92 front.prevx.comHosts: 121.254.96.92 www.avg-antivirus.netHosts: 121.254.96.92 www.kaspersky-labs.comHosts: 121.254.96.92 www.kaspersky.comHosts: 121.254.96.92 www.bleepingcomputer.comHosts: 121.254.96.92 www.free.grisoft.comHosts: 121.254.96.92 alerta-antivirus.inteco.esHosts: 121.254.96.92 greatis.comHosts: 121.254.96.92 www.oprekpc.comHosts: 121.254.96.92 www.gmer.netHosts: 121.254.96.92 forum.kasperskyclub.comHosts: 121.254.96.92 computadoras.migold.comHosts: 121.254.96.92 securityresponse.symantec.comHosts: 121.254.96.92 www.analysis.seclab.tuwien.ac.atHosts: 121.254.96.92 www.symantec.comHosts: 121.254.96.92 www.kztechs.comHosts: 121.254.96.92 ad-aware-se.uptodown.comHosts: 121.254.96.92 stdio-labs.blogspot.comHosts: 121.254.96.92 forum.lrytas.ltHosts: 121.254.96.92 www.decido.deHosts: 121.254.96.92 wap.elakiri.comHosts: 121.254.96.92 ot-indo.blogspot.comHosts: 121.254.96.92 liveupdate.symantecliveupdate.comHosts: 121.254.96.92 liveupdate.symantec.comHosts: 121.254.96.92 customer.symantec.comHosts: 121.254.96.92 update.symantec.comHosts: 121.254.96.92 www.box.netHosts: 121.254.96.92 foro.el-hacker.comHosts: 121.254.96.92 acs.pandasoftware.comHosts: 121.254.96.92 egavisa.blogspot.comHosts: 121.254.96.92 angui123.cnHosts: 121.254.96.92 beta.eset.comHosts: 121.254.96.92 www.ixtorrent.comHosts: 121.254.96.92 www.mcafee.comHosts: 121.254.96.92 download.mcafee.comHosts: 121.254.96.92 mast.mcafee.comHosts: 121.254.96.92 www.tecno-soft.comHosts: 121.254.96.92 ladooscuro.esHosts: 121.254.96.92 ftp.drweb.comHosts: 121.254.96.92 download.microsoft.comHosts: 121.254.96.92 www.mypcsafe.comHosts: 121.254.96.92 www.blindedbytech.comHosts: 121.254.96.92 kaspersky.comHosts: 121.254.96.92 sis-admin.blogspot.comHosts: 121.254.96.92 www.protecus.deHosts: 121.254.96.92 guru0.grisoft.czHosts: 121.254.96.92 guru1.grisoft.czHosts: 121.254.96.92 guru2.grisoft.czHosts: 121.254.96.92 guru3.grisoft.czHosts: 121.254.96.92 download.bleepingcomputer.comHosts: 121.254.96.92 it.answers.yahoo.comHosts: 121.254.96.92 www.softonic.comHosts: 121.254.96.92 www.mycity.rsHosts: 121.254.96.92 cairopt.netHosts: 121.254.96.92 rootrepeal.googlepages.comHosts: 121.254.96.92 www.windowexe.comHosts: 121.254.96.92 guru4.grisoft.czHosts: 121.254.96.92 guru5.grisoft.czHosts: 121.254.96.92 www.virusspy.comHosts: 121.254.96.92 download.f-secure.comHosts: 121.254.96.92 www.malwareremoval.comHosts: 121.254.96.92 forums.cnet.comHosts: 121.254.96.92 foros.softonic.comHosts: 121.254.96.92 www.freedrweb.comHosts: 121.254.96.92 www.kaskus.usHosts: 121.254.96.92 rootrepeal.psikotick.comHosts: 121.254.96.92 thaicert.nectec.or.thHosts: 121.254.96.92 hjt-data.trend-braintree.comHosts: 121.254.96.92 www.pantip.comHosts: 121.254.96.92 secubox.aldria.comHosts: 121.254.96.92 www.forospyware.comHosts: 121.254.96.92 www.manuelruvalcaba.comHosts: 121.254.96.92 www.zonavirus.comHosts: 121.254.96.92 www.leforo.comHosts: 121.254.96.92 www.gsmph.comHosts: 121.254.96.92 blokvesti.netHosts: 121.254.96.92 www.viprasys.orgHosts: 121.254.96.92 forum.antivir-pe.deHosts: 121.254.96.92 www.siteadvisor.comHosts: 121.254.96.92 blog.threatfire.comHosts: 121.254.96.92 www.threatexpert.comHosts: 121.254.96.92 blog.hispasec.comHosts: 121.254.96.92 www.configurarequipos.comHosts: 121.254.96.92 sosvirus.changelog.frHosts: 121.254.96.92 www.psicofxp.comHosts: 121.254.96.92 www.gsmph.netHosts: 121.254.96.92 www.gyakorikerdesek.huHosts: 121.254.96.92 us.mcafee.comHosts: 121.254.96.92 www.malekal.comHosts: 121.254.96.92 mailcenter.rising.com.cnHosts: 121.254.96.92 mailcenter.rising.comHosts: 121.254.96.92 www.rising.com.cnHosts: 121.254.96.92 www.rising.comHosts: 121.254.96.92 www.babooforum.com.brHosts: 121.254.96.92 www.runscanner.netHosts: 121.254.96.92 www.blogschapines.comHosts: 121.254.96.92 www.zyzoom.orgHosts: 121.254.96.92 www.avsoft.ruHosts: 121.254.96.92 www.elakiri.comHosts: 121.254.96.92 forum.telecharger.01net.comHosts: 121.254.96.92 sosvirus.changelog.frHosts: 121.254.96.92 upload.changelog.frHosts: 121.254.96.92 www.raymond.ccHosts: 121.254.96.92 changelog.frHosts: 121.254.96.92 www.pcentraide.comHosts: 121.254.96.92 atazita.blogspot.comHosts: 121.254.96.92 www.thinkpad.cnHosts: 121.254.96.92 www.sunbeltsoftware.comHosts: 121.254.96.92 cert.inteco.esHosts: 121.254.96.92 www.gamexeon.comHosts: 121.254.96.92 nod32-antivirus.en.softonic.coHosts: 121.254.96.92 www.final4ever.comHosts: 121.254.96.92 files.filefont.comHosts: 121.254.96.92 www.infos-du-net.comHosts: 121.254.96.92 www.trendsecure.comHosts: 121.254.96.92 forum.hardware.frHosts: 121.254.96.92 www.utilidades-utiles.comHosts: 121.254.96.92 blogs.icerocket.comHosts: 121.254.96.92 www.spywarefri.dkHosts: 121.254.96.92 alfrasha.maktoob.comHosts: 121.254.96.92 www.eset.euHosts: 121.254.96.92 quickscan.bitdefender.comHosts: 121.254.96.92 www.spychecker.comHosts: 121.254.96.92 www.geekstogo.comHosts: 121.254.96.92 forums.maddoktor2.comHosts: 121.254.96.92 www.smokey-services.euHosts: 121.254.96.92 www.clubic.comHosts: 121.254.96.92 www.linhadefensiva.orgHosts: 121.254.96.92 www.rolandovera.comHosts: 121.254.96.92 forum.burek.comHosts: 121.254.96.92 secure.sophos.comHosts: 121.254.96.92 usa.kaspersky.comHosts: 121.254.96.92 board.softpedia.comHosts: 121.254.96.92 download.sysinternals.comHosts: 121.254.96.92 www.pcguide.comHosts: 121.254.96.92 www.thetechguide.comHosts: 121.254.96.92 www.ozzu.comHosts: 121.254.96.92 www.changedetection.comHosts: 121.254.96.92 espanol.groups.yahoo.comHosts: 121.254.96.92 www.sunbeltsecurity.comHosts: 121.254.96.92 www.quickheal.co.inHosts: 121.254.96.92 www.vivalared.comHosts: 121.254.96.92 thailand.itmylike.comHosts: 121.254.96.92 community.thaiware.comHosts: 121.254.96.92 www.avpclub.ddns.infoHosts: 121.254.96.92 www.offensivecomputing.netHosts: 121.254.96.92 www.grisoft.comHosts: 121.254.96.92 boardreader.comHosts: 121.254.96.92 www.guiadohardware.netHosts: 121.254.96.92 www.webroot.comHosts: 121.254.96.92 www.thehelper.netHosts: 121.254.96.92 www.kaldata.comHosts: 121.254.96.92 vil.nai.comHosts: 121.254.96.92 www.malwarecrypt.comHosts: 121.254.96.92 www.msnvirusremoval.comHosts: 121.254.96.92 www.cisrt.orgHosts: 121.254.96.92 fixmyim.comHosts: 121.254.96.92 samroeng.hi5.comHosts: 121.254.96.92 foro.elhacker.netHosts: 121.254.96.92 www.daboweb.comHosts: 121.254.96.92 service1.symantec.comHosts: 121.254.96.92 us3.download.comodo.comHosts: 121.254.96.92 forum.gsmhosting.comHosts: 121.254.96.92 www.computerforum.comHosts: 121.254.96.92 forum.avast.comHosts: 121.254.96.92 forums.techguy.orgHosts: 121.254.96.92 www.incodesolutions.comHosts: 121.254.96.92 hijackthis.download3000.comHosts: 121.254.96.92 www.cybertechhelp.comHosts: 121.254.96.92 www.superdicas.com.brHosts: 121.254.96.92 www.51nb.comHosts: 121.254.96.92 us4.download.comodo.comHosts: 121.254.96.92 www.jbtalks.ccHosts: 121.254.96.92 ad13.geekstogo.comHosts: 121.254.96.92 forums.eternion-wow.comHosts: 121.254.96.92 downloads.andymanchesta.comHosts: 121.254.96.92 andymanchesta.comHosts: 121.254.96.92 info.prevx.comHosts: 121.254.96.92 aknow.prevx.comHosts: 121.254.96.92 www.zonavirus.comHosts: 121.254.96.92 securitywonks.netHosts: 121.254.96.92 www.yoreparo.comHosts: 121.254.96.92 www.spywarecease.com Hosts: 121.254.96.92 forum.dobreprogramy.plHosts: 121.254.96.92 community.mcafee.comHosts: 121.254.96.92 board.protecus.deHosts: 121.254.96.92 www.lavasoft.comHosts: 121.254.96.92 www.virscan.orgHosts: 121.254.96.92 www.eeload.comHosts: 121.254.96.92 down.www.kingsoft.comHosts: 121.254.96.92 www.file.netHosts: 121.254.96.92 onecare.live.comHosts: 121.254.96.92 mvps.orgHosts: 121.254.96.92 www.laneros.comHosts: 121.254.96.92 www.pc1news.comHosts: 121.254.96.92 forum.avira.comHosts: 121.254.96.92 downloads.novirusthanks.orgHosts: 121.254.96.92 www.pinoyhackers.comHosts: 121.254.96.92 www.housecall.trendmicro.comHosts: 121.254.96.92 www.avast.comHosts: 121.254.96.92 www.free.avg.comHosts: 121.254.96.92 www.onlinescan.avast.comHosts: 121.254.96.92 www.ewido.netHosts: 121.254.96.92 www.trucoswindows.netHosts: 121.254.96.92 www.mozilla-hispano.orgHosts: 121.254.96.92 www.jackbloodforum.comHosts: 121.254.96.92 www.kosandpol.elakiri.comHosts: 121.254.96.92 www.thaivisa.comHosts: 121.254.96.92 www.futurenow.bitdefender.comHosts: 121.254.96.92 www.bitdefender.comHosts: 121.254.96.92 www.f-prot.comHosts: 121.254.96.92 www.trendsecure.comHosts: 121.254.96.92 security.symantec.comHosts: 121.254.96.92 oldtimer.geekstogo.comHosts: 121.254.96.92 sopiansantosa.blogspot.comHosts: 121.254.96.92 www.fileresearchcenter.comHosts: 121.254.96.92 www.looktr.comHosts: 121.254.96.92 www.zone-it.comHosts: 121.254.96.92 www.avira.comHosts: 121.254.96.92 www.eset.comHosts: 121.254.96.92 free.avg.comHosts: 121.254.96.92 www.free-av.comHosts: 121.254.96.92 kr.ahnlab.comHosts: 121.254.96.92 www.eset.comHosts: 121.254.96.92 forospyware.comHosts: 121.254.96.92 thejokerx.blogspot.comHosts: 121.254.96.92 cairopt.netHosts: 121.254.96.92 oolbar.cyberdefender.comHosts: 121.254.96.92 golpe.dyndns.orgHosts: 121.254.96.92 forum.aiutamici.comHosts: 121.254.96.92 solit.usHosts: 121.254.96.92 www.2-spyware.comHosts: 121.254.96.92 www.antivir.esHosts: 121.254.96.92 www.prevx.comHosts: 121.254.96.92 www.ikarus.netHosts: 121.254.96.92 bbs.s-sos.netHosts: 121.254.96.92 www.housecall.trendmicro.comHosts: 121.254.96.92 www.superdicas.com.brHosts: 121.254.96.92 www.superantispyware.comHosts: 121.254.96.92 www.unhackme.comHosts: 121.254.96.92 www.askmehelpdesk.comHosts: 121.254.96.92 forum.zebulon.frHosts: 121.254.96.92 www.forums.majorgeeks.comHosts: 121.254.96.92 www.castlecops.comHosts: 121.254.96.92 www.virusspy.comHosts: 121.254.96.92 andymanchesta.comHosts: 121.254.96.92 www.kaspersky.esHosts: 121.254.96.92 subs.geekstogo.comHosts: 121.254.96.92 www.forospanish.comHosts: 121.254.96.92 blog.rnsafe.comHosts: 121.254.96.92 www.regrun.comHosts: 121.254.96.92 irc.snahosting.netHosts: 121.254.96.92 danielorza.netHosts: 121.254.96.92 www.pchelpforum.comHosts: 121.254.96.92 www.trendmicro.comHosts: 121.254.96.92 www.fortinet.comHosts: 121.254.96.92 www.safer-networking.orgHosts: 121.254.96.92 www.fortiguardcenter.comHosts: 121.254.96.92 www.dougknox.comHosts: 121.254.96.92 www.vsantivirus.comHosts: 121.254.96.92 static.commentcamarche.netHosts: 121.254.96.92 www.gyakorikerdesek.huHosts: 121.254.96.92 www.fixya.comHosts: 121.254.96.92 www.alabamawomen.orgHosts: 121.254.96.92 www.firewallguide.comHosts: 121.254.96.92 www.auditmypc.comHosts: 121.254.96.92 www.spywaredb.comHosts: 121.254.96.92 www.mxttchina.comHosts: 121.254.96.92 www.ziggamza.netHosts: 121.254.96.92 www.forospyware.esHosts: 121.254.96.92 pogonyuto.forospanish.comHosts: 121.254.96.92 spywarefiles.prevx.comHosts: 121.254.96.92 k2r.th3kings.netHosts: 121.254.96.92 www.betterantivirus.comHosts: 121.254.96.92 www.365groups.comHosts: 121.254.96.92 www.antivirus.comodo.comHosts: 121.254.96.92 www.spywareterminator.comHosts: 121.254.96.92 www.eradicatespyware.netHosts: 121.254.96.92 www.freespywareremoval.infoHosts: 121.254.96.92 www.personalfirewall.comodo.comHosts: 121.254.96.92 wakoopa.comHosts: 121.254.96.92 forum.drweb.comHosts: 121.254.96.92 bb1.th3kings.netHosts: 121.254.96.92 www.commentcamarche.netHosts: 121.254.96.92 www.clamav.netHosts: 121.254.96.92 www.antivirus.about.comHosts: 121.254.96.92 www.pandasecurity.comHosts: 121.254.96.92 www.webphand.comHosts: 121.254.96.92 mx.answers.yahoo.comHosts: 121.254.96.92 www.securitywonks.netHosts: 121.254.96.92 www.messengeradictos.comHosts: 121.254.96.92 www.geekpolice.netHosts: 121.254.96.92 bub.th3kings.netHosts: 121.254.96.92 shield.prevx.comHosts: 121.254.96.92 www.eudict.comHosts: 121.254.96.92 www.sandboxie.comHosts: 121.254.96.92 www.clamwin.comHosts: 121.254.96.92 www.cwsandbox.orgHosts: 121.254.96.92 www.ca.comHosts: 121.254.96.92 www.arswp.comHosts: 121.254.96.92 es.answers.yahoo.comHosts: 121.254.96.92 www.trucoswindows.esHosts: 121.254.96.92 www.ipaddresser.comHosts: 121.254.96.92 www.abgenis.netHosts: 121.254.96.92 www.freefixer.comHosts: 121.254.96.92 forums.afterdawn.comHosts: 121.254.96.92 forum.torrents.roHosts: 121.254.96.92 www.networkworld.comHosts: 121.254.96.92 www.cddchiangmai.netHosts: 121.254.96.92 www.threatexpert.comHosts: 121.254.96.92 www.norman.comHosts: 121.254.96.92 espanol.answers.yahoo.comHosts: 121.254.96.92 www.tallemu.comHosts: 121.254.96.92 foro.portalhacker.netHosts: 121.254.96.92 www.groupwhere.orgHosts: 121.254.96.92 sniff.runescapetube.comHosts: 121.254.96.92 forum.p30world.comHosts: 121.254.96.92 virscan.orgHosts: 121.254.96.92 www.viruschief.comHosts: 121.254.96.92 scanner.virus.orgHosts: 121.254.96.92 www.hijackthis.deHosts: 121.254.96.92 housecall65.trendmicro.comHosts: 121.254.96.92 www.guiadohardware.netHosts: 121.254.96.92 forums.whatthetech.comHosts: 121.254.96.92 mustlovewine.comHosts: 121.254.96.92 www3.malekal.comHosts: 121.254.96.92 esetnod32antivirus.blogspot.comHosts: 121.254.96.92 hjt.networktechs.comHosts: 121.254.96.92 www.techsupportforum.comHosts: 121.254.96.92 www.whatthetech.comHosts: 121.254.96.92 www.soccersuck.comHosts: 121.254.96.92 www.pcentraide.comHosts: 121.254.96.92 comunidad.wilkinsonpc.com.coHosts: 121.254.96.92 forum.hocit.comHosts: 121.254.96.92 forum.smadav.netHosts: 121.254.96.92 fgp.e2doo.comHosts: 121.254.96.92 community.thaiware.comHosts: 121.254.96.92 irc.evoporn.comHosts: 121.254.96.92 forum.piriform.comHosts: 121.254.96.92 www.tweaksforgeeks.comHosts: 121.254.96.92 www.daniweb.comHosts: 121.254.96.92 www.geekstogo.comHosts: 121.254.96.92 es.answers.yahoo.comHosts: 121.254.96.92 www.techsupportforum.comHosts: 121.254.96.92 dnl-eu8.kaspersky-labs.comHosts: 121.254.96.92 www.oprekpc.comHosts: 121.254.96.92 shv4.ath.cxHosts: 121.254.96.92 www.pcworld.comHosts: 121.254.96.92 in.answers.yahoo.comHosts: 121.254.96.92 www.pchell.comHosts: 121.254.96.92 www.spyany.comHosts: 121.254.96.92 forums.techguy.orgHosts: 121.254.96.92 www.experts-exchange.comHosts: 121.254.96.92 www.wikio.esHosts: 121.254.96.92 www.pandasecurity.comHosts: 121.254.96.92 forums.devshed.comHosts: 121.254.96.92 devbuilds.kaspersky-labs.comHosts: 121.254.96.92 hana-ahmad.blogspot.comHosts: 121.254.96.92 www.linkmania.roHosts: 121.254.96.92 www.trojaner-board.deHosts: 121.254.96.92 forum.tweaks.comHosts: 121.254.96.92 www.wilderssecurity.comHosts: 121.254.96.92 www.techspot.comHosts: 121.254.96.92 www.thecomputerpitstop.comHosts: 121.254.96.92 es.wasalive.comHosts: 121.254.96.92 secunia.comHosts: 121.254.96.92 www.killtrojan.netHosts: 121.254.96.92 www.ulop.netHosts: 121.254.96.92 www.eliters.comHosts: 121.254.96.92 sip4.voipkosovasite.comHosts: 121.254.96.92 www.ftw.roHosts: 121.254.96.92 anggiawan.web.idHosts: 121.254.96.92 es.kioskea.netHosts: 121.254.96.92 www.taringa.netHosts: 121.254.96.92 www.cyberdefender.comHosts: 121.254.96.92 www.feedage.comHosts: 121.254.96.92 new.taringa.netHosts: 121.254.96.92 forum.zazana.comHosts: 121.254.96.92 forum.clubedohardware.com.brHosts: 121.254.96.92 mks.com.plHosts: 121.254.96.92 www.vietcaravan.usHosts: 121.254.96.92 trbotnet.sytes.netHosts: 121.254.96.92 community.norton.comHosts: 121.254.96.92 www.computing.netHosts: 121.254.96.92 discussions.virtualdr.comHosts: 121.254.96.92 forum.securitycadets.comHosts: 121.254.96.92 www.techimo.comHosts: 121.254.96.92 13iii.comHosts: 121.254.96.92 www.dicasweb.com.brHosts: 121.254.96.92 www.javacoolsoftware.netHosts: 121.254.96.92 cofradia.orgHosts: 121.254.96.92 wasteland-bg.comHosts: 121.254.96.92 www.windowexe.comHosts: 121.254.96.92 malekal.comHosts: 121.254.96.92 www.carigold.comHosts: 121.254.96.92 www.infosecpodcast.comHosts: 121.254.96.92 www.usbcleaner.cnHosts: 121.254.96.92 www.net-security.orgHosts: 121.254.96.92 www.bleedingthreats.netHosts: 121.254.96.92 acs.pandasoftware.comHosts: 121.254.96.92 www.funkytoad.comHosts: 121.254.96.92 malwarebytes.orgHosts: 121.254.96.92 sabithpocker.blogspot.comHosts: 121.254.96.92 comprolive.vox.comHosts: 121.254.96.92 www.worton.comHosts: 121.254.96.92 www.360safe.cnHosts: 121.254.96.92 www.360safe.comHosts: 121.254.96.92 bbs.360safe.cnHosts: 121.254.96.92 bbs.360safe.comHosts: 121.254.96.92 codehard.wordpress.comHosts: 121.254.96.92 forum.clubedohardware.com.brHosts: 121.254.96.92 antitrick.comHosts: 121.254.96.92 www.configurarequipos.comHosts: 121.254.96.92 www.jiwang.orgHosts: 121.254.96.92 anti-virus-software-review.toptenreviews.comHosts: 121.254.96.92 www.360.cnHosts: 121.254.96.92 www.360.comHosts: 121.254.96.92 bbs.360safe.cnHosts: 121.254.96.92 bbs.360safe.comHosts: 121.254.96.92 www.forospyware.esHosts: 121.254.96.92 p3dev.taringa.netHosts: 121.254.96.92 www.precisesecurity.comHosts: 121.254.96.92 dlpe.antivir.comHosts: 121.254.96.92 www.jvme.comHosts: 121.254.96.92 share.skype.comHosts: 121.254.96.92 comprolive.comHosts: 121.254.96.92 gotoknow.orgHosts: 121.254.96.92 www.forofantasiasmiguel.comHosts: 121.254.96.92 baike.360.cnHosts: 121.254.96.92 baike.360.comHosts: 121.254.96.92 kaba.360.cnHosts: 121.254.96.92 kaba.360.comHosts: 121.254.96.92 deckard.geekstogo.comHosts: 121.254.96.92 www.taringa.netHosts: 121.254.96.92 forums.comodo.comHosts: 121.254.96.92 www.mvps.orgHosts: 121.254.96.92 melcy.wordpress.comHosts: 121.254.96.92 forum.softpedia.comHosts: 121.254.96.92 pcvids.wordpress.comHosts: 121.254.96.92 shop.symantecstore.comHosts: 121.254.96.92 down.360safe.cnHosts: 121.254.96.92 down.360safe.comHosts: 121.254.96.92 x.360safe.comHosts: 121.254.96.92 dl.360safe.comHosts: 121.254.96.92 ftp.drweb.comHosts: 121.254.96.92 www.hotshare.netHosts: 121.254.96.92 es.wasalive.comHosts: 121.254.96.92 free.antivirus.comHosts: 121.254.96.92 forum.hocit.comHosts: 121.254.96.92 destavision-forum.comHosts: 121.254.96.92 inspiresoft.blogspot.comHosts: 121.254.96.92 universomanualidades.foroactivo.comHosts: 121.254.96.92 updatem.360safe.comHosts: 121.254.96.92 updatem.360safe.cnHosts: 121.254.96.92 update.360safe.cnHosts: 121.254.96.92 update.360safe.comHosts: 121.254.96.92 www.utilidades-utiles.comHosts: 121.254.96.92 forum.kaspersky.comHosts: 121.254.96.92 www.indowebster.web.idHosts: 121.254.96.92 zastita.comHosts: 121.254.96.92 www.sz-pet.comHosts: 121.254.96.92 foros.abcdatos.comHosts: 121.254.96.92 www.elektroda.plHosts: 121.254.96.92 bbs.duba.netHosts: 121.254.96.92 www.duba.netHosts: 121.254.96.92 zhidao.baidu.comHosts: 121.254.96.92 hi.baidu.comHosts: 121.254.96.92 www.drweb.com.esHosts: 121.254.96.92 msncleaner.softonic.comHosts: 121.254.96.92 www.javacoolsoftware.comHosts: 121.254.96.92 beniono.wordpress.comHosts: 121.254.96.92 www.4-gsmteam.comHosts: 121.254.96.92 msntubers.freehostia.comHosts: 121.254.96.92 store.norton.comHosts: 121.254.96.92 file.ikaka.comHosts: 121.254.96.92 file.ikaka.cnHosts: 121.254.96.92 bbs.ikaka.comHosts: 121.254.96.92 zhidao.ikaka.comHosts: 121.254.96.92 www.eset-la.comHosts: 121.254.96.92 download.eset.comHosts: 121.254.96.92 software-files.download.comHosts: 121.254.96.92 www.faravirusi.comHosts: 121.254.96.92 www.winbots.esHosts: 121.254.96.92 forum.chip.deHosts: 121.254.96.92 www.thailandsusu.comHosts: 121.254.96.92 debates.motos.netHosts: 121.254.96.92 www.ikaka.comHosts: 121.254.96.92 www.ikaka.cnHosts: 121.254.96.92 bbs.cfan.com.cnHosts: 121.254.96.92 www.cfan.com.cnHosts: 121.254.96.92 www.pandasecurity.comHosts: 121.254.96.92 es.mcafee.comHosts: 121.254.96.92 downloads.malwarebytes.orgHosts: 121.254.96.92 www.devirusare.comHosts: 121.254.96.92 forum.skype.comHosts: 121.254.96.92 shitit.netHosts: 121.254.96.92 www.webimmune.netHosts: 121.254.96.92 forum.swzone.itHosts: 121.254.96.92 bbs.kafan.cnHosts: 121.254.96.92 bbs.kafan.comHosts: 121.254.96.92 bbs.kpfans.comHosts: 121.254.96.92 bbs.taisha.orgHosts: 121.254.96.92 www.manuelruvalcaba.comHosts: 121.254.96.92 support.f-secure.comHosts: 121.254.96.92 bbs.winzheng.comHosts: 121.254.96.92 devirusare.comHosts: 121.254.96.92 social.microsoft.comHosts: 121.254.96.92 www.shitit.netHosts: 121.254.96.92 mx.answers.yahoo.comHosts: 121.254.96.92 darkzone.in.thHosts: 121.254.96.92 alerta-antivirus.inteco.esHosts: 121.254.96.92 foros.zonavirus.comHosts: 121.254.96.92 alerta-antivirus.red.esHosts: 121.254.96.92 www.zonavirus.comHosts: 121.254.96.92 www.malwarebytes.orgHosts: 121.254.96.92 www.commentcamarche.netHosts: 121.254.96.92 news.support.veritas.comHosts: 121.254.96.92 www.zonealarm.comHosts: 121.254.96.92 malwarebytes-anti-malware.softonic.comHosts: 121.254.96.92 www.ewido.netHosts: 121.254.96.92 www.infospyware.comHosts: 121.254.96.92 www.bitdefender.esHosts: 121.254.96.92 housecall.trendmicro.comHosts: 121.254.96.92 foros.toxico-pc.comHosts: 121.254.96.92 www.identi.esHosts: 121.254.96.92 es.kioskea.netHosts: 121.254.96.92 virusinfo.infoHosts: 121.254.96.92 forums.zonealarm.comHosts: 121.254.96.92 foro.infiernohacker.comHosts: 121.254.96.92 nitroamd.spaces.live.comHosts: 121.254.96.92 www.emsisoft.deHosts: 121.254.96.92 www.securitynewsportal.comHosts: 121.254.96.92 irc.ekizmedia.comHosts: 121.254.96.92 zone.arminboutique.comHosts: 121.254.96.92 story.dnsentrymx.com==== Installed Programs ======================AC3Filter (remove only)Acoustica CD/DVD Label MakerAdobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe Camera Raw 4.0Adobe CMapsAdobe Default Language CS3Adobe Device Central CS3Adobe Dreamweaver CS3Adobe ExtendScript Toolkit 2Adobe Extension Manager CS3Adobe Flash Player 10 ActiveXAdobe Flash Player 10 PluginAdobe Help Viewer CS3Adobe PDF Library FilesAdobe Photoshop 7.0Adobe Reader 9.3Adobe SetupAdobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAOL Coach Version 1.0(Build:20040229.1 uk)AOL Connectivity ServicesAOL Spyware ProtectionAOL Toolbar 5.0AOL Uninstaller (Choose which Products to Remove)AOL You've Got Pictures ScreensaverApple Mobile Device SupportApple Software UpdateArturia CS-80V v1.1Arturia Moog Modular V v1.1ASIO4ALLBackburnerBlueSenderBonjourBroadJump Client FoundationBroomstick Bass 1.0.0BufferChmCeltx (2.7)CollabCompatibility Pack for the 2007 Office systemConexant HD AudioCoreFLAC Audio Decoder+Source Filter (remove only)Coupon PrinterCP_AtenaShokunin1ConfigCP_CalendarTemplates1cp_LightScribeConfigcp_OnlineProjectsConfigCP_Package_Basic1CP_Package_Variety1CP_Package_Variety2CP_Package_Variety3CP_Panorama1Configcp_PosterPrintConfigcp_UpdateProjectsConfigCraft ROBO ControllerCritical Update for Windows Media Player 11 (KB959772)CueTourCustomer Experience EnhancementDestinationsDeviceManagementQFolderDG_screensaverDivX Content UploaderDivX Web PlayerEasy Internet Sign-upEdirol HQ Orchestral v1.01Edirol SuperQuartet v1.5EPSON Printer SoftwareEPSON ScanESPNMotionFBP - Facebook Blaster ProFileZilla Client 3.1.5.1FL Studio 8Football Manager 2010 DemoFriendBlasterProFullDPAppQFolderGemMaster MysticGoogle ChromeGoogle Toolbar for Internet ExplorerGraphtec DesignMaster Web (C:\Graphtec DesignMaster Web)HDAUDIO Soft Data Fax Modem with SmartCPHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Internet Explorer 7 (KB947864)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 10 (KB903157)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB888795)Hotfix for Windows XP (KB891593)Hotfix for Windows XP (KB895961)Hotfix for Windows XP (KB896256)Hotfix for Windows XP (KB899337)Hotfix for Windows XP (KB899510)Hotfix for Windows XP (KB902841)Hotfix for Windows XP (KB909095)Hotfix for Windows XP (KB910728)Hotfix for Windows XP (KB912436)Hotfix for Windows XP (KB914440)Hotfix for Windows XP (KB915865)Hotfix for Windows XP (KB926239)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB954708)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976002-v5)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)HouseCall 6.6HP DVD Play 2.3HP Help and SupportHP Imaging Device Functions 6.0HP Photosmart Premier Software 6.0HP Quick Launch Buttons 6.10 A1HP Software UpdateHP User Guides--System RecoveryHP User Guides 0037HP Wireless Assistant 2.00 G2HpSdpAppCoreAppHyperPrism v1.52IL Download ManagerInFlac 1.1.1InstantShareDevicesIntel® Graphics Media Accelerator DriveriTunesJunk Mail filter updateKorg Legacy Collection VSTi v1.0.02Learn2 Player (Uninstall Only)LiveUpdate 3.0 (Symantec Corporation)LUXONIX ravity®LUXONIX ravity(S)Macromedia Dreamweaver 8Macromedia Extension ManagerMacromedia Fireworks 8Macromedia Flash 8Macromedia Flash 8 Video EncoderMacromedia Flash Player 8Macromedia Shockwave PlayerMalwarebytes' Anti-MalwareMicrosoft .NET Framework 1.0 Hotfix (KB887998)Microsoft .NET Framework 1.0 Hotfix (KB930494)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB953297)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Choice GuardMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office 2003 Web ComponentsMicrosoft Office 2007 Service Pack 2 (SP2)Microsoft Office Live Add-in 1.3Microsoft Office Project 2007 Service Pack 2 (SP2)Microsoft Office Project MUI (English) 2007Microsoft Office Project Standard 2007Microsoft Office Project Standard 2007 TrialMicrosoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office XP Professional with FrontPageMicrosoft Search Enhancement PackMicrosoft SilverlightMicrosoft Software Update for Web Folders (English) 12Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)Microsoft Sync Framework Runtime Native v1.0 (x86)Microsoft Sync Framework Services Native v1.0 (x86)Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft WorksMove Networks Player for Internet ExplorerMozilla Firefox (3.6.3)MSNMSVCRTMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 6 Service Pack 2 (KB973686)Nero 7 Ultra EditionNetWaitingNewsLeecherNovation Bass-Station VSTi v1.10Novation V-Station v1.20-H2ONuclear Coffee - VideoGetOptionalContentQFolderOttoPhotoGalleryPoiZoneQuickTimeRandMapRealPlayerRob Papen Albino 2ROBO MasterSAMSUNG Mobile Modem Driver SetSamsung Mobile phone USB driver SoftwareSAMSUNG Mobile USB Modem 1.0 SoftwareSAMSUNG Mobile USB Modem SoftwareSamsung PC Studio 3 USB Driver InstallerSecurity Update for 2007 Microsoft Office System (KB969559)Security Update for CAPICOM (KB931906)Security Update for Microsoft Office system 2007 (972581)Security Update for Microsoft Office system 2007 (KB974234)Security Update for Step By Step Interactive Training (KB898458)Security Update for Step By Step Interactive Training (KB923723)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security Update for Windows Internet Explorer 7 (KB942615)Security Update for Windows Internet Explorer 7 (KB944533)Security Update for Windows Internet Explorer 7 (KB950759)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 7 (KB972260)Security Update for Windows Internet Explorer 7 (KB974455)Security Update for Windows Internet Explorer 7 (KB976325)Security Update for Windows Internet Explorer 7 (KB978207)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Media Player (KB911564)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player 10 (KB911565)Security Update for Windows Media Player 10 (KB917734)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows Media Player 11 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows XP (KB893066)Security Update for Windows XP (KB893756)Security Update for Windows XP (KB896358)Security Update for Windows XP (KB896422)Security Update for Windows XP (KB896423)Security Update for Windows XP (KB896424)Security Update for Windows XP (KB896428)Security Update for Windows XP (KB899587)Security Update for Windows XP (KB899591)Security Update for Windows XP (KB900725)Security Update for Windows XP (KB901017)Security Update for Windows XP (KB901190)Security Update for Windows XP (KB901214)Security Update for Windows XP (KB902400)Security Update for Windows XP (KB903235)Security Update for Windows XP (KB904706)Security Update for Windows XP (KB905414)Security Update for Windows XP (KB905749)Security Update for Windows XP (KB908519)Security Update for Windows XP (KB911562)Security Update for Windows XP (KB911567)Security Update for Windows XP (KB911927)Security Update for Windows XP (KB912919)Security Update for Windows XP (KB913446)Security Update for Windows XP (KB913580)Security Update for Windows XP (KB914388)Security Update for Windows XP (KB914389)Security Update for Windows XP (KB917344)Security Update for Windows XP (KB917422)Security Update for Windows XP (KB917953)Security Update for Windows XP (KB918118)Security Update for Windows XP (KB918439)Security Update for Windows XP (KB919007)Security Update for Windows XP (KB920213)Security Update for Windows XP (KB920214)Security Update for Windows XP (KB920670)Security Update for Windows XP (KB920683)Security Update for Windows XP (KB920685)Security Update for Windows XP (KB921398)Security Update for Windows XP (KB921503)Security Update for Windows XP (KB922616)Security Update for Windows XP (KB922760)Security Update for Windows XP (KB922819)Security Update for Windows XP (KB923191)Security Update for Windows XP (KB923414)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB923694)Security Update for Windows XP (KB923980)Security Update for Windows XP (KB924191)Security Update for Windows XP (KB924270)Security Update for Windows XP (KB924496)Security Update for Windows XP (KB924667)Security Update for Windows XP (KB925454)Security Update for Windows XP (KB925486)Security Update for Windows XP (KB925902)Security Update for Windows XP (KB926255)Security Update for Windows XP (KB926436)Security Update for Windows XP (KB927779)Security Update for Windows XP (KB927802)Security Update for Windows XP (KB928090)Security Update for Windows XP (KB928255)Security Update for Windows XP (KB928843)Security Update for Windows XP (KB929123)Security Update for Windows XP (KB929969)Security Update for Windows XP (KB930178)Security Update for Windows XP (KB931261)Security Update for Windows XP (KB931768)Security Update for Windows XP (KB931784)Security Update for Windows XP (KB932168)Security Update for Windows XP (KB933566)Security Update for Windows XP (KB933729)Security Update for Windows XP (KB935839)Security Update for Windows XP (KB935840)Security Update for Windows XP (KB936021)Security Update for Windows XP (KB937143)Security Update for Windows XP (KB937894)Security Update for Windows XP (KB938127)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB938829)Security Update for Windows XP (KB939653)Security Update for Windows XP (KB941202)Security Update for Windows XP (KB941568)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB941644)Security Update for Windows XP (KB941693)Security Update for Windows XP (KB943055)Security Update for Windows XP (KB943460)Security Update for Windows XP (KB943485)Security Update for Windows XP (KB944653)Security Update for Windows XP (KB945553)Security Update for Windows XP (KB946026)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB948590)Security Update for Windows XP (KB948881)Security Update for Windows XP (KB950749)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951376)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958470)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971032)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB980232)Segoe UISEO PowerSuiteSkinsHP1SmartAudioSolveigMM AVI TrimmerSonic Audio ModuleSonic Copy ModuleSonic Data ModuleSonic Express LabelerSonic Foundry ACID 4.0eSonic Foundry Sound Forge 6.0eSonic MyDVD PlusSonic Update ManagerSonic_PrimoSDKSonicAC3EncoderSonicMPEGEncoderSony Media Manager 2.2Sony Vegas 7.0aSopCore 1.1.1SopFilter 3.0.5SpeedTouch USB SoftwareSSC Service Utility v4.30Steinberg Virtual Bassist v1.0.0.504Symantec KB-DocID:2003093015493306Synaptics Pointing Device DriverSyncrosoft's License ControlSyncroSoft Emu (Remove only)TellyAdderToxic BiohazardTrend Micro Internet Security ProTweet AdderUlead GIF Animator 5UnloadUpdate for 2007 Microsoft Office System (KB967642)Update for 2007 Microsoft Office System (KB981715)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 7 (KB976749)Update for Windows Internet Explorer 7 (KB980182)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Internet Explorer 8 (KB980182)Update for Windows Internet Explorer 8 (KB980302)Update for Windows Media Player 10 (KB910393)Update for Windows Media Player 10 (KB913800)Update for Windows Media Player 10 (KB926251)Update for Windows XP (KB894391)Update for Windows XP (KB896727)Update for Windows XP (KB898461)Update for Windows XP (KB900485)Update for Windows XP (KB904942)Update for Windows XP (KB908531)Update for Windows XP (KB910437)Update for Windows XP (KB911164)Update for Windows XP (KB911280)Update for Windows XP (KB912945)Update for Windows XP (KB916595)Update for Windows XP (KB920872)Update for Windows XP (KB922582)Update for Windows XP (KB925720)Update for Windows XP (KB927891)Update for Windows XP (KB929338)Update for Windows XP (KB930916)Update for Windows XP (KB931836)Update for Windows XP (KB932823-v3)Update for Windows XP (KB933360)Update for Windows XP (KB936357)Update for Windows XP (KB938828)Update for Windows XP (KB942763)Update for Windows XP (KB951072-v2)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB961503)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)Update Rollup 2 for Windows XP Media Center Edition 2005VideoLAN VLC media player 0.8.6dVobSub v2.23 (Remove Only)Vodei Multimedia Processor 2.10WebFldrs XPWindows Genuine Advantage Validation Tool (KB892130)Windows Imaging ComponentWindows Installer 3.1 (KB893803)Windows Internet Explorer 7Windows Internet Explorer 8Windows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live MailWindows Live MessengerWindows Live Photo GalleryWindows Live Sign-in AssistantWindows Live SyncWindows Live ToolbarWindows Live Upload ToolWindows Live WriterWindows Media Format 11 runtimeWindows Media Player 11Windows Media Player Firefox PluginWindows XP Hotfix - KB873333Windows XP Hotfix - KB873339Windows XP Hotfix - KB883667Windows XP Hotfix - KB885250Windows XP Hotfix - KB885295Windows XP Hotfix - KB885835Windows XP Hotfix - KB885836Windows XP Hotfix - KB885855Windows XP Hotfix - KB885884Windows XP Hotfix - KB886185Windows XP Hotfix - KB887472Windows XP Hotfix - KB888113Windows XP Hotfix - KB888239Windows XP Hotfix - KB888302Windows XP Hotfix - KB890546Windows XP Hotfix - KB890859Windows XP Hotfix - KB891220Windows XP Hotfix - KB891781Windows XP Hotfix - KB892559Windows XP Media Center Edition 2005 KB925766Windows XP Media Center Edition 2005 KB973768WinRAR archiverWinTopo Raster to VectorWisdom-soft AutoScreenRecorder 3.0 FreeWisdom-soft ScreenHunter 5.0 FreeXvid 1.1.2 final uninstall==== Event Viewer Messages From Past Week ========24/04/2010 23:50:42, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AliIde PCIIde Pcmcia sptd ViaIde20/04/2010 20:19:35, error: Dhcp [1002] - The IP address lease 82.28.81.254 for the Network Card with network address 0016D44B22B1 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).20/04/2010 13:01:34, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd20/04/2010 13:01:34, error: Service Control Manager [7000] - The Nsynas32 service failed to start due to the following error: The system cannot find the device specified.==== End Of File =========================== Link to post Share on other sites More sharing options...
Maniac Posted April 25, 2010 ID:238957 Share Posted April 25, 2010 Your log file from the DDS is made before the remaining steps. Please make a fresh new log file from the DDS only. Link to post Share on other sites More sharing options...
coled Posted April 25, 2010 Author ID:239099 Share Posted April 25, 2010 The DDS log file was made after the steps, at the end, but I will use Hijackthis to post a logLogfile of Trend Micro HijackThis v2.0.4Scan saved at 19:25:33, on 25/04/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\WINDOWS\system32\hasplms.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exeC:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exeC:\Program Files\Common Files\AOL\ACS\AOLDial.exeC:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXEC:\Program Files\Common Files\AOL\1165261327\ee\AOLSoftware.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXEC:\Program Files\BroadJump\Client Foundation\CFD.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\Trend Micro\Internet Security\SfCtlCom.exeC:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\SyncroSoft\Pos\H2O\cledx.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\mqsvc.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exeC:\DOCUME~1\RIMACA~1\LOCALS~1\Temp\oldbot.exeC:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\Program Files\Craft ROBO Controller\CRSSupervisor.exeC:\WINDOWS\system32\mqtgsvc.exeC:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeC:\Program Files\iPod\bin\iPodService.exeC:\PROGRA~1\hpq\Shared\HPQTOA~1.EXEC:\Program Files\HP\Digital Imaging\bin\hpqimzone.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Trend Micro\Internet Security\TmProxy.exeC:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exeC:\Program Files\Trend Micro\BM\TMBMSRV.exeC:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exeC:\Program Files\Trend Micro\TrendSecure\TISProToolbar\PlatformDependent\ProToolbarComm.exeC:\Documents and Settings\Rimac Anthonye\Desktop\HiJackThis.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\Program Files\Symantec\LiveUpdate\AUpdate.exeC:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXER1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptopO1 - Hosts: 121.254.96.92 msnfix.changelog.frO1 - Hosts: 121.254.96.92 www.incodesolutions.comO1 - Hosts: 121.254.96.92 virusinfo.prevx.comO1 - Hosts: 121.254.96.92 download.bleepingcomputer.comO1 - Hosts: 121.254.96.92 www.dazhizhu.cnO1 - Hosts: 121.254.96.92 foro.noticias3d.comO1 - Hosts: 121.254.96.92 www.spybotupdates.comO1 - Hosts: 121.254.96.92 club.myce.comO1 - Hosts: 121.254.96.92 www.k7computing.comO1 - Hosts: 121.254.96.92 softwaresecuritysolutions.comO1 - Hosts: 121.254.96.92 www.nabble.comO1 - Hosts: 121.254.96.92 lurker.clamav.netO1 - Hosts: 121.254.96.92 lexikon.ikarus.atO1 - Hosts: 121.254.96.92 research.sunbelt-software.comO1 - Hosts: 121.254.96.92 www.virusdoctor.jpO1 - Hosts: 121.254.96.92 www.elitepvpers.deO1 - Hosts: 121.254.96.92 guru.avg.comO1 - Hosts: 121.254.96.92 downloads.sophos.comO1 - Hosts: 121.254.96.92 share.skype.comO1 - Hosts: 121.254.96.92 myantispyware.comO1 - Hosts: 121.254.96.92 www.computerhilfen.deO1 - Hosts: 121.254.96.92 www.superuser.co.krO1 - Hosts: 121.254.96.92 ntfaq.co.krO1 - Hosts: 121.254.96.92 v.dreamwiz.comO1 - Hosts: 121.254.96.92 cit.kookmin.ac.krO1 - Hosts: 121.254.96.92 forums.whatthetech.comO1 - Hosts: 121.254.96.92 forum.hijackthis.deO1 - Hosts: 121.254.96.92 avg.vo.llnwd.netO1 - Hosts: 121.254.96.92 ftp.drweb.comO1 - Hosts: 121.254.96.92 www.zonealarm.comO1 - Hosts: 121.254.96.92 smadaver.comO1 - Hosts: 121.254.96.92 support.emsisoft.comO1 - Hosts: 121.254.96.92 psychoski.blogspot.comO1 - Hosts: 121.254.96.92 www.huaifai.go.thO1 - Hosts: 121.254.96.92 www.mostz.comO1 - Hosts: 121.254.96.92 www.krupunmai.comO1 - Hosts: 121.254.96.92 www.cddchiangmai.netO1 - Hosts: 121.254.96.92 forum.malekal.comO1 - Hosts: 121.254.96.92 tech.pantip.comO1 - Hosts: 121.254.96.92 sapcupgrades.comO1 - Hosts: 121.254.96.92 www.elguruinformatico.comO1 - Hosts: 121.254.96.92 forums.avg.comO1 - Hosts: 121.254.96.92 zastita.comO1 - Hosts: 121.254.96.92 support.kaspersky.comO1 - Hosts: 121.254.96.92 foro.msgpluslive.esO1 - Hosts: 121.254.96.92 www.247fixes.comO1 - Hosts: 121.254.96.92 forum.sysinternals.comO1 - Hosts: 121.254.96.92 forum.telecharger.01net.comO1 - Hosts: 121.254.96.92 sophos.comO1 - Hosts: 121.254.96.92 foros.softonic.comO1 - Hosts: 121.254.96.92 avast-home.uptodown.comO1 - Hosts: 121.254.96.92 dr-web-cureit.softonic.comO1 - Hosts: 121.254.96.92 heavenward.ruO1 - Hosts: 121.254.96.92 forum.smadav.netO1 - Hosts: 121.254.96.92 www.forum.kaspersky.comO1 - Hosts: 121.254.96.92 www.dl4all.comO1 - Hosts: 121.254.96.92 www.f-secure.comO1 - Hosts: 121.254.96.92 www.chkrootkit.orgO1 - Hosts: 121.254.96.92 diamondcs.com.auO1 - Hosts: 121.254.96.92 www.rootkit.nlO1 - Hosts: 121.254.96.92 www.sysinternals.comO1 - Hosts: 121.254.96.92 z-oleg.comO1 - Hosts: 121.254.96.92 espanol.dir.groups.yahoo.comO1 - Hosts: 121.254.96.92 ftp01net.telechargement.frO1 - Hosts: 121.254.96.92 modelayu.comO1 - Hosts: 121.254.96.92 vaksin.comO1 - Hosts: 121.254.96.92 bbs.kaspersky.com.cnO1 - Hosts: 121.254.96.92 sf.tapuz.co.ilO1 - Hosts: 121.254.96.92 www.castlecrops.comO1 - Hosts: 121.254.96.92 www.misec.netO1 - Hosts: 121.254.96.92 safecomputing.umn.eduO1 - Hosts: 121.254.96.92 www.antirootkit.comO1 - Hosts: 121.254.96.92 www.greatis.comO1 - Hosts: 121.254.96.92 ar.answers.yahoo.comO1 - Hosts: 121.254.96.92 www.elhacker.orgO1 - Hosts: 121.254.96.92 research.pandasecurity.comO1 - Hosts: 121.254.96.92 www.tpu.roO1 - Hosts: 121.254.96.92 www.pinoyden.comO1 - Hosts: 121.254.96.92 forum.avira.deO1 - Hosts: 121.254.96.92 www.tanya-it.comO1 - Hosts: 121.254.96.92 www.rootkit.comO1 - Hosts: 121.254.96.92 www.pctools.comO1 - Hosts: 121.254.96.92 www.pcsupportadvisor.comO1 - Hosts: 121.254.96.92 www.resplendence.comO1 - Hosts: 121.254.96.92 www.personal.psu.eduO1 - Hosts: 121.254.96.92 foro.ethek.comO1 - Hosts: 121.254.96.92 foro.elhacker.netO1 - Hosts: 121.254.96.92 download.zonealarm.comO1 - Hosts: 121.254.96.92 spywarehammer.comO1 - Hosts: 121.254.96.92 www.codelain.comO1 - Hosts: 121.254.96.92 www.thaicert.orgO1 - Hosts: 121.254.96.92 vil.nail.comO1 - Hosts: 121.254.96.92 search.mcafee.comO1 - Hosts: 121.254.96.92 wwww.mcafee.comO1 - Hosts: 121.254.96.92 download.nai.comO1 - Hosts: 121.254.96.92 wwww.experts-exchange.comO1 - Hosts: 121.254.96.92 www.bakunos.comO1 - Hosts: 121.254.96.92 www.darkclockers.comO1 - Hosts: 121.254.96.92 www2.gmer.netO1 - Hosts: 121.254.96.92 ariefew.comO1 - Hosts: 121.254.96.92 www.emsisoft.comO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dllO4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exeO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartO4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exeO4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exeO4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exeO4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exeO4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"O4 - HKLM\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /O6 "USB001" /M "Stylus C48"O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1165261327\ee\AOLSoftware.exeO4 - HKLM\..\Run: [iPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exeO4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB002" /M "Stylus Photo R300"O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exeO4 - HKLM\..\Run: [workflow] E:\installs\workflow.exeO4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [ctfmon.exe] ctfmon.exeO4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -schedulerO4 - HKCU\..\Run: [oldbot] C:\DOCUME~1\RIMACA~1\LOCALS~1\Temp\oldbot.exeO4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Rimac Anthonye\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exeO4 - Global Startup: Craft ROBO Status Supervisor.lnk = ?O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLLO9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLLO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLLO14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.ukO16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cabO16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - http://lads.myspace.com/upload/MySpaceUploader.cabO16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194423345296O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cabO16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://members.driverguide.com/director/di...de=toolkit_liteO18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dllO20 - Winlogon Notify: acpiz - acpiz.dll (file missing)O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exeO23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exeO23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exeO23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe--End of file - 19431 bytesAC3Filter (remove only)Acoustica CD/DVD Label MakerAdobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe Camera Raw 4.0Adobe CMapsAdobe Default Language CS3Adobe Device Central CS3Adobe Dreamweaver CS3Adobe Dreamweaver CS3Adobe ExtendScript Toolkit 2Adobe Extension Manager CS3Adobe Flash Player 10 ActiveXAdobe Flash Player 10 PluginAdobe Help Viewer CS3Adobe PDF Library FilesAdobe Photoshop 7.0Adobe Reader 9.3Adobe SetupAdobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAOL Coach Version 1.0(Build:20040229.1 uk)AOL Connectivity ServicesAOL Spyware ProtectionAOL Toolbar 5.0AOL Uninstaller (Choose which Products to Remove)AOL You've Got Pictures ScreensaverApple Mobile Device SupportApple Software UpdateArturia CS-80V v1.1Arturia Moog Modular V v1.1ASIO4ALLBackburnerBlueSenderBonjourBroadJump Client FoundationBroomstick Bass 1.0.0Celtx (2.7)CollabCompatibility Pack for the 2007 Office systemConexant HD AudioCoreFLAC Audio Decoder+Source Filter (remove only)Coupon PrinterCraft ROBO ControllerCritical Update for Windows Media Player 11 (KB959772)Customer Experience EnhancementDG_screensaverDivX Content UploaderDivX Web PlayerEasy Internet Sign-upEdirol HQ Orchestral v1.01Edirol SuperQuartet v1.5EPSON Printer SoftwareEPSON ScanESPNMotionFBP - Facebook Blaster ProFileZilla Client 3.1.5.1FL Studio 8Football Manager 2010 DemoFriendBlasterProGemMaster MysticGoogle Toolbar for Internet ExplorerGoogle Toolbar for Internet ExplorerGraphtec DesignMaster Web (C:\Graphtec DesignMaster Web)HDAUDIO Soft Data Fax Modem with SmartCPHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Internet Explorer 7 (KB947864)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB896256)Hotfix for Windows XP (KB909095)Hotfix for Windows XP (KB910728)Hotfix for Windows XP (KB912436)Hotfix for Windows XP (KB914440)Hotfix for Windows XP (KB915865)Hotfix for Windows XP (KB926239)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954708)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)HouseCall 6.6HP DVD Play 2.3HP Help and SupportHP Imaging Device Functions 6.0HP Photosmart Premier Software 6.0HP Quick Launch Buttons 6.10 A1HP Software UpdateHP User Guides 0037HP User Guides--System RecoveryHP Wireless Assistant 2.00 G2HyperPrism v1.52IL Download ManagerInFlac 1.1.1Intel® Graphics Media Accelerator DriveriTunesJunk Mail filter updateKorg Legacy Collection VSTi v1.0.02Learn2 Player (Uninstall Only)LiveUpdate 3.0 (Symantec Corporation)LUXONIX ravity®LUXONIX ravity(S)Macromedia Dreamweaver 8Macromedia Extension ManagerMacromedia Fireworks 8Macromedia Flash 8Macromedia Flash 8 Video EncoderMacromedia Flash Player 8Macromedia Shockwave PlayerMalwarebytes' Anti-MalwareMicrosoft .NET Framework 1.0 Hotfix (KB887998)Microsoft .NET Framework 1.0 Hotfix (KB930494)Microsoft .NET Framework 1.0 Hotfix (KB953295)Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB953297)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 3.5 SP1Microsoft Choice GuardMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office 2003 Web ComponentsMicrosoft Office 2007 Service Pack 2 (SP2)Microsoft Office 2007 Service Pack 2 (SP2)Microsoft Office Live Add-in 1.3Microsoft Office Project 2007 Service Pack 2 (SP2)Microsoft Office Project 2007 Service Pack 2 (SP2)Microsoft Office Project 2007 Service Pack 2 (SP2)Microsoft Office Project MUI (English) 2007Microsoft Office Project Standard 2007Microsoft Office Project Standard 2007Microsoft Office Project Standard 2007Microsoft Office Project Standard 2007 TrialMicrosoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office XP Professional with FrontPageMicrosoft Search Enhancement PackMicrosoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)Microsoft Sync Framework Runtime Native v1.0 (x86)Microsoft Sync Framework Services Native v1.0 (x86)Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft WorksMove Networks Player for Internet ExplorerMozilla Firefox (3.6.3)MSNMSVCRTMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 6 Service Pack 2 (KB973686)Nero 7 Ultra EditionNetWaitingNewsLeecherNovation Bass-Station VSTi v1.10Novation V-Station v1.20-H2ONuclear Coffee - VideoGetOttoPoiZoneQuickTimeRealPlayerRob Papen Albino 2ROBO MasterSAMSUNG Mobile Modem Driver SetSamsung Mobile phone USB driver SoftwareSAMSUNG Mobile USB Modem 1.0 SoftwareSAMSUNG Mobile USB Modem SoftwareSamsung PC Studio 3 USB Driver InstallerSecurity Update for 2007 Microsoft Office System (KB969559)Security Update for 2007 Microsoft Office System (KB969559)Security Update for CAPICOM (KB931906)Security Update for CAPICOM (KB931906)Security Update for Microsoft Office system 2007 (972581)Security Update for Microsoft Office system 2007 (972581)Security Update for Microsoft Office system 2007 (KB974234)Security Update for Microsoft Office system 2007 (KB974234)Security Update for Step By Step Interactive Training (KB898458)Security Update for Step By Step Interactive Training (KB923723)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security Update for Windows Internet Explorer 7 (KB942615)Security Update for Windows Internet Explorer 7 (KB944533)Security Update for Windows Internet Explorer 7 (KB950759)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 7 (KB972260)Security Update for Windows Internet Explorer 7 (KB974455)Security Update for Windows Internet Explorer 7 (KB976325)Security Update for Windows Internet Explorer 7 (KB978207)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Media Player (KB911564)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player 10 (KB911565)Security Update for Windows Media Player 10 (KB917734)Security Update for Windows Media Player 10 (KB936782)Security Update for Windows Media Player 11 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows XP (KB893066)Security Update for Windows XP (KB893756)Security Update for Windows XP (KB896358)Security Update for Windows XP (KB896422)Security Update for Windows XP (KB896423)Security Update for Windows XP (KB896424)Security Update for Windows XP (KB896428)Security Update for Windows XP (KB899587)Security Update for Windows XP (KB899591)Security Update for Windows XP (KB900725)Security Update for Windows XP (KB901017)Security Update for Windows XP (KB901190)Security Update for Windows XP (KB901214)Security Update for Windows XP (KB902400)Security Update for Windows XP (KB903235)Security Update for Windows XP (KB904706)Security Update for Windows XP (KB905414)Security Update for Windows XP (KB905749)Security Update for Windows XP (KB908519)Security Update for Windows XP (KB911562)Security Update for Windows XP (KB911567)Security Update for Windows XP (KB911927)Security Update for Windows XP (KB912919)Security Update for Windows XP (KB913446)Security Update for Windows XP (KB913580)Security Update for Windows XP (KB914388)Security Update for Windows XP (KB914389)Security Update for Windows XP (KB917344)Security Update for Windows XP (KB917422)Security Update for Windows XP (KB917953)Security Update for Windows XP (KB918118)Security Update for Windows XP (KB918439)Security Update for Windows XP (KB919007)Security Update for Windows XP (KB920213)Security Update for Windows XP (KB920214)Security Update for Windows XP (KB920670)Security Update for Windows XP (KB920683)Security Update for Windows XP (KB920685)Security Update for Windows XP (KB921398)Security Update for Windows XP (KB921503)Security Update for Windows XP (KB922616)Security Update for Windows XP (KB922760)Security Update for Windows XP (KB922819)Security Update for Windows XP (KB923191)Security Update for Windows XP (KB923414)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB923694)Security Update for Windows XP (KB923980)Security Update for Windows XP (KB924191)Security Update for Windows XP (KB924270)Security Update for Windows XP (KB924496)Security Update for Windows XP (KB924667)Security Update for Windows XP (KB925454)Security Update for Windows XP (KB925486)Security Update for Windows XP (KB925902)Security Update for Windows XP (KB926255)Security Update for Windows XP (KB926436)Security Update for Windows XP (KB927779)Security Update for Windows XP (KB927802)Security Update for Windows XP (KB928090)Security Update for Windows XP (KB928255)Security Update for Windows XP (KB928843)Security Update for Windows XP (KB929123)Security Update for Windows XP (KB929969)Security Update for Windows XP (KB930178)Security Update for Windows XP (KB931261)Security Update for Windows XP (KB931768)Security Update for Windows XP (KB931784)Security Update for Windows XP (KB932168)Security Update for Windows XP (KB933566)Security Update for Windows XP (KB933729)Security Update for Windows XP (KB935839)Security Update for Windows XP (KB935840)Security Update for Windows XP (KB936021)Security Update for Windows XP (KB937143)Security Update for Windows XP (KB937894)Security Update for Windows XP (KB938127)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB938829)Security Update for Windows XP (KB939653)Security Update for Windows XP (KB941202)Security Update for Windows XP (KB941568)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB941644)Security Update for Windows XP (KB941693)Security Update for Windows XP (KB943055)Security Update for Windows XP (KB943460)Security Update for Windows XP (KB943485)Security Update for Windows XP (KB944653)Security Update for Windows XP (KB945553)Security Update for Windows XP (KB946026)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB948590)Security Update for Windows XP (KB948881)Security Update for Windows XP (KB950749)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958470)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971032)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB980232)Segoe UISEO PowerSuiteSmartAudioSolveigMM AVI TrimmerSonic Audio ModuleSonic Copy ModuleSonic Data ModuleSonic Express LabelerSonic Foundry ACID 4.0eSonic Foundry Sound Forge 6.0eSonic MyDVD PlusSonic Update ManagerSonicAC3EncoderSonicMPEGEncoderSony Media Manager 2.2Sony Vegas 7.0aSopCore 1.1.1SopFilter 3.0.5SpeedTouch USB SoftwareSSC Service Utility v4.30Steinberg Virtual Bassist v1.0.0.504Symantec KB-DocID:2003093015493306Synaptics Pointing Device DriverSyncroSoft Emu (Remove only)Syncrosoft's License ControlTellyAdderToxic BiohazardTrend Micro Internet Security ProTrend Micro Internet Security ProTweet AdderUlead GIF Animator 5Update for 2007 Microsoft Office System (KB967642)Update for 2007 Microsoft Office System (KB967642)Update for 2007 Microsoft Office System (KB981715)Update for 2007 Microsoft Office System (KB981715)Update for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 7 (KB976749)Update for Windows Internet Explorer 7 (KB980182)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Internet Explorer 8 (KB980182)Update for Windows Internet Explorer 8 (KB980302)Update for Windows Media Player 10 (KB910393)Update for Windows Media Player 10 (KB913800)Update for Windows Media Player 10 (KB926251)Update for Windows XP (KB896727)Update for Windows XP (KB898461)Update for Windows XP (KB900485)Update for Windows XP (KB904942)Update for Windows XP (KB908531)Update for Windows XP (KB910437)Update for Windows XP (KB911164)Update for Windows XP (KB911280)Update for Windows XP (KB916595)Update for Windows XP (KB920872)Update for Windows XP (KB922582)Update for Windows XP (KB925720)Update for Windows XP (KB927891)Update for Windows XP (KB929338)Update for Windows XP (KB930916)Update for Windows XP (KB931836)Update for Windows XP (KB932823-v3)Update for Windows XP (KB933360)Update for Windows XP (KB936357)Update for Windows XP (KB938828)Update for Windows XP (KB942763)Update for Windows XP (KB951072-v2)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB961503)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)VideoLAN VLC media player 0.8.6dVobSub v2.23 (Remove Only)Vodei Multimedia Processor 2.10Windows Imaging ComponentWindows Installer 3.1 (KB893803)Windows Internet Explorer 7Windows Internet Explorer 8Windows Live CallWindows Live Communications PlatformWindows Live EssentialsWindows Live EssentialsWindows Live Family SafetyWindows Live MailWindows Live MessengerWindows Live Photo GalleryWindows Live Sign-in AssistantWindows Live SyncWindows Live ToolbarWindows Live Upload ToolWindows Live WriterWindows Media Format 11 runtimeWindows Media Format 11 runtimeWindows Media Player 11Windows Media Player 11Windows Media Player Firefox PluginWindows XP Hotfix - KB873339Windows XP Hotfix - KB885250Windows XP Hotfix - KB885295Windows XP Hotfix - KB885835Windows XP Hotfix - KB885836Windows XP Hotfix - KB885855Windows XP Hotfix - KB885884Windows XP Hotfix - KB886185Windows XP Hotfix - KB887472Windows XP Hotfix - KB888113Windows XP Hotfix - KB888239Windows XP Hotfix - KB888302Windows XP Hotfix - KB890546Windows XP Hotfix - KB890859Windows XP Hotfix - KB891220Windows XP Hotfix - KB891781Windows XP Hotfix - KB892559Windows XP Media Center Edition 2005 KB925766Windows XP Media Center Edition 2005 KB973768WinRAR archiverWinTopo Raster to VectorWisdom-soft AutoScreenRecorder 3.0 FreeWisdom-soft ScreenHunter 5.0 FreeXvid 1.1.2 final uninstall Link to post Share on other sites More sharing options...
Maniac Posted April 25, 2010 ID:239109 Share Posted April 25, 2010 Step 1:Please uninstall the following application:LiveUpdate 3.0 (Symantec Corporation)Step 2:**Note: If you need more detailed information, please visit the web page of ComboFix in BleepingComputer. **Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate. Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete. Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper. Please download ComboFix from Here or Here to your Desktop. **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop** If you are using Firefox, make sure that your download settings are as follows: Open Tools -> Options -> Main tab Set to Always ask me where to Save the files. [*]During the download, rename Combofix to Combo-Fix as follows: [*]It is important you rename Combofix during the download, but not after. [*]Please do not rename Combofix to other names, but only to the one indicated. [*]Close any open browsers. [*]Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. ----------------------------------------------------------- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause unpredictable results. Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask. ----------------------------------------------------------- Close any open browsers. WARNING: Combofix will disconnect your machine from the Internet as soon as it starts Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished. If there is no internet connection after running Combofix, then restart your computer to restore back your connection. ----------------------------------------------------------- [*]Double click on combo-Fix.exe & follow the prompts. [*]When finished, it will produce a report for you. [*]Please post the C:\Combo-Fix.txt for further review. **Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**In your next reply, please include these log(s) in this sequence:ComboFix loga new fresh HiJackThis log Link to post Share on other sites More sharing options...
coled Posted April 25, 2010 Author ID:239249 Share Posted April 25, 2010 ComboFix 10-04-21.01 - Rimac Anthonye 25/04/2010 20:31:35.1.1 - x86Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1014.451 [GMT 1:00]Running from: c:\documents and settings\Rimac Anthonye\Desktop\Combo-Fix.exeAV: Trend Micro Internet Security Pro *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} * Created a new restore point.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).c:\recycler\S-1-5-21-3481868999-4990216807-214459330-9569c:\windows\system32\msvcrt2.dllc:\windows\system32\servicec:\windows\system32\service\11042010_TIS17_SfFniAU.logc:\windows\system32\ws.dllc:\windows\ynh.dxD:\Autorun.inf.((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))).-------\Legacy_ATAPIDRV-------\Legacy_ICF((((((((((((((((((((((((( Files Created from 2010-03-25 to 2010-04-25 ))))))))))))))))))))))))))))))).2010-04-24 00:40 . 2010-04-24 00:40 -------- d-----w- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\MozSwing2010-04-24 00:38 . 2010-04-24 00:39 -------- d-----w- c:\program files\SEO PowerSuite2010-04-16 21:34 . 2010-03-29 23:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2010-04-16 21:34 . 2010-04-16 21:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2010-04-16 21:34 . 2010-03-29 23:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys2010-04-12 15:35 . 2010-04-12 15:35 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\Malwarebytes2010-04-12 15:34 . 2010-04-12 15:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes2010-04-12 15:05 . 2010-04-21 13:09 -------- d-----w- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Temp2010-04-11 15:01 . 2010-04-11 15:01 -------- d-sh--w- c:\documents and settings\Rimac Anthonye\PrivacIE2010-04-11 14:40 . 2010-04-11 14:40 10752 ----a-w- c:\windows\DCEBoot.exe2010-04-11 01:13 . 2010-04-11 01:13 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache2010-04-11 01:12 . 2010-04-11 01:12 -------- d-----w- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Trend Micro2010-04-11 01:11 . 2010-04-11 01:11 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Trend Micro2010-04-11 01:07 . 2010-04-11 01:07 -------- d-sh--w- c:\documents and settings\Rimac Anthonye\IETldCache2010-04-11 01:05 . 2010-04-11 00:59 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys2010-04-11 01:05 . 2010-04-11 00:59 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys2010-04-11 01:01 . 2010-04-11 01:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro2010-04-11 01:00 . 2010-04-11 01:09 -------- d-----w- c:\program files\Trend Micro2010-04-11 00:59 . 2010-04-11 00:59 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys2010-04-11 00:59 . 2010-04-11 00:59 339984 ----a-w- c:\windows\system32\drivers\TM_CFW.sys2010-04-11 00:59 . 2009-12-04 16:39 230928 ----a-w- c:\windows\system32\drivers\tmxpflt.sys2010-04-11 00:59 . 2009-12-04 16:38 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys2010-04-11 00:59 . 2009-12-04 16:05 1322680 ----a-w- c:\windows\system32\drivers\vsapint.sys2010-04-11 00:51 . 2010-02-25 06:24 12800 ------w- c:\windows\system32\dllcache\xpshims.dll2010-04-11 00:51 . 2010-02-25 06:24 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll2010-04-11 00:51 . 2010-04-11 13:25 -------- d-----w- c:\windows\ie8updates2010-04-11 00:50 . 2010-02-16 04:50 64000 ------w- c:\windows\system32\dllcache\iecompat.dll2010-04-11 00:49 . 2010-04-11 00:50 -------- dc-h--w- c:\windows\ie82010-04-11 00:38 . 2010-04-11 00:38 212992 ----a-w- c:\windows\system32\DartSock.dll2010-04-11 00:38 . 2010-04-11 00:38 147456 ----a-w- c:\windows\system32\DartSecure2.dll2010-04-11 00:38 . 2010-04-11 00:38 139264 ----a-w- c:\windows\system32\DartCertificate.dll2010-04-10 23:55 . 2010-04-10 23:55 -------- d-----w- c:\program files\Common Files\Aladdin Shared2010-04-10 20:12 . 2010-04-10 20:12 123 ----a-w- c:\documents and settings\Rimac Anthonye\file.bat2010-04-10 20:11 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2010-04-25 19:06 . 2006-09-12 03:52 -------- d-----w- c:\program files\Common Files\Symantec Shared2010-04-24 22:26 . 2006-12-02 19:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint2010-04-24 22:26 . 2006-12-02 19:42 -------- d-----w- c:\program files\Viewpoint2010-04-24 22:09 . 2006-09-12 04:15 -------- d-----w- c:\program files\Common Files\Adobe2010-04-21 16:17 . 2008-11-03 19:17 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\FileZilla2010-04-19 14:31 . 2007-03-20 21:37 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\uTorrent2010-04-15 21:33 . 2007-05-14 17:55 -------- d-----w- c:\program files\FriendBlasterPro2010-04-14 07:15 . 2009-12-06 10:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help2010-04-13 09:42 . 2008-06-29 13:02 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet2010-04-11 00:59 . 2006-12-03 19:52 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys2010-04-11 00:58 . 2009-12-06 10:47 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\GetRightToGo2010-04-11 00:35 . 2006-09-12 03:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec2010-04-10 23:49 . 2006-09-12 10:36 -------- d-----w- c:\program files\HPQ2010-04-10 23:49 . 2006-09-12 10:36 -------- d-----w- c:\program files\Hewlett-Packard2010-04-10 23:49 . 2006-12-04 10:07 -------- d-----w- c:\program files\Common Files\aolshare2010-04-10 23:49 . 2006-12-02 19:28 -------- d-----w- c:\program files\Common Files\AOL2010-04-10 23:48 . 2008-03-02 15:44 -------- d-----w- c:\program files\Autodesk2010-04-10 23:48 . 2006-12-04 10:06 -------- d-----w- c:\program files\AOL 9.02010-04-10 20:12 . 2006-03-16 04:00 14336 ----a-w- c:\windows\system32\svchost.exe2010-03-19 17:16 . 2010-03-19 17:16 -------- d-----w- c:\program files\Tweet Adder2010-03-11 13:48 . 2009-11-04 17:50 256 ----a-w- c:\windows\system32\pool.bin2010-03-11 12:51 . 2010-03-11 12:51 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\Research In Motion2010-03-10 06:15 . 2006-03-16 04:00 420352 ----a-w- c:\windows\system32\vbscript.dll2010-02-25 06:24 . 2006-03-16 04:00 916480 ----a-w- c:\windows\system32\wininet.dll2010-02-24 12:31 . 2005-01-19 12:26 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys2010-02-17 10:57 . 2006-03-16 04:00 2063744 ----a-w- c:\windows\system32\ntkrnlpa.exe2010-02-16 17:37 . 2006-03-16 04:00 2186880 ----a-w- c:\windows\system32\ntoskrnl.exe2010-02-14 11:43 . 2006-09-12 03:42 197256 -c--a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT2010-02-12 04:47 . 2006-03-16 04:00 100864 ----a-w- c:\windows\system32\6to4svc.dll2010-02-11 12:01 . 2006-03-16 04:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys.------- Sigcheck -------[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys[-] 2008-06-20 . 0B788EE2A876D7B31DF840C13F08CD2B . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\tcpip.sys[7] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748$\tcpip.sys[7] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys[7] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys[7] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys[7] 2006-03-16 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys[7] 2006-01-14 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys[7] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys[7] 2005-05-26 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys[7] 2005-05-26 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-23 68856]"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]"Google Update"="c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-04-12 136176][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 458752]"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 61952]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713]"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-06-23 102400]"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-02 135168]"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 40960]"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]"Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072]"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2004-11-09 497240]"AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2004-10-18 79448]"EPSON Stylus C48 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE" [2005-05-16 99840]"HostManager"="c:\program files\Common Files\AOL\1165261327\ee\AOLSoftware.exe" [2006-05-24 50760]"IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520]"EPSON Stylus Photo R300 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE" [2003-09-11 99840]"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]"BluetoothAuthenticationAgent"="bthprops.cpl" [2006-03-16 110592]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 385024]"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-29 185896]"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2010-01-26 1020248]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-16 15360]c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-15 113664]AOL 9.0 Tray Icon.lnk - c:\program files\AOL 9.0\aoltray.exe [2006-12-4 156784]Craft ROBO Status Supervisor.lnk - c:\program files\Craft ROBO Controller\CRSSupervisor.exe [2007-7-31 32768]HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308][HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusOverride"=dword:00000001"FirewallOverride"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\WINDOWS\\system32\\mqsvc.exe"="c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="c:\\StubInstaller.exe"="c:\\Program Files\\AOL 9.0\\waol.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="c:\\Program Files\\Common Files\\AOL\\1165261327\\ee\\aolsoftware.exe"="c:\\Program Files\\Common Files\\AOL\\1165261327\\ee\\aim6.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\Program Files\\utorrent\\utorrent.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"="c:\\Program Files\\Autodesk\\Backburner\\manager.exe"="c:\\Program Files\\Autodesk\\Backburner\\server.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="c:\\Program Files\\iTunes\\iTunes.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="c:\\Program Files\\Sports Interactive\\Football Manager 2010 Demo\\fm.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"1947:TCP"= 1947:TCP:HASP SRM "1947:UDP"= 1947:UDP:HASP SRM R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [11/04/2010 01:59 36368]R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [27/07/2009 18:54 33792]R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [11/04/2010 01:59 339984]S1 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25/10/2008 13:13 0]S3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [11/04/2010 02:05 50704]S3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [11/04/2010 02:05 689416].Contents of the 'Scheduled Tasks' folder2010-04-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2238951125-1727324525-1025964102-1005Core.job- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-12 15:04]2010-04-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2238951125-1727324525-1025964102-1005UA.job- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-12 15:04]..------- Supplementary Scan -------.uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=presario&pf=laptopuInternet Settings,ProxyOverride = <local>;*.localuSearchURL,(Default) = hxxp://www.google.com/search?q=%sDPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} - hxxp://members.driverguide.com/director/dispatch_getfile.php?mode=toolkit_liteFF - ProfilePath - c:\documents and settings\Rimac Anthonye\Application Data\Mozilla\Firefox\Profiles\7hx5bm3h.default\FF - component: c:\program files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension\components\FFTMUFEHelper.dllFF - component: c:\program files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension\components\FFToolbarComm.dllFF - plugin: c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Google\Update\1.2.183.23\npGoogleOneClick8.dllFF - plugin: c:\program files\Microsoft\Office Live\npOLW.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dllFF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dllFF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);.- - - - ORPHANS REMOVED - - - -HKLM-Run-workflow - e:\installs\workflow.exeHKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exeAddRemove-Edirol SuperQuartet v1.5 - c:\progra~1\Edirol\SUPERQ~1\UNWISE.EXEAddRemove-Novation Bass-Station VSTi v1.10 - c:\progra~1\VSTPLU~1\BASS-S~1\BASS-S~1\UNWISE.EXEAddRemove-Rob Papen Albino 2 - c:\progra~1\VSTPLU~1\ALBINO~1\ALBINO~1\UNWISE.EXEAddRemove-Steinberg Virtual Bassist v1.0.0.504 - c:\progra~1\STEINB~1\VSTPLU~1\VIRTUA~1\UNWISE.EXE**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2010-04-25 20:41Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????S??????`?@?????L?@ scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout]"GameDir"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data\\games""ShortlistDir"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data\\shortlists""ScreenshotsDir"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data""SaveDir"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data""HistoryDir"="c:\\Documents and Settings\\Rimac Anthonye\\Desktop\\FM Genie Scout 2007\\History Points""LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\data\\db\\702\\lang_db.dat""LastSaveGame"="c:\\Documents and Settings\\Rimac Anthonye\\My Documents\\Sports Interactive\\Football Manager 2007\\games\\MK Dons.fm""Language"="English""LoadLangDB"=dword:00000001"CompressHistoryPoints"=dword:00000000"HighlightedAttributes"=dword:00000000"MinCondition"=dword:00000050"LastUpdateCheck"=dword:00009990"HighQualityGUI"=dword:00000000"AutomaticallyUpdateCheck"=dword:00000001"AdvancedGeneration"=dword:00000000"ShowHistory"=dword:00000001"WindowState"=dword:00000000"Currency"=dword:00000056"WindowHeight"=dword:000002de"WindowWidth"=dword:000003fc"WindowLeft"=dword:00000005"WindowTop"=dword:00000000"UseProxy"=dword:00000000"ProxyHost"="""ProxyPort"="""UseAuthentication"=dword:00000000"UserName"="""UserPassword"=""[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout\Columns\Clubs]"Position0"=dword:00000000"Visible0"=dword:00000001"Width0"=dword:0000007d"Position1"=dword:00000001"Visible1"=dword:00000001"Width1"=dword:00000064"Position2"=dword:00000002"Visible2"=dword:00000001"Width2"=dword:00000064"Position3"=dword:00000003"Visible3"=dword:00000001"Width3"=dword:00000032"Position4"=dword:00000004"Visible4"=dword:00000001"Width4"=dword:00000032"Position5"=dword:00000005"Visible5"=dword:00000001"Width5"=dword:00000050"Position6"=dword:00000006"Visible6"=dword:00000001"Width6"=dword:00000050"Position7"=dword:00000007"Visible7"=dword:00000001"Width7"=dword:00000050"Position8"=dword:00000008"Visible8"=dword:00000000"Width8"=dword:00000050"Position9"=dword:00000009"Visible9"=dword:00000000"Width9"=dword:0000002d"Position10"=dword:0000000a"Visible10"=dword:00000000"Width10"=dword:0000001e"Position11"=dword:0000000b"Visible11"=dword:00000000"Width11"=dword:0000001e"Position12"=dword:0000000c"Visible12"=dword:00000000"Width12"=dword:0000001e"Position13"=dword:0000000d"Visible13"=dword:00000001"Width13"=dword:0000003c"Position14"=dword:0000000e"Visible14"=dword:00000000"Width14"=dword:00000032"Position15"=dword:0000000f"Visible15"=dword:00000000"Width15"=dword:00000032"Position16"=dword:00000010"Visible16"=dword:00000000"Width16"=dword:00000032"Position17"=dword:00000011"Visible17"=dword:00000001"Width17"=dword:00000050"Position18"=dword:00000012"Visible18"=dword:00000001"Width18"=dword:00000050"Position19"=dword:00000013"Visible19"=dword:00000000"Width19"=dword:00000050[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout\Columns\Players]"Position0"=dword:00000000"Visible0"=dword:00000001"Width0"=dword:0000007d"Position1"=dword:00000001"Visible1"=dword:00000001"Width1"=dword:00000064"Position2"=dword:00000002"Visible2"=dword:00000001"Width2"=dword:00000064"Position3"=dword:00000003"Visible3"=dword:00000001"Width3"=dword:00000048"Position4"=dword:00000008"Visible4"=dword:00000001"Width4"=dword:00000023"Position5"=dword:00000009"Visible5"=dword:00000001"Width5"=dword:00000028"Position6"=dword:0000000a"Visible6"=dword:00000001"Width6"=dword:00000028"Position7"=dword:0000000c"Visible7"=dword:00000001"Width7"=dword:0000004b"Position8"=dword:0000000d"Visible8"=dword:00000001"Width8"=dword:0000004b"Position9"=dword:0000000e"Visible9"=dword:00000001"Width9"=dword:00000050"Position10"=dword:00000010"Visible10"=dword:00000000"Width10"=dword:00000050"Position11"=dword:00000011"Visible11"=dword:00000000"Width11"=dword:0000004b"Position12"=dword:00000012"Visible12"=dword:00000000"Width12"=dword:0000002d"Position13"=dword:00000013"Visible13"=dword:00000000"Width13"=dword:0000003c"Position14"=dword:00000014"Visible14"=dword:00000000"Width14"=dword:0000004b"Position15"=dword:00000015"Visible15"=dword:00000000"Width15"=dword:00000064"Position16"=dword:00000016"Visible16"=dword:00000000"Width16"=dword:00000064"Position17"=dword:00000017"Visible17"=dword:00000000"Width17"=dword:0000004b"Position18"=dword:00000018"Visible18"=dword:00000000"Width18"=dword:00000064"Position19"=dword:00000019"Visible19"=dword:00000000"Width19"=dword:0000003c"Position20"=dword:0000001a"Visible20"=dword:00000000"Width20"=dword:0000004b"Position21"=dword:0000001b"Visible21"=dword:00000000"Width21"=dword:00000050"Position22"=dword:0000001c"Visible22"=dword:00000000"Width22"=dword:00000073"Position23"=dword:0000001d"Visible23"=dword:00000000"Width23"=dword:00000050"Position24"=dword:0000001e"Visible24"=dword:00000000"Width24"=dword:0000005a"Position25"=dword:0000001f"Visible25"=dword:00000000"Width25"=dword:0000006e"Position26"=dword:00000020"Visible26"=dword:00000000"Width26"=dword:00000064"Position27"=dword:00000021"Visible27"=dword:00000000"Width27"=dword:00000087"Position28"=dword:00000022"Visible28"=dword:00000000"Width28"=dword:00000064"Position29"=dword:00000023"Visible29"=dword:00000000"Width29"=dword:00000064"Position30"=dword:00000024"Visible30"=dword:00000000"Width30"=dword:00000046"Position31"=dword:00000025"Visible31"=dword:00000000"Width31"=dword:0000004b"Position32"=dword:00000026"Visible32"=dword:00000000"Width32"=dword:00000046"Position33"=dword:00000027"Visible33"=dword:00000000"Width33"=dword:0000004b"Position34"=dword:00000028"Visible34"=dword:00000000"Width34"=dword:0000003c"Position35"=dword:0000002a"Visible35"=dword:00000000"Width35"=dword:00000064"Position36"=dword:0000002e"Visible36"=dword:00000000"Width36"=dword:00000073"Position37"=dword:00000030"Visible37"=dword:00000000"Width37"=dword:0000005f"Position38"=dword:00000033"Visible38"=dword:00000000"Width38"=dword:00000091"Position39"=dword:00000035"Visible39"=dword:00000000"Width39"=dword:0000003c"Position40"=dword:0000002c"Visible40"=dword:00000000"Width40"=dword:0000005a"Position41"=dword:00000036"Visible41"=dword:00000000"Width41"=dword:00000041"Position42"=dword:00000029"Visible42"=dword:00000000"Width42"=dword:00000050"Position43"=dword:0000002b"Visible43"=dword:00000000"Width43"=dword:00000055"Position44"=dword:0000002d"Visible44"=dword:00000000"Width44"=dword:0000005f"Position45"=dword:00000037"Visible45"=dword:00000000"Width45"=dword:00000050"Position46"=dword:00000038"Visible46"=dword:00000000"Width46"=dword:0000004b"Position47"=dword:00000039"Visible47"=dword:00000000"Width47"=dword:0000004b"Position48"=dword:0000003a"Visible48"=dword:00000000"Width48"=dword:00000046"Position49"=dword:0000003b"Visible49"=dword:00000000"Width49"=dword:00000032"Position50"=dword:0000003c"Visible50"=dword:00000000"Width50"=dword:0000003c"Position51"=dword:0000003d"Visible51"=dword:00000000"Width51"=dword:0000004b"Position52"=dword:0000003e"Visible52"=dword:00000000"Width52"=dword:0000003c"Position53"=dword:0000003f"Visible53"=dword:00000000"Width53"=dword:00000037"Position54"=dword:00000040"Visible54"=dword:00000000"Width54"=dword:00000069"Position55"=dword:00000041"Visible55"=dword:00000000"Width55"=dword:0000005a"Position56"=dword:00000044"Visible56"=dword:00000000"Width56"=dword:0000004b"Position57"=dword:00000045"Visible57"=dword:00000000"Width57"=dword:0000004b"Position58"=dword:00000046"Visible58"=dword:00000000"Width58"=dword:00000037"Position59"=dword:00000047"Visible59"=dword:00000000"Width59"=dword:0000003c"Position60"=dword:00000048"Visible60"=dword:00000000"Width60"=dword:0000003c"Position61"=dword:00000049"Visible61"=dword:00000000"Width61"=dword:00000041"Position62"=dword:0000004a"Visible62"=dword:00000000"Width62"=dword:00000055"Position63"=dword:0000004b"Visible63"=dword:00000000"Width63"=dword:0000003c"Position64"=dword:0000004c"Visible64"=dword:00000000"Width64"=dword:0000003c"Position65"=dword:0000004d"Visible65"=dword:00000000"Width65"=dword:0000004b"Position66"=dword:0000004e"Visible66"=dword:00000000"Width66"=dword:0000003c"Position67"=dword:0000004f"Visible67"=dword:00000000"Width67"=dword:00000046"Position68"=dword:00000050"Visible68"=dword:00000000"Width68"=dword:00000028"Position69"=dword:00000051"Visible69"=dword:00000000"Width69"=dword:00000041"Position70"=dword:00000052"Visible70"=dword:00000000"Width70"=dword:0000003c"Position71"=dword:00000053"Visible71"=dword:00000000"Width71"=dword:00000069"Position72"=dword:00000054"Visible72"=dword:00000000"Width72"=dword:00000041"Position73"=dword:00000055"Visible73"=dword:00000000"Width73"=dword:0000005f"Position74"=dword:00000056"Visible74"=dword:00000000"Width74"=dword:0000003c"Position75"=dword:00000057"Visible75"=dword:00000000"Width75"=dword:00000037"Position76"=dword:00000058"Visible76"=dword:00000000"Width76"=dword:0000004b"Position77"=dword:00000059"Visible77"=dword:00000000"Width77"=dword:00000050"Position78"=dword:0000005a"Visible78"=dword:00000000"Width78"=dword:00000037"Position79"=dword:0000005b"Visible79"=dword:00000000"Width79"=dword:00000037"Position80"=dword:0000005c"Visible80"=dword:00000000"Width80"=dword:0000005a"Position81"=dword:0000005d"Visible81"=dword:00000000"Width81"=dword:0000004b"Position82"=dword:0000005e"Visible82"=dword:00000000"Width82"=dword:00000055"Position83"=dword:0000005f"Visible83"=dword:00000000"Width83"=dword:0000002d"Position84"=dword:00000060"Visible84"=dword:00000000"Width84"=dword:00000037"Position85"=dword:00000061"Visible85"=dword:00000000"Width85"=dword:0000003c"Position86"=dword:00000062"Visible86"=dword:00000000"Width86"=dword:00000046"Position87"=dword:00000063"Visible87"=dword:00000000"Width87"=dword:0000003c"Position88"=dword:00000064"Visible88"=dword:00000000"Width88"=dword:0000005a"Position89"=dword:00000065"Visible89"=dword:00000000"Width89"=dword:0000003c"Position90"=dword:00000066"Visible90"=dword:00000000"Width90"=dword:00000050"Position91"=dword:00000067"Visible91"=dword:00000000"Width91"=dword:00000046"Position92"=dword:00000068"Visible92"=dword:00000000"Width92"=dword:0000005a"Position93"=dword:00000069"Visible93"=dword:00000000"Width93"=dword:00000037"Position94"=dword:0000006a"Visible94"=dword:00000000"Width94"=dword:0000003c"Position95"=dword:0000006b"Visible95"=dword:00000000"Width95"=dword:0000003c"Position96"=dword:0000006c"Visible96"=dword:00000000"Width96"=dword:00000046"Position97"=dword:0000006d"Visible97"=dword:00000000"Width97"=dword:00000046"Position98"=dword:0000006e"Visible98"=dword:00000000"Width98"=dword:00000055"Position99"=dword:0000006f"Visible99"=dword:00000000"Width99"=dword:00000073"Position100"=dword:00000042"Visible100"=dword:00000000"Width100"=dword:00000041"Position101"=dword:00000070"Visible101"=dword:00000000"Width101"=dword:0000003c"Position102"=dword:00000071"Visible102"=dword:00000000"Width102"=dword:0000003c"Position103"=dword:00000072"Visible103"=dword:00000000"Width103"=dword:00000046"Position104"=dword:00000073"Visible104"=dword:00000000"Width104"=dword:0000003c"Position105"=dword:00000074"Visible105"=dword:00000000"Width105"=dword:00000041"Position106"=dword:0000000f"Visible106"=dword:00000001"Width106"=dword:00000050"Position107"=dword:0000000b"Visible107"=dword:00000001"Width107"=dword:00000028"Position108"=dword:00000043"Visible108"=dword:00000000"Width108"=dword:00000050"Position109"=dword:0000002f"Visible109"=dword:00000000"Width109"=dword:00000050"Position110"=dword:00000031"Visible110"=dword:00000000"Width110"=dword:00000055"Position111"=dword:00000032"Visible111"=dword:00000000"Width111"=dword:00000082"Position112"=dword:00000034"Visible112"=dword:00000000"Width112"=dword:00000087"Position113"=dword:00000075"Visible113"=dword:00000000"Width113"=dword:00000050"Position114"=dword:00000076"Visible114"=dword:00000000"Width114"=dword:00000050"Position115"=dword:00000077"Visible115"=dword:00000000"Width115"=dword:00000050"Position116"=dword:00000078"Visible116"=dword:00000000"Width116"=dword:00000050"Position117"=dword:00000079"Visible117"=dword:00000000"Width117"=dword:00000050"Position118"=dword:0000007a"Visible118"=dword:00000000"Width118"=dword:00000050"Position119"=dword:0000007b"Visible119"=dword:00000000"Width119"=dword:00000050"Position120"=dword:0000007c"Visible120"=dword:00000000"Width120"=dword:00000050"Position121"=dword:0000007d"Visible121"=dword:00000000"Width121"=dword:00000050"Position122"=dword:0000007e"Visible122"=dword:00000000"Width122"=dword:00000050"Position123"=dword:0000007f"Visible123"=dword:00000000"Width123"=dword:00000050"Position124"=dword:00000080"Visible124"=dword:00000000"Width124"=dword:00000050"Position125"=dword:00000081"Visible125"=dword:00000000"Width125"=dword:00000050"Position126"=dword:00000082"Visible126"=dword:00000000"Width126"=dword:00000050"Position127"=dword:00000083"Visible127"=dword:00000000"Width127"=dword:00000050"Position128"=dword:00000084"Visible128"=dword:00000000"Width128"=dword:00000050"Position129"=dword:00000085"Visible129"=dword:00000000"Width129"=dword:00000050"Position130"=dword:00000086"Visible130"=dword:00000000"Width130"=dword:00000050"Position131"=dword:00000087"Visible131"=dword:00000000"Width131"=dword:00000050"Position132"=dword:00000088"Visible132"=dword:00000000"Width132"=dword:00000050"Position133"=dword:00000089"Visible133"=dword:00000000"Width133"=dword:00000050"Position134"=dword:0000008a"Visible134"=dword:00000000"Width134"=dword:00000050"Position135"=dword:0000008b"Visible135"=dword:00000000"Width135"=dword:00000050"Position136"=dword:0000008c"Visible136"=dword:00000000"Width136"=dword:00000050"Position137"=dword:0000008d"Visible137"=dword:00000000"Width137"=dword:00000050"Position138"=dword:0000008e"Visible138"=dword:00000000"Width138"=dword:00000050"Position139"=dword:0000008f"Visible139"=dword:00000000"Width139"=dword:00000050"Position140"=dword:00000090"Visible140"=dword:00000000"Width140"=dword:00000050"Position141"=dword:00000091"Visible141"=dword:00000000"Width141"=dword:00000050"Position142"=dword:00000092"Visible142"=dword:00000000"Width142"=dword:00000050"Position143"=dword:00000093"Visible143"=dword:00000000"Width143"=dword:00000050"Position144"=dword:00000094"Visible144"=dword:00000000"Width144"=dword:00000050"Position145"=dword:00000095"Visible145"=dword:00000000"Width145"=dword:00000050"Position146"=dword:00000004"Visible146"=dword:00000000"Width146"=dword:00000037"Position147"=dword:00000005"Visible147"=dword:00000000"Width147"=dword:00000028"Position148"=dword:00000006"Visible148"=dword:00000000"Width148"=dword:00000037"Position149"=dword:00000007"Visible149"=dword:00000001"Width149"=dword:00000028[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout\Columns\Staff]"Position0"=dword:00000000"Visible0"=dword:00000001"Width0"=dword:0000007d"Position1"=dword:00000001"Visible1"=dword:00000001"Width1"=dword:00000064"Position2"=dword:00000002"Visible2"=dword:00000001"Width2"=dword:00000064"Position3"=dword:00000003"Visible3"=dword:00000001"Width3"=dword:00000069"Position4"=dword:00000005"Visible4"=dword:00000001"Width4"=dword:00000028"Position5"=dword:00000006"Visible5"=dword:00000001"Width5"=dword:00000028"Position6"=dword:00000004"Visible6"=dword:00000001"Width6"=dword:00000028"Position7"=dword:00000007"Visible7"=dword:00000001"Width7"=dword:00000050"Position8"=dword:00000008"Visible8"=dword:00000000"Width8"=dword:00000050"Position9"=dword:00000009"Visible9"=dword:00000000"Width9"=dword:0000004b"Position10"=dword:0000000a"Visible10"=dword:00000000"Width10"=dword:0000002d"Position11"=dword:0000000b"Visible11"=dword:00000000"Width11"=dword:0000003c"Position12"=dword:0000000c"Visible12"=dword:00000000"Width12"=dword:0000004b"Position13"=dword:0000000d"Visible13"=dword:00000000"Width13"=dword:00000064"Position14"=dword:0000000e"Visible14"=dword:00000000"Width14"=dword:00000064"Position15"=dword:0000000f"Visible15"=dword:00000000"Width15"=dword:0000004b"Position16"=dword:00000010"Visible16"=dword:00000000"Width16"=dword:00000064"Position17"=dword:00000011"Visible17"=dword:00000000"Width17"=dword:0000003c"Position18"=dword:00000012"Visible18"=dword:00000000"Width18"=dword:0000004b"Position19"=dword:00000013"Visible19"=dword:00000000"Width19"=dword:00000050"Position20"=dword:00000014"Visible20"=dword:00000000"Width20"=dword:00000046"Position21"=dword:00000015"Visible21"=dword:00000000"Width21"=dword:0000004b"Position22"=dword:00000016"Visible22"=dword:00000000"Width22"=dword:00000046"Position23"=dword:00000017"Visible23"=dword:00000000"Width23"=dword:00000046"Position24"=dword:00000018"Visible24"=dword:00000000"Width24"=dword:0000003c"Position25"=dword:00000019"Visible25"=dword:00000000"Width25"=dword:00000041"Position26"=dword:0000001a"Visible26"=dword:00000000"Width26"=dword:0000003c"Position27"=dword:0000001b"Visible27"=dword:00000000"Width27"=dword:00000055"Position28"=dword:0000001c"Visible28"=dword:00000000"Width28"=dword:00000069"Position29"=dword:0000001d"Visible29"=dword:00000000"Width29"=dword:0000006e"Position30"=dword:0000001e"Visible30"=dword:00000000"Width30"=dword:00000064"Position31"=dword:0000001f"Visible31"=dword:00000000"Width31"=dword:00000078"Position32"=dword:00000020"Visible32"=dword:00000000"Width32"=dword:00000064"Position33"=dword:00000021"Visible33"=dword:00000000"Width33"=dword:00000087"Position34"=dword:00000022"Visible34"=dword:00000000"Width34"=dword:00000069"Position35"=dword:00000023"Visible35"=dword:00000000"Width35"=dword:0000006e"Position36"=dword:00000024"Visible36"=dword:00000000"Width36"=dword:00000073"Position37"=dword:00000025"Visible37"=dword:00000000"Width37"=dword:0000004b"Position38"=dword:00000026"Visible38"=dword:00000000"Width38"=dword:0000002d"Position39"=dword:00000027"Visible39"=dword:00000000"Width39"=dword:00000055"Position40"=dword:00000028"Visible40"=dword:00000000"Width40"=dword:00000046"Position41"=dword:00000029"Visible41"=dword:00000000"Width41"=dword:0000004b"Position42"=dword:0000002a"Visible42"=dword:00000000"Width42"=dword:0000003c"Position43"=dword:0000002b"Visible43"=dword:00000000"Width43"=dword:00000046"Position44"=dword:0000002c"Visible44"=dword:00000000"Width44"=dword:00000073"Position45"=dword:0000002d"Visible45"=dword:00000000"Width45"=dword:0000004b"Position46"=dword:0000002e"Visible46"=dword:00000000"Width46"=dword:00000073"Position47"=dword:0000002f"Visible47"=dword:00000000"Width47"=dword:0000007d"Position48"=dword:00000030"Visible48"=dword:00000000"Width48"=dword:0000006e"Position49"=dword:00000031"Visible49"=dword:00000000"Width49"=dword:00000037"Position50"=dword:00000032"Visible50"=dword:00000000"Width50"=dword:00000064"Position51"=dword:00000033"Visible51"=dword:00000000"Width51"=dword:00000037"Position52"=dword:00000034"Visible52"=dword:00000000"Width52"=dword:0000004b"Position53"=dword:00000035"Visible53"=dword:00000000"Width53"=dword:00000046"Position54"=dword:00000036"Visible54"=dword:00000000"Width54"=dword:00000037"Position55"=dword:00000037"Visible55"=dword:00000000"Width55"=dword:0000003c"Position56"=dword:00000038"Visible56"=dword:00000000"Width56"=dword:00000055"Position57"=dword:00000039"Visible57"=dword:00000000"Width57"=dword:0000003c"Position58"=dword:0000003a"Visible58"=dword:00000000"Width58"=dword:0000003c"Position59"=dword:0000003b"Visible59"=dword:00000000"Width59"=dword:00000055"Position60"=dword:0000003c"Visible60"=dword:00000000"Width60"=dword:00000046"Position61"=dword:0000003d"Visible61"=dword:00000000"Width61"=dword:0000004b"Position62"=dword:0000003e"Visible62"=dword:00000000"Width62"=dword:00000055"Position63"=dword:0000003f"Visible63"=dword:00000000"Width63"=dword:0000005a"Position64"=dword:00000040"Visible64"=dword:00000000"Width64"=dword:0000006e"Position65"=dword:00000041"Visible65"=dword:00000000"Width65"=dword:00000050"Position66"=dword:00000042"Visible66"=dword:00000000"Width66"=dword:00000032"Position67"=dword:00000043"Visible67"=dword:00000000"Width67"=dword:00000064"Position68"=dword:00000044"Visible68"=dword:00000000"Width68"=dword:0000004b"Position69"=dword:00000045"Visible69"=dword:00000000"Width69"=dword:0000002d"Position70"=dword:00000046"Visible70"=dword:00000000"Width70"=dword:0000004b"Position71"=dword:00000047"Visible71"=dword:00000000"Width71"=dword:0000005a"Position72"=dword:00000048"Visible72"=dword:00000000"Width72"=dword:0000005a"Position73"=dword:00000049"Visible73"=dword:00000000"Width73"=dword:00000050"Position74"=dword:0000004a"Visible74"=dword:00000000"Width74"=dword:0000004b"Position75"=dword:0000004b"Visible75"=dword:00000000"Width75"=dword:00000050"Position76"=dword:0000004c"Visible76"=dword:00000000"Width76"=dword:0000005a"Position77"=dword:0000004d"Visible77"=dword:00000000"Width77"=dword:00000041"Position78"=dword:0000004e"Visible78"=dword:00000000"Width78"=dword:00000041"Position79"=dword:0000004f"Visible79"=dword:00000000"Width79"=dword:00000041"Position80"=dword:00000050"Visible80"=dword:00000000"Width80"=dword:00000041"Position81"=dword:00000051"Visible81"=dword:00000000"Width81"=dword:00000041"Position82"=dword:00000052"Visible82"=dword:00000000"Width82"=dword:00000041"Position83"=dword:00000053"Visible83"=dword:00000000"Width83"=dword:00000041"Position84"=dword:00000054"Visible84"=dword:00000000"Width84"=dword:00000041"Position85"=dword:00000055"Visible85"=dword:00000000"Width85"=dword:00000041"Position86"=dword:00000056"Visible86"=dword:00000000"Width86"=dword:00000050[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout\Rating Coefficients]"GKWeightCoef"=dword:00000062"GKCurrentAbilityCoef"=dword:00000000"GKCornersCoef"=dword:00000000"GKCrossingCoef"=dword:00000000"GKDribblingCoef"=dword:00000000"GKFinishingCoef"=dword:00000000"GKFirstTouchCoef"=dword:00000000"GKFreeKicksCoef"=dword:00000000"GKHeadingCoef"=dword:00000000"GKLongShotsCoef"=dword:00000000"GKLongThrowsCoef"=dword:00000000"GKMarkingCoef"=dword:00000000"GKPassingCoef"=dword:00000000"GKPenaltiesCoef"=dword:00000000"GKTacklingCoef"=dword:00000005"GKTechniqueCoef"=dword:00000000"GKLeftFootCoef"=dword:00000000"GKRightFootCoef"=dword:00000000"GKAggressionCoef"=dword:0000000a"GKAnticipationCoef"=dword:00000005"GKBraveryCoef"=dword:00000014"GKComposureCoef"=dword:00000014"GKConcentrationCoef"=dword:0000000a"GKConsistencyCoef"=dword:0000000a"GKCreativityCoef"=dword:00000000"GKDecisionsCoef"=dword:00000014"GKDeterminationCoef"=dword:0000000a"GKDirtinessCoef"=dword:fffffffb"GKFlairCoef"=dword:00000000"GKImportantMatchesCoef"=dword:0000000a"GKInfluenceCoef"=dword:0000000a"GKOffTheBallCoef"=dword:00000000"GKPositioningCoef"=dword:00000050"GKTeamworkCoef"=dword:00000005"GKWorkRateCoef"=dword:00000000"GKAccelerationCoef"=dword:00000005"GKAgilityCoef"=dword:0000000a"GKBalanceCoef"=dword:0000000a"GKInjuryPronenessCoef"=dword:fffffffb"GKJumpingCoef"=dword:00000050"GKNaturalFitnessCoef"=dword:00000005"GKPaceCoef"=dword:00000000"GKStaminaCoef"=dword:00000000"GKStrengthCoef"=dword:0000000a"GKVersatilityCoef"=dword:00000000"GKAerialAbilityCoef"=dword:00000032"GKCommandOfAreaCoef"=dword:00000014"GKCommunicationCoef"=dword:00000032"GKEccentricityCoef"=dword:ffffffec"GKHandlingCoef"=dword:00000064"GKKickingCoef"=dword:0000000a"GKOneOnOnesCoef"=dword:00000032"GKReflexesCoef"=dword:00000064"GKRushingOutCoef"=dword:00000014"GKTendencyToPunchCoef"=dword:fffffff6"GKThrowingCoef"=dword:0000000a"GKAdaptabilityCoef"=dword:00000005"GKAmbitionCoef"=dword:0000000a"GKControversyCoef"=dword:fffffffb"GKLoyalityCoef"=dword:00000005"GKPressureCoef"=dword:00000005"GKProfessionalismCoef"=dword:00000005"GKSportsmanshipCoef"=dword:00000005"GKTemperamentCoef"=dword:00000005"SWWeightCoef"=dword:00000066"SWCurrentAbilityCoef"=dword:00000000"SWCornersCoef"=dword:00000000"SWCrossingCoef"=dword:00000000"SWDribblingCoef"=dword:00000000"SWFinishingCoef"=dword:00000000"SWFirstTouchCoef"=dword:00000014"SWFreeKicksCoef"=dword:0000000a"SWHeadingCoef"=dword:00000064"SWLongShotsCoef"=dword:0000000a"SWLongThrowsCoef"=dword:00000000"SWMarkingCoef"=dword:00000064"SWPassingCoef"=dword:0000000a"SWPenaltiesCoef"=dword:00000005"SWTacklingCoef"=dword:00000064"SWTechniqueCoef"=dword:0000000a"SWLeftFootCoef"=dword:00000005"SWRightFootCoef"=dword:00000005"SWAggressionCoef"=dword:00000014"SWAnticipationCoef"=dword:00000014"SWBraveryCoef"=dword:00000028"SWComposureCoef"=dword:00000028"SWConcentrationCoef"=dword:0000003c"SWConsistencyCoef"=dword:0000000a"SWCreativityCoef"=dword:0000000a"SWDecisionsCoef"=dword:00000014"SWDeterminationCoef"=dword:0000000a"SWDirtinessCoef"=dword:ffffffe7"SWFlairCoef"=dword:00000000"SWImportantMatchesCoef"=dword:0000000a"SWInfluenceCoef"=dword:0000000a"SWOffTheBallCoef"=dword:0000000a"SWPositioningCoef"=dword:00000064"SWTeamworkCoef"=dword:00000028"SWWorkRateCoef"=dword:00000014"SWAccelerationCoef"=dword:0000001e"SWAgilityCoef"=dword:0000000a"SWBalanceCoef"=dword:00000014"SWInjuryPronenessCoef"=dword:fffffffb"SWJumpingCoef"=dword:00000064"SWNaturalFitnessCoef"=dword:00000005"SWPaceCoef"=dword:00000014"SWStaminaCoef"=dword:0000000a"SWStrengthCoef"=dword:00000050"SWVersatilityCoef"=dword:00000005"SWAerialAbilityCoef"=dword:00000000"SWCommandOfAreaCoef"=dword:00000000"SWCommunicationCoef"=dword:00000000"SWEccentricityCoef"=dword:00000000"SWHandlingCoef"=dword:00000000"SWKickingCoef"=dword:00000000"SWOneOnOnesCoef"=dword:00000005"SWReflexesCoef"=dword:00000005"SWRushingOutCoef"=dword:00000000"SWTendencyToPunchCoef"=dword:00000000"SWThrowingCoef"=dword:00000000"SWAdaptabilityCoef"=dword:00000005"SWAmbitionCoef"=dword:0000000a"SWControversyCoef"=dword:fffffffb"SWLoyalityCoef"=dword:00000005"SWPressureCoef"=dword:00000005"SWProfessionalismCoef"=dword:00000005"SWSportsmanshipCoef"=dword:00000005"SWTemperamentCoef"=dword:00000005"CBWeightCoef"=dword:00000064"CBCurrentAbilityCoef"=dword:00000000"CBCornersCoef"=dword:00000000"CBCrossingCoef"=dword:00000000"CBDribblingCoef"=dword:00000000"CBFinishingCoef"=dword:00000000"CBFirstTouchCoef"=dword:00000014"CBFreeKicksCoef"=dword:0000000a"CBHeadingCoef"=dword:00000064"CBLongShotsCoef"=dword:0000000a"CBLongThrowsCoef"=dword:00000000"CBMarkingCoef"=dword:00000050"CBPassingCoef"=dword:00000014"CBPenaltiesCoef"=dword:00000005"CBTacklingCoef"=dword:00000064"CBTechniqueCoef"=dword:0000000a"CBLeftFootCoef"=dword:00000005"CBRightFootCoef"=dword:00000005"CBAggressionCoef"=dword:00000014"CBAnticipationCoef"=dword:00000014"CBBraveryCoef"=dword:00000028"CBComposureCoef"=dword:00000014"CBConcentrationCoef"=dword:00000028"CBConsistencyCoef"=dword:0000000a"CBCreativityCoef"=dword:0000000a"CBDecisionsCoef"=dword:00000014"CBDeterminationCoef"=dword:0000000a"CBDirtinessCoef"=dword:ffffffec"CBFlairCoef"=dword:00000000"CBImportantMatchesCoef"=dword:0000000a"CBInfluenceCoef"=dword:0000000a"CBOffTheBallCoef"=dword:0000000a"CBPositioningCoef"=dword:00000050"CBTeamworkCoef"=dword:00000028"CBWorkRateCoef"=dword:00000014"CBAccelerationCoef"=dword:00000028"CBAgilityCoef"=dword:0000000a"CBBalanceCoef"=dword:00000014"CBInjuryPronenessCoef"=dword:fffffffb"CBJumpingCoef"=dword:00000064"CBNaturalFitnessCoef"=dword:00000005"CBPaceCoef"=dword:0000001e"CBStaminaCoef"=dword:0000000a"CBStrengthCoef"=dword:0000003c"CBVersatilityCoef"=dword:00000005"CBAerialAbilityCoef"=dword:00000000"CBCommandOfAreaCoef"=dword:00000000"CBCommunicationCoef"=dword:00000000"CBEccentricityCoef"=dword:00000000"CBHandlingCoef"=dword:00000000"CBKickingCoef"=dword:00000000"CBOneOnOnesCoef"=dword:00000005"CBReflexesCoef"=dword:00000005"CBRushingOutCoef"=dword:00000000"CBTendencyToPunchCoef"=dword:00000000"CBThrowingCoef"=dword:00000000"CBAdaptabilityCoef"=dword:00000005"CBAmbitionCoef"=dword:0000000a"CBControversyCoef"=dword:fffffffb"CBLoyalityCoef"=dword:00000005"CBPressureCoef"=dword:00000005"CBProfessionalismCoef"=dword:00000005"CBSportsmanshipCoef"=dword:00000005"CBTemperamentCoef"=dword:00000005"FBWeightCoef"=dword:00000068"FBCurrentAbilityCoef"=dword:00000000"FBCornersCoef"=dword:0000000a"FBCrossingCoef"=dword:0000001e"FBDribblingCoef"=dword:00000014"FBFinishingCoef"=dword:00000000"FBFirstTouchCoef"=dword:00000014"FBFreeKicksCoef"=dword:0000000a"FBHeadingCoef"=dword:0000003c"FBLongShotsCoef"=dword:0000000a"FBLongThrowsCoef"=dword:0000000a"FBMarkingCoef"=dword:0000003c"FBPassingCoef"=dword:0000001e"FBPenaltiesCoef"=dword:00000005"FBTacklingCoef"=dword:00000064"FBTechniqueCoef"=dword:00000014"FBLeftFootCoef"=dword:00000005"FBRightFootCoef"=dword:00000005"FBAggressionCoef"=dword:0000000f"FBAnticipationCoef"=dword:00000050"FBBraveryCoef"=dword:00000014"FBComposureCoef"=dword:0000000a"FBConcentrationCoef"=dword:0000001e"FBConsistencyCoef"=dword:0000000a"FBCreativityCoef"=dword:0000000a"FBDecisionsCoef"=dword:00000014"FBDeterminationCoef"=dword:0000000a"FBDirtinessCoef"=dword:fffffff6"FBFlairCoef"=dword:00000005"FBImportantMatchesCoef"=dword:0000000a"FBInfluenceCoef"=dword:0000000a"FBOffTheBallCoef"=dword:00000014"FBPositioningCoef"=dword:00000064"FBTeamworkCoef"=dword:00000014"FBWorkRateCoef"=dword:00000014"FBAccelerationCoef"=dword:0000003c"FBAgilityCoef"=dword:0000000a"FBBalanceCoef"=dword:00000014"FBInjuryPronenessCoef"=dword:fffffffb"FBJumpingCoef"=dword:0000003c"FBNaturalFitnessCoef"=dword:00000005"FBPaceCoef"=dword:00000050"FBStaminaCoef"=dword:0000003c"FBStrengthCoef"=dword:00000028"FBVersatilityCoef"=dword:00000005"FBAerialAbilityCoef"=dword:00000000"FBCommandOfAreaCoef"=dword:00000000"FBCommunicationCoef"=dword:00000000"FBEccentricityCoef"=dword:00000000"FBHandlingCoef"=dword:00000000"FBKickingCoef"=dword:00000000"FBOneOnOnesCoef"=dword:00000005"FBReflexesCoef"=dword:00000005"FBRushingOutCoef"=dword:00000000"FBTendencyToPunchCoef"=dword:00000000"FBThrowingCoef"=dword:00000000"FBAdaptabilityCoef"=dword:00000005"FBAmbitionCoef"=dword:0000000a"FBControversyCoef"=dword:fffffffb"FBLoyalityCoef"=dword:00000005"FBPressureCoef"=dword:00000005"FBProfessionalismCoef"=dword:00000005"FBSportsmanshipCoef"=dword:00000005"FBTemperamentCoef"=dword:00000005"WBWeightCoef"=dword:00000069"WBCurrentAbilityCoef"=dword:00000000"WBCornersCoef"=dword:0000000a"WBCrossingCoef"=dword:0000003c"WBDribblingCoef"=dword:00000028"WBFinishingCoef"=dword:0000000a"WBFirstTouchCoef"=dword:00000014"WBFreeKicksCoef"=dword:0000000a"WBHeadingCoef"=dword:00000028"WBLongShotsCoef"=dword:00000014"WBLongThrowsCoef"=dword:0000000a"WBMarkingCoef"=dword:0000003c"WBPassingCoef"=dword:00000028"WBPenaltiesCoef"=dword:00000005"WBTacklingCoef"=dword:00000064"WBTechniqueCoef"=dword:00000028"WBLeftFootCoef"=dword:00000005"WBRightFootCoef"=dword:00000005"WBAggressionCoef"=dword:0000000a"WBAnticipationCoef"=dword:00000050"WBBraveryCoef"=dword:0000000a"WBComposureCoef"=dword:0000000a"WBConcentrationCoef"=dword:00000014"WBConsistencyCoef"=dword:0000000a"WBCreativityCoef"=dword:00000014"WBDecisionsCoef"=dword:00000014"WBDeterminationCoef"=dword:0000000a"WBDirtinessCoef"=dword:fffffff6"WBFlairCoef"=dword:0000000a"WBImportantMatchesCoef"=dword:0000000a"WBInfluenceCoef"=dword:0000000a"WBOffTheBallCoef"=dword:00000014"WBPositioningCoef"=dword:00000064"WBTeamworkCoef"=dword:00000014"WBWorkRateCoef"=dword:00000028"WBAccelerationCoef"=dword:00000050"WBAgilityCoef"=dword:0000000a"WBBalanceCoef"=dword:00000014"WBInjuryPronenessCoef"=dword:fffffffb"WBJumpingCoef"=dword:00000014"WBNaturalFitnessCoef"=dword:00000005"WBPaceCoef"=dword:00000064"WBStaminaCoef"=dword:00000050"WBStrengthCoef"=dword:00000028"WBVersatilityCoef"=dword:00000005"WBAerialAbilityCoef"=dword:00000000"WBCommandOfAreaCoef"=dword:00000000"WBCommunicationCoef"=dword:00000000"WBEccentricityCoef"=dword:00000000"WBHandlingCoef"=dword:00000000"WBKickingCoef"=dword:00000000"WBOneOnOnesCoef"=dword:00000005"WBReflexesCoef"=dword:00000005"WBRushingOutCoef"=dword:00000000"WBTendencyToPunchCoef"=dword:00000000"WBThrowingCoef"=dword:00000000"WBAdaptabilityCoef"=dword:00000005"WBAmbitionCoef"=dword:0000000a"WBControversyCoef"=dword:fffffffb"WBLoyalityCoef"=dword:00000005"WBPressureCoef"=dword:00000005"WBProfessionalismCoef"=dword:00000005"WBSportsmanshipCoef"=dword:00000005"WBTemperamentCoef"=dword:00000005"DMWeightCoef"=dword:00000066"DMCurrentAbilityCoef"=dword:00000000"DMCornersCoef"=dword:0000000a"DMCrossingCoef"=dword:0000001e"DMDribblingCoef"=dword:00000014"DMFinishingCoef"=dword:0000000a"DMFirstTouchCoef"=dword:0000001e"DMFreeKicksCoef"=dword:0000000a"DMHeadingCoef"=dword:00000028"DMLongShotsCoef"=dword:00000014"DMLongThrowsCoef"=dword:00000005"DMMarkingCoef"=dword:0000003c"DMPassingCoef"=dword:00000028"DMPenaltiesCoef"=dword:00000005"DMTacklingCoef"=dword:00000064"DMTechniqueCoef"=dword:0000001e"DMLeftFootCoef"=dword:00000005"DMRightFootCoef"=dword:00000005"DMAggressionCoef"=dword:00000028"DMAnticipationCoef"=dword:00000028"DMBraveryCoef"=dword:00000014"DMComposureCoef"=dword:0000000a"DMConcentrationCoef"=dword:00000014"DMConsistencyCoef"=dword:0000000a"DMCreativityCoef"=dword:00000014"DMDecisionsCoef"=dword:00000014"DMDeterminationCoef"=dword:0000000a"DMDirtinessCoef"=dword:fffffff6"DMFlairCoef"=dword:0000000a"DMImportantMatchesCoef"=dword:0000000a"DMInfluenceCoef"=dword:0000000a"DMOffTheBallCoef"=dword:0000001e"DMPositioningCoef"=dword:00000050"DMTeamworkCoef"=dword:00000028"DMWorkRateCoef"=dword:00000050"DMAccelerationCoef"=dword:00000028"DMAgilityCoef"=dword:0000000a"DMBalanceCoef"=dword:0000000a"DMInjuryPronenessCoef"=dword:fffffffb"DMJumpingCoef"=dword:00000028"DMNaturalFitnessCoef"=dword:00000005"DMPaceCoef"=dword:00000028"DMStaminaCoef"=dword:0000003c"DMStrengthCoef"=dword:00000028"DMVersatilityCoef"=dword:00000005"DMAerialAbilityCoef"=dword:00000000"DMCommandOfAreaCoef"=dword:00000000"DMCommunicationCoef"=dword:00000000"DMEccentricityCoef"=dword:00000000"DMHandlingCoef"=dword:00000000"DMKickingCoef"=dword:00000000"DMOneOnOnesCoef"=dword:00000005"DMReflexesCoef"=dword:00000005"DMRushingOutCoef"=dword:00000000"DMTendencyToPunchCoef"=dword:00000000"DMThrowingCoef"=dword:00000000"DMAdaptabilityCoef"=dword:00000005"DMAmbitionCoef"=dword:0000000a"DMControversyCoef"=dword:fffffffb"DMLoyalityCoef"=dword:00000005"DMPressureCoef"=dword:00000005"DMProfessionalismCoef"=dword:00000005"DMSportsmanshipCoef"=dword:00000005"DMTemperamentCoef"=dword:00000005"MWeightCoef"=dword:00000067"MCurrentAbilityCoef"=dword:00000000"MCornersCoef"=dword:0000000a"MCrossingCoef"=dword:00000028"MDribblingCoef"=dword:00000032"MFinishingCoef"=dword:00000014"MFirstTouchCoef"=dword:0000001e"MFreeKicksCoef"=dword:0000000a"MHeadingCoef"=dword:0000001e"MLongShotsCoef"=dword:00000014"MLongThrowsCoef"=dword:00000005"MMarkingCoef"=dword:00000028"MPassingCoef"=dword:00000046"MPenaltiesCoef"=dword:00000005"MTacklingCoef"=dword:0000003c"MTechniqueCoef"=dword:00000032"MLeftFootCoef"=dword:00000005"MRightFootCoef"=dword:00000005"MAggressionCoef"=dword:0000001e"MAnticipationCoef"=dword:00000028"MBraveryCoef"=dword:0000000a"MComposureCoef"=dword:0000000a"MConcentrationCoef"=dword:0000000a"MConsistencyCoef"=dword:0000000a"MCreativityCoef"=dword:0000003c"MDecisionsCoef"=dword:0000001e"MDeterminationCoef"=dword:0000000a"MDirtinessCoef"=dword:fffffffb"MFlairCoef"=dword:0000000a"MImportantMatchesCoef"=dword:0000000a"MInfluenceCoef"=dword:0000000a"MOffTheBallCoef"=dword:00000028"MPositioningCoef"=dword:00000028"MTeamworkCoef"=dword:00000032"MWorkRateCoef"=dword:00000032"MAccelerationCoef"=dword:00000032"MAgilityCoef"=dword:0000000a"MBalanceCoef"=dword:0000000a"MInjuryPronenessCoef"=dword:fffffffb"MJumpingCoef"=dword:00000028"MNaturalFitnessCoef"=dword:00000005"MPaceCoef"=dword:00000028"MStaminaCoef"=dword:0000003c"MStrengthCoef"=dword:0000001e"MVersatilityCoef"=dword:00000005"MAerialAbilityCoef"=dword:00000000"MCommandOfAreaCoef"=dword:00000000"MCommunicationCoef"=dword:00000000"MEccentricityCoef"=dword:00000000"MHandlingCoef"=dword:00000000"MKickingCoef"=dword:00000000"MOneOnOnesCoef"=dword:00000005"MReflexesCoef"=dword:00000005"MRushingOutCoef"=dword:00000000"MTendencyToPunchCoef"=dword:00000000"MThrowingCoef"=dword:00000000"MAdaptabilityCoef"=dword:00000005"MAmbitionCoef"=dword:0000000a"MControversyCoef"=dword:fffffffb"MLoyalityCoef"=dword:00000005"MPressureCoef"=dword:00000005"MProfessionalismCoef"=dword:00000005"MSportsmanshipCoef"=dword:00000005"MTemperamentCoef"=dword:00000005"AMWeightCoef"=dword:00000066"AMCurrentAbilityCoef"=dword:00000000"AMCornersCoef"=dword:0000000a"AMCrossingCoef"=dword:0000003c"AMDribblingCoef"=dword:00000050"AMFinishingCoef"=dword:00000028"AMFirstTouchCoef"=dword:0000001e"AMFreeKicksCoef"=dword:0000000a"AMHeadingCoef"=dword:00000014"AMLongShotsCoef"=dword:00000014"AMLongThrowsCoef"=dword:00000005"AMMarkingCoef"=dword:0000000a"AMPassingCoef"=dword:00000064"AMPenaltiesCoef"=dword:00000005"AMTacklingCoef"=dword:0000000a"AMTechniqueCoef"=dword:00000050"AMLeftFootCoef"=dword:00000005"AMRightFootCoef"=dword:00000005"AMAggressionCoef"=dword:0000000a"AMAnticipationCoef"=dword:0000001e"AMBraveryCoef"=dword:0000000a"AMComposureCoef"=dword:0000000a"AMConcentrationCoef"=dword:0000000a"AMConsistencyCoef"=dword:0000000a"AMCreativityCoef"=dword:00000064"AMDecisionsCoef"=dword:00000028"AMDeterminationCoef"=dword:0000000a"AMDirtinessCoef"=dword:fffffffb"AMFlairCoef"=dword:00000014"AMImportantMatchesCoef"=dword:0000000a"AMInfluenceCoef"=dword:0000000a"AMOffTheBallCoef"=dword:0000003c"AMPositioningCoef"=dword:00000014"AMTeamworkCoef"=dword:0000003c"AMWorkRateCoef"=dword:00000014"AMAccelerationCoef"=dword:0000003c"AMAgilityCoef"=dword:0000000a"AMBalanceCoef"=dword:0000000a"AMInjuryPronenessCoef"=dword:fffffffb"AMJumpingCoef"=dword:00000014"AMNaturalFitnessCoef"=dword:00000005"AMPaceCoef"=dword:0000003c"AMStaminaCoef"=dword:0000003c"AMStrengthCoef"=dword:00000014"AMVersatilityCoef"=dword:00000005"AMAerialAbilityCoef"=dword:00000000"AMCommandOfAreaCoef"=dword:00000000"AMCommunicationCoef"=dword:00000000"AMEccentricityCoef"=dword:00000000"AMHandlingCoef"=dword:00000000"AMKickingCoef"=dword:00000000"AMOneOnOnesCoef"=dword:00000005"AMReflexesCoef"=dword:00000005"AMRushingOutCoef"=dword:00000000"AMTendencyToPunchCoef"=dword:00000000"AMThrowingCoef"=dword:00000000"AMAdaptabilityCoef"=dword:00000005"AMAmbitionCoef"=dword:0000000a"AMControversyCoef"=dword:fffffffb"AMLoyalityCoef"=dword:00000005"AMPressureCoef"=dword:00000005"AMProfessionalismCoef"=dword:00000005"AMSportsmanshipCoef"=dword:00000005"AMTemperamentCoef"=dword:00000005"WWeightCoef"=dword:00000066"WCurrentAbilityCoef"=dword:00000000"WCornersCoef"=dword:0000000a"WCrossingCoef"=dword:00000064"WDribblingCoef"=dword:00000064"WFinishingCoef"=dword:0000003c"WFirstTouchCoef"=dword:0000001e"WFreeKicksCoef"=dword:0000000a"WHeadingCoef"=dword:00000014"WLongShotsCoef"=dword:00000014"WLongThrowsCoef"=dword:00000005"WMarkingCoef"=dword:0000000a"WPassingCoef"=dword:0000003c"WPenaltiesCoef"=dword:00000005"WTacklingCoef"=dword:0000000a"WTechniqueCoef"=dword:00000050"WLeftFootCoef"=dword:00000005"WRightFootCoef"=dword:00000005"WAggressionCoef"=dword:0000000a"WAnticipationCoef"=dword:00000014"WBraveryCoef"=dword:0000000a"WComposureCoef"=dword:0000000a"WConcentrationCoef"=dword:0000000a"WConsistencyCoef"=dword:0000000a"WCreativityCoef"=dword:0000003c"WDecisionsCoef"=dword:00000014"WDeterminationCoef"=dword:0000000a"WDirtinessCoef"=dword:fffffffb"WFlairCoef"=dword:0000000a"WImportantMatchesCoef"=dword:00000014"WInfluenceCoef"=dword:0000000a"WOffTheBallCoef"=dword:0000003c"WPositioningCoef"=dword:00000014"WTeamworkCoef"=dword:0000001e"WWorkRateCoef"=dword:0000001e"WAccelerationCoef"=dword:00000050"WAgilityCoef"=dword:00000014"WBalanceCoef"=dword:0000000a"WInjuryPronenessCoef"=dword:fffffffb"WJumpingCoef"=dword:00000014"WNaturalFitnessCoef"=dword:00000005"WPaceCoef"=dword:00000064"WStaminaCoef"=dword:0000003c"WStrengthCoef"=dword:00000014"WVersatilityCoef"=dword:00000005"WAerialAbilityCoef"=dword:00000000"WCommandOfAreaCoef"=dword:00000000"WCommunicationCoef"=dword:00000000"WEccentricityCoef"=dword:00000000"WHandlingCoef"=dword:00000000"WKickingCoef"=dword:00000000"WOneOnOnesCoef"=dword:00000005"WReflexesCoef"=dword:00000005"WRushingOutCoef"=dword:00000000"WTendencyToPunchCoef"=dword:00000000"WThrowingCoef"=dword:00000000"WAdaptabilityCoef"=dword:00000005"WAmbitionCoef"=dword:0000000a"WControversyCoef"=dword:fffffffb"WLoyalityCoef"=dword:00000005"WPressureCoef"=dword:00000005"WProfessionalismCoef"=dword:00000005"WSportsmanshipCoef"=dword:00000005"WTemperamentCoef"=dword:00000005"FSTWeightCoef"=dword:00000064"FSTCurrentAbilityCoef"=dword:00000000"FSTCornersCoef"=dword:0000000a"FSTCrossingCoef"=dword:0000000a"FSTDribblingCoef"=dword:00000050"FSTFinishingCoef"=dword:00000064"FSTFirstTouchCoef"=dword:00000028"FSTFreeKicksCoef"=dword:0000000a"FSTHeadingCoef"=dword:00000028"FSTLongShotsCoef"=dword:00000014"FSTLongThrowsCoef"=dword:00000000"FSTMarkingCoef"=dword:00000000"FSTPassingCoef"=dword:00000028"FSTPenaltiesCoef"=dword:00000005"FSTTacklingCoef"=dword:00000000"FSTTechniqueCoef"=dword:00000050"FSTLeftFootCoef"=dword:00000005"FSTRightFootCoef"=dword:00000005"FSTAggressionCoef"=dword:0000000a"FSTAnticipationCoef"=dword:0000000a"FSTBraveryCoef"=dword:0000000a"FSTComposureCoef"=dword:0000000a"FSTConcentrationCoef"=dword:0000000a"FSTConsistencyCoef"=dword:0000000a"FSTCreativityCoef"=dword:00000028"FSTDecisionsCoef"=dword:0000000a"FSTDeterminationCoef"=dword:0000000a"FSTDirtinessCoef"=dword:fffffffb"FSTFlairCoef"=dword:0000000a"FSTImportantMatchesCoef"=dword:0000000a"FSTInfluenceCoef"=dword:0000000a"FSTOffTheBallCoef"=dword:00000050"FSTPositioningCoef"=dword:0000000a"FSTTeamworkCoef"=dword:0000000a"FSTWorkRateCoef"=dword:0000000a"FSTAccelerationCoef"=dword:00000064"FSTAgilityCoef"=dword:00000028"FSTBalanceCoef"=dword:0000000a"FSTInjuryPronenessCoef"=dword:fffffffb"FSTJumpingCoef"=dword:00000014"FSTNaturalFitnessCoef"=dword:00000005"FSTPaceCoef"=dword:00000064"FSTStaminaCoef"=dword:00000028"FSTStrengthCoef"=dword:00000014"FSTVersatilityCoef"=dword:00000005"FSTAerialAbilityCoef"=dword:00000000"FSTCommandOfAreaCoef"=dword:00000000"FSTCommunicationCoef"=dword:00000000"FSTEccentricityCoef"=dword:00000000"FSTHandlingCoef"=dword:00000000"FSTKickingCoef"=dword:00000000"FSTOneOnOnesCoef"=dword:00000005"FSTReflexesCoef"=dword:00000005"FSTRushingOutCoef"=dword:00000000"FSTTendencyToPunchCoef"=dword:00000000"FSTThrowingCoef"=dword:00000000"FSTAdaptabilityCoef"=dword:00000005"FSTAmbitionCoef"=dword:0000000a"FSTControversyCoef"=dword:fffffffb"FSTLoyalityCoef"=dword:00000005"FSTPressureCoef"=dword:00000005"FSTProfessionalismCoef"=dword:00000005"FSTSportsmanshipCoef"=dword:00000005"FSTTemperamentCoef"=dword:00000005"TSTWeightCoef"=dword:00000065"TSTCurrentAbilityCoef"=dword:00000000"TSTCornersCoef"=dword:00000000"TSTCrossingCoef"=dword:0000000a"TSTDribblingCoef"=dword:0000003c"TSTFinishingCoef"=dword:00000050"TSTFirstTouchCoef"=dword:0000001e"TSTFreeKicksCoef"=dword:0000000a"TSTHeadingCoef"=dword:00000064"TSTLongShotsCoef"=dword:00000014"TSTLongThrowsCoef"=dword:00000000"TSTMarkingCoef"=dword:00000000"TSTPassingCoef"=dword:00000028"TSTPenaltiesCoef"=dword:00000005"TSTTacklingCoef"=dword:00000000"TSTTechniqueCoef"=dword:00000028"TSTLeftFootCoef"=dword:00000005"TSTRightFootCoef"=dword:00000005"TSTAggressionCoef"=dword:00000014"TSTAnticipationCoef"=dword:0000000a"TSTBraveryCoef"=dword:00000014"TSTComposureCoef"=dword:0000000a"TSTConcentrationCoef"=dword:0000000a"TSTConsistencyCoef"=dword:0000000a"TSTCreativityCoef"=dword:00000014"TSTDecisionsCoef"=dword:0000000a"TSTDeterminationCoef"=dword:0000000a"TSTDirtinessCoef"=dword:fffffffb"TSTFlairCoef"=dword:0000000a"TSTImportantMatchesCoef"=dword:0000000a"TSTInfluenceCoef"=dword:0000000a"TSTOffTheBallCoef"=dword:00000050"TSTPositioningCoef"=dword:00000014"TSTTeamworkCoef"=dword:0000000a"TSTWorkRateCoef"=dword:0000000a"TSTAccelerationCoef"=dword:00000028"TSTAgilityCoef"=dword:00000014"TSTBalanceCoef"=dword:00000014"TSTInjuryPronenessCoef"=dword:fffffffb"TSTJumpingCoef"=dword:00000064"TSTNaturalFitnessCoef"=dword:00000005"TSTPaceCoef"=dword:00000028"TSTStaminaCoef"=dword:00000014"TSTStrengthCoef"=dword:00000050"TSTVersatilityCoef"=dword:00000005"TSTAerialAbilityCoef"=dword:00000000"TSTCommandOfAreaCoef"=dword:00000000"TSTCommunicationCoef"=dword:00000000"TSTEccentricityCoef"=dword:00000000"TSTHandlingCoef"=dword:00000000"TSTKickingCoef"=dword:00000000"TSTOneOnOnesCoef"=dword:00000005"TSTReflexesCoef"=dword:00000005"TSTRushingOutCoef"=dword:00000000"TSTTendencyToPunchCoef"=dword:00000000"TSTThrowingCoef"=dword:00000000"TSTAdaptabilityCoef"=dword:00000005"TSTAmbitionCoef"=dword:0000000a"TSTControversyCoef"=dword:fffffffb"TSTLoyalityCoef"=dword:00000005"TSTPressureCoef"=dword:00000005"TSTProfessionalismCoef"=dword:00000005"TSTSportsmanshipCoef"=dword:00000005"TSTTemperamentCoef"=dword:00000005.--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'explorer.exe'(204)c:\windows\system32\WININET.dllc:\windows\system32\ieframe.dllc:\windows\system32\webcheck.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Other Running Processes ------------------------.c:\windows\system32\rundll32.exec:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exec:\program files\Common Files\AOL\ACS\AOLacsd.exec:\windows\system32\msdtc.exec:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exec:\program files\Bonjour\mDNSResponder.exec:\windows\system32\hasplms.exec:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exec:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exec:\windows\ehome\mcrdsvc.exec:\windows\system32\mqsvc.exec:\program files\Hewlett-Packard\Shared\hpqwmiex.exec:\program files\HP\Digital Imaging\bin\hpqimzone.exec:\windows\system32\mqtgsvc.exec:\program files\iPod\bin\iPodService.exec:\progra~1\hpq\Shared\HPQTOA~1.EXEc:\program files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe.**************************************************************************.Completion time: 2010-04-25 21:00:01 - machine was rebootedComboFix-quarantined-files.txt 2010-04-25 19:59Pre-Run: 23,329,394,688 bytes freePost-Run: 23,368,073,216 bytes freeWindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect- - End Of File - - DC0601C8987B1757E31855E45CA31C11Logfile of Trend Micro HijackThis v2.0.4Scan saved at 00:09:59, on 26/04/2010Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\ehome\ehtray.exeC:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\HP\QuickPlay\QPService.exeC:\Program Files\Hp\HP Software Update\HPWuSchd2.exeC:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exeC:\Program Files\Common Files\AOL\ACS\AOLDial.exeC:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXEC:\Program Files\Common Files\AOL\1165261327\ee\AOLSoftware.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXEC:\Program Files\BroadJump\Client Foundation\CFD.exeC:\WINDOWS\system32\rundll32.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeC:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exeC:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeC:\Program Files\Craft ROBO Controller\CRSSupervisor.exeC:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeC:\Program Files\Common Files\AOL\ACS\AOLacsd.exeC:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\hasplms.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeC:\WINDOWS\system32\mqsvc.exeC:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeC:\Program Files\HP\Digital Imaging\bin\hpqimzone.exeC:\WINDOWS\system32\mqtgsvc.exeC:\Program Files\iPod\bin\iPodService.exeC:\PROGRA~1\hpq\Shared\HPQTOA~1.EXEC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exeC:\WINDOWS\explorer.exeC:\WINDOWS\system32\notepad.exeC:\Documents and Settings\Rimac Anthonye\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Rimac Anthonye\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Rimac Anthonye\Desktop\HiJackThis.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...o&pf=laptopO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dllO2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dllO3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dllO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exeO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dllO4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exeO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /StartO4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exeO4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exeO4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exeO4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /iconO4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exeO4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"O4 - HKLM\..\Run: [EPSON Stylus C48 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /O6 "USB001" /M "Stylus C48"O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1165261327\ee\AOLSoftware.exeO4 - HKLM\..\Run: [iPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exeO4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB002" /M "Stylus Photo R300"O4 - HKLM\..\Run: [bJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exeO4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osbootO4 - HKLM\..\Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeO4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -schedulerO4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Rimac Anthonye\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exeO4 - Global Startup: Craft ROBO Status Supervisor.lnk = ?O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exeO4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeO9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLLO9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLLO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLLO14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.ukO16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cabO16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) - http://www.bebo.com/files/BeboUploader.5.1.4.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - http://lads.myspace.com/upload/MySpaceUploader.cabO16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194423345296O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cabO16 - DPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} (DGTx.uc1) - http://members.driverguide.com/director/di...de=toolkit_liteO18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dllO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exeO23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exeO23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeO23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exeO23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exeO23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exeO23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exeO23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exeO23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe--End of file - 13310 bytes Link to post Share on other sites More sharing options...
Maniac Posted April 26, 2010 ID:239349 Share Posted April 26, 2010 Step 1:Please, open HiJackThis and select Do a system scan only.Check the following entries:O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)Then, close all open windows except that of HijackThis, and select Fix Checked.Step 2:Open Notepad and copy and paste the text in the code box below into it:KillAll::FCopy::c:\windows\system32\dllcache\tcpip.sys | c:\windows\system32\drivers\tcpip.sysSave the file to your desktop and name it CFScript.txt Then drag the CFScript.txt into the ComboFix.exe as shown in the screenshot below.This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system. Link to post Share on other sites More sharing options...
coled Posted April 26, 2010 Author ID:239552 Share Posted April 26, 2010 ComboFix 10-04-21.01 - Rimac Anthonye 26/04/2010 17:36:50.2.1 - x86Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1014.523 [GMT 1:00]Running from: c:\documents and settings\Rimac Anthonye\Desktop\Combo-Fix.exeCommand switches used :: c:\documents and settings\Rimac Anthonye\Desktop\CFScript.txtAV: Trend Micro Internet Security Pro *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}.((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..--------------- FCopy ---------------c:\windows\system32\dllcache\tcpip.sys --> c:\windows\system32\drivers\tcpip.sys.((((((((((((((((((((((((( Files Created from 2010-03-26 to 2010-04-26 ))))))))))))))))))))))))))))))).2010-04-24 00:40 . 2010-04-24 00:40 -------- d-----w- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\MozSwing2010-04-24 00:38 . 2010-04-24 00:39 -------- d-----w- c:\program files\SEO PowerSuite2010-04-16 21:34 . 2010-03-29 23:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2010-04-16 21:34 . 2010-04-16 21:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2010-04-16 21:34 . 2010-03-29 23:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys2010-04-12 15:35 . 2010-04-12 15:35 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\Malwarebytes2010-04-12 15:34 . 2010-04-12 15:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes2010-04-12 15:05 . 2010-04-21 13:09 -------- d-----w- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Temp2010-04-11 15:01 . 2010-04-11 15:01 -------- d-sh--w- c:\documents and settings\Rimac Anthonye\PrivacIE2010-04-11 14:40 . 2010-04-11 14:40 10752 ----a-w- c:\windows\DCEBoot.exe2010-04-11 01:13 . 2010-04-11 01:13 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache2010-04-11 01:12 . 2010-04-11 01:12 -------- d-----w- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Trend Micro2010-04-11 01:11 . 2010-04-11 01:11 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Trend Micro2010-04-11 01:07 . 2010-04-11 01:07 -------- d-sh--w- c:\documents and settings\Rimac Anthonye\IETldCache2010-04-11 01:05 . 2010-04-11 00:59 59920 ----a-w- c:\windows\system32\drivers\tmactmon.sys2010-04-11 01:05 . 2010-04-11 00:59 50704 ----a-w- c:\windows\system32\drivers\tmevtmgr.sys2010-04-11 01:01 . 2010-04-11 01:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro2010-04-11 01:00 . 2010-04-11 01:09 -------- d-----w- c:\program files\Trend Micro2010-04-11 00:59 . 2010-04-11 00:59 89872 ----a-w- c:\windows\system32\drivers\tmtdi.sys2010-04-11 00:59 . 2010-04-11 00:59 339984 ----a-w- c:\windows\system32\drivers\TM_CFW.sys2010-04-11 00:59 . 2009-12-04 16:39 230928 ----a-w- c:\windows\system32\drivers\tmxpflt.sys2010-04-11 00:59 . 2009-12-04 16:38 36368 ----a-w- c:\windows\system32\drivers\tmpreflt.sys2010-04-11 00:59 . 2009-12-04 16:05 1322680 ----a-w- c:\windows\system32\drivers\vsapint.sys2010-04-11 00:51 . 2010-02-25 06:24 12800 ------w- c:\windows\system32\dllcache\xpshims.dll2010-04-11 00:51 . 2010-02-25 06:24 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll2010-04-11 00:51 . 2010-04-11 13:25 -------- d-----w- c:\windows\ie8updates2010-04-11 00:50 . 2010-02-16 04:50 64000 ------w- c:\windows\system32\dllcache\iecompat.dll2010-04-11 00:49 . 2010-04-11 00:50 -------- dc-h--w- c:\windows\ie82010-04-11 00:38 . 2010-04-11 00:38 212992 ----a-w- c:\windows\system32\DartSock.dll2010-04-11 00:38 . 2010-04-11 00:38 147456 ----a-w- c:\windows\system32\DartSecure2.dll2010-04-11 00:38 . 2010-04-11 00:38 139264 ----a-w- c:\windows\system32\DartCertificate.dll2010-04-10 23:55 . 2010-04-10 23:55 -------- d-----w- c:\program files\Common Files\Aladdin Shared2010-04-10 20:12 . 2010-04-10 20:12 123 ----a-w- c:\documents and settings\Rimac Anthonye\file.bat2010-04-10 20:11 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2010-04-25 19:06 . 2006-09-12 03:52 -------- d-----w- c:\program files\Common Files\Symantec Shared2010-04-24 22:26 . 2006-12-02 19:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint2010-04-24 22:26 . 2006-12-02 19:42 -------- d-----w- c:\program files\Viewpoint2010-04-24 22:09 . 2006-09-12 04:15 -------- d-----w- c:\program files\Common Files\Adobe2010-04-21 16:17 . 2008-11-03 19:17 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\FileZilla2010-04-19 14:31 . 2007-03-20 21:37 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\uTorrent2010-04-15 21:33 . 2007-05-14 17:55 -------- d-----w- c:\program files\FriendBlasterPro2010-04-14 18:40 . 2010-03-23 17:47 439816 ----a-w- c:\documents and settings\Rimac Anthonye\Application Data\Real\Update\setup3.10\setup.exe2010-04-14 07:15 . 2009-12-06 10:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help2010-04-13 09:42 . 2008-06-29 13:02 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet2010-04-11 00:59 . 2006-12-03 19:52 158224 ----a-w- c:\windows\system32\drivers\tmcomm.sys2010-04-11 00:58 . 2009-12-06 10:47 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\GetRightToGo2010-04-11 00:35 . 2006-09-12 03:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec2010-04-10 23:49 . 2006-09-12 10:36 -------- d-----w- c:\program files\HPQ2010-04-10 23:49 . 2006-09-12 10:36 -------- d-----w- c:\program files\Hewlett-Packard2010-04-10 23:49 . 2006-12-04 10:07 -------- d-----w- c:\program files\Common Files\aolshare2010-04-10 23:49 . 2006-12-02 19:28 -------- d-----w- c:\program files\Common Files\AOL2010-04-10 23:48 . 2008-03-02 15:44 -------- d-----w- c:\program files\Autodesk2010-04-10 23:48 . 2006-12-04 10:06 -------- d-----w- c:\program files\AOL 9.02010-04-10 20:12 . 2006-03-16 04:00 14336 ----a-w- c:\windows\system32\svchost.exe2010-03-19 17:16 . 2010-03-19 17:16 -------- d-----w- c:\program files\Tweet Adder2010-03-11 13:48 . 2009-11-04 17:50 256 ----a-w- c:\windows\system32\pool.bin2010-03-11 12:51 . 2010-03-11 12:51 -------- d-----w- c:\documents and settings\Rimac Anthonye\Application Data\Research In Motion2010-03-10 06:15 . 2006-03-16 04:00 420352 ----a-w- c:\windows\system32\vbscript.dll2010-02-25 06:24 . 2006-03-16 04:00 916480 ----a-w- c:\windows\system32\wininet.dll2010-02-24 12:31 . 2005-01-19 12:26 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys2010-02-17 10:57 . 2006-03-16 04:00 2063744 ----a-w- c:\windows\system32\ntkrnlpa.exe2010-02-16 17:37 . 2006-03-16 04:00 2186880 ----a-w- c:\windows\system32\ntoskrnl.exe2010-02-14 11:43 . 2006-09-12 03:42 197256 -c--a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT2010-02-12 04:47 . 2006-03-16 04:00 100864 ----a-w- c:\windows\system32\6to4svc.dll2010-02-11 12:01 . 2006-03-16 04:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys.<pre>c:\program files\Trend Micro\Internet Security\Quarantine\02994 .exec:\program files\Trend Micro\Internet Security\Quarantine\24693 .exec:\program files\Trend Micro\Internet Security\Quarantine\944 .exe</pre>((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-23 68856]"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]"Google Update"="c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-04-12 136176][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-04 458752]"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 61952]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713]"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-06-23 102400]"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-02 135168]"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 40960]"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]"Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072]"SpeedTouch USB Diagnostics"="c:\program files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 866816]"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2004-11-09 497240]"AOL Spyware Protection"="c:\progra~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" [2004-10-18 79448]"EPSON Stylus C48 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I091.EXE" [2005-05-16 99840]"HostManager"="c:\program files\Common Files\AOL\1165261327\ee\AOLSoftware.exe" [2006-05-24 50760]"IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520]"EPSON Stylus Photo R300 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE" [2003-09-11 99840]"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 376912]"BluetoothAuthenticationAgent"="bthprops.cpl" [2006-03-16 110592]"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 385024]"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-29 185896]"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2010-01-26 1020248]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-16 15360]c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-15 113664]AOL 9.0 Tray Icon.lnk - c:\program files\AOL 9.0\aoltray.exe [2006-12-4 156784]Craft ROBO Status Supervisor.lnk - c:\program files\Craft ROBO Controller\CRSSupervisor.exe [2007-7-31 32768]HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308][HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusOverride"=dword:00000001"FirewallOverride"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]"DisableMonitoring"=dword:00000001[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]"DisableMonitoring"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="c:\\WINDOWS\\system32\\mqsvc.exe"="c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="c:\\StubInstaller.exe"="c:\\Program Files\\AOL 9.0\\waol.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="c:\\Program Files\\Common Files\\AOL\\1165261327\\ee\\aolsoftware.exe"="c:\\Program Files\\Common Files\\AOL\\1165261327\\ee\\aim6.exe"="c:\\Program Files\\Messenger\\msmsgs.exe"="c:\\Program Files\\utorrent\\utorrent.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Autodesk\\Backburner\\monitor.exe"="c:\\Program Files\\Autodesk\\Backburner\\manager.exe"="c:\\Program Files\\Autodesk\\Backburner\\server.exe"="c:\\Program Files\\Bonjour\\mDNSResponder.exe"="c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="c:\\Program Files\\iTunes\\iTunes.exe"="c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"="c:\\Program Files\\Sports Interactive\\Football Manager 2010 Demo\\fm.exe"=[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]"1947:TCP"= 1947:TCP:HASP SRM "1947:UDP"= 1947:UDP:HASP SRM R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [11/04/2010 01:59 36368]R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [27/07/2009 18:54 33792]R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [11/04/2010 01:59 339984]S1 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25/10/2008 13:13 0]S3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [11/04/2010 02:05 50704]S3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [11/04/2010 02:05 689416].Contents of the 'Scheduled Tasks' folder2010-04-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2238951125-1727324525-1025964102-1005Core.job- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-12 15:04]2010-04-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2238951125-1727324525-1025964102-1005UA.job- c:\documents and settings\Rimac Anthonye\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-12 15:04]..------- Supplementary Scan -------.uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=64&bd=presario&pf=laptopuInternet Settings,ProxyOverride = <local>;*.localuSearchURL,(Default) = hxxp://www.google.com/search?q=%sDPF: {F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D} - hxxp://members.driverguide.com/director/dispatch_getfile.php?mode=toolkit_liteFF - ProfilePath - c:\documents and settings\Rimac Anthonye\Application Data\Mozilla\Firefox\Profiles\7hx5bm3h.default\FF - component: c:\program files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension\components\FFTMUFEHelper.dllFF - component: c:\program files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension\components\FFToolbarComm.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\---- FIREFOX POLICIES ----FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);.**************************************************************************catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2010-04-26 17:50Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????S??????`?@?????L?@ scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout]"GameDir"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data\\games""ShortlistDir"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data\\shortlists""ScreenshotsDir"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data""SaveDir"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\user data""HistoryDir"="c:\\Documents and Settings\\Rimac Anthonye\\Desktop\\FM Genie Scout 2007\\History Points""LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2007\\data\\db\\702\\lang_db.dat""LastSaveGame"="c:\\Documents and Settings\\Rimac Anthonye\\My Documents\\Sports Interactive\\Football Manager 2007\\games\\MK Dons.fm""Language"="English""LoadLangDB"=dword:00000001"CompressHistoryPoints"=dword:00000000"HighlightedAttributes"=dword:00000000"MinCondition"=dword:00000050"LastUpdateCheck"=dword:00009990"HighQualityGUI"=dword:00000000"AutomaticallyUpdateCheck"=dword:00000001"AdvancedGeneration"=dword:00000000"ShowHistory"=dword:00000001"WindowState"=dword:00000000"Currency"=dword:00000056"WindowHeight"=dword:000002de"WindowWidth"=dword:000003fc"WindowLeft"=dword:00000005"WindowTop"=dword:00000000"UseProxy"=dword:00000000"ProxyHost"="""ProxyPort"="""UseAuthentication"=dword:00000000"UserName"="""UserPassword"=""[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout\Columns\Clubs]"Position0"=dword:00000000"Visible0"=dword:00000001"Width0"=dword:0000007d"Position1"=dword:00000001"Visible1"=dword:00000001"Width1"=dword:00000064"Position2"=dword:00000002"Visible2"=dword:00000001"Width2"=dword:00000064"Position3"=dword:00000003"Visible3"=dword:00000001"Width3"=dword:00000032"Position4"=dword:00000004"Visible4"=dword:00000001"Width4"=dword:00000032"Position5"=dword:00000005"Visible5"=dword:00000001"Width5"=dword:00000050"Position6"=dword:00000006"Visible6"=dword:00000001"Width6"=dword:00000050"Position7"=dword:00000007"Visible7"=dword:00000001"Width7"=dword:00000050"Position8"=dword:00000008"Visible8"=dword:00000000"Width8"=dword:00000050"Position9"=dword:00000009"Visible9"=dword:00000000"Width9"=dword:0000002d"Position10"=dword:0000000a"Visible10"=dword:00000000"Width10"=dword:0000001e"Position11"=dword:0000000b"Visible11"=dword:00000000"Width11"=dword:0000001e"Position12"=dword:0000000c"Visible12"=dword:00000000"Width12"=dword:0000001e"Position13"=dword:0000000d"Visible13"=dword:00000001"Width13"=dword:0000003c"Position14"=dword:0000000e"Visible14"=dword:00000000"Width14"=dword:00000032"Position15"=dword:0000000f"Visible15"=dword:00000000"Width15"=dword:00000032"Position16"=dword:00000010"Visible16"=dword:00000000"Width16"=dword:00000032"Position17"=dword:00000011"Visible17"=dword:00000001"Width17"=dword:00000050"Position18"=dword:00000012"Visible18"=dword:00000001"Width18"=dword:00000050"Position19"=dword:00000013"Visible19"=dword:00000000"Width19"=dword:00000050[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout\Columns\Players]"Position0"=dword:00000000"Visible0"=dword:00000001"Width0"=dword:0000007d"Position1"=dword:00000001"Visible1"=dword:00000001"Width1"=dword:00000064"Position2"=dword:00000002"Visible2"=dword:00000001"Width2"=dword:00000064"Position3"=dword:00000003"Visible3"=dword:00000001"Width3"=dword:00000048"Position4"=dword:00000008"Visible4"=dword:00000001"Width4"=dword:00000023"Position5"=dword:00000009"Visible5"=dword:00000001"Width5"=dword:00000028"Position6"=dword:0000000a"Visible6"=dword:00000001"Width6"=dword:00000028"Position7"=dword:0000000c"Visible7"=dword:00000001"Width7"=dword:0000004b"Position8"=dword:0000000d"Visible8"=dword:00000001"Width8"=dword:0000004b"Position9"=dword:0000000e"Visible9"=dword:00000001"Width9"=dword:00000050"Position10"=dword:00000010"Visible10"=dword:00000000"Width10"=dword:00000050"Position11"=dword:00000011"Visible11"=dword:00000000"Width11"=dword:0000004b"Position12"=dword:00000012"Visible12"=dword:00000000"Width12"=dword:0000002d"Position13"=dword:00000013"Visible13"=dword:00000000"Width13"=dword:0000003c"Position14"=dword:00000014"Visible14"=dword:00000000"Width14"=dword:0000004b"Position15"=dword:00000015"Visible15"=dword:00000000"Width15"=dword:00000064"Position16"=dword:00000016"Visible16"=dword:00000000"Width16"=dword:00000064"Position17"=dword:00000017"Visible17"=dword:00000000"Width17"=dword:0000004b"Position18"=dword:00000018"Visible18"=dword:00000000"Width18"=dword:00000064"Position19"=dword:00000019"Visible19"=dword:00000000"Width19"=dword:0000003c"Position20"=dword:0000001a"Visible20"=dword:00000000"Width20"=dword:0000004b"Position21"=dword:0000001b"Visible21"=dword:00000000"Width21"=dword:00000050"Position22"=dword:0000001c"Visible22"=dword:00000000"Width22"=dword:00000073"Position23"=dword:0000001d"Visible23"=dword:00000000"Width23"=dword:00000050"Position24"=dword:0000001e"Visible24"=dword:00000000"Width24"=dword:0000005a"Position25"=dword:0000001f"Visible25"=dword:00000000"Width25"=dword:0000006e"Position26"=dword:00000020"Visible26"=dword:00000000"Width26"=dword:00000064"Position27"=dword:00000021"Visible27"=dword:00000000"Width27"=dword:00000087"Position28"=dword:00000022"Visible28"=dword:00000000"Width28"=dword:00000064"Position29"=dword:00000023"Visible29"=dword:00000000"Width29"=dword:00000064"Position30"=dword:00000024"Visible30"=dword:00000000"Width30"=dword:00000046"Position31"=dword:00000025"Visible31"=dword:00000000"Width31"=dword:0000004b"Position32"=dword:00000026"Visible32"=dword:00000000"Width32"=dword:00000046"Position33"=dword:00000027"Visible33"=dword:00000000"Width33"=dword:0000004b"Position34"=dword:00000028"Visible34"=dword:00000000"Width34"=dword:0000003c"Position35"=dword:0000002a"Visible35"=dword:00000000"Width35"=dword:00000064"Position36"=dword:0000002e"Visible36"=dword:00000000"Width36"=dword:00000073"Position37"=dword:00000030"Visible37"=dword:00000000"Width37"=dword:0000005f"Position38"=dword:00000033"Visible38"=dword:00000000"Width38"=dword:00000091"Position39"=dword:00000035"Visible39"=dword:00000000"Width39"=dword:0000003c"Position40"=dword:0000002c"Visible40"=dword:00000000"Width40"=dword:0000005a"Position41"=dword:00000036"Visible41"=dword:00000000"Width41"=dword:00000041"Position42"=dword:00000029"Visible42"=dword:00000000"Width42"=dword:00000050"Position43"=dword:0000002b"Visible43"=dword:00000000"Width43"=dword:00000055"Position44"=dword:0000002d"Visible44"=dword:00000000"Width44"=dword:0000005f"Position45"=dword:00000037"Visible45"=dword:00000000"Width45"=dword:00000050"Position46"=dword:00000038"Visible46"=dword:00000000"Width46"=dword:0000004b"Position47"=dword:00000039"Visible47"=dword:00000000"Width47"=dword:0000004b"Position48"=dword:0000003a"Visible48"=dword:00000000"Width48"=dword:00000046"Position49"=dword:0000003b"Visible49"=dword:00000000"Width49"=dword:00000032"Position50"=dword:0000003c"Visible50"=dword:00000000"Width50"=dword:0000003c"Position51"=dword:0000003d"Visible51"=dword:00000000"Width51"=dword:0000004b"Position52"=dword:0000003e"Visible52"=dword:00000000"Width52"=dword:0000003c"Position53"=dword:0000003f"Visible53"=dword:00000000"Width53"=dword:00000037"Position54"=dword:00000040"Visible54"=dword:00000000"Width54"=dword:00000069"Position55"=dword:00000041"Visible55"=dword:00000000"Width55"=dword:0000005a"Position56"=dword:00000044"Visible56"=dword:00000000"Width56"=dword:0000004b"Position57"=dword:00000045"Visible57"=dword:00000000"Width57"=dword:0000004b"Position58"=dword:00000046"Visible58"=dword:00000000"Width58"=dword:00000037"Position59"=dword:00000047"Visible59"=dword:00000000"Width59"=dword:0000003c"Position60"=dword:00000048"Visible60"=dword:00000000"Width60"=dword:0000003c"Position61"=dword:00000049"Visible61"=dword:00000000"Width61"=dword:00000041"Position62"=dword:0000004a"Visible62"=dword:00000000"Width62"=dword:00000055"Position63"=dword:0000004b"Visible63"=dword:00000000"Width63"=dword:0000003c"Position64"=dword:0000004c"Visible64"=dword:00000000"Width64"=dword:0000003c"Position65"=dword:0000004d"Visible65"=dword:00000000"Width65"=dword:0000004b"Position66"=dword:0000004e"Visible66"=dword:00000000"Width66"=dword:0000003c"Position67"=dword:0000004f"Visible67"=dword:00000000"Width67"=dword:00000046"Position68"=dword:00000050"Visible68"=dword:00000000"Width68"=dword:00000028"Position69"=dword:00000051"Visible69"=dword:00000000"Width69"=dword:00000041"Position70"=dword:00000052"Visible70"=dword:00000000"Width70"=dword:0000003c"Position71"=dword:00000053"Visible71"=dword:00000000"Width71"=dword:00000069"Position72"=dword:00000054"Visible72"=dword:00000000"Width72"=dword:00000041"Position73"=dword:00000055"Visible73"=dword:00000000"Width73"=dword:0000005f"Position74"=dword:00000056"Visible74"=dword:00000000"Width74"=dword:0000003c"Position75"=dword:00000057"Visible75"=dword:00000000"Width75"=dword:00000037"Position76"=dword:00000058"Visible76"=dword:00000000"Width76"=dword:0000004b"Position77"=dword:00000059"Visible77"=dword:00000000"Width77"=dword:00000050"Position78"=dword:0000005a"Visible78"=dword:00000000"Width78"=dword:00000037"Position79"=dword:0000005b"Visible79"=dword:00000000"Width79"=dword:00000037"Position80"=dword:0000005c"Visible80"=dword:00000000"Width80"=dword:0000005a"Position81"=dword:0000005d"Visible81"=dword:00000000"Width81"=dword:0000004b"Position82"=dword:0000005e"Visible82"=dword:00000000"Width82"=dword:00000055"Position83"=dword:0000005f"Visible83"=dword:00000000"Width83"=dword:0000002d"Position84"=dword:00000060"Visible84"=dword:00000000"Width84"=dword:00000037"Position85"=dword:00000061"Visible85"=dword:00000000"Width85"=dword:0000003c"Position86"=dword:00000062"Visible86"=dword:00000000"Width86"=dword:00000046"Position87"=dword:00000063"Visible87"=dword:00000000"Width87"=dword:0000003c"Position88"=dword:00000064"Visible88"=dword:00000000"Width88"=dword:0000005a"Position89"=dword:00000065"Visible89"=dword:00000000"Width89"=dword:0000003c"Position90"=dword:00000066"Visible90"=dword:00000000"Width90"=dword:00000050"Position91"=dword:00000067"Visible91"=dword:00000000"Width91"=dword:00000046"Position92"=dword:00000068"Visible92"=dword:00000000"Width92"=dword:0000005a"Position93"=dword:00000069"Visible93"=dword:00000000"Width93"=dword:00000037"Position94"=dword:0000006a"Visible94"=dword:00000000"Width94"=dword:0000003c"Position95"=dword:0000006b"Visible95"=dword:00000000"Width95"=dword:0000003c"Position96"=dword:0000006c"Visible96"=dword:00000000"Width96"=dword:00000046"Position97"=dword:0000006d"Visible97"=dword:00000000"Width97"=dword:00000046"Position98"=dword:0000006e"Visible98"=dword:00000000"Width98"=dword:00000055"Position99"=dword:0000006f"Visible99"=dword:00000000"Width99"=dword:00000073"Position100"=dword:00000042"Visible100"=dword:00000000"Width100"=dword:00000041"Position101"=dword:00000070"Visible101"=dword:00000000"Width101"=dword:0000003c"Position102"=dword:00000071"Visible102"=dword:00000000"Width102"=dword:0000003c"Position103"=dword:00000072"Visible103"=dword:00000000"Width103"=dword:00000046"Position104"=dword:00000073"Visible104"=dword:00000000"Width104"=dword:0000003c"Position105"=dword:00000074"Visible105"=dword:00000000"Width105"=dword:00000041"Position106"=dword:0000000f"Visible106"=dword:00000001"Width106"=dword:00000050"Position107"=dword:0000000b"Visible107"=dword:00000001"Width107"=dword:00000028"Position108"=dword:00000043"Visible108"=dword:00000000"Width108"=dword:00000050"Position109"=dword:0000002f"Visible109"=dword:00000000"Width109"=dword:00000050"Position110"=dword:00000031"Visible110"=dword:00000000"Width110"=dword:00000055"Position111"=dword:00000032"Visible111"=dword:00000000"Width111"=dword:00000082"Position112"=dword:00000034"Visible112"=dword:00000000"Width112"=dword:00000087"Position113"=dword:00000075"Visible113"=dword:00000000"Width113"=dword:00000050"Position114"=dword:00000076"Visible114"=dword:00000000"Width114"=dword:00000050"Position115"=dword:00000077"Visible115"=dword:00000000"Width115"=dword:00000050"Position116"=dword:00000078"Visible116"=dword:00000000"Width116"=dword:00000050"Position117"=dword:00000079"Visible117"=dword:00000000"Width117"=dword:00000050"Position118"=dword:0000007a"Visible118"=dword:00000000"Width118"=dword:00000050"Position119"=dword:0000007b"Visible119"=dword:00000000"Width119"=dword:00000050"Position120"=dword:0000007c"Visible120"=dword:00000000"Width120"=dword:00000050"Position121"=dword:0000007d"Visible121"=dword:00000000"Width121"=dword:00000050"Position122"=dword:0000007e"Visible122"=dword:00000000"Width122"=dword:00000050"Position123"=dword:0000007f"Visible123"=dword:00000000"Width123"=dword:00000050"Position124"=dword:00000080"Visible124"=dword:00000000"Width124"=dword:00000050"Position125"=dword:00000081"Visible125"=dword:00000000"Width125"=dword:00000050"Position126"=dword:00000082"Visible126"=dword:00000000"Width126"=dword:00000050"Position127"=dword:00000083"Visible127"=dword:00000000"Width127"=dword:00000050"Position128"=dword:00000084"Visible128"=dword:00000000"Width128"=dword:00000050"Position129"=dword:00000085"Visible129"=dword:00000000"Width129"=dword:00000050"Position130"=dword:00000086"Visible130"=dword:00000000"Width130"=dword:00000050"Position131"=dword:00000087"Visible131"=dword:00000000"Width131"=dword:00000050"Position132"=dword:00000088"Visible132"=dword:00000000"Width132"=dword:00000050"Position133"=dword:00000089"Visible133"=dword:00000000"Width133"=dword:00000050"Position134"=dword:0000008a"Visible134"=dword:00000000"Width134"=dword:00000050"Position135"=dword:0000008b"Visible135"=dword:00000000"Width135"=dword:00000050"Position136"=dword:0000008c"Visible136"=dword:00000000"Width136"=dword:00000050"Position137"=dword:0000008d"Visible137"=dword:00000000"Width137"=dword:00000050"Position138"=dword:0000008e"Visible138"=dword:00000000"Width138"=dword:00000050"Position139"=dword:0000008f"Visible139"=dword:00000000"Width139"=dword:00000050"Position140"=dword:00000090"Visible140"=dword:00000000"Width140"=dword:00000050"Position141"=dword:00000091"Visible141"=dword:00000000"Width141"=dword:00000050"Position142"=dword:00000092"Visible142"=dword:00000000"Width142"=dword:00000050"Position143"=dword:00000093"Visible143"=dword:00000000"Width143"=dword:00000050"Position144"=dword:00000094"Visible144"=dword:00000000"Width144"=dword:00000050"Position145"=dword:00000095"Visible145"=dword:00000000"Width145"=dword:00000050"Position146"=dword:00000004"Visible146"=dword:00000000"Width146"=dword:00000037"Position147"=dword:00000005"Visible147"=dword:00000000"Width147"=dword:00000028"Position148"=dword:00000006"Visible148"=dword:00000000"Width148"=dword:00000037"Position149"=dword:00000007"Visible149"=dword:00000001"Width149"=dword:00000028[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout\Columns\Staff]"Position0"=dword:00000000"Visible0"=dword:00000001"Width0"=dword:0000007d"Position1"=dword:00000001"Visible1"=dword:00000001"Width1"=dword:00000064"Position2"=dword:00000002"Visible2"=dword:00000001"Width2"=dword:00000064"Position3"=dword:00000003"Visible3"=dword:00000001"Width3"=dword:00000069"Position4"=dword:00000005"Visible4"=dword:00000001"Width4"=dword:00000028"Position5"=dword:00000006"Visible5"=dword:00000001"Width5"=dword:00000028"Position6"=dword:00000004"Visible6"=dword:00000001"Width6"=dword:00000028"Position7"=dword:00000007"Visible7"=dword:00000001"Width7"=dword:00000050"Position8"=dword:00000008"Visible8"=dword:00000000"Width8"=dword:00000050"Position9"=dword:00000009"Visible9"=dword:00000000"Width9"=dword:0000004b"Position10"=dword:0000000a"Visible10"=dword:00000000"Width10"=dword:0000002d"Position11"=dword:0000000b"Visible11"=dword:00000000"Width11"=dword:0000003c"Position12"=dword:0000000c"Visible12"=dword:00000000"Width12"=dword:0000004b"Position13"=dword:0000000d"Visible13"=dword:00000000"Width13"=dword:00000064"Position14"=dword:0000000e"Visible14"=dword:00000000"Width14"=dword:00000064"Position15"=dword:0000000f"Visible15"=dword:00000000"Width15"=dword:0000004b"Position16"=dword:00000010"Visible16"=dword:00000000"Width16"=dword:00000064"Position17"=dword:00000011"Visible17"=dword:00000000"Width17"=dword:0000003c"Position18"=dword:00000012"Visible18"=dword:00000000"Width18"=dword:0000004b"Position19"=dword:00000013"Visible19"=dword:00000000"Width19"=dword:00000050"Position20"=dword:00000014"Visible20"=dword:00000000"Width20"=dword:00000046"Position21"=dword:00000015"Visible21"=dword:00000000"Width21"=dword:0000004b"Position22"=dword:00000016"Visible22"=dword:00000000"Width22"=dword:00000046"Position23"=dword:00000017"Visible23"=dword:00000000"Width23"=dword:00000046"Position24"=dword:00000018"Visible24"=dword:00000000"Width24"=dword:0000003c"Position25"=dword:00000019"Visible25"=dword:00000000"Width25"=dword:00000041"Position26"=dword:0000001a"Visible26"=dword:00000000"Width26"=dword:0000003c"Position27"=dword:0000001b"Visible27"=dword:00000000"Width27"=dword:00000055"Position28"=dword:0000001c"Visible28"=dword:00000000"Width28"=dword:00000069"Position29"=dword:0000001d"Visible29"=dword:00000000"Width29"=dword:0000006e"Position30"=dword:0000001e"Visible30"=dword:00000000"Width30"=dword:00000064"Position31"=dword:0000001f"Visible31"=dword:00000000"Width31"=dword:00000078"Position32"=dword:00000020"Visible32"=dword:00000000"Width32"=dword:00000064"Position33"=dword:00000021"Visible33"=dword:00000000"Width33"=dword:00000087"Position34"=dword:00000022"Visible34"=dword:00000000"Width34"=dword:00000069"Position35"=dword:00000023"Visible35"=dword:00000000"Width35"=dword:0000006e"Position36"=dword:00000024"Visible36"=dword:00000000"Width36"=dword:00000073"Position37"=dword:00000025"Visible37"=dword:00000000"Width37"=dword:0000004b"Position38"=dword:00000026"Visible38"=dword:00000000"Width38"=dword:0000002d"Position39"=dword:00000027"Visible39"=dword:00000000"Width39"=dword:00000055"Position40"=dword:00000028"Visible40"=dword:00000000"Width40"=dword:00000046"Position41"=dword:00000029"Visible41"=dword:00000000"Width41"=dword:0000004b"Position42"=dword:0000002a"Visible42"=dword:00000000"Width42"=dword:0000003c"Position43"=dword:0000002b"Visible43"=dword:00000000"Width43"=dword:00000046"Position44"=dword:0000002c"Visible44"=dword:00000000"Width44"=dword:00000073"Position45"=dword:0000002d"Visible45"=dword:00000000"Width45"=dword:0000004b"Position46"=dword:0000002e"Visible46"=dword:00000000"Width46"=dword:00000073"Position47"=dword:0000002f"Visible47"=dword:00000000"Width47"=dword:0000007d"Position48"=dword:00000030"Visible48"=dword:00000000"Width48"=dword:0000006e"Position49"=dword:00000031"Visible49"=dword:00000000"Width49"=dword:00000037"Position50"=dword:00000032"Visible50"=dword:00000000"Width50"=dword:00000064"Position51"=dword:00000033"Visible51"=dword:00000000"Width51"=dword:00000037"Position52"=dword:00000034"Visible52"=dword:00000000"Width52"=dword:0000004b"Position53"=dword:00000035"Visible53"=dword:00000000"Width53"=dword:00000046"Position54"=dword:00000036"Visible54"=dword:00000000"Width54"=dword:00000037"Position55"=dword:00000037"Visible55"=dword:00000000"Width55"=dword:0000003c"Position56"=dword:00000038"Visible56"=dword:00000000"Width56"=dword:00000055"Position57"=dword:00000039"Visible57"=dword:00000000"Width57"=dword:0000003c"Position58"=dword:0000003a"Visible58"=dword:00000000"Width58"=dword:0000003c"Position59"=dword:0000003b"Visible59"=dword:00000000"Width59"=dword:00000055"Position60"=dword:0000003c"Visible60"=dword:00000000"Width60"=dword:00000046"Position61"=dword:0000003d"Visible61"=dword:00000000"Width61"=dword:0000004b"Position62"=dword:0000003e"Visible62"=dword:00000000"Width62"=dword:00000055"Position63"=dword:0000003f"Visible63"=dword:00000000"Width63"=dword:0000005a"Position64"=dword:00000040"Visible64"=dword:00000000"Width64"=dword:0000006e"Position65"=dword:00000041"Visible65"=dword:00000000"Width65"=dword:00000050"Position66"=dword:00000042"Visible66"=dword:00000000"Width66"=dword:00000032"Position67"=dword:00000043"Visible67"=dword:00000000"Width67"=dword:00000064"Position68"=dword:00000044"Visible68"=dword:00000000"Width68"=dword:0000004b"Position69"=dword:00000045"Visible69"=dword:00000000"Width69"=dword:0000002d"Position70"=dword:00000046"Visible70"=dword:00000000"Width70"=dword:0000004b"Position71"=dword:00000047"Visible71"=dword:00000000"Width71"=dword:0000005a"Position72"=dword:00000048"Visible72"=dword:00000000"Width72"=dword:0000005a"Position73"=dword:00000049"Visible73"=dword:00000000"Width73"=dword:00000050"Position74"=dword:0000004a"Visible74"=dword:00000000"Width74"=dword:0000004b"Position75"=dword:0000004b"Visible75"=dword:00000000"Width75"=dword:00000050"Position76"=dword:0000004c"Visible76"=dword:00000000"Width76"=dword:0000005a"Position77"=dword:0000004d"Visible77"=dword:00000000"Width77"=dword:00000041"Position78"=dword:0000004e"Visible78"=dword:00000000"Width78"=dword:00000041"Position79"=dword:0000004f"Visible79"=dword:00000000"Width79"=dword:00000041"Position80"=dword:00000050"Visible80"=dword:00000000"Width80"=dword:00000041"Position81"=dword:00000051"Visible81"=dword:00000000"Width81"=dword:00000041"Position82"=dword:00000052"Visible82"=dword:00000000"Width82"=dword:00000041"Position83"=dword:00000053"Visible83"=dword:00000000"Width83"=dword:00000041"Position84"=dword:00000054"Visible84"=dword:00000000"Width84"=dword:00000041"Position85"=dword:00000055"Visible85"=dword:00000000"Width85"=dword:00000041"Position86"=dword:00000056"Visible86"=dword:00000000"Width86"=dword:00000050[HKEY_USERS\S-1-5-21-2238951125-1727324525-1025964102-1005\Software\G*e*n*i*e*"!\FM Genie Scout\Rating Coefficients]"GKWeightCoef"=dword:00000062"GKCurrentAbilityCoef"=dword:00000000"GKCornersCoef"=dword:00000000"GKCrossingCoef"=dword:00000000"GKDribblingCoef"=dword:00000000"GKFinishingCoef"=dword:00000000"GKFirstTouchCoef"=dword:00000000"GKFreeKicksCoef"=dword:00000000"GKHeadingCoef"=dword:00000000"GKLongShotsCoef"=dword:00000000"GKLongThrowsCoef"=dword:00000000"GKMarkingCoef"=dword:00000000"GKPassingCoef"=dword:00000000"GKPenaltiesCoef"=dword:00000000"GKTacklingCoef"=dword:00000005"GKTechniqueCoef"=dword:00000000"GKLeftFootCoef"=dword:00000000"GKRightFootCoef"=dword:00000000"GKAggressionCoef"=dword:0000000a"GKAnticipationCoef"=dword:00000005"GKBraveryCoef"=dword:00000014"GKComposureCoef"=dword:00000014"GKConcentrationCoef"=dword:0000000a"GKConsistencyCoef"=dword:0000000a"GKCreativityCoef"=dword:00000000"GKDecisionsCoef"=dword:00000014"GKDeterminationCoef"=dword:0000000a"GKDirtinessCoef"=dword:fffffffb"GKFlairCoef"=dword:00000000"GKImportantMatchesCoef"=dword:0000000a"GKInfluenceCoef"=dword:0000000a"GKOffTheBallCoef"=dword:00000000"GKPositioningCoef"=dword:00000050"GKTeamworkCoef"=dword:00000005"GKWorkRateCoef"=dword:00000000"GKAccelerationCoef"=dword:00000005"GKAgilityCoef"=dword:0000000a"GKBalanceCoef"=dword:0000000a"GKInjuryPronenessCoef"=dword:fffffffb"GKJumpingCoef"=dword:00000050"GKNaturalFitnessCoef"=dword:00000005"GKPaceCoef"=dword:00000000"GKStaminaCoef"=dword:00000000"GKStrengthCoef"=dword:0000000a"GKVersatilityCoef"=dword:00000000"GKAerialAbilityCoef"=dword:00000032"GKCommandOfAreaCoef"=dword:00000014"GKCommunicationCoef"=dword:00000032"GKEccentricityCoef"=dword:ffffffec"GKHandlingCoef"=dword:00000064"GKKickingCoef"=dword:0000000a"GKOneOnOnesCoef"=dword:00000032"GKReflexesCoef"=dword:00000064"GKRushingOutCoef"=dword:00000014"GKTendencyToPunchCoef"=dword:fffffff6"GKThrowingCoef"=dword:0000000a"GKAdaptabilityCoef"=dword:00000005"GKAmbitionCoef"=dword:0000000a"GKControversyCoef"=dword:fffffffb"GKLoyalityCoef"=dword:00000005"GKPressureCoef"=dword:00000005"GKProfessionalismCoef"=dword:00000005"GKSportsmanshipCoef"=dword:00000005"GKTemperamentCoef"=dword:00000005"SWWeightCoef"=dword:00000066"SWCurrentAbilityCoef"=dword:00000000"SWCornersCoef"=dword:00000000"SWCrossingCoef"=dword:00000000"SWDribblingCoef"=dword:00000000"SWFinishingCoef"=dword:00000000"SWFirstTouchCoef"=dword:00000014"SWFreeKicksCoef"=dword:0000000a"SWHeadingCoef"=dword:00000064"SWLongShotsCoef"=dword:0000000a"SWLongThrowsCoef"=dword:00000000"SWMarkingCoef"=dword:00000064"SWPassingCoef"=dword:0000000a"SWPenaltiesCoef"=dword:00000005"SWTacklingCoef"=dword:00000064"SWTechniqueCoef"=dword:0000000a"SWLeftFootCoef"=dword:00000005"SWRightFootCoef"=dword:00000005"SWAggressionCoef"=dword:00000014"SWAnticipationCoef"=dword:00000014"SWBraveryCoef"=dword:00000028"SWComposureCoef"=dword:00000028"SWConcentrationCoef"=dword:0000003c"SWConsistencyCoef"=dword:0000000a"SWCreativityCoef"=dword:0000000a"SWDecisionsCoef"=dword:00000014"SWDeterminationCoef"=dword:0000000a"SWDirtinessCoef"=dword:ffffffe7"SWFlairCoef"=dword:00000000"SWImportantMatchesCoef"=dword:0000000a"SWInfluenceCoef"=dword:0000000a"SWOffTheBallCoef"=dword:0000000a"SWPositioningCoef"=dword:00000064"SWTeamworkCoef"=dword:00000028"SWWorkRateCoef"=dword:00000014"SWAccelerationCoef"=dword:0000001e"SWAgilityCoef"=dword:0000000a"SWBalanceCoef"=dword:00000014"SWInjuryPronenessCoef"=dword:fffffffb"SWJumpingCoef"=dword:00000064"SWNaturalFitnessCoef"=dword:00000005"SWPaceCoef"=dword:00000014"SWStaminaCoef"=dword:0000000a"SWStrengthCoef"=dword:00000050"SWVersatilityCoef"=dword:00000005"SWAerialAbilityCoef"=dword:00000000"SWCommandOfAreaCoef"=dword:00000000"SWCommunicationCoef"=dword:00000000"SWEccentricityCoef"=dword:00000000"SWHandlingCoef"=dword:00000000"SWKickingCoef"=dword:00000000"SWOneOnOnesCoef"=dword:00000005"SWReflexesCoef"=dword:00000005"SWRushingOutCoef"=dword:00000000"SWTendencyToPunchCoef"=dword:00000000"SWThrowingCoef"=dword:00000000"SWAdaptabilityCoef"=dword:00000005"SWAmbitionCoef"=dword:0000000a"SWControversyCoef"=dword:fffffffb"SWLoyalityCoef"=dword:00000005"SWPressureCoef"=dword:00000005"SWProfessionalismCoef"=dword:00000005"SWSportsmanshipCoef"=dword:00000005"SWTemperamentCoef"=dword:00000005"CBWeightCoef"=dword:00000064"CBCurrentAbilityCoef"=dword:00000000"CBCornersCoef"=dword:00000000"CBCrossingCoef"=dword:00000000"CBDribblingCoef"=dword:00000000"CBFinishingCoef"=dword:00000000"CBFirstTouchCoef"=dword:00000014"CBFreeKicksCoef"=dword:0000000a"CBHeadingCoef"=dword:00000064"CBLongShotsCoef"=dword:0000000a"CBLongThrowsCoef"=dword:00000000"CBMarkingCoef"=dword:00000050"CBPassingCoef"=dword:00000014"CBPenaltiesCoef"=dword:00000005"CBTacklingCoef"=dword:00000064"CBTechniqueCoef"=dword:0000000a"CBLeftFootCoef"=dword:00000005"CBRightFootCoef"=dword:00000005"CBAggressionCoef"=dword:00000014"CBAnticipationCoef"=dword:00000014"CBBraveryCoef"=dword:00000028"CBComposureCoef"=dword:00000014"CBConcentrationCoef"=dword:00000028"CBConsistencyCoef"=dword:0000000a"CBCreativityCoef"=dword:0000000a"CBDecisionsCoef"=dword:00000014"CBDeterminationCoef"=dword:0000000a"CBDirtinessCoef"=dword:ffffffec"CBFlairCoef"=dword:00000000"CBImportantMatchesCoef"=dword:0000000a"CBInfluenceCoef"=dword:0000000a"CBOffTheBallCoef"=dword:0000000a"CBPositioningCoef"=dword:00000050"CBTeamworkCoef"=dword:00000028"CBWorkRateCoef"=dword:00000014"CBAccelerationCoef"=dword:00000028"CBAgilityCoef"=dword:0000000a"CBBalanceCoef"=dword:00000014"CBInjuryPronenessCoef"=dword:fffffffb"CBJumpingCoef"=dword:00000064"CBNaturalFitnessCoef"=dword:00000005"CBPaceCoef"=dword:0000001e"CBStaminaCoef"=dword:0000000a"CBStrengthCoef"=dword:0000003c"CBVersatilityCoef"=dword:00000005"CBAerialAbilityCoef"=dword:00000000"CBCommandOfAreaCoef"=dword:00000000"CBCommunicationCoef"=dword:00000000"CBEccentricityCoef"=dword:00000000"CBHandlingCoef"=dword:00000000"CBKickingCoef"=dword:00000000"CBOneOnOnesCoef"=dword:00000005"CBReflexesCoef"=dword:00000005"CBRushingOutCoef"=dword:00000000"CBTendencyToPunchCoef"=dword:00000000"CBThrowingCoef"=dword:00000000"CBAdaptabilityCoef"=dword:00000005"CBAmbitionCoef"=dword:0000000a"CBControversyCoef"=dword:fffffffb"CBLoyalityCoef"=dword:00000005"CBPressureCoef"=dword:00000005"CBProfessionalismCoef"=dword:00000005"CBSportsmanshipCoef"=dword:00000005"CBTemperamentCoef"=dword:00000005"FBWeightCoef"=dword:00000068"FBCurrentAbilityCoef"=dword:00000000"FBCornersCoef"=dword:0000000a"FBCrossingCoef"=dword:0000001e"FBDribblingCoef"=dword:00000014"FBFinishingCoef"=dword:00000000"FBFirstTouchCoef"=dword:00000014"FBFreeKicksCoef"=dword:0000000a"FBHeadingCoef"=dword:0000003c"FBLongShotsCoef"=dword:0000000a"FBLongThrowsCoef"=dword:0000000a"FBMarkingCoef"=dword:0000003c"FBPassingCoef"=dword:0000001e"FBPenaltiesCoef"=dword:00000005"FBTacklingCoef"=dword:00000064"FBTechniqueCoef"=dword:00000014"FBLeftFootCoef"=dword:00000005"FBRightFootCoef"=dword:00000005"FBAggressionCoef"=dword:0000000f"FBAnticipationCoef"=dword:00000050"FBBraveryCoef"=dword:00000014"FBComposureCoef"=dword:0000000a"FBConcentrationCoef"=dword:0000001e"FBConsistencyCoef"=dword:0000000a"FBCreativityCoef"=dword:0000000a"FBDecisionsCoef"=dword:00000014"FBDeterminationCoef"=dword:0000000a"FBDirtinessCoef"=dword:fffffff6"FBFlairCoef"=dword:00000005"FBImportantMatchesCoef"=dword:0000000a"FBInfluenceCoef"=dword:0000000a"FBOffTheBallCoef"=dword:00000014"FBPositioningCoef"=dword:00000064"FBTeamworkCoef"=dword:00000014"FBWorkRateCoef"=dword:00000014"FBAccelerationCoef"=dword:0000003c"FBAgilityCoef"=dword:0000000a"FBBalanceCoef"=dword:00000014"FBInjuryPronenessCoef"=dword:fffffffb"FBJumpingCoef"=dword:0000003c"FBNaturalFitnessCoef"=dword:00000005"FBPaceCoef"=dword:00000050"FBStaminaCoef"=dword:0000003c"FBStrengthCoef"=dword:00000028"FBVersatilityCoef"=dword:00000005"FBAerialAbilityCoef"=dword:00000000"FBCommandOfAreaCoef"=dword:00000000"FBCommunicationCoef"=dword:00000000"FBEccentricityCoef"=dword:00000000"FBHandlingCoef"=dword:00000000"FBKickingCoef"=dword:00000000"FBOneOnOnesCoef"=dword:00000005"FBReflexesCoef"=dword:00000005"FBRushingOutCoef"=dword:00000000"FBTendencyToPunchCoef"=dword:00000000"FBThrowingCoef"=dword:00000000"FBAdaptabilityCoef"=dword:00000005"FBAmbitionCoef"=dword:0000000a"FBControversyCoef"=dword:fffffffb"FBLoyalityCoef"=dword:00000005"FBPressureCoef"=dword:00000005"FBProfessionalismCoef"=dword:00000005"FBSportsmanshipCoef"=dword:00000005"FBTemperamentCoef"=dword:00000005"WBWeightCoef"=dword:00000069"WBCurrentAbilityCoef"=dword:00000000"WBCornersCoef"=dword:0000000a"WBCrossingCoef"=dword:0000003c"WBDribblingCoef"=dword:00000028"WBFinishingCoef"=dword:0000000a"WBFirstTouchCoef"=dword:00000014"WBFreeKicksCoef"=dword:0000000a"WBHeadingCoef"=dword:00000028"WBLongShotsCoef"=dword:00000014"WBLongThrowsCoef"=dword:0000000a"WBMarkingCoef"=dword:0000003c"WBPassingCoef"=dword:00000028"WBPenaltiesCoef"=dword:00000005"WBTacklingCoef"=dword:00000064"WBTechniqueCoef"=dword:00000028"WBLeftFootCoef"=dword:00000005"WBRightFootCoef"=dword:00000005"WBAggressionCoef"=dword:0000000a"WBAnticipationCoef"=dword:00000050"WBBraveryCoef"=dword:0000000a"WBComposureCoef"=dword:0000000a"WBConcentrationCoef"=dword:00000014"WBConsistencyCoef"=dword:0000000a"WBCreativityCoef"=dword:00000014"WBDecisionsCoef"=dword:00000014"WBDeterminationCoef"=dword:0000000a"WBDirtinessCoef"=dword:fffffff6"WBFlairCoef"=dword:0000000a"WBImportantMatchesCoef"=dword:0000000a"WBInfluenceCoef"=dword:0000000a"WBOffTheBallCoef"=dword:00000014"WBPositioningCoef"=dword:00000064"WBTeamworkCoef"=dword:00000014"WBWorkRateCoef"=dword:00000028"WBAccelerationCoef"=dword:00000050"WBAgilityCoef"=dword:0000000a"WBBalanceCoef"=dword:00000014"WBInjuryPronenessCoef"=dword:fffffffb"WBJumpingCoef"=dword:00000014"WBNaturalFitnessCoef"=dword:00000005"WBPaceCoef"=dword:00000064"WBStaminaCoef"=dword:00000050"WBStrengthCoef"=dword:00000028"WBVersatilityCoef"=dword:00000005"WBAerialAbilityCoef"=dword:00000000"WBCommandOfAreaCoef"=dword:00000000"WBCommunicationCoef"=dword:00000000"WBEccentricityCoef"=dword:00000000"WBHandlingCoef"=dword:00000000"WBKickingCoef"=dword:00000000"WBOneOnOnesCoef"=dword:00000005"WBReflexesCoef"=dword:00000005"WBRushingOutCoef"=dword:00000000"WBTendencyToPunchCoef"=dword:00000000"WBThrowingCoef"=dword:00000000"WBAdaptabilityCoef"=dword:00000005"WBAmbitionCoef"=dword:0000000a"WBControversyCoef"=dword:fffffffb"WBLoyalityCoef"=dword:00000005"WBPressureCoef"=dword:00000005"WBProfessionalismCoef"=dword:00000005"WBSportsmanshipCoef"=dword:00000005"WBTemperamentCoef"=dword:00000005"DMWeightCoef"=dword:00000066"DMCurrentAbilityCoef"=dword:00000000"DMCornersCoef"=dword:0000000a"DMCrossingCoef"=dword:0000001e"DMDribblingCoef"=dword:00000014"DMFinishingCoef"=dword:0000000a"DMFirstTouchCoef"=dword:0000001e"DMFreeKicksCoef"=dword:0000000a"DMHeadingCoef"=dword:00000028"DMLongShotsCoef"=dword:00000014"DMLongThrowsCoef"=dword:00000005"DMMarkingCoef"=dword:0000003c"DMPassingCoef"=dword:00000028"DMPenaltiesCoef"=dword:00000005"DMTacklingCoef"=dword:00000064"DMTechniqueCoef"=dword:0000001e"DMLeftFootCoef"=dword:00000005"DMRightFootCoef"=dword:00000005"DMAggressionCoef"=dword:00000028"DMAnticipationCoef"=dword:00000028"DMBraveryCoef"=dword:00000014"DMComposureCoef"=dword:0000000a"DMConcentrationCoef"=dword:00000014"DMConsistencyCoef"=dword:0000000a"DMCreativityCoef"=dword:00000014"DMDecisionsCoef"=dword:00000014"DMDeterminationCoef"=dword:0000000a"DMDirtinessCoef"=dword:fffffff6"DMFlairCoef"=dword:0000000a"DMImportantMatchesCoef"=dword:0000000a"DMInfluenceCoef"=dword:0000000a"DMOffTheBallCoef"=dword:0000001e"DMPositioningCoef"=dword:00000050"DMTeamworkCoef"=dword:00000028"DMWorkRateCoef"=dword:00000050"DMAccelerationCoef"=dword:00000028"DMAgilityCoef"=dword:0000000a"DMBalanceCoef"=dword:0000000a"DMInjuryPronenessCoef"=dword:fffffffb"DMJumpingCoef"=dword:00000028"DMNaturalFitnessCoef"=dword:00000005"DMPaceCoef"=dword:00000028"DMStaminaCoef"=dword:0000003c"DMStrengthCoef"=dword:00000028"DMVersatilityCoef"=dword:00000005"DMAerialAbilityCoef"=dword:00000000"DMCommandOfAreaCoef"=dword:00000000"DMCommunicationCoef"=dword:00000000"DMEccentricityCoef"=dword:00000000"DMHandlingCoef"=dword:00000000"DMKickingCoef"=dword:00000000"DMOneOnOnesCoef"=dword:00000005"DMReflexesCoef"=dword:00000005"DMRushingOutCoef"=dword:00000000"DMTendencyToPunchCoef"=dword:00000000"DMThrowingCoef"=dword:00000000"DMAdaptabilityCoef"=dword:00000005"DMAmbitionCoef"=dword:0000000a"DMControversyCoef"=dword:fffffffb"DMLoyalityCoef"=dword:00000005"DMPressureCoef"=dword:00000005"DMProfessionalismCoef"=dword:00000005"DMSportsmanshipCoef"=dword:00000005"DMTemperamentCoef"=dword:00000005"MWeightCoef"=dword:00000067"MCurrentAbilityCoef"=dword:00000000"MCornersCoef"=dword:0000000a"MCrossingCoef"=dword:00000028"MDribblingCoef"=dword:00000032"MFinishingCoef"=dword:00000014"MFirstTouchCoef"=dword:0000001e"MFreeKicksCoef"=dword:0000000a"MHeadingCoef"=dword:0000001e"MLongShotsCoef"=dword:00000014"MLongThrowsCoef"=dword:00000005"MMarkingCoef"=dword:00000028"MPassingCoef"=dword:00000046"MPenaltiesCoef"=dword:00000005"MTacklingCoef"=dword:0000003c"MTechniqueCoef"=dword:00000032"MLeftFootCoef"=dword:00000005"MRightFootCoef"=dword:00000005"MAggressionCoef"=dword:0000001e"MAnticipationCoef"=dword:00000028"MBraveryCoef"=dword:0000000a"MComposureCoef"=dword:0000000a"MConcentrationCoef"=dword:0000000a"MConsistencyCoef"=dword:0000000a"MCreativityCoef"=dword:0000003c"MDecisionsCoef"=dword:0000001e"MDeterminationCoef"=dword:0000000a"MDirtinessCoef"=dword:fffffffb"MFlairCoef"=dword:0000000a"MImportantMatchesCoef"=dword:0000000a"MInfluenceCoef"=dword:0000000a"MOffTheBallCoef"=dword:00000028"MPositioningCoef"=dword:00000028"MTeamworkCoef"=dword:00000032"MWorkRateCoef"=dword:00000032"MAccelerationCoef"=dword:00000032"MAgilityCoef"=dword:0000000a"MBalanceCoef"=dword:0000000a"MInjuryPronenessCoef"=dword:fffffffb"MJumpingCoef"=dword:00000028"MNaturalFitnessCoef"=dword:00000005"MPaceCoef"=dword:00000028"MStaminaCoef"=dword:0000003c"MStrengthCoef"=dword:0000001e"MVersatilityCoef"=dword:00000005"MAerialAbilityCoef"=dword:00000000"MCommandOfAreaCoef"=dword:00000000"MCommunicationCoef"=dword:00000000"MEccentricityCoef"=dword:00000000"MHandlingCoef"=dword:00000000"MKickingCoef"=dword:00000000"MOneOnOnesCoef"=dword:00000005"MReflexesCoef"=dword:00000005"MRushingOutCoef"=dword:00000000"MTendencyToPunchCoef"=dword:00000000"MThrowingCoef"=dword:00000000"MAdaptabilityCoef"=dword:00000005"MAmbitionCoef"=dword:0000000a"MControversyCoef"=dword:fffffffb"MLoyalityCoef"=dword:00000005"MPressureCoef"=dword:00000005"MProfessionalismCoef"=dword:00000005"MSportsmanshipCoef"=dword:00000005"MTemperamentCoef"=dword:00000005"AMWeightCoef"=dword:00000066"AMCurrentAbilityCoef"=dword:00000000"AMCornersCoef"=dword:0000000a"AMCrossingCoef"=dword:0000003c"AMDribblingCoef"=dword:00000050"AMFinishingCoef"=dword:00000028"AMFirstTouchCoef"=dword:0000001e"AMFreeKicksCoef"=dword:0000000a"AMHeadingCoef"=dword:00000014"AMLongShotsCoef"=dword:00000014"AMLongThrowsCoef"=dword:00000005"AMMarkingCoef"=dword:0000000a"AMPassingCoef"=dword:00000064"AMPenaltiesCoef"=dword:00000005"AMTacklingCoef"=dword:0000000a"AMTechniqueCoef"=dword:00000050"AMLeftFootCoef"=dword:00000005"AMRightFootCoef"=dword:00000005"AMAggressionCoef"=dword:0000000a"AMAnticipationCoef"=dword:0000001e"AMBraveryCoef"=dword:0000000a"AMComposureCoef"=dword:0000000a"AMConcentrationCoef"=dword:0000000a"AMConsistencyCoef"=dword:0000000a"AMCreativityCoef"=dword:00000064"AMDecisionsCoef"=dword:00000028"AMDeterminationCoef"=dword:0000000a"AMDirtinessCoef"=dword:fffffffb"AMFlairCoef"=dword:00000014"AMImportantMatchesCoef"=dword:0000000a"AMInfluenceCoef"=dword:0000000a"AMOffTheBallCoef"=dword:0000003c"AMPositioningCoef"=dword:00000014"AMTeamworkCoef"=dword:0000003c"AMWorkRateCoef"=dword:00000014"AMAccelerationCoef"=dword:0000003c"AMAgilityCoef"=dword:0000000a"AMBalanceCoef"=dword:0000000a"AMInjuryPronenessCoef"=dword:fffffffb"AMJumpingCoef"=dword:00000014"AMNaturalFitnessCoef"=dword:00000005"AMPaceCoef"=dword:0000003c"AMStaminaCoef"=dword:0000003c"AMStrengthCoef"=dword:00000014"AMVersatilityCoef"=dword:00000005"AMAerialAbilityCoef"=dword:00000000"AMCommandOfAreaCoef"=dword:00000000"AMCommunicationCoef"=dword:00000000"AMEccentricityCoef"=dword:00000000"AMHandlingCoef"=dword:00000000"AMKickingCoef"=dword:00000000"AMOneOnOnesCoef"=dword:00000005"AMReflexesCoef"=dword:00000005"AMRushingOutCoef"=dword:00000000"AMTendencyToPunchCoef"=dword:00000000"AMThrowingCoef"=dword:00000000"AMAdaptabilityCoef"=dword:00000005"AMAmbitionCoef"=dword:0000000a"AMControversyCoef"=dword:fffffffb"AMLoyalityCoef"=dword:00000005"AMPressureCoef"=dword:00000005"AMProfessionalismCoef"=dword:00000005"AMSportsmanshipCoef"=dword:00000005"AMTemperamentCoef"=dword:00000005"WWeightCoef"=dword:00000066"WCurrentAbilityCoef"=dword:00000000"WCornersCoef"=dword:0000000a"WCrossingCoef"=dword:00000064"WDribblingCoef"=dword:00000064"WFinishingCoef"=dword:0000003c"WFirstTouchCoef"=dword:0000001e"WFreeKicksCoef"=dword:0000000a"WHeadingCoef"=dword:00000014"WLongShotsCoef"=dword:00000014"WLongThrowsCoef"=dword:00000005"WMarkingCoef"=dword:0000000a"WPassingCoef"=dword:0000003c"WPenaltiesCoef"=dword:00000005"WTacklingCoef"=dword:0000000a"WTechniqueCoef"=dword:00000050"WLeftFootCoef"=dword:00000005"WRightFootCoef"=dword:00000005"WAggressionCoef"=dword:0000000a"WAnticipationCoef"=dword:00000014"WBraveryCoef"=dword:0000000a"WComposureCoef"=dword:0000000a"WConcentrationCoef"=dword:0000000a"WConsistencyCoef"=dword:0000000a"WCreativityCoef"=dword:0000003c"WDecisionsCoef"=dword:00000014"WDeterminationCoef"=dword:0000000a"WDirtinessCoef"=dword:fffffffb"WFlairCoef"=dword:0000000a"WImportantMatchesCoef"=dword:00000014"WInfluenceCoef"=dword:0000000a"WOffTheBallCoef"=dword:0000003c"WPositioningCoef"=dword:00000014"WTeamworkCoef"=dword:0000001e"WWorkRateCoef"=dword:0000001e"WAccelerationCoef"=dword:00000050"WAgilityCoef"=dword:00000014"WBalanceCoef"=dword:0000000a"WInjuryPronenessCoef"=dword:fffffffb"WJumpingCoef"=dword:00000014"WNaturalFitnessCoef"=dword:00000005"WPaceCoef"=dword:00000064"WStaminaCoef"=dword:0000003c"WStrengthCoef"=dword:00000014"WVersatilityCoef"=dword:00000005"WAerialAbilityCoef"=dword:00000000"WCommandOfAreaCoef"=dword:00000000"WCommunicationCoef"=dword:00000000"WEccentricityCoef"=dword:00000000"WHandlingCoef"=dword:00000000"WKickingCoef"=dword:00000000"WOneOnOnesCoef"=dword:00000005"WReflexesCoef"=dword:00000005"WRushingOutCoef"=dword:00000000"WTendencyToPunchCoef"=dword:00000000"WThrowingCoef"=dword:00000000"WAdaptabilityCoef"=dword:00000005"WAmbitionCoef"=dword:0000000a"WControversyCoef"=dword:fffffffb"WLoyalityCoef"=dword:00000005"WPressureCoef"=dword:00000005"WProfessionalismCoef"=dword:00000005"WSportsmanshipCoef"=dword:00000005"WTemperamentCoef"=dword:00000005"FSTWeightCoef"=dword:00000064"FSTCurrentAbilityCoef"=dword:00000000"FSTCornersCoef"=dword:0000000a"FSTCrossingCoef"=dword:0000000a"FSTDribblingCoef"=dword:00000050"FSTFinishingCoef"=dword:00000064"FSTFirstTouchCoef"=dword:00000028"FSTFreeKicksCoef"=dword:0000000a"FSTHeadingCoef"=dword:00000028"FSTLongShotsCoef"=dword:00000014"FSTLongThrowsCoef"=dword:00000000"FSTMarkingCoef"=dword:00000000"FSTPassingCoef"=dword:00000028"FSTPenaltiesCoef"=dword:00000005"FSTTacklingCoef"=dword:00000000"FSTTechniqueCoef"=dword:00000050"FSTLeftFootCoef"=dword:00000005"FSTRightFootCoef"=dword:00000005"FSTAggressionCoef"=dword:0000000a"FSTAnticipationCoef"=dword:0000000a"FSTBraveryCoef"=dword:0000000a"FSTComposureCoef"=dword:0000000a"FSTConcentrationCoef"=dword:0000000a"FSTConsistencyCoef"=dword:0000000a"FSTCreativityCoef"=dword:00000028"FSTDecisionsCoef"=dword:0000000a"FSTDeterminationCoef"=dword:0000000a"FSTDirtinessCoef"=dword:fffffffb"FSTFlairCoef"=dword:0000000a"FSTImportantMatchesCoef"=dword:0000000a"FSTInfluenceCoef"=dword:0000000a"FSTOffTheBallCoef"=dword:00000050"FSTPositioningCoef"=dword:0000000a"FSTTeamworkCoef"=dword:0000000a"FSTWorkRateCoef"=dword:0000000a"FSTAccelerationCoef"=dword:00000064"FSTAgilityCoef"=dword:00000028"FSTBalanceCoef"=dword:0000000a"FSTInjuryPronenessCoef"=dword:fffffffb"FSTJumpingCoef"=dword:00000014"FSTNaturalFitnessCoef"=dword:00000005"FSTPaceCoef"=dword:00000064"FSTStaminaCoef"=dword:00000028"FSTStrengthCoef"=dword:00000014"FSTVersatilityCoef"=dword:00000005"FSTAerialAbilityCoef"=dword:00000000"FSTCommandOfAreaCoef"=dword:00000000"FSTCommunicationCoef"=dword:00000000"FSTEccentricityCoef"=dword:00000000"FSTHandlingCoef"=dword:00000000"FSTKickingCoef"=dword:00000000"FSTOneOnOnesCoef"=dword:00000005"FSTReflexesCoef"=dword:00000005"FSTRushingOutCoef"=dword:00000000"FSTTendencyToPunchCoef"=dword:00000000"FSTThrowingCoef"=dword:00000000"FSTAdaptabilityCoef"=dword:00000005"FSTAmbitionCoef"=dword:0000000a"FSTControversyCoef"=dword:fffffffb"FSTLoyalityCoef"=dword:00000005"FSTPressureCoef"=dword:00000005"FSTProfessionalismCoef"=dword:00000005"FSTSportsmanshipCoef"=dword:00000005"FSTTemperamentCoef"=dword:00000005"TSTWeightCoef"=dword:00000065"TSTCurrentAbilityCoef"=dword:00000000"TSTCornersCoef"=dword:00000000"TSTCrossingCoef"=dword:0000000a"TSTDribblingCoef"=dword:0000003c"TSTFinishingCoef"=dword:00000050"TSTFirstTouchCoef"=dword:0000001e"TSTFreeKicksCoef"=dword:0000000a"TSTHeadingCoef"=dword:00000064"TSTLongShotsCoef"=dword:00000014"TSTLongThrowsCoef"=dword:00000000"TSTMarkingCoef"=dword:00000000"TSTPassingCoef"=dword:00000028"TSTPenaltiesCoef"=dword:00000005"TSTTacklingCoef"=dword:00000000"TSTTechniqueCoef"=dword:00000028"TSTLeftFootCoef"=dword:00000005"TSTRightFootCoef"=dword:00000005"TSTAggressionCoef"=dword:00000014"TSTAnticipationCoef"=dword:0000000a"TSTBraveryCoef"=dword:00000014"TSTComposureCoef"=dword:0000000a"TSTConcentrationCoef"=dword:0000000a"TSTConsistencyCoef"=dword:0000000a"TSTCreativityCoef"=dword:00000014"TSTDecisionsCoef"=dword:0000000a"TSTDeterminationCoef"=dword:0000000a"TSTDirtinessCoef"=dword:fffffffb"TSTFlairCoef"=dword:0000000a"TSTImportantMatchesCoef"=dword:0000000a"TSTInfluenceCoef"=dword:0000000a"TSTOffTheBallCoef"=dword:00000050"TSTPositioningCoef"=dword:00000014"TSTTeamworkCoef"=dword:0000000a"TSTWorkRateCoef"=dword:0000000a"TSTAccelerationCoef"=dword:00000028"TSTAgilityCoef"=dword:00000014"TSTBalanceCoef"=dword:00000014"TSTInjuryPronenessCoef"=dword:fffffffb"TSTJumpingCoef"=dword:00000064"TSTNaturalFitnessCoef"=dword:00000005"TSTPaceCoef"=dword:00000028"TSTStaminaCoef"=dword:00000014"TSTStrengthCoef"=dword:00000050"TSTVersatilityCoef"=dword:00000005"TSTAerialAbilityCoef"=dword:00000000"TSTCommandOfAreaCoef"=dword:00000000"TSTCommunicationCoef"=dword:00000000"TSTEccentricityCoef"=dword:00000000"TSTHandlingCoef"=dword:00000000"TSTKickingCoef"=dword:00000000"TSTOneOnOnesCoef"=dword:00000005"TSTReflexesCoef"=dword:00000005"TSTRushingOutCoef"=dword:00000000"TSTTendencyToPunchCoef"=dword:00000000"TSTThrowingCoef"=dword:00000000"TSTAdaptabilityCoef"=dword:00000005"TSTAmbitionCoef"=dword:0000000a"TSTControversyCoef"=dword:fffffffb"TSTLoyalityCoef"=dword:00000005"TSTPressureCoef"=dword:00000005"TSTProfessionalismCoef"=dword:00000005"TSTSportsmanshipCoef"=dword:00000005"TSTTemperamentCoef"=dword:00000005.--------------------- DLLs Loaded Under Running Processes ---------------------- - - - - - - > 'explorer.exe'(1168)c:\windows\system32\WININET.dllc:\windows\system32\ieframe.dllc:\windows\system32\webcheck.dllc:\windows\system32\WPDShServiceObj.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Other Running Processes ------------------------.c:\windows\system32\rundll32.exec:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exec:\program files\HP\Digital Imaging\bin\hpqimzone.exec:\windows\system32\msdtc.exec:\program files\Common Files\AOL\ACS\AOLacsd.exec:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exec:\program files\Bonjour\mDNSResponder.exec:\windows\system32\hasplms.exec:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exec:\program files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exec:\windows\ehome\mcrdsvc.exec:\windows\system32\mqsvc.exec:\program files\Hewlett-Packard\Shared\hpqwmiex.exec:\windows\system32\mqtgsvc.exec:\program files\iPod\bin\iPodService.exec:\progra~1\hpq\Shared\HPQTOA~1.EXEc:\program files\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe.**************************************************************************.Completion time: 2010-04-26 18:03:44 - machine was rebootedComboFix-quarantined-files.txt 2010-04-26 17:03ComboFix2.txt 2010-04-25 20:00Pre-Run: 23,531,651,072 bytes freePost-Run: 23,477,817,344 bytes free- - End Of File - - F0168578665BF50E4BA68553BF363C2E Link to post Share on other sites More sharing options...
Maniac Posted April 26, 2010 ID:239553 Share Posted April 26, 2010 How are things now? Link to post Share on other sites More sharing options...
coled Posted April 26, 2010 Author ID:239568 Share Posted April 26, 2010 Yes, I think things are fine now Thank you very much for taking your time out to help me and everyone else Maniac, is there anything else I need to do and is there anything I can do for you? Link to post Share on other sites More sharing options...
Maniac Posted April 26, 2010 ID:239569 Share Posted April 26, 2010 I have some last steps for you. Step 1:* Go to start > run and copy and paste next command in the field:ComboFix /uninstallMake sure there's a space between Combofix and /Then hit enter.This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.Step 2:Please manually delete DDS, JavaRa and GMER.Step 3:Some malware preventions:http://miekiemoes.blogspot.com/2008/02/how...nt-malware.htmlSafe surfing! Link to post Share on other sites More sharing options...
Recommended Posts