Maltid Posted February 9, 2012 ID:525138 Share Posted February 9, 2012 I've recently installed Malware (as yet just trial version) and the scans come up with no reports of any malware. And yet I get reports of the program blocking access to several internet adresses. None of the programmes I use to try and keep the pc clean report problems in the system.I'm guessing this isn't good, so here's the logs you ask for and maybe someone can help me understand what's happening and why the security I already have isn't doing a good job. I realise it's all free stuff - maybe that's what you all point at and laugh *blushes* Here's DDS and Attach is umm... attached. Thanks for any help you can give.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29Run by Nisto at 8:59:19 on 2012-02-09Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3070.2069 [GMT 0:00].AV: Panda Cloud Antivirus *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}SP: Panda Cloud Antivirus *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\SLsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Packard bell\SAXO27\HIDSERVICE.EXEC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Packard Bell\SrvCDEject.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\SearchIndexer.exeC:\PROGRA~1\COMMON~1\X10\Common\x10nets.exeC:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exeC:\Windows\system32\WUDFHost.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\Program Files\Spybot - Search & Destroy\SDWinSec.exeC:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Windows\RtHDVCpl.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exeC:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exeC:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exeC:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exeC:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\ehome\ehtray.exeC:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\Pando Networks\Media Booster\PMB.exeC:\Windows\ehome\ehmsas.exeC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\Windows\system32\UI0Detect.exeC:\Program Files\OpenOffice.org 3\program\soffice.binC:\Windows\ehome\ehsched.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exeC:\Windows\System32\mobsync.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\ehome\ehRecvr.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\notepad.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uStart Page = about:blankBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dllBHO: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dllBHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\google\google_bae\BAE.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllTB: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dlluRun: [ehTray.exe] c:\windows\ehome\ehTray.exeuRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduleruRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exeuRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exeuRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exemRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hidemRun: [RtHDVCpl] RtHDVCpl.exemRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"mRun: [toolbar_eula_launcher] c:\program files\packard bell\google_eula\EULALauncher.exemRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"mRun: [Linksys Wireless Manager] "c:\program files\linksys\linksys wireless manager\LinksysWirelessManager.exe" /cm /min /lcid 1033mRun: [PSUNMain] "c:\program files\panda security\panda cloud antivirus\PSUNMain.exe" /TraybarmRun: [Panda Security URL Filtering] "c:\programdata\panda security url filtering\Panda_URL_Filtering.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttrayStartupFolder: c:\users\nisto\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exeuPolicies-explorer: NoInstrumentation = 1 (0x1)mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)mPolicies-system: EnableUIADesktopToggle = 0 (0x0)mPolicies-system: HideFastUserSwitching = 1 (0x1)mPolicies-system: DisableStartupSound = 1 (0x1)IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cabTCP: DhcpNameServer = 192.168.1.254TCP: Interfaces\{12E073DE-D0A0-4BF1-BDFC-51220870D47A} : DhcpNameServer = 192.168.1.254TCP: Interfaces\{92A3313D-9A8F-45ED-A0C0-D31BE5D62121} : DhcpNameServer = 192.168.0.1Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dllHosts: 127.0.0.1 www.spywareinfo.com.================= FIREFOX ===================.FF - ProfilePath - c:\users\nisto\appdata\roaming\mozilla\firefox\profiles\ma60mzas.default\FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=FF - prefs.js: browser.startup.homepage -FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=panda&type=panda1_0yatb&p=FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dllFF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dllFF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll.============= SERVICES / DRIVERS ===============.R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [2011-4-28 126024]R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-2-3 21504]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-3-28 652360]R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2011-4-28 140608]R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2011-8-1 143624]R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2011-4-28 99400]R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2011-4-28 111176]R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2011-4-28 112712]R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-3-28 1153368]R2 SrvCDEject;SrvCDEject;c:\program files\packard bell\SrvCDEject.exe [2007-9-24 613376]R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [2007-9-24 1116800]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-3-28 20464]R3 netr28u;Linksys USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2009-8-3 735232]R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [2007-9-24 13976]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2011\RpcAgentSrv.exe [2011-8-3 93848]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504].=============== Created Last 30 ================.2012-02-08 09:27:23 6557240 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e4280c0e-7645-4569-acef-e548cf1c3bcb}\mpengine.dll2012-01-11 10:18:28 1205064 ----a-w- c:\windows\system32\ntdll.dll2012-01-11 10:18:27 23552 ----a-w- c:\windows\system32\mciseq.dll2012-01-11 10:18:27 189952 ----a-w- c:\windows\system32\winmm.dll2012-01-11 10:18:26 66560 ----a-w- c:\windows\system32\packager.dll2012-01-11 10:18:26 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat2012-01-11 10:18:24 497152 ----a-w- c:\windows\system32\qdvd.dll2012-01-11 10:18:24 1314816 ----a-w- c:\windows\system32\quartz.dll2012-01-11 10:18:23 376320 ----a-w- c:\windows\system32\winsrv.dll2012-01-11 10:17:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys2012-01-11 10:17:48 278528 ----a-w- c:\windows\system32\schannel.dll2012-01-11 10:17:48 1259008 ----a-w- c:\windows\system32\lsasrv.dll2012-01-11 10:17:47 9728 ----a-w- c:\windows\system32\lsass.exe2012-01-11 10:17:47 72704 ----a-w- c:\windows\system32\secur32.dll2012-01-11 10:17:47 377344 ----a-w- c:\windows\system32\winhttp.dll.==================== Find3M ====================.2012-01-27 00:21:24 237072 ------w- c:\windows\system32\MpSigStub.exe2011-12-10 15:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys2011-11-12 08:07:10 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl.============= FINISH: 9:00:38.87 ===============Attach.txt Link to post Share on other sites More sharing options...
Elise Posted February 9, 2012 ID:525142 Share Posted February 9, 2012 Hello and Lets first also do a rootkit scan.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Double-click on TDSSKiller.exe to run the tool for known TDSS variants.Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).Copy and paste the contents of that file in your next reply. Link to post Share on other sites More sharing options...
Maltid Posted February 9, 2012 Author ID:525319 Share Posted February 9, 2012 Many thanks for the quick advice.I ran the program, it came up clear but here's the log file if it helps.Also I did another scan with the panda av and it found and deleted a cookie, the info is on their site at this address: http://www.cloudantivirus.com/en/threat-information/Atlas%20DMT/58346/Maybe that's the cause of the site blocked messages.Interesting that you took me to Symantec website for help, I did use their AV until a couple of years ago. It got to a stage where I felt it was becoming a resource hog so I changed to something new...21:12:14.0135 5304 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:5721:12:14.0385 5304 ============================================================21:12:14.0385 5304 Current date / time: 2012/02/09 21:12:14.038521:12:14.0385 5304 SystemInfo:21:12:14.0385 5304 21:12:14.0385 5304 OS Version: 6.0.6002 ServicePack: 2.021:12:14.0385 5304 Product type: Workstation21:12:14.0385 5304 ComputerName: GRAVELY-PC21:12:14.0385 5304 UserName: Nisto21:12:14.0385 5304 Windows directory: C:\Windows21:12:14.0385 5304 System windows directory: C:\Windows21:12:14.0385 5304 Processor architecture: Intel x8621:12:14.0385 5304 Number of processors: 421:12:14.0385 5304 Page size: 0x100021:12:14.0385 5304 Boot type: Normal boot21:12:14.0385 5304 ============================================================21:12:15.0337 5304 Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 (335.35 Gb), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005021:12:15.0368 5304 \Device\Harddisk0\DR0:21:12:15.0368 5304 MBR used21:12:15.0368 5304 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1000800, BlocksNum 0x28EB280021:12:15.0415 5304 Initialize success21:12:15.0415 5304 ============================================================21:12:25.0149 1628 ============================================================21:12:25.0149 1628 Scan started21:12:25.0149 1628 Mode: Manual;21:12:25.0149 1628 ============================================================21:12:26.0116 1628 3xHybrid (c23d163aba21124f8d519ac18416542e) C:\Windows\system32\DRIVERS\3xHybrid.sys21:12:26.0147 1628 3xHybrid - ok21:12:26.0194 1628 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys21:12:26.0194 1628 ACPI - ok21:12:26.0241 1628 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys21:12:26.0241 1628 adp94xx - ok21:12:26.0288 1628 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys21:12:26.0303 1628 adpahci - ok21:12:26.0335 1628 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys21:12:26.0350 1628 adpu160m - ok21:12:26.0366 1628 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys21:12:26.0381 1628 adpu320 - ok21:12:26.0459 1628 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys21:12:26.0459 1628 AFD - ok21:12:26.0537 1628 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys21:12:26.0537 1628 aic78xx - ok21:12:26.0569 1628 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys21:12:26.0569 1628 aliide - ok21:12:26.0647 1628 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys21:12:26.0647 1628 amdagp - ok21:12:26.0693 1628 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys21:12:26.0693 1628 amdide - ok21:12:26.0725 1628 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys21:12:26.0740 1628 AmdK7 - ok21:12:26.0787 1628 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys21:12:26.0787 1628 AmdK8 - ok21:12:26.0849 1628 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys21:12:26.0849 1628 arc - ok21:12:26.0881 1628 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys21:12:26.0896 1628 arcsas - ok21:12:26.0974 1628 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys21:12:26.0974 1628 AsyncMac - ok21:12:27.0021 1628 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys21:12:27.0021 1628 atapi - ok21:12:27.0083 1628 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys21:12:27.0083 1628 Beep - ok21:12:27.0115 1628 blbdrive - ok21:12:27.0146 1628 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys21:12:27.0146 1628 bowser - ok21:12:27.0193 1628 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys21:12:27.0193 1628 BrFiltLo - ok21:12:27.0208 1628 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys21:12:27.0208 1628 BrFiltUp - ok21:12:27.0255 1628 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys21:12:27.0255 1628 Brserid - ok21:12:27.0286 1628 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys21:12:27.0286 1628 BrSerWdm - ok21:12:27.0317 1628 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys21:12:27.0317 1628 BrUsbMdm - ok21:12:27.0333 1628 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys21:12:27.0333 1628 BrUsbSer - ok21:12:27.0380 1628 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys21:12:27.0380 1628 BTHMODEM - ok21:12:27.0427 1628 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys21:12:27.0427 1628 cdfs - ok21:12:27.0458 1628 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys21:12:27.0458 1628 cdrom - ok21:12:27.0505 1628 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys21:12:27.0505 1628 circlass - ok21:12:27.0551 1628 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys21:12:27.0551 1628 CLFS - ok21:12:27.0614 1628 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys21:12:27.0614 1628 cmdide - ok21:12:27.0645 1628 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys21:12:27.0645 1628 Compbatt - ok21:12:27.0676 1628 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys21:12:27.0676 1628 crcdisk - ok21:12:27.0707 1628 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys21:12:27.0707 1628 Crusoe - ok21:12:27.0785 1628 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys21:12:27.0785 1628 DfsC - ok21:12:27.0832 1628 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys21:12:27.0832 1628 disk - ok21:12:27.0926 1628 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys21:12:27.0926 1628 drmkaud - ok21:12:27.0988 1628 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys21:12:28.0019 1628 DXGKrnl - ok21:12:28.0113 1628 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys21:12:28.0113 1628 E1G60 - ok21:12:28.0191 1628 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys21:12:28.0191 1628 Ecache - ok21:12:28.0269 1628 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys21:12:28.0269 1628 elxstor - ok21:12:28.0363 1628 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys21:12:28.0378 1628 exfat - ok21:12:28.0425 1628 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys21:12:28.0425 1628 fastfat - ok21:12:28.0487 1628 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys21:12:28.0487 1628 fdc - ok21:12:28.0534 1628 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys21:12:28.0534 1628 FileInfo - ok21:12:28.0565 1628 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys21:12:28.0565 1628 Filetrace - ok21:12:28.0597 1628 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys21:12:28.0597 1628 flpydisk - ok21:12:28.0659 1628 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys21:12:28.0659 1628 FltMgr - ok21:12:28.0753 1628 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys21:12:28.0753 1628 Fs_Rec - ok21:12:28.0784 1628 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys21:12:28.0784 1628 gagp30kx - ok21:12:28.0831 1628 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\Windows\system32\Drivers\GEARAspiWDM.sys21:12:28.0831 1628 GEARAspiWDM - ok21:12:28.0877 1628 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys21:12:28.0877 1628 giveio - ok21:12:28.0924 1628 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys21:12:28.0940 1628 HDAudBus - ok21:12:29.0002 1628 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys21:12:29.0002 1628 HidBth - ok21:12:29.0033 1628 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys21:12:29.0033 1628 HidIr - ok21:12:29.0065 1628 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys21:12:29.0065 1628 HidUsb - ok21:12:29.0111 1628 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys21:12:29.0111 1628 HpCISSs - ok21:12:29.0158 1628 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys21:12:29.0174 1628 HTTP - ok21:12:29.0205 1628 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys21:12:29.0205 1628 i2omp - ok21:12:29.0283 1628 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys21:12:29.0283 1628 i8042prt - ok21:12:29.0330 1628 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys21:12:29.0330 1628 iaStorV - ok21:12:29.0423 1628 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys21:12:29.0423 1628 iirsp - ok21:12:29.0517 1628 IntcAzAudAddService (4a705bf2a6f7972f2f2ad8a0d8079f95) C:\Windows\system32\drivers\RTKVHDA.sys21:12:29.0564 1628 IntcAzAudAddService - ok21:12:29.0611 1628 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys21:12:29.0611 1628 intelide - ok21:12:29.0657 1628 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys21:12:29.0657 1628 intelppm - ok21:12:29.0720 1628 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys21:12:29.0720 1628 IpFilterDriver - ok21:12:29.0751 1628 IpInIp - ok21:12:29.0813 1628 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys21:12:29.0813 1628 IPMIDRV - ok21:12:29.0860 1628 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys21:12:29.0876 1628 IPNAT - ok21:12:29.0923 1628 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys21:12:29.0923 1628 IRENUM - ok21:12:29.0938 1628 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys21:12:29.0938 1628 isapnp - ok21:12:29.0969 1628 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys21:12:29.0969 1628 iScsiPrt - ok21:12:30.0016 1628 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys21:12:30.0016 1628 iteatapi - ok21:12:30.0047 1628 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys21:12:30.0047 1628 iteraid - ok21:12:30.0079 1628 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys21:12:30.0094 1628 kbdclass - ok21:12:30.0110 1628 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys21:12:30.0110 1628 kbdhid - ok21:12:30.0172 1628 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys21:12:30.0188 1628 KSecDD - ok21:12:30.0235 1628 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys21:12:30.0235 1628 lltdio - ok21:12:30.0281 1628 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys21:12:30.0281 1628 LSI_FC - ok21:12:30.0313 1628 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys21:12:30.0313 1628 LSI_SAS - ok21:12:30.0344 1628 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys21:12:30.0344 1628 LSI_SCSI - ok21:12:30.0375 1628 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys21:12:30.0375 1628 luafv - ok21:12:30.0406 1628 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys21:12:30.0406 1628 MBAMProtector - ok21:12:30.0453 1628 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys21:12:30.0453 1628 megasas - ok21:12:30.0500 1628 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys21:12:30.0500 1628 Modem - ok21:12:30.0547 1628 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys21:12:30.0547 1628 monitor - ok21:12:30.0578 1628 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys21:12:30.0578 1628 mouclass - ok21:12:30.0609 1628 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys21:12:30.0609 1628 mouhid - ok21:12:30.0640 1628 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys21:12:30.0640 1628 MountMgr - ok21:12:30.0703 1628 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys21:12:30.0703 1628 mpio - ok21:12:30.0734 1628 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys21:12:30.0734 1628 mpsdrv - ok21:12:30.0781 1628 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys21:12:30.0781 1628 Mraid35x - ok21:12:30.0812 1628 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys21:12:30.0812 1628 MRxDAV - ok21:12:30.0859 1628 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys21:12:30.0874 1628 mrxsmb - ok21:12:30.0921 1628 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys21:12:30.0921 1628 mrxsmb10 - ok21:12:30.0952 1628 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys21:12:30.0952 1628 mrxsmb20 - ok21:12:30.0983 1628 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys21:12:30.0983 1628 msahci - ok21:12:31.0015 1628 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys21:12:31.0015 1628 msdsm - ok21:12:31.0061 1628 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys21:12:31.0061 1628 Msfs - ok21:12:31.0108 1628 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys21:12:31.0108 1628 msisadrv - ok21:12:31.0155 1628 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys21:12:31.0155 1628 MSKSSRV - ok21:12:31.0186 1628 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys21:12:31.0186 1628 MSPCLOCK - ok21:12:31.0217 1628 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys21:12:31.0217 1628 MSPQM - ok21:12:31.0249 1628 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys21:12:31.0249 1628 MsRPC - ok21:12:31.0295 1628 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys21:12:31.0295 1628 mssmbios - ok21:12:31.0327 1628 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys21:12:31.0327 1628 MSTEE - ok21:12:31.0358 1628 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys21:12:31.0358 1628 Mup - ok21:12:31.0405 1628 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys21:12:31.0420 1628 NativeWifiP - ok21:12:31.0483 1628 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys21:12:31.0514 1628 NDIS - ok21:12:31.0561 1628 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys21:12:31.0561 1628 NdisTapi - ok21:12:31.0592 1628 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys21:12:31.0592 1628 Ndisuio - ok21:12:31.0623 1628 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys21:12:31.0623 1628 NdisWan - ok21:12:31.0654 1628 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys21:12:31.0654 1628 NDProxy - ok21:12:31.0685 1628 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys21:12:31.0701 1628 NetBIOS - ok21:12:31.0732 1628 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys21:12:31.0732 1628 netbt - ok21:12:31.0857 1628 netr28u (1569349e4e9558238e4260c3668325ff) C:\Windows\system32\DRIVERS\netr28u.sys21:12:31.0888 1628 netr28u - ok21:12:31.0919 1628 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys21:12:31.0919 1628 nfrd960 - ok21:12:31.0951 1628 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys21:12:31.0966 1628 Npfs - ok21:12:32.0013 1628 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys21:12:32.0013 1628 nsiproxy - ok21:12:32.0044 1628 NSNDIS5 - ok21:12:32.0107 1628 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys21:12:32.0153 1628 Ntfs - ok21:12:32.0200 1628 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys21:12:32.0200 1628 ntrigdigi - ok21:12:32.0247 1628 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys21:12:32.0247 1628 Null - ok21:12:32.0606 1628 nvlddmkm (c8cb6135884cbc2a10225c4c3cef0f95) C:\Windows\system32\DRIVERS\nvlddmkm.sys21:12:32.0731 1628 nvlddmkm - ok21:12:32.0824 1628 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys21:12:32.0840 1628 nvraid - ok21:12:32.0871 1628 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys21:12:32.0871 1628 nvstor - ok21:12:32.0918 1628 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys21:12:32.0918 1628 nv_agp - ok21:12:32.0949 1628 NwlnkFlt - ok21:12:32.0980 1628 NwlnkFwd - ok21:12:33.0043 1628 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys21:12:33.0043 1628 ohci1394 - ok21:12:33.0105 1628 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys21:12:33.0105 1628 Parport - ok21:12:33.0152 1628 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys21:12:33.0152 1628 partmgr - ok21:12:33.0167 1628 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys21:12:33.0183 1628 Parvdm - ok21:12:33.0214 1628 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys21:12:33.0214 1628 pci - ok21:12:33.0245 1628 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys21:12:33.0245 1628 pciide - ok21:12:33.0277 1628 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys21:12:33.0292 1628 pcmcia - ok21:12:33.0355 1628 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys21:12:33.0370 1628 PEAUTH - ok21:12:33.0433 1628 pnarp (63200893c9d5934a7504d20f68276cc7) C:\Windows\system32\DRIVERS\pnarp.sys21:12:33.0433 1628 pnarp - ok21:12:33.0495 1628 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys21:12:33.0511 1628 PptpMiniport - ok21:12:33.0542 1628 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys21:12:33.0542 1628 Processor - ok21:12:33.0589 1628 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys21:12:33.0589 1628 PSched - ok21:12:33.0635 1628 PSINAflt (18b347125d597751b69ce8c6c03a4ba2) C:\Windows\system32\DRIVERS\PSINAflt.sys21:12:33.0635 1628 PSINAflt - ok21:12:33.0698 1628 PSINFile (072a5c1983b85504239c307d41d741be) C:\Windows\system32\DRIVERS\PSINFile.sys21:12:33.0698 1628 PSINFile - ok21:12:33.0729 1628 PSINKNC (f778579e0b47f0027cce47da1a64ef88) C:\Windows\system32\DRIVERS\psinknc.sys21:12:33.0729 1628 PSINKNC - ok21:12:33.0745 1628 PSINProc (0fb3436762e672800eb1c0578ac379c8) C:\Windows\system32\DRIVERS\PSINProc.sys21:12:33.0745 1628 PSINProc - ok21:12:33.0776 1628 PSINProt (7534273ca15900cdd1c3b392dd6b595b) C:\Windows\system32\DRIVERS\PSINProt.sys21:12:33.0776 1628 PSINProt - ok21:12:33.0807 1628 purendis (748bcab4eff5959ed347c05a1c1a0af8) C:\Windows\system32\DRIVERS\purendis.sys21:12:33.0807 1628 purendis - ok21:12:33.0838 1628 PxHelp20 (f7bb4e7a7c02ab4a2672937e124e306e) C:\Windows\system32\Drivers\PxHelp20.sys21:12:33.0838 1628 PxHelp20 - ok21:12:33.0901 1628 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys21:12:33.0916 1628 ql2300 - ok21:12:33.0979 1628 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys21:12:33.0979 1628 ql40xx - ok21:12:34.0010 1628 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys21:12:34.0025 1628 QWAVEdrv - ok21:12:34.0057 1628 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys21:12:34.0057 1628 RasAcd - ok21:12:34.0088 1628 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys21:12:34.0088 1628 Rasl2tp - ok21:12:34.0119 1628 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys21:12:34.0119 1628 RasPppoe - ok21:12:34.0150 1628 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys21:12:34.0150 1628 RasSstp - ok21:12:34.0197 1628 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys21:12:34.0197 1628 rdbss - ok21:12:34.0244 1628 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys21:12:34.0244 1628 RDPCDD - ok21:12:34.0291 1628 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys21:12:34.0291 1628 rdpdr - ok21:12:34.0337 1628 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys21:12:34.0337 1628 RDPENCDD - ok21:12:34.0384 1628 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys21:12:34.0400 1628 RDPWD - ok21:12:34.0431 1628 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys21:12:34.0447 1628 rspndr - ok21:12:34.0478 1628 RTL8023xp (959ef612d2ccfdb6d9e443f8e3655013) C:\Windows\system32\DRIVERS\Rtnicxp.sys21:12:34.0493 1628 RTL8023xp - ok21:12:34.0603 1628 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011\WNt500x86\Sandra.sys21:12:34.0603 1628 SANDRA - ok21:12:34.0712 1628 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys21:12:34.0712 1628 sbp2port - ok21:12:34.0759 1628 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys21:12:34.0759 1628 secdrv - ok21:12:34.0805 1628 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys21:12:34.0805 1628 Serenum - ok21:12:34.0852 1628 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys21:12:34.0852 1628 Serial - ok21:12:34.0915 1628 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys21:12:34.0915 1628 sermouse - ok21:12:34.0961 1628 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys21:12:34.0977 1628 sffdisk - ok21:12:35.0024 1628 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys21:12:35.0024 1628 sffp_mmc - ok21:12:35.0039 1628 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys21:12:35.0039 1628 sffp_sd - ok21:12:35.0071 1628 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys21:12:35.0071 1628 sfloppy - ok21:12:35.0133 1628 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys21:12:35.0133 1628 SiSRaid2 - ok21:12:35.0149 1628 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys21:12:35.0164 1628 SiSRaid4 - ok21:12:35.0195 1628 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys21:12:35.0195 1628 Smb - ok21:12:35.0227 1628 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:\Windows\system32\speedfan.sys21:12:35.0242 1628 speedfan - ok21:12:35.0273 1628 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys21:12:35.0273 1628 spldr - ok21:12:35.0320 1628 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys21:12:35.0320 1628 srv - ok21:12:35.0383 1628 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys21:12:35.0383 1628 srv2 - ok21:12:35.0445 1628 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys21:12:35.0445 1628 srvnet - ok21:12:35.0492 1628 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys21:12:35.0492 1628 swenum - ok21:12:35.0523 1628 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys21:12:35.0539 1628 Symc8xx - ok21:12:35.0554 1628 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys21:12:35.0554 1628 Sym_hi - ok21:12:35.0585 1628 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys21:12:35.0585 1628 Sym_u3 - ok21:12:35.0663 1628 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys21:12:35.0679 1628 Tcpip - ok21:12:35.0726 1628 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys21:12:35.0741 1628 Tcpip6 - ok21:12:35.0773 1628 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys21:12:35.0773 1628 tcpipreg - ok21:12:35.0804 1628 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys21:12:35.0804 1628 TDPIPE - ok21:12:35.0819 1628 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys21:12:35.0819 1628 TDTCP - ok21:12:35.0866 1628 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys21:12:35.0866 1628 tdx - ok21:12:35.0897 1628 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys21:12:35.0897 1628 TermDD - ok21:12:35.0960 1628 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys21:12:35.0960 1628 tssecsrv - ok21:12:36.0007 1628 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys21:12:36.0007 1628 tunmp - ok21:12:36.0038 1628 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys21:12:36.0038 1628 tunnel - ok21:12:36.0085 1628 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\DRIVERS\uagp35.sys21:12:36.0085 1628 uagp35 - ok21:12:36.0116 1628 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys21:12:36.0131 1628 udfs - ok21:12:36.0178 1628 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys21:12:36.0178 1628 uliagpkx - ok21:12:36.0209 1628 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys21:12:36.0209 1628 uliahci - ok21:12:36.0272 1628 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys21:12:36.0272 1628 UlSata - ok21:12:36.0287 1628 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys21:12:36.0287 1628 ulsata2 - ok21:12:36.0334 1628 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys21:12:36.0334 1628 umbus - ok21:12:36.0381 1628 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys21:12:36.0397 1628 usbccgp - ok21:12:36.0412 1628 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys21:12:36.0412 1628 usbcir - ok21:12:36.0475 1628 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys21:12:36.0475 1628 usbehci - ok21:12:36.0521 1628 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys21:12:36.0521 1628 usbhub - ok21:12:36.0553 1628 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys21:12:36.0553 1628 usbohci - ok21:12:36.0568 1628 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys21:12:36.0568 1628 usbprint - ok21:12:36.0599 1628 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS21:12:36.0599 1628 USBSTOR - ok21:12:36.0646 1628 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys21:12:36.0646 1628 usbuhci - ok21:12:36.0693 1628 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys21:12:36.0709 1628 vga - ok21:12:36.0755 1628 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys21:12:36.0771 1628 VgaSave - ok21:12:36.0802 1628 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys21:12:36.0802 1628 viaagp - ok21:12:36.0833 1628 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys21:12:36.0833 1628 ViaC7 - ok21:12:36.0880 1628 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys21:12:36.0880 1628 viaide - ok21:12:36.0896 1628 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys21:12:36.0896 1628 volmgr - ok21:12:36.0943 1628 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys21:12:36.0958 1628 volmgrx - ok21:12:37.0005 1628 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys21:12:37.0005 1628 volsnap - ok21:12:37.0052 1628 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys21:12:37.0067 1628 vsmraid - ok21:12:37.0099 1628 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys21:12:37.0099 1628 WacomPen - ok21:12:37.0145 1628 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys21:12:37.0161 1628 Wanarp - ok21:12:37.0161 1628 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys21:12:37.0161 1628 Wanarpv6 - ok21:12:37.0208 1628 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys21:12:37.0208 1628 Wd - ok21:12:37.0239 1628 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys21:12:37.0255 1628 Wdf01000 - ok21:12:37.0317 1628 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys21:12:37.0333 1628 WmiAcpi - ok21:12:37.0379 1628 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys21:12:37.0379 1628 ws2ifsl - ok21:12:37.0457 1628 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys21:12:37.0457 1628 WUDFRd - ok21:12:37.0504 1628 X10Hid (ab2d77bf7222b007717abb61b15f9ae2) C:\Windows\system32\Drivers\x10hid.sys21:12:37.0504 1628 X10Hid - ok21:12:37.0567 1628 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR021:12:37.0613 1628 \Device\Harddisk0\DR0 - ok21:12:37.0629 1628 Boot (0x1200) (566ad04c1897a739405abe1a55bbc3b4) \Device\Harddisk0\DR0\Partition021:12:37.0629 1628 \Device\Harddisk0\DR0\Partition0 - ok21:12:37.0629 1628 ============================================================21:12:37.0629 1628 Scan finished21:12:37.0629 1628 ============================================================21:12:37.0629 4064 Detected object count: 021:12:37.0629 4064 Actual detected object count: 021:12:59.0921 4632 Deinitialize success Link to post Share on other sites More sharing options...
Maltid Posted February 9, 2012 Author ID:525325 Share Posted February 9, 2012 not sure that panda link will work correctly, it identified Atlas DMTthis page should link to their encyclopaedia - http://www.pandasecurity.com/homeusers/security-info/58346/information/Atlas%20DMT Link to post Share on other sites More sharing options...
Maltid Posted February 9, 2012 Author ID:525336 Share Posted February 9, 2012 Strike my reference to Symantec up there, it is ofc Kaspersky Link to post Share on other sites More sharing options...
Elise Posted February 11, 2012 ID:525722 Share Posted February 11, 2012 Hi, as I had some notification problems the last few days, please send me a PM if I have not replied to your topic within 24 hours.Kaspersky's tdsskiller is simply the best automated rootkit removal tool out there, so it would be a pity not to use it. COMBOFIX---------------Please download ComboFix from one of these locations:BleepingcomputerForoSpywareDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)Double click on Combofix.exe and follow the prompts.As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:Click on Yes, to continue scanning for malware.When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply. Link to post Share on other sites More sharing options...
Maltid Posted February 11, 2012 Author ID:525818 Share Posted February 11, 2012 Hi elise025, thanks for your persistence.We seem to have crossed posts somewhere, I did run the tdsskiller and the results are a couple of replies above (came back clear)I've just used ComboFix and this is what it gave:ComboFix 12-02-11.02 - Nisto 11/02/2012 17:36:35.1.4 - x86Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3070.2297 [GMT 0:00]Running from: c:\users\Nisto\Desktop\ComboFix.exeAV: Panda Cloud Antivirus *Disabled/Updated* {86971480-9989-6750-B122-681A86518D59}SP: Panda Cloud Antivirus *Disabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\xml6952.tmpc:\programdata\xml6B17.tmpc:\programdata\xml6BD4.tmp..((((((((((((((((((((((((( Files Created from 2012-01-11 to 2012-02-11 )))))))))))))))))))))))))))))))..2012-02-11 17:47 . 2012-02-11 17:49 -------- d-----w- c:\users\Nisto\AppData\Local\temp2012-02-11 17:47 . 2012-02-11 17:47 -------- d-----w- c:\users\Default\AppData\Local\temp2012-02-10 08:22 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3CED039B-203D-4DB9-BF1E-E16EAF7DC7D8}\mpengine.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-01-27 00:21 . 2010-02-02 13:06 237072 ------w- c:\windows\system32\MpSigStub.exe2011-12-14 10:05 . 2011-12-14 10:05 784144 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll2011-12-10 15:24 . 2011-03-28 08:11 20464 ----a-w- c:\windows\system32\drivers\mbam.sys2011-11-25 15:59 . 2012-01-11 10:18 376320 ----a-w- c:\windows\system32\winsrv.dll2011-11-23 13:37 . 2011-12-14 09:37 2043904 ----a-w- c:\windows\system32\win32k.sys2011-11-18 20:23 . 2012-01-11 10:18 1205064 ----a-w- c:\windows\system32\ntdll.dll2011-11-18 17:47 . 2012-01-11 10:18 66560 ----a-w- c:\windows\system32\packager.dll2011-11-17 06:48 . 2012-01-11 10:17 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys2011-11-16 16:23 . 2012-01-11 10:17 377344 ----a-w- c:\windows\system32\winhttp.dll2011-11-16 16:23 . 2012-01-11 10:17 72704 ----a-w- c:\windows\system32\secur32.dll2011-11-16 16:23 . 2012-01-11 10:17 278528 ----a-w- c:\windows\system32\schannel.dll2011-11-16 16:21 . 2012-01-11 10:17 1259008 ----a-w- c:\windows\system32\lsasrv.dll2011-11-16 14:12 . 2012-01-11 10:17 9728 ----a-w- c:\windows\system32\lsass.exe2012-01-07 11:38 . 2011-04-29 10:45 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]2010-12-19 14:46 86696 ----a-w- c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2010-12-19 86696].[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]2011-05-09 10:45 288584 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]2011-05-09 10:45 288584 ----a-w- c:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-09-27 3077528]"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 4390912]"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-12 642856]"Linksys Wireless Manager"="c:\program files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe" [2009-02-15 1358384]"PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616]"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-06-29 217256]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872].c:\users\Nisto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0)"HideFastUserSwitching"= 1 (0x1)"DisableStartupSound"= 1 (0x1).[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]"DisableMonitoring"=dword:00000001.S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-01-16 1116800]..[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache.Contents of the 'Scheduled Tasks' folder..------- Supplementary Scan -------.uStart Page = about:blankIE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 192.168.1.254FF - ProfilePath - c:\users\Nisto\AppData\Roaming\Mozilla\Firefox\Profiles\ma60mzas.default\FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=FF - prefs.js: browser.startup.homepage -FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=panda&type=panda1_0yatb&p=..**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-02-11 17:49Windows 6.0.6002 Service Pack 2 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-1010187651-4247693101-3305864321-1002\Software\G*e*n*i*e*"!\FM Genie Scout 2008]"GameDir"="c:\\Users\\Nisto\\Documents\\Sports Interactive\\Football Manager 2008\\games""ShortlistDir"="c:\\Users\\Nisto\\Documents\\Sports Interactive\\Football Manager 2008\\shortlists""ScreenshotsDir"="c:\\Users\\Nisto\\Documents\\Sports Interactive\\Football Manager 2008""SaveDir"="c:\\Users\\Nisto\\Documents\\Sports Interactive\\Football Manager 2008\\""HistoryDir"="c:\\Users\\Nisto\\Documents\\Upgraded\\FM Genie Scout 2008\\History Points""LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2008\\data\\updates\\update-802\\db\\802\\lang_db.dat""LastSaveGame"="c:\\Users\\Nisto\\Documents\\Sports Interactive\\Football Manager 2008\\games\\1bgenie.fm""Language"="English""LoadLangDB"=dword:00000001"CompressHistoryPoints"=dword:00000000"HighlightedAttributes"=dword:00000000"MinCondition"=dword:00000032"SkinID"=dword:00000001"LastUpdateCheck"=dword:00000000"HighQualityGUI"=dword:00000001"AutomaticallyUpdateCheck"=dword:00000001"AdvancedGeneration"=dword:00000000"TranslateStaffSkills"=dword:00000001"TranslatePlayerSkills"=dword:00000001"TranslatePositions"=dword:00000001"ShowHistory"=dword:00000001"WindowState"=dword:00000002"Currency"=dword:00000056"WindowHeight"=dword:000002e0"WindowWidth"=dword:000003fe"WindowLeft"=dword:00000081"WindowTop"=dword:00000070"UseProxy"=dword:00000000"ProxyHost"="""ProxyPort"="""UseAuthentication"=dword:00000000"UserName"="""UserPassword"="".[HKEY_USERS\S-1-5-21-1010187651-4247693101-3305864321-1002\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Clubs]"Position0"=dword:00000000"Visible0"=dword:00000001"Width0"=dword:0000007d"Position1"=dword:00000001"Visible1"=dword:00000001"Width1"=dword:00000046"Position2"=dword:00000002"Visible2"=dword:00000001"Width2"=dword:00000064"Position3"=dword:00000003"Visible3"=dword:00000001"Width3"=dword:00000032"Position4"=dword:00000004"Visible4"=dword:00000001"Width4"=dword:00000032"Position5"=dword:00000005"Visible5"=dword:00000001"Width5"=dword:00000050"Position6"=dword:00000006"Visible6"=dword:00000001"Width6"=dword:00000050"Position7"=dword:00000007"Visible7"=dword:00000001"Width7"=dword:00000050"Position8"=dword:00000008"Visible8"=dword:00000000"Width8"=dword:00000050"Position9"=dword:00000009"Visible9"=dword:00000000"Width9"=dword:0000002d"Position10"=dword:0000000a"Visible10"=dword:00000001"Width10"=dword:0000001e"Position11"=dword:0000000b"Visible11"=dword:00000000"Width11"=dword:00000029"Position12"=dword:0000000c"Visible12"=dword:00000001"Width12"=dword:0000001e"Position13"=dword:0000000d"Visible13"=dword:00000001"Width13"=dword:0000003c"Position14"=dword:0000000e"Visible14"=dword:00000000"Width14"=dword:00000032"Position15"=dword:0000000f"Visible15"=dword:00000000"Width15"=dword:00000032"Position16"=dword:00000010"Visible16"=dword:00000001"Width16"=dword:00000047"Position17"=dword:00000011"Visible17"=dword:00000001"Width17"=dword:00000043"Position18"=dword:00000012"Visible18"=dword:00000001"Width18"=dword:00000044"Position19"=dword:00000013"Visible19"=dword:00000000"Width19"=dword:00000050.[HKEY_USERS\S-1-5-21-1010187651-4247693101-3305864321-1002\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Players]"Position0"=dword:00000000"Visible0"=dword:00000001"Width0"=dword:0000007c"Position1"=dword:00000001"Visible1"=dword:00000001"Width1"=dword:0000005a"Position2"=dword:00000002"Visible2"=dword:00000001"Width2"=dword:0000005b"Position3"=dword:00000004"Visible3"=dword:00000001"Width3"=dword:0000003c"Position4"=dword:00000009"Visible4"=dword:00000001"Width4"=dword:00000023"Position5"=dword:0000000a"Visible5"=dword:00000001"Width5"=dword:00000028"Position6"=dword:0000000b"Visible6"=dword:00000001"Width6"=dword:00000028"Position7"=dword:0000000d"Visible7"=dword:00000000"Width7"=dword:00000044"Position8"=dword:0000001d"Visible8"=dword:00000001"Width8"=dword:00000042"Position9"=dword:0000000e"Visible9"=dword:00000001"Width9"=dword:00000050"Position10"=dword:00000010"Visible10"=dword:00000000"Width10"=dword:00000050"Position11"=dword:00000011"Visible11"=dword:00000000"Width11"=dword:0000004b"Position12"=dword:00000012"Visible12"=dword:00000000"Width12"=dword:0000002d"Position13"=dword:00000013"Visible13"=dword:00000000"Width13"=dword:0000003c"Position14"=dword:00000014"Visible14"=dword:00000000"Width14"=dword:0000004b"Position15"=dword:00000015"Visible15"=dword:00000000"Width15"=dword:00000064"Position16"=dword:00000016"Visible16"=dword:00000000"Width16"=dword:00000064"Position17"=dword:00000017"Visible17"=dword:00000000"Width17"=dword:0000004b"Position18"=dword:00000018"Visible18"=dword:00000000"Width18"=dword:00000064"Position19"=dword:0000001e"Visible19"=dword:00000001"Width19"=dword:00000032"Position20"=dword:0000001f"Visible20"=dword:00000000"Width20"=dword:0000004b"Position21"=dword:00000020"Visible21"=dword:00000001"Width21"=dword:00000050"Position22"=dword:00000021"Visible22"=dword:00000000"Width22"=dword:00000073"Position23"=dword:00000022"Visible23"=dword:00000000"Width23"=dword:00000050"Position24"=dword:00000023"Visible24"=dword:00000000"Width24"=dword:0000005a"Position25"=dword:00000024"Visible25"=dword:00000000"Width25"=dword:0000006e"Position26"=dword:00000025"Visible26"=dword:00000000"Width26"=dword:00000045"Position27"=dword:00000026"Visible27"=dword:00000000"Width27"=dword:00000044"Position28"=dword:00000027"Visible28"=dword:00000000"Width28"=dword:00000064"Position29"=dword:00000003"Visible29"=dword:00000001"Width29"=dword:00000035"Position30"=dword:00000028"Visible30"=dword:00000000"Width30"=dword:00000046"Position31"=dword:00000029"Visible31"=dword:00000000"Width31"=dword:0000004b"Position32"=dword:0000002a"Visible32"=dword:00000000"Width32"=dword:00000046"Position33"=dword:0000002b"Visible33"=dword:00000000"Width33"=dword:0000004b"Position34"=dword:0000002c"Visible34"=dword:00000000"Width34"=dword:0000003c"Position35"=dword:0000002e"Visible35"=dword:00000000"Width35"=dword:00000064"Position36"=dword:00000032"Visible36"=dword:00000000"Width36"=dword:00000073"Position37"=dword:00000034"Visible37"=dword:00000000"Width37"=dword:0000005f"Position38"=dword:00000037"Visible38"=dword:00000000"Width38"=dword:00000091"Position39"=dword:00000039"Visible39"=dword:00000000"Width39"=dword:0000003c"Position40"=dword:00000030"Visible40"=dword:00000000"Width40"=dword:0000005a"Position41"=dword:0000003a"Visible41"=dword:00000000"Width41"=dword:00000041"Position42"=dword:0000002d"Visible42"=dword:00000000"Width42"=dword:00000050"Position43"=dword:0000002f"Visible43"=dword:00000000"Width43"=dword:00000055"Position44"=dword:00000031"Visible44"=dword:00000000"Width44"=dword:0000005f"Position45"=dword:0000001a"Visible45"=dword:00000000"Width45"=dword:00000034"Position46"=dword:0000003b"Visible46"=dword:00000000"Width46"=dword:0000004b"Position47"=dword:0000003c"Visible47"=dword:00000000"Width47"=dword:0000004b"Position48"=dword:0000003d"Visible48"=dword:00000000"Width48"=dword:00000046"Position49"=dword:0000003e"Visible49"=dword:00000000"Width49"=dword:00000032"Position50"=dword:0000003f"Visible50"=dword:00000000"Width50"=dword:0000003c"Position51"=dword:00000040"Visible51"=dword:00000000"Width51"=dword:0000004b"Position52"=dword:00000041"Visible52"=dword:00000000"Width52"=dword:0000003c"Position53"=dword:00000042"Visible53"=dword:00000000"Width53"=dword:00000037"Position54"=dword:00000043"Visible54"=dword:00000000"Width54"=dword:00000069"Position55"=dword:00000044"Visible55"=dword:00000000"Width55"=dword:0000005a"Position56"=dword:00000047"Visible56"=dword:00000000"Width56"=dword:0000004b"Position57"=dword:00000048"Visible57"=dword:00000000"Width57"=dword:0000004b"Position58"=dword:00000049"Visible58"=dword:00000000"Width58"=dword:00000037"Position59"=dword:0000004a"Visible59"=dword:00000000"Width59"=dword:0000003c"Position60"=dword:0000004b"Visible60"=dword:00000000"Width60"=dword:0000003c"Position61"=dword:0000004c"Visible61"=dword:00000000"Width61"=dword:00000041"Position62"=dword:0000004d"Visible62"=dword:00000000"Width62"=dword:00000055"Position63"=dword:0000004e"Visible63"=dword:00000000"Width63"=dword:0000002d"Position64"=dword:0000004f"Visible64"=dword:00000000"Width64"=dword:0000003c"Position65"=dword:00000050"Visible65"=dword:00000000"Width65"=dword:0000004b"Position66"=dword:00000051"Visible66"=dword:00000000"Width66"=dword:0000003c"Position67"=dword:00000052"Visible67"=dword:00000000"Width67"=dword:00000046"Position68"=dword:00000053"Visible68"=dword:00000000"Width68"=dword:00000028"Position69"=dword:00000054"Visible69"=dword:00000000"Width69"=dword:00000041"Position70"=dword:00000055"Visible70"=dword:00000000"Width70"=dword:0000003c"Position71"=dword:0000001c"Visible71"=dword:00000001"Width71"=dword:0000002c"Position72"=dword:00000056"Visible72"=dword:00000000"Width72"=dword:00000041"Position73"=dword:0000001b"Visible73"=dword:00000001"Width73"=dword:00000032"Position74"=dword:00000057"Visible74"=dword:00000000"Width74"=dword:0000003c"Position75"=dword:00000058"Visible75"=dword:00000000"Width75"=dword:00000037"Position76"=dword:00000059"Visible76"=dword:00000000"Width76"=dword:0000004b"Position77"=dword:0000005a"Visible77"=dword:00000000"Width77"=dword:00000050"Position78"=dword:0000005b"Visible78"=dword:00000000"Width78"=dword:00000037"Position79"=dword:0000005c"Visible79"=dword:00000000"Width79"=dword:00000037"Position80"=dword:0000005d"Visible80"=dword:00000000"Width80"=dword:0000005a"Position81"=dword:0000005e"Visible81"=dword:00000000"Width81"=dword:0000004b"Position82"=dword:0000005f"Visible82"=dword:00000000"Width82"=dword:00000055"Position83"=dword:00000019"Visible83"=dword:00000000"Width83"=dword:0000002d"Position84"=dword:00000060"Visible84"=dword:00000000"Width84"=dword:00000037"Position85"=dword:00000061"Visible85"=dword:00000000"Width85"=dword:0000003c"Position86"=dword:00000062"Visible86"=dword:00000000"Width86"=dword:00000046"Position87"=dword:00000063"Visible87"=dword:00000000"Width87"=dword:0000003c"Position88"=dword:00000064"Visible88"=dword:00000000"Width88"=dword:0000005a"Position89"=dword:00000065"Visible89"=dword:00000000"Width89"=dword:0000003c"Position90"=dword:00000066"Visible90"=dword:00000000"Width90"=dword:00000050"Position91"=dword:00000067"Visible91"=dword:00000000"Width91"=dword:00000046"Position92"=dword:00000068"Visible92"=dword:00000000"Width92"=dword:0000005a"Position93"=dword:00000069"Visible93"=dword:00000000"Width93"=dword:00000037"Position94"=dword:0000006a"Visible94"=dword:00000000"Width94"=dword:0000003c"Position95"=dword:0000006b"Visible95"=dword:00000000"Width95"=dword:0000003c"Position96"=dword:0000006c"Visible96"=dword:00000000"Width96"=dword:00000046"Position97"=dword:0000006d"Visible97"=dword:00000000"Width97"=dword:00000046"Position98"=dword:0000006e"Visible98"=dword:00000000"Width98"=dword:00000055"Position99"=dword:0000006f"Visible99"=dword:00000000"Width99"=dword:00000073"Position100"=dword:00000045"Visible100"=dword:00000000"Width100"=dword:00000041"Position101"=dword:00000070"Visible101"=dword:00000000"Width101"=dword:0000003c"Position102"=dword:00000071"Visible102"=dword:00000000"Width102"=dword:0000003c"Position103"=dword:00000072"Visible103"=dword:00000000"Width103"=dword:00000046"Position104"=dword:00000073"Visible104"=dword:00000000"Width104"=dword:0000003c"Position105"=dword:00000074"Visible105"=dword:00000000"Width105"=dword:00000041"Position106"=dword:0000000f"Visible106"=dword:00000001"Width106"=dword:00000053"Position107"=dword:0000000c"Visible107"=dword:00000000"Width107"=dword:00000028"Position108"=dword:00000046"Visible108"=dword:00000000"Width108"=dword:00000050"Position109"=dword:00000033"Visible109"=dword:00000000"Width109"=dword:00000050"Position110"=dword:00000035"Visible110"=dword:00000000"Width110"=dword:00000055"Position111"=dword:00000036"Visible111"=dword:00000000"Width111"=dword:00000082"Position112"=dword:00000038"Visible112"=dword:00000000"Width112"=dword:00000087"Position113"=dword:00000075"Visible113"=dword:00000000"Width113"=dword:00000050"Position114"=dword:00000076"Visible114"=dword:00000000"Width114"=dword:00000050"Position115"=dword:00000077"Visible115"=dword:00000000"Width115"=dword:00000050"Position116"=dword:00000078"Visible116"=dword:00000000"Width116"=dword:00000050"Position117"=dword:00000079"Visible117"=dword:00000000"Width117"=dword:00000050"Position118"=dword:0000007a"Visible118"=dword:00000000"Width118"=dword:00000050"Position119"=dword:0000007b"Visible119"=dword:00000000"Width119"=dword:00000050"Position120"=dword:0000007c"Visible120"=dword:00000000"Width120"=dword:00000050"Position121"=dword:0000007d"Visible121"=dword:00000000"Width121"=dword:00000050"Position122"=dword:0000007e"Visible122"=dword:00000000"Width122"=dword:00000050"Position123"=dword:0000007f"Visible123"=dword:00000000"Width123"=dword:00000050"Position124"=dword:00000080"Visible124"=dword:00000000"Width124"=dword:00000050"Position125"=dword:00000081"Visible125"=dword:00000000"Width125"=dword:00000050"Position126"=dword:00000082"Visible126"=dword:00000000"Width126"=dword:00000050"Position127"=dword:00000083"Visible127"=dword:00000000"Width127"=dword:00000050"Position128"=dword:00000084"Visible128"=dword:00000000"Width128"=dword:00000050"Position129"=dword:00000085"Visible129"=dword:00000000"Width129"=dword:00000050"Position130"=dword:00000086"Visible130"=dword:00000000"Width130"=dword:00000050"Position131"=dword:00000087"Visible131"=dword:00000000"Width131"=dword:00000050"Position132"=dword:00000088"Visible132"=dword:00000000"Width132"=dword:00000050"Position133"=dword:00000089"Visible133"=dword:00000000"Width133"=dword:00000050"Position134"=dword:0000008a"Visible134"=dword:00000000"Width134"=dword:00000050"Position135"=dword:0000008b"Visible135"=dword:00000000"Width135"=dword:00000050"Position136"=dword:0000008c"Visible136"=dword:00000000"Width136"=dword:00000050"Position137"=dword:0000008d"Visible137"=dword:00000000"Width137"=dword:00000050"Position138"=dword:0000008e"Visible138"=dword:00000000"Width138"=dword:00000050"Position139"=dword:0000008f"Visible139"=dword:00000000"Width139"=dword:00000050"Position140"=dword:00000090"Visible140"=dword:00000000"Width140"=dword:00000050"Position141"=dword:00000091"Visible141"=dword:00000000"Width141"=dword:00000050"Position142"=dword:00000092"Visible142"=dword:00000000"Width142"=dword:00000050"Position143"=dword:00000093"Visible143"=dword:00000000"Width143"=dword:00000050"Position144"=dword:00000094"Visible144"=dword:00000000"Width144"=dword:00000050"Position145"=dword:00000095"Visible145"=dword:00000000"Width145"=dword:00000050"Position146"=dword:00000005"Visible146"=dword:00000000"Width146"=dword:00000037"Position147"=dword:00000006"Visible147"=dword:00000001"Width147"=dword:00000028"Position148"=dword:00000007"Visible148"=dword:00000001"Width148"=dword:00000037"Position149"=dword:00000008"Visible149"=dword:00000001"Width149"=dword:00000028.[HKEY_USERS\S-1-5-21-1010187651-4247693101-3305864321-1002\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Staff]"Position0"=dword:00000000"Visible0"=dword:00000001"Width0"=dword:0000007d"Position1"=dword:00000001"Visible1"=dword:00000001"Width1"=dword:00000064"Position2"=dword:00000002"Visible2"=dword:00000001"Width2"=dword:00000064"Position3"=dword:00000003"Visible3"=dword:00000001"Width3"=dword:00000069"Position4"=dword:00000005"Visible4"=dword:00000001"Width4"=dword:00000028"Position5"=dword:00000006"Visible5"=dword:00000001"Width5"=dword:00000028"Position6"=dword:00000004"Visible6"=dword:00000001"Width6"=dword:00000028"Position7"=dword:00000007"Visible7"=dword:00000001"Width7"=dword:00000050"Position8"=dword:00000008"Visible8"=dword:00000000"Width8"=dword:00000050"Position9"=dword:00000009"Visible9"=dword:00000000"Width9"=dword:0000004b"Position10"=dword:0000000a"Visible10"=dword:00000000"Width10"=dword:0000002d"Position11"=dword:0000000b"Visible11"=dword:00000000"Width11"=dword:0000003c"Position12"=dword:0000000c"Visible12"=dword:00000000"Width12"=dword:0000004b"Position13"=dword:0000000d"Visible13"=dword:00000000"Width13"=dword:00000064"Position14"=dword:0000000e"Visible14"=dword:00000000"Width14"=dword:00000064"Position15"=dword:0000000f"Visible15"=dword:00000000"Width15"=dword:0000004b"Position16"=dword:00000010"Visible16"=dword:00000000"Width16"=dword:00000064"Position17"=dword:00000011"Visible17"=dword:00000001"Width17"=dword:0000003c"Position18"=dword:00000012"Visible18"=dword:00000000"Width18"=dword:0000004b"Position19"=dword:00000013"Visible19"=dword:00000001"Width19"=dword:00000050"Position20"=dword:00000014"Visible20"=dword:00000000"Width20"=dword:00000046"Position21"=dword:00000015"Visible21"=dword:00000000"Width21"=dword:0000004b"Position22"=dword:00000016"Visible22"=dword:00000000"Width22"=dword:00000046"Position23"=dword:00000017"Visible23"=dword:00000000"Width23"=dword:00000046"Position24"=dword:00000018"Visible24"=dword:00000000"Width24"=dword:0000003c"Position25"=dword:00000019"Visible25"=dword:00000000"Width25"=dword:00000041"Position26"=dword:0000001a"Visible26"=dword:00000000"Width26"=dword:0000003c"Position27"=dword:0000001b"Visible27"=dword:00000000"Width27"=dword:00000055"Position28"=dword:0000001c"Visible28"=dword:00000000"Width28"=dword:00000069"Position29"=dword:0000001d"Visible29"=dword:00000000"Width29"=dword:0000006e"Position30"=dword:0000001e"Visible30"=dword:00000000"Width30"=dword:00000064"Position31"=dword:0000001f"Visible31"=dword:00000000"Width31"=dword:00000078"Position32"=dword:00000020"Visible32"=dword:00000000"Width32"=dword:00000064"Position33"=dword:00000021"Visible33"=dword:00000000"Width33"=dword:00000087"Position34"=dword:00000022"Visible34"=dword:00000000"Width34"=dword:00000069"Position35"=dword:00000023"Visible35"=dword:00000000"Width35"=dword:0000006e"Position36"=dword:00000024"Visible36"=dword:00000000"Width36"=dword:00000073"Position37"=dword:00000025"Visible37"=dword:00000000"Width37"=dword:0000004b"Position38"=dword:00000026"Visible38"=dword:00000000"Width38"=dword:0000002d"Position39"=dword:00000027"Visible39"=dword:00000000"Width39"=dword:00000055"Position40"=dword:00000028"Visible40"=dword:00000000"Width40"=dword:00000046"Position41"=dword:00000029"Visible41"=dword:00000000"Width41"=dword:0000004b"Position42"=dword:0000002a"Visible42"=dword:00000000"Width42"=dword:0000003c"Position43"=dword:0000002b"Visible43"=dword:00000000"Width43"=dword:00000046"Position44"=dword:0000002c"Visible44"=dword:00000000"Width44"=dword:00000073"Position45"=dword:0000002d"Visible45"=dword:00000000"Width45"=dword:0000004b"Position46"=dword:0000002e"Visible46"=dword:00000000"Width46"=dword:00000073"Position47"=dword:0000002f"Visible47"=dword:00000000"Width47"=dword:0000007d"Position48"=dword:00000030"Visible48"=dword:00000000"Width48"=dword:0000006e"Position49"=dword:00000031"Visible49"=dword:00000000"Width49"=dword:00000037"Position50"=dword:00000032"Visible50"=dword:00000001"Width50"=dword:00000064"Position51"=dword:00000033"Visible51"=dword:00000000"Width51"=dword:00000037"Position52"=dword:00000034"Visible52"=dword:00000000"Width52"=dword:0000004b"Position53"=dword:00000035"Visible53"=dword:00000000"Width53"=dword:00000046"Position54"=dword:00000036"Visible54"=dword:00000000"Width54"=dword:00000037"Position55"=dword:00000037"Visible55"=dword:00000000"Width55"=dword:0000003c"Position56"=dword:00000038"Visible56"=dword:00000000"Width56"=dword:00000055"Position57"=dword:00000039"Visible57"=dword:00000000"Width57"=dword:0000003c"Position58"=dword:0000003a"Visible58"=dword:00000000"Width58"=dword:0000003c"Position59"=dword:0000003b"Visible59"=dword:00000000"Width59"=dword:00000055"Position60"=dword:0000003c"Visible60"=dword:00000000"Width60"=dword:00000046"Position61"=dword:0000003d"Visible61"=dword:00000000"Width61"=dword:0000004b"Position62"=dword:0000003e"Visible62"=dword:00000000"Width62"=dword:00000055"Position63"=dword:0000003f"Visible63"=dword:00000000"Width63"=dword:0000005a"Position64"=dword:00000040"Visible64"=dword:00000000"Width64"=dword:0000006e"Position65"=dword:00000041"Visible65"=dword:00000000"Width65"=dword:00000050"Position66"=dword:00000042"Visible66"=dword:00000000"Width66"=dword:00000032"Position67"=dword:00000043"Visible67"=dword:00000000"Width67"=dword:00000064"Position68"=dword:00000044"Visible68"=dword:00000000"Width68"=dword:0000004b"Position69"=dword:00000045"Visible69"=dword:00000000"Width69"=dword:0000002d"Position70"=dword:00000046"Visible70"=dword:00000001"Width70"=dword:0000004b"Position71"=dword:00000047"Visible71"=dword:00000000"Width71"=dword:0000005a"Position72"=dword:00000048"Visible72"=dword:00000000"Width72"=dword:0000005a"Position73"=dword:00000049"Visible73"=dword:00000000"Width73"=dword:00000050"Position74"=dword:0000004a"Visible74"=dword:00000000"Width74"=dword:0000004b"Position75"=dword:0000004b"Visible75"=dword:00000000"Width75"=dword:00000050"Position76"=dword:0000004c"Visible76"=dword:00000000"Width76"=dword:0000005a"Position77"=dword:0000004d"Visible77"=dword:00000000"Width77"=dword:00000041"Position78"=dword:0000004e"Visible78"=dword:00000000"Width78"=dword:00000041"Position79"=dword:0000004f"Visible79"=dword:00000000"Width79"=dword:00000041"Position80"=dword:00000050"Visible80"=dword:00000000"Width80"=dword:00000041"Position81"=dword:00000051"Visible81"=dword:00000000"Width81"=dword:00000041"Position82"=dword:00000052"Visible82"=dword:00000000"Width82"=dword:00000041"Position83"=dword:00000053"Visible83"=dword:00000000"Width83"=dword:00000041"Position84"=dword:00000054"Visible84"=dword:00000000"Width84"=dword:00000041"Position85"=dword:00000055"Visible85"=dword:00000001"Width85"=dword:00000041"Position86"=dword:00000056"Visible86"=dword:00000000"Width86"=dword:00000050.[HKEY_USERS\S-1-5-21-1010187651-4247693101-3305864321-1002\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Rating Coefficients]"GKWeightCoef"=dword:00000064"GKCurrentAbilityCoef"=dword:00000000"GKCornersCoef"=dword:00000000"GKCrossingCoef"=dword:00000000"GKDribblingCoef"=dword:00000000"GKFinishingCoef"=dword:00000000"GKFirstTouchCoef"=dword:00000000"GKFreeKicksCoef"=dword:00000000"GKHeadingCoef"=dword:00000000"GKLongShotsCoef"=dword:00000000"GKLongThrowsCoef"=dword:00000000"GKMarkingCoef"=dword:00000000"GKPassingCoef"=dword:00000000"GKPenaltiesCoef"=dword:00000000"GKTacklingCoef"=dword:00000005"GKTechniqueCoef"=dword:00000000"GKLeftFootCoef"=dword:00000000"GKRightFootCoef"=dword:00000000"GKAggressionCoef"=dword:0000000a"GKAnticipationCoef"=dword:00000005"GKBraveryCoef"=dword:00000014"GKComposureCoef"=dword:00000014"GKConcentrationCoef"=dword:0000000a"GKConsistencyCoef"=dword:0000000a"GKCreativityCoef"=dword:00000000"GKDecisionsCoef"=dword:00000014"GKDeterminationCoef"=dword:0000000a"GKDirtinessCoef"=dword:fffffffb"GKFlairCoef"=dword:00000000"GKImportantMatchesCoef"=dword:0000000a"GKInfluenceCoef"=dword:0000000a"GKOffTheBallCoef"=dword:00000000"GKPositioningCoef"=dword:00000050"GKTeamworkCoef"=dword:00000005"GKWorkRateCoef"=dword:00000000"GKAccelerationCoef"=dword:00000005"GKAgilityCoef"=dword:0000000a"GKBalanceCoef"=dword:0000000a"GKInjuryPronenessCoef"=dword:fffffffb"GKJumpingCoef"=dword:00000050"GKNaturalFitnessCoef"=dword:00000005"GKPaceCoef"=dword:00000000"GKStaminaCoef"=dword:00000000"GKStrengthCoef"=dword:0000000a"GKVersatilityCoef"=dword:00000000"GKAerialAbilityCoef"=dword:00000032"GKCommandOfAreaCoef"=dword:00000014"GKCommunicationCoef"=dword:00000032"GKEccentricityCoef"=dword:ffffffec"GKHandlingCoef"=dword:00000064"GKKickingCoef"=dword:0000000a"GKOneOnOnesCoef"=dword:00000032"GKReflexesCoef"=dword:00000064"GKRushingOutCoef"=dword:00000014"GKTendencyToPunchCoef"=dword:fffffff6"GKThrowingCoef"=dword:0000000a"GKAdaptabilityCoef"=dword:00000005"GKAmbitionCoef"=dword:0000000a"GKControversyCoef"=dword:fffffffb"GKLoyalityCoef"=dword:00000005"GKPressureCoef"=dword:00000005"GKProfessionalismCoef"=dword:00000005"GKSportsmanshipCoef"=dword:00000005"GKTemperamentCoef"=dword:00000005"SWWeightCoef"=dword:00000066"SWCurrentAbilityCoef"=dword:00000000"SWCornersCoef"=dword:00000000"SWCrossingCoef"=dword:00000000"SWDribblingCoef"=dword:00000000"SWFinishingCoef"=dword:00000000"SWFirstTouchCoef"=dword:00000014"SWFreeKicksCoef"=dword:0000000a"SWHeadingCoef"=dword:00000064"SWLongShotsCoef"=dword:0000000a"SWLongThrowsCoef"=dword:00000000"SWMarkingCoef"=dword:00000064"SWPassingCoef"=dword:0000000a"SWPenaltiesCoef"=dword:00000005"SWTacklingCoef"=dword:00000064"SWTechniqueCoef"=dword:0000000a"SWLeftFootCoef"=dword:00000005"SWRightFootCoef"=dword:00000005"SWAggressionCoef"=dword:00000014"SWAnticipationCoef"=dword:00000014"SWBraveryCoef"=dword:00000028"SWComposureCoef"=dword:00000028"SWConcentrationCoef"=dword:0000003c"SWConsistencyCoef"=dword:0000000a"SWCreativityCoef"=dword:0000000a"SWDecisionsCoef"=dword:00000014"SWDeterminationCoef"=dword:0000000a"SWDirtinessCoef"=dword:ffffffe7"SWFlairCoef"=dword:00000000"SWImportantMatchesCoef"=dword:0000000a"SWInfluenceCoef"=dword:0000000a"SWOffTheBallCoef"=dword:0000000a"SWPositioningCoef"=dword:00000064"SWTeamworkCoef"=dword:00000028"SWWorkRateCoef"=dword:00000014"SWAccelerationCoef"=dword:0000001e"SWAgilityCoef"=dword:0000000a"SWBalanceCoef"=dword:00000014"SWInjuryPronenessCoef"=dword:fffffffb"SWJumpingCoef"=dword:00000064"SWNaturalFitnessCoef"=dword:00000005"SWPaceCoef"=dword:00000014"SWStaminaCoef"=dword:0000000a"SWStrengthCoef"=dword:00000050"SWVersatilityCoef"=dword:00000005"SWAerialAbilityCoef"=dword:00000000"SWCommandOfAreaCoef"=dword:00000000"SWCommunicationCoef"=dword:00000000"SWEccentricityCoef"=dword:00000000"SWHandlingCoef"=dword:00000000"SWKickingCoef"=dword:00000000"SWOneOnOnesCoef"=dword:00000005"SWReflexesCoef"=dword:00000005"SWRushingOutCoef"=dword:00000000"SWTendencyToPunchCoef"=dword:00000000"SWThrowingCoef"=dword:00000000"SWAdaptabilityCoef"=dword:00000005"SWAmbitionCoef"=dword:0000000a"SWControversyCoef"=dword:fffffffb"SWLoyalityCoef"=dword:00000005"SWPressureCoef"=dword:00000005"SWProfessionalismCoef"=dword:00000005"SWSportsmanshipCoef"=dword:00000005"SWTemperamentCoef"=dword:00000005"CBWeightCoef"=dword:00000064"CBCurrentAbilityCoef"=dword:00000000"CBCornersCoef"=dword:00000000"CBCrossingCoef"=dword:00000000"CBDribblingCoef"=dword:00000000"CBFinishingCoef"=dword:00000000"CBFirstTouchCoef"=dword:00000014"CBFreeKicksCoef"=dword:0000000a"CBHeadingCoef"=dword:00000064"CBLongShotsCoef"=dword:0000000a"CBLongThrowsCoef"=dword:00000000"CBMarkingCoef"=dword:00000050"CBPassingCoef"=dword:00000014"CBPenaltiesCoef"=dword:00000005"CBTacklingCoef"=dword:00000064"CBTechniqueCoef"=dword:0000000a"CBLeftFootCoef"=dword:00000005"CBRightFootCoef"=dword:00000005"CBAggressionCoef"=dword:00000014"CBAnticipationCoef"=dword:00000014"CBBraveryCoef"=dword:00000028"CBComposureCoef"=dword:00000014"CBConcentrationCoef"=dword:00000028"CBConsistencyCoef"=dword:0000000a"CBCreativityCoef"=dword:0000000a"CBDecisionsCoef"=dword:00000014"CBDeterminationCoef"=dword:0000000a"CBDirtinessCoef"=dword:ffffffec"CBFlairCoef"=dword:00000000"CBImportantMatchesCoef"=dword:0000000a"CBInfluenceCoef"=dword:0000000a"CBOffTheBallCoef"=dword:0000000a"CBPositioningCoef"=dword:00000050"CBTeamworkCoef"=dword:00000028"CBWorkRateCoef"=dword:00000014"CBAccelerationCoef"=dword:00000028"CBAgilityCoef"=dword:0000000a"CBBalanceCoef"=dword:00000014"CBInjuryPronenessCoef"=dword:fffffffb"CBJumpingCoef"=dword:00000064"CBNaturalFitnessCoef"=dword:00000005"CBPaceCoef"=dword:0000001e"CBStaminaCoef"=dword:0000000a"CBStrengthCoef"=dword:0000003c"CBVersatilityCoef"=dword:00000005"CBAerialAbilityCoef"=dword:00000000"CBCommandOfAreaCoef"=dword:00000000"CBCommunicationCoef"=dword:00000000"CBEccentricityCoef"=dword:00000000"CBHandlingCoef"=dword:00000000"CBKickingCoef"=dword:00000000"CBOneOnOnesCoef"=dword:00000005"CBReflexesCoef"=dword:00000005"CBRushingOutCoef"=dword:00000000"CBTendencyToPunchCoef"=dword:00000000"CBThrowingCoef"=dword:00000000"CBAdaptabilityCoef"=dword:00000005"CBAmbitionCoef"=dword:0000000a"CBControversyCoef"=dword:fffffffb"CBLoyalityCoef"=dword:00000005"CBPressureCoef"=dword:00000005"CBProfessionalismCoef"=dword:00000005"CBSportsmanshipCoef"=dword:00000005"CBTemperamentCoef"=dword:00000005"FBWeightCoef"=dword:00000069"FBCurrentAbilityCoef"=dword:00000000"FBCornersCoef"=dword:0000000a"FBCrossingCoef"=dword:0000001e"FBDribblingCoef"=dword:00000014"FBFinishingCoef"=dword:00000000"FBFirstTouchCoef"=dword:00000014"FBFreeKicksCoef"=dword:0000000a"FBHeadingCoef"=dword:0000003c"FBLongShotsCoef"=dword:0000000a"FBLongThrowsCoef"=dword:0000000a"FBMarkingCoef"=dword:0000003c"FBPassingCoef"=dword:0000001e"FBPenaltiesCoef"=dword:00000005"FBTacklingCoef"=dword:00000064"FBTechniqueCoef"=dword:00000014"FBLeftFootCoef"=dword:00000005"FBRightFootCoef"=dword:00000005"FBAggressionCoef"=dword:0000000f"FBAnticipationCoef"=dword:00000050"FBBraveryCoef"=dword:00000014"FBComposureCoef"=dword:0000000a"FBConcentrationCoef"=dword:0000001e"FBConsistencyCoef"=dword:0000000a"FBCreativityCoef"=dword:0000000a"FBDecisionsCoef"=dword:00000014"FBDeterminationCoef"=dword:0000000a"FBDirtinessCoef"=dword:fffffff6"FBFlairCoef"=dword:00000005"FBImportantMatchesCoef"=dword:0000000a"FBInfluenceCoef"=dword:0000000a"FBOffTheBallCoef"=dword:00000014"FBPositioningCoef"=dword:00000064"FBTeamworkCoef"=dword:00000014"FBWorkRateCoef"=dword:00000014"FBAccelerationCoef"=dword:0000003c"FBAgilityCoef"=dword:0000000a"FBBalanceCoef"=dword:00000014"FBInjuryPronenessCoef"=dword:fffffffb"FBJumpingCoef"=dword:0000003c"FBNaturalFitnessCoef"=dword:00000005"FBPaceCoef"=dword:00000050"FBStaminaCoef"=dword:0000003c"FBStrengthCoef"=dword:00000028"FBVersatilityCoef"=dword:00000005"FBAerialAbilityCoef"=dword:00000000"FBCommandOfAreaCoef"=dword:00000000"FBCommunicationCoef"=dword:00000000"FBEccentricityCoef"=dword:00000000"FBHandlingCoef"=dword:00000000"FBKickingCoef"=dword:00000000"FBOneOnOnesCoef"=dword:00000005"FBReflexesCoef"=dword:00000005"FBRushingOutCoef"=dword:00000000"FBTendencyToPunchCoef"=dword:00000000"FBThrowingCoef"=dword:00000000"FBAdaptabilityCoef"=dword:00000005"FBAmbitionCoef"=dword:0000000a"FBControversyCoef"=dword:fffffffb"FBLoyalityCoef"=dword:00000005"FBPressureCoef"=dword:00000005"FBProfessionalismCoef"=dword:00000005"FBSportsmanshipCoef"=dword:00000005"FBTemperamentCoef"=dword:00000005"WBWeightCoef"=dword:0000006c"WBCurrentAbilityCoef"=dword:00000000"WBCornersCoef"=dword:0000000a"WBCrossingCoef"=dword:0000003c"WBDribblingCoef"=dword:00000028"WBFinishingCoef"=dword:0000000a"WBFirstTouchCoef"=dword:00000014"WBFreeKicksCoef"=dword:0000000a"WBHeadingCoef"=dword:00000028"WBLongShotsCoef"=dword:00000014"WBLongThrowsCoef"=dword:0000000a"WBMarkingCoef"=dword:0000003c"WBPassingCoef"=dword:00000028"WBPenaltiesCoef"=dword:00000005"WBTacklingCoef"=dword:00000064"WBTechniqueCoef"=dword:00000028"WBLeftFootCoef"=dword:00000005"WBRightFootCoef"=dword:00000005"WBAggressionCoef"=dword:0000000a"WBAnticipationCoef"=dword:00000050"WBBraveryCoef"=dword:0000000a"WBComposureCoef"=dword:0000000a"WBConcentrationCoef"=dword:00000014"WBConsistencyCoef"=dword:0000000a"WBCreativityCoef"=dword:00000014"WBDecisionsCoef"=dword:00000014"WBDeterminationCoef"=dword:0000000a"WBDirtinessCoef"=dword:fffffff6"WBFlairCoef"=dword:0000000a"WBImportantMatchesCoef"=dword:0000000a"WBInfluenceCoef"=dword:0000000a"WBOffTheBallCoef"=dword:00000014"WBPositioningCoef"=dword:00000064"WBTeamworkCoef"=dword:00000014"WBWorkRateCoef"=dword:00000028"WBAccelerationCoef"=dword:00000050"WBAgilityCoef"=dword:0000000a"WBBalanceCoef"=dword:00000014"WBInjuryPronenessCoef"=dword:fffffffb"WBJumpingCoef"=dword:00000014"WBNaturalFitnessCoef"=dword:00000005"WBPaceCoef"=dword:00000064"WBStaminaCoef"=dword:00000050"WBStrengthCoef"=dword:00000028"WBVersatilityCoef"=dword:00000005"WBAerialAbilityCoef"=dword:00000000"WBCommandOfAreaCoef"=dword:00000000"WBCommunicationCoef"=dword:00000000"WBEccentricityCoef"=dword:00000000"WBHandlingCoef"=dword:00000000"WBKickingCoef"=dword:00000000"WBOneOnOnesCoef"=dword:00000005"WBReflexesCoef"=dword:00000005"WBRushingOutCoef"=dword:00000000"WBTendencyToPunchCoef"=dword:00000000"WBThrowingCoef"=dword:00000000"WBAdaptabilityCoef"=dword:00000005"WBAmbitionCoef"=dword:0000000a"WBControversyCoef"=dword:fffffffb"WBLoyalityCoef"=dword:00000005"WBPressureCoef"=dword:00000005"WBProfessionalismCoef"=dword:00000005"WBSportsmanshipCoef"=dword:00000005"WBTemperamentCoef"=dword:00000005"DMWeightCoef"=dword:00000067"DMCurrentAbilityCoef"=dword:00000000"DMCornersCoef"=dword:0000000a"DMCrossingCoef"=dword:0000001e"DMDribblingCoef"=dword:00000014"DMFinishingCoef"=dword:0000000a"DMFirstTouchCoef"=dword:0000001e"DMFreeKicksCoef"=dword:0000000a"DMHeadingCoef"=dword:00000028"DMLongShotsCoef"=dword:00000014"DMLongThrowsCoef"=dword:00000005"DMMarkingCoef"=dword:0000003c"DMPassingCoef"=dword:00000028"DMPenaltiesCoef"=dword:00000005"DMTacklingCoef"=dword:00000064"DMTechniqueCoef"=dword:0000001e"DMLeftFootCoef"=dword:00000005"DMRightFootCoef"=dword:00000005"DMAggressionCoef"=dword:00000028"DMAnticipationCoef"=dword:00000028"DMBraveryCoef"=dword:00000014"DMComposureCoef"=dword:0000000a"DMConcentrationCoef"=dword:00000014"DMConsistencyCoef"=dword:0000000a"DMCreativityCoef"=dword:00000014"DMDecisionsCoef"=dword:00000014"DMDeterminationCoef"=dword:0000000a"DMDirtinessCoef"=dword:fffffff6"DMFlairCoef"=dword:0000000a"DMImportantMatchesCoef"=dword:0000000a"DMInfluenceCoef"=dword:0000000a"DMOffTheBallCoef"=dword:0000001e"DMPositioningCoef"=dword:00000050"DMTeamworkCoef"=dword:00000028"DMWorkRateCoef"=dword:00000050"DMAccelerationCoef"=dword:00000028"DMAgilityCoef"=dword:0000000a"DMBalanceCoef"=dword:0000000a"DMInjuryPronenessCoef"=dword:fffffffb"DMJumpingCoef"=dword:00000028"DMNaturalFitnessCoef"=dword:00000005"DMPaceCoef"=dword:00000028"DMStaminaCoef"=dword:0000003c"DMStrengthCoef"=dword:00000028"DMVersatilityCoef"=dword:00000005"DMAerialAbilityCoef"=dword:00000000"DMCommandOfAreaCoef"=dword:00000000"DMCommunicationCoef"=dword:00000000"DMEccentricityCoef"=dword:00000000"DMHandlingCoef"=dword:00000000"DMKickingCoef"=dword:00000000"DMOneOnOnesCoef"=dword:00000005"DMReflexesCoef"=dword:00000005"DMRushingOutCoef"=dword:00000000"DMTendencyToPunchCoef"=dword:00000000"DMThrowingCoef"=dword:00000000"DMAdaptabilityCoef"=dword:00000005"DMAmbitionCoef"=dword:0000000a"DMControversyCoef"=dword:fffffffb"DMLoyalityCoef"=dword:00000005"DMPressureCoef"=dword:00000005"DMProfessionalismCoef"=dword:00000005"DMSportsmanshipCoef"=dword:00000005"DMTemperamentCoef"=dword:00000005"MWeightCoef"=dword:00000068"MCurrentAbilityCoef"=dword:00000000"MCornersCoef"=dword:0000000a"MCrossingCoef"=dword:00000028"MDribblingCoef"=dword:00000032"MFinishingCoef"=dword:00000014"MFirstTouchCoef"=dword:0000001e"MFreeKicksCoef"=dword:0000000a"MHeadingCoef"=dword:0000001e"MLongShotsCoef"=dword:00000014"MLongThrowsCoef"=dword:00000005"MMarkingCoef"=dword:00000028"MPassingCoef"=dword:00000046"MPenaltiesCoef"=dword:00000005"MTacklingCoef"=dword:0000003c"MTechniqueCoef"=dword:00000032"MLeftFootCoef"=dword:00000005"MRightFootCoef"=dword:00000005"MAggressionCoef"=dword:0000001e"MAnticipationCoef"=dword:00000028"MBraveryCoef"=dword:0000000a"MComposureCoef"=dword:0000000a"MConcentrationCoef"=dword:0000000a"MConsistencyCoef"=dword:0000000a"MCreativityCoef"=dword:0000003c"MDecisionsCoef"=dword:0000001e"MDeterminationCoef"=dword:0000000a"MDirtinessCoef"=dword:fffffffb"MFlairCoef"=dword:0000000a"MImportantMatchesCoef"=dword:0000000a"MInfluenceCoef"=dword:0000000a"MOffTheBallCoef"=dword:00000028"MPositioningCoef"=dword:00000028"MTeamworkCoef"=dword:00000032"MWorkRateCoef"=dword:00000032"MAccelerationCoef"=dword:00000032"MAgilityCoef"=dword:0000000a"MBalanceCoef"=dword:0000000a"MInjuryPronenessCoef"=dword:fffffffb"MJumpingCoef"=dword:00000028"MNaturalFitnessCoef"=dword:00000005"MPaceCoef"=dword:00000028"MStaminaCoef"=dword:0000003c"MStrengthCoef"=dword:0000001e"MVersatilityCoef"=dword:00000005"MAerialAbilityCoef"=dword:00000000"MCommandOfAreaCoef"=dword:00000000"MCommunicationCoef"=dword:00000000"MEccentricityCoef"=dword:00000000"MHandlingCoef"=dword:00000000"MKickingCoef"=dword:00000000"MOneOnOnesCoef"=dword:00000005"MReflexesCoef"=dword:00000005"MRushingOutCoef"=dword:00000000"MTendencyToPunchCoef"=dword:00000000"MThrowingCoef"=dword:00000000"MAdaptabilityCoef"=dword:00000005"MAmbitionCoef"=dword:0000000a"MControversyCoef"=dword:fffffffb"MLoyalityCoef"=dword:00000005"MPressureCoef"=dword:00000005"MProfessionalismCoef"=dword:00000005"MSportsmanshipCoef"=dword:00000005"MTemperamentCoef"=dword:00000005"AMWeightCoef"=dword:00000068"AMCurrentAbilityCoef"=dword:00000000"AMCornersCoef"=dword:0000000a"AMCrossingCoef"=dword:0000003c"AMDribblingCoef"=dword:00000050"AMFinishingCoef"=dword:00000028"AMFirstTouchCoef"=dword:0000001e"AMFreeKicksCoef"=dword:0000000a"AMHeadingCoef"=dword:00000014"AMLongShotsCoef"=dword:00000014"AMLongThrowsCoef"=dword:00000005"AMMarkingCoef"=dword:0000000a"AMPassingCoef"=dword:00000064"AMPenaltiesCoef"=dword:00000005"AMTacklingCoef"=dword:0000000a"AMTechniqueCoef"=dword:00000050"AMLeftFootCoef"=dword:00000005"AMRightFootCoef"=dword:00000005"AMAggressionCoef"=dword:0000000a"AMAnticipationCoef"=dword:0000001e"AMBraveryCoef"=dword:0000000a"AMComposureCoef"=dword:0000000a"AMConcentrationCoef"=dword:0000000a"AMConsistencyCoef"=dword:0000000a"AMCreativityCoef"=dword:00000064"AMDecisionsCoef"=dword:00000028"AMDeterminationCoef"=dword:0000000a"AMDirtinessCoef"=dword:fffffffb"AMFlairCoef"=dword:00000014"AMImportantMatchesCoef"=dword:0000000a"AMInfluenceCoef"=dword:0000000a"AMOffTheBallCoef"=dword:0000003c"AMPositioningCoef"=dword:00000014"AMTeamworkCoef"=dword:0000003c"AMWorkRateCoef"=dword:00000014"AMAccelerationCoef"=dword:0000003c"AMAgilityCoef"=dword:0000000a"AMBalanceCoef"=dword:0000000a"AMInjuryPronenessCoef"=dword:fffffffb"AMJumpingCoef"=dword:00000014"AMNaturalFitnessCoef"=dword:00000005"AMPaceCoef"=dword:0000003c"AMStaminaCoef"=dword:0000003c"AMStrengthCoef"=dword:00000014"AMVersatilityCoef"=dword:00000005"AMAerialAbilityCoef"=dword:00000000"AMCommandOfAreaCoef"=dword:00000000"AMCommunicationCoef"=dword:00000000"AMEccentricityCoef"=dword:00000000"AMHandlingCoef"=dword:00000000"AMKickingCoef"=dword:00000000"AMOneOnOnesCoef"=dword:00000005"AMReflexesCoef"=dword:00000005"AMRushingOutCoef"=dword:00000000"AMTendencyToPunchCoef"=dword:00000000"AMThrowingCoef"=dword:00000000"AMAdaptabilityCoef"=dword:00000005"AMAmbitionCoef"=dword:0000000a"AMControversyCoef"=dword:fffffffb"AMLoyalityCoef"=dword:00000005"AMPressureCoef"=dword:00000005"AMProfessionalismCoef"=dword:00000005"AMSportsmanshipCoef"=dword:00000005"AMTemperamentCoef"=dword:00000005"WWeightCoef"=dword:00000069"WCurrentAbilityCoef"=dword:00000000"WCornersCoef"=dword:0000000a"WCrossingCoef"=dword:00000064"WDribblingCoef"=dword:00000064"WFinishingCoef"=dword:0000003c"WFirstTouchCoef"=dword:0000001e"WFreeKicksCoef"=dword:0000000a"WHeadingCoef"=dword:00000014"WLongShotsCoef"=dword:00000014"WLongThrowsCoef"=dword:00000005"WMarkingCoef"=dword:0000000a"WPassingCoef"=dword:0000003c"WPenaltiesCoef"=dword:00000005"WTacklingCoef"=dword:0000000a"WTechniqueCoef"=dword:00000050"WLeftFootCoef"=dword:00000005"WRightFootCoef"=dword:00000005"WAggressionCoef"=dword:0000000a"WAnticipationCoef"=dword:00000014"WBraveryCoef"=dword:0000000a"WComposureCoef"=dword:0000000a"WConcentrationCoef"=dword:0000000a"WConsistencyCoef"=dword:0000000a"WCreativityCoef"=dword:0000003c"WDecisionsCoef"=dword:00000014"WDeterminationCoef"=dword:0000000a"WDirtinessCoef"=dword:fffffffb"WFlairCoef"=dword:0000000a"WImportantMatchesCoef"=dword:00000014"WInfluenceCoef"=dword:0000000a"WOffTheBallCoef"=dword:0000003c"WPositioningCoef"=dword:00000014"WTeamworkCoef"=dword:0000001e"WWorkRateCoef"=dword:0000001e"WAccelerationCoef"=dword:00000050"WAgilityCoef"=dword:00000014"WBalanceCoef"=dword:0000000a"WInjuryPronenessCoef"=dword:fffffffb"WJumpingCoef"=dword:00000014"WNaturalFitnessCoef"=dword:00000005"WPaceCoef"=dword:00000064"WStaminaCoef"=dword:0000003c"WStrengthCoef"=dword:00000014"WVersatilityCoef"=dword:00000005"WAerialAbilityCoef"=dword:00000000"WCommandOfAreaCoef"=dword:00000000"WCommunicationCoef"=dword:00000000"WEccentricityCoef"=dword:00000000"WHandlingCoef"=dword:00000000"WKickingCoef"=dword:00000000"WOneOnOnesCoef"=dword:00000005"WReflexesCoef"=dword:00000005"WRushingOutCoef"=dword:00000000"WTendencyToPunchCoef"=dword:00000000"WThrowingCoef"=dword:00000000"WAdaptabilityCoef"=dword:00000005"WAmbitionCoef"=dword:0000000a"WControversyCoef"=dword:fffffffb"WLoyalityCoef"=dword:00000005"WPressureCoef"=dword:00000005"WProfessionalismCoef"=dword:00000005"WSportsmanshipCoef"=dword:00000005"WTemperamentCoef"=dword:00000005"FSTWeightCoef"=dword:00000067"FSTCurrentAbilityCoef"=dword:00000000"FSTCornersCoef"=dword:0000000a"FSTCrossingCoef"=dword:0000000a"FSTDribblingCoef"=dword:00000050"FSTFinishingCoef"=dword:00000064"FSTFirstTouchCoef"=dword:00000028"FSTFreeKicksCoef"=dword:0000000a"FSTHeadingCoef"=dword:00000028"FSTLongShotsCoef"=dword:00000014"FSTLongThrowsCoef"=dword:00000000"FSTMarkingCoef"=dword:00000000"FSTPassingCoef"=dword:00000028"FSTPenaltiesCoef"=dword:00000005"FSTTacklingCoef"=dword:00000000"FSTTechniqueCoef"=dword:00000050"FSTLeftFootCoef"=dword:00000005"FSTRightFootCoef"=dword:00000005"FSTAggressionCoef"=dword:0000000a"FSTAnticipationCoef"=dword:0000000a"FSTBraveryCoef"=dword:0000000a"FSTComposureCoef"=dword:0000000a"FSTConcentrationCoef"=dword:0000000a"FSTConsistencyCoef"=dword:0000000a"FSTCreativityCoef"=dword:00000028"FSTDecisionsCoef"=dword:0000000a"FSTDeterminationCoef"=dword:0000000a"FSTDirtinessCoef"=dword:fffffffb"FSTFlairCoef"=dword:0000000a"FSTImportantMatchesCoef"=dword:0000000a"FSTInfluenceCoef"=dword:0000000a"FSTOffTheBallCoef"=dword:00000050"FSTPositioningCoef"=dword:0000000a"FSTTeamworkCoef"=dword:0000000a"FSTWorkRateCoef"=dword:0000000a"FSTAccelerationCoef"=dword:00000064"FSTAgilityCoef"=dword:00000028"FSTBalanceCoef"=dword:0000000a"FSTInjuryPronenessCoef"=dword:fffffffb"FSTJumpingCoef"=dword:00000014"FSTNaturalFitnessCoef"=dword:00000005"FSTPaceCoef"=dword:00000064"FSTStaminaCoef"=dword:00000028"FSTStrengthCoef"=dword:00000014"FSTVersatilityCoef"=dword:00000005"FSTAerialAbilityCoef"=dword:00000000"FSTCommandOfAreaCoef"=dword:00000000"FSTCommunicationCoef"=dword:00000000"FSTEccentricityCoef"=dword:00000000"FSTHandlingCoef"=dword:00000000"FSTKickingCoef"=dword:00000000"FSTOneOnOnesCoef"=dword:00000005"FSTReflexesCoef"=dword:00000005"FSTRushingOutCoef"=dword:00000000"FSTTendencyToPunchCoef"=dword:00000000"FSTThrowingCoef"=dword:00000000"FSTAdaptabilityCoef"=dword:00000005"FSTAmbitionCoef"=dword:0000000a"FSTControversyCoef"=dword:fffffffb"FSTLoyalityCoef"=dword:00000005"FSTPressureCoef"=dword:00000005"FSTProfessionalismCoef"=dword:00000005"FSTSportsmanshipCoef"=dword:00000005"FSTTemperamentCoef"=dword:00000005"TSTWeightCoef"=dword:00000067"TSTCurrentAbilityCoef"=dword:00000000"TSTCornersCoef"=dword:00000000"TSTCrossingCoef"=dword:0000000a"TSTDribblingCoef"=dword:0000003c"TSTFinishingCoef"=dword:00000050"TSTFirstTouchCoef"=dword:0000001e"TSTFreeKicksCoef"=dword:0000000a"TSTHeadingCoef"=dword:00000064"TSTLongShotsCoef"=dword:00000014"TSTLongThrowsCoef"=dword:00000000"TSTMarkingCoef"=dword:00000000"TSTPassingCoef"=dword:00000028"TSTPenaltiesCoef"=dword:00000005"TSTTacklingCoef"=dword:00000000"TSTTechniqueCoef"=dword:00000028"TSTLeftFootCoef"=dword:00000005"TSTRightFootCoef"=dword:00000005"TSTAggressionCoef"=dword:00000014"TSTAnticipationCoef"=dword:0000000a"TSTBraveryCoef"=dword:00000014"TSTComposureCoef"=dword:0000000a"TSTConcentrationCoef"=dword:0000000a"TSTConsistencyCoef"=dword:0000000a"TSTCreativityCoef"=dword:00000014"TSTDecisionsCoef"=dword:0000000a"TSTDeterminationCoef"=dword:0000000a"TSTDirtinessCoef"=dword:fffffffb"TSTFlairCoef"=dword:0000000a"TSTImportantMatchesCoef"=dword:0000000a"TSTInfluenceCoef"=dword:0000000a"TSTOffTheBallCoef"=dword:00000050"TSTPositioningCoef"=dword:00000014"TSTTeamworkCoef"=dword:0000000a"TSTWorkRateCoef"=dword:0000000a"TSTAccelerationCoef"=dword:00000028"TSTAgilityCoef"=dword:00000014"TSTBalanceCoef"=dword:00000014"TSTInjuryPronenessCoef"=dword:fffffffb"TSTJumpingCoef"=dword:00000064"TSTNaturalFitnessCoef"=dword:00000005"TSTPaceCoef"=dword:00000028"TSTStaminaCoef"=dword:00000014"TSTStrengthCoef"=dword:00000050"TSTVersatilityCoef"=dword:00000005"TSTAerialAbilityCoef"=dword:00000000"TSTCommandOfAreaCoef"=dword:00000000"TSTCommunicationCoef"=dword:00000000"TSTEccentricityCoef"=dword:00000000"TSTHandlingCoef"=dword:00000000"TSTKickingCoef"=dword:00000000"TSTOneOnOnesCoef"=dword:00000005"TSTReflexesCoef"=dword:00000005"TSTRushingOutCoef"=dword:00000000"TSTTendencyToPunchCoef"=dword:00000000"TSTThrowingCoef"=dword:00000000"TSTAdaptabilityCoef"=dword:00000005"TSTAmbitionCoef"=dword:0000000a"TSTControversyCoef"=dword:fffffffb"TSTLoyalityCoef"=dword:00000005"TSTPressureCoef"=dword:00000005"TSTProfessionalismCoef"=dword:00000005"TSTSportsmanshipCoef"=dword:00000005"TSTTemperamentCoef"=dword:00000005.Completion time: 2012-02-11 17:52:45ComboFix-quarantined-files.txt 2012-02-11 17:52.Pre-Run: 164,932,657,152 bytes freePost-Run: 165,254,254,592 bytes free.- - End Of File - - 071260B7E3773C378F91A1DBBC6B0EDFLet me know where you want to go from here.Removing that cookie didn't make any difference towards ending the error messages, so I'm still at square 1 - here's hoping you can see a little further ahead than me I notice it has flagged up Genie Scout, the website where I got that would be www fmscout.com and I use an updated 2008 version Link to post Share on other sites More sharing options...
Elise Posted February 11, 2012 ID:525821 Share Posted February 11, 2012 Could you give me the exact error message please?Please download Farbar Service Scanner and run it on the computer with the issue.Make sure the following options are checked:Internet ServicesWindows FirewallSystem RestoreSecurity CenterWindows Update[*]Press "Scan".[*]It will create a log (FSS.txt) in the same directory the tool is run.[*]Please copy and paste the log to your reply. Link to post Share on other sites More sharing options...
Maltid Posted February 13, 2012 Author ID:526369 Share Posted February 13, 2012 Elise, I'll keep Farbar in reserve for today because I think I've found the problem - and it turned out to be one of those 'Doh!!' moments ((I had looked at this file before because the error message gave the process name, but for some reason my brain always saw Pando Media Booster as belonging to Panda AV suite of files....so I've uninstalled pmb.exe which calls itself a download manager but from Googling it seems to be some sort of P2P facilitator.I want to give it 24 hours or so to make sure the error messages have stopped, and will let you know how that turns out - pretty sure it should do the trick though.Fingers crossed, I'll post again tomorrow. Link to post Share on other sites More sharing options...
Elise Posted February 13, 2012 ID:526372 Share Posted February 13, 2012 I'm glad you found the cause for the problem! Lets also do some final steps to ensure your computer stays okay.Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:Download the latest version of Adobe Reader Version X. and save it to your desktop.Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offeredClick the download button at the bottom. If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat. If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your ComputerThen from your desktop double-click on Adobe Reader to install the newest version. If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.When the "Adobe Setup - Welcome" window opens, click the Install > button.If offered to install a Toolbar, just uncheck the box before continuing unless you want it.Your Adobe Reader is now up to date!Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Download the latest version of Java Runtime Environment (JRE) Version 7u2.Look for "JDK 7u2 (JDK or JRE).Click the "Download JRE" button at the right.Read the License Agreement, and then check the box that says: "Accept License Agreement".Select "Windows x86 Offline" and click on jre-7-windows-i586.exe [*]Save it to your desktop[*]Close any programs you may have running - especially your web browser.[*]Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).[*]Reboot your computer once all Java components are removed.[*]Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.ESET ONLINE SCANNER----------------------------I'd like us to scan your machine with ESET OnlineScanHold down Control and click on this link to open ESET OnlineScan in a new window.Click the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.Double click on the icon on your desktop.Check "YES, I accept the Terms of Use."Click the Start button.Accept any security warnings from your browser.Under scan settings, check "Scan Archives" and "Remove found threats" Click Advanced settings and select the following:Scan potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth technology[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.[*]When the scan completes, click List Threats[*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.[*]Click the Back button.[*]Click the Finish button. Link to post Share on other sites More sharing options...
Maltid Posted February 15, 2012 Author ID:526939 Share Posted February 15, 2012 More work eh? thought I was home free at least the computer has stopped dialling out since pmb file was uninstalledOnline scanner found 1 file: C:\Users\Nisto\Documents\Upgraded\Setup_FreeConverter.exe Win32/Adware.Toolbar.Dealio application deleted - quarantinedFarbar Service Scanner:Farbar Service Scanner Version: 14-02-2012Ran by Nisto (administrator) on 15-02-2012 at 08:23:04Running from "C:\Users\Nisto\Desktop"Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)Boot Mode: Normal****************************************************************Internet Services:============Connection Status:==============Localhost is accessible.LAN connected.Google IP is accessible.Yahoo IP is accessible.Windows Firewall:=============Firewall Disabled Policy:==================System Restore:============System Restore Disabled Policy:========================Security Center:============Windows Update:============File Check:========C:\Windows\system32\nsisvc.dll => MD5 is legitC:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legitC:\Windows\system32\dhcpcsvc.dll => MD5 is legitC:\Windows\system32\Drivers\afd.sys => MD5 is legitC:\Windows\system32\Drivers\tdx.sys => MD5 is legitC:\Windows\system32\Drivers\tcpip.sys => MD5 is legitC:\Windows\system32\dnsrslvr.dll => MD5 is legitC:\Windows\system32\mpssvc.dll => MD5 is legitC:\Windows\system32\bfe.dll => MD5 is legitC:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legitC:\Windows\system32\SDRSVC.dll => MD5 is legitC:\Windows\system32\vssvc.exe => MD5 is legitC:\Windows\system32\wscsvc.dll => MD5 is legitC:\Windows\system32\wbem\WMIsvc.dll => MD5 is legitC:\Windows\system32\wuaueng.dll => MD5 is legitC:\Windows\system32\qmgr.dll => MD5 is legitC:\Windows\system32\es.dll => MD5 is legitC:\Windows\system32\cryptsvc.dll => MD5 is legitC:\Windows\system32\svchost.exe => MD5 is legitC:\Windows\system32\rpcss.dll => MD5 is legit**** End of log **** Link to post Share on other sites More sharing options...
Elise Posted February 15, 2012 ID:526943 Share Posted February 15, 2012 That all looks great! ALL CLEAN--------------Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean Please do the following to remove the remaining programs from your PC:Delete the tools used during the disinfection:Click start > run and type combofix /uninstall, press enter. This will remove Combofix from your computer.Please read these advices, in order to prevent reinfecting your PC:Install and update the following programs regularly:an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.A comprehensive tutorial and a list of possible firewalls can be found here.an AntiVirus SoftwareIt is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.an Anti-Spyware programMalware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.SUPERAntiSpyware is another good scanner with high detection and removal rates.Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.Spyware BlasterA tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.[*]Keep Windows (and your other Microsoft software) up to date!I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!![*]Keep your other software up to date as wellSoftware does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.[*]Stay up to date!The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.Some more links you might find of interest:Miekies' prevention suggestionsSo How did I get infected?Microsoft - 'Security at home'Calendar of Updates: See which updates have been released.How to backup your Data with Cobian Backup:because you never know, when your harddisk might fail :wink:Commonly Used Freeware Replacements: a nice list of freeware programs in all categories, that are regarded as useful by the users of this forum.osalt: Find (free) open source alternatives to known commercial software.Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards. Link to post Share on other sites More sharing options...
Staff screen317 Posted April 10, 2012 Staff ID:541502 Share Posted April 10, 2012 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts