0

I got a virus about 3 weeks ago and my pc hasn't been the same since. most programs are saying my pc is clean but its unresponsive and FREEZES A LOT : details since infection date in malwarebytes...

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4063

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18241

5/3/2010 10:42:48 PM
mbam-log-2010-05-03 (22-42-48).txt

Scan type: Quick scan
Objects scanned: 134328
Time elapsed: 15 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kdmjylck (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4065

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 8.0.6001.18241

5/4/2010 12:42:02 PM
mbam-log-2010-05-04 (12-42-02).txt

Scan type: Quick scan
Objects scanned: 132989
Time elapsed: 5 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\cking\Local Settings\Temporary Internet Files\Content.IE5\0559KWS0\n002102801r0409J11000601R3d73c24fXbc2ef2d6Yf7f305d0Z03003f3630dP000301080[1] (Rogue.AntiSpywareSoft) -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4117

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18241

5/19/2010 2:48:55 PM
mbam-log-2010-05-19 (14-48-55).txt

Scan type: Full scan (C:\|)
Objects scanned: 755792
Time elapsed: 3 hour(s), 45 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\homepage.txt (Stolen.Data) -> Quarantined and deleted successfully.

please help

4
Contributors
28
Replies
29
Views
7 Years
Discussion Span
Last Post by jholland1964
0

05.05.2010 19:26:56 - ##### check started #####
05.05.2010 19:26:56 - ### Version: 1.6.1
05.05.2010 19:26:56 - ### Date: 5/5/2010 7:26:56 PM
05.05.2010 19:27:03 - ##### checking bots #####
05.05.2010 19:37:42 - found: Win32.Winlagons.co Data
05.05.2010 20:03:05 - found: Virtumonde.sdn Data
05.05.2010 20:03:07 - found: Virtumonde.sdn Data
05.05.2010 20:06:01 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:01 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:01 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:01 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:01 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:01 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:06:02 - found: Win32.TDSS.reg Settings
05.05.2010 20:07:43 - ##### check finished #####

0

--- Report generated: 2010-05-05 20:07 ---

Win32.Winlagons.co: [SBI $0729C6C7] Data (File, nothing done)
C:\WINDOWS\system32\uniq.tll
Properties.size=1
Properties.md5=4A8A08F09D37B73795649038408B5F33
Properties.filedate=1236722076
Properties.filedatetext=2009-03-10 16:54:36

Virtumonde.sdn: [SBI $70056CE6] Data (File, nothing done)
C:\WINDOWS\system32\lejelizo
Properties.size=6456
Properties.md5=283CB1AEE536DAD751C487EC8F1D5ACF
Properties.filedate=1236727312
Properties.filedatetext=2009-03-10 18:21:51

Virtumonde.sdn: [SBI $70056CE6] Data (File, nothing done)
C:\WINDOWS\system32\zijobabu
Properties.size=6456
Properties.md5=A60642074835296F0E7B0A0937D19FB9
Properties.filedate=1236733676
Properties.filedatetext=2009-03-10 20:07:55

Win32.TDSS.reg: [SBI $D242F2A1] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\TDSSserv

Win32.TDSS.reg: [SBI $ED898C34] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\TDSSserv

Win32.TDSS.reg: [SBI $4E1FA478] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\TDSSserv

Win32.TDSS.reg: [SBI $9B2B7040] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\TDSSl

Win32.TDSS.reg: [SBI $A310FB33] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\TDSSl

Win32.TDSS.reg: [SBI $02297FDD] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\TDSSl

Win32.TDSS.reg: [SBI $D17C05E5] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\tdssservers

Win32.TDSS.reg: [SBI $97AE3081] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\tdssservers

Win32.TDSS.reg: [SBI $AA1FDC5D] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\tdssservers

Win32.TDSS.reg: [SBI $7054CF65] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\tdssmain

Win32.TDSS.reg: [SBI $4F9FB1F0] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\tdssmain

Win32.TDSS.reg: [SBI $EC0999BC] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\tdssmain

Win32.TDSS.reg: [SBI $78243C04] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\tdssinit

Win32.TDSS.reg: [SBI $47EF4291] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\tdssinit

Win32.TDSS.reg: [SBI $E4796ADD] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\tdssinit

Win32.TDSS.reg: [SBI $46DE3DA2] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\TDSSproc

Win32.TDSS.reg: [SBI $7EE5B6D1] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\TDSSproc

Win32.TDSS.reg: [SBI $DFDC323F] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\TDSSproc


--- Spybot - Search & Destroy version: 1.6.1 (build: 20090120) ---

2009-01-24 blindman.exe (1.0.0.8)
2009-01-24 SDFiles.exe (1.6.1.7)
2009-01-24 SDMain.exe (1.0.0.6)
2009-01-24 SDShred.exe (1.0.2.5)
2009-01-24 SDUpdate.exe (1.6.0.12)
2009-01-24 SpybotSD.exe (1.6.1.44)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-05-05 unins000.exe (51.49.0.0)
2009-01-24 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-24 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-24 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-05-04 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-05-04 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-05-04 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-05-04 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-05-05 Includes\Malware.sbi (*)
2010-05-05 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-04-13 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-05-04 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02 Includes\Spyware.sbi (*)
2010-05-04 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-04-27 Includes\Trojans.sbi (*)
2010-05-04 Includes\TrojansC-02.sbi (*)
2010-05-04 Includes\TrojansC-03.sbi (*)
2010-05-04 Includes\TrojansC-04.sbi (*)
2010-05-04 Includes\TrojansC-05.sbi (*)
2010-05-04 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

0

--- Report generated: 2010-05-05 20:32 ---

Win32.Winlagons.co: [SBI $0729C6C7] Data (File, fixed)
C:\WINDOWS\system32\uniq.tll
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Virtumonde.sdn: [SBI $70056CE6] Data (File, fixed)
C:\WINDOWS\system32\lejelizo
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Virtumonde.sdn: [SBI $70056CE6] Data (File, fixed)
C:\WINDOWS\system32\zijobabu
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Win32.TDSS.reg: [SBI $D242F2A1] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\TDSSserv

Win32.TDSS.reg: [SBI $ED898C34] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\TDSSserv

Win32.TDSS.reg: [SBI $4E1FA478] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\TDSSserv

Win32.TDSS.reg: [SBI $9B2B7040] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\TDSSl

Win32.TDSS.reg: [SBI $A310FB33] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\TDSSl

Win32.TDSS.reg: [SBI $02297FDD] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\TDSSl

Win32.TDSS.reg: [SBI $D17C05E5] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\tdssservers

Win32.TDSS.reg: [SBI $97AE3081] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\tdssservers

Win32.TDSS.reg: [SBI $AA1FDC5D] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\tdssservers

Win32.TDSS.reg: [SBI $7054CF65] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\tdssmain

Win32.TDSS.reg: [SBI $4F9FB1F0] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\tdssmain

Win32.TDSS.reg: [SBI $EC0999BC] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\tdssmain

Win32.TDSS.reg: [SBI $78243C04] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\tdssinit

Win32.TDSS.reg: [SBI $47EF4291] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\tdssinit

Win32.TDSS.reg: [SBI $E4796ADD] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\tdssinit

Win32.TDSS.reg: [SBI $46DE3DA2] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules\TDSSproc

Win32.TDSS.reg: [SBI $7EE5B6D1] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules\TDSSproc

Win32.TDSS.reg: [SBI $DFDC323F] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules\TDSSproc


--- Spybot - Search & Destroy version: 1.6.1 (build: 20090120) ---

2009-01-24 blindman.exe (1.0.0.8)
2009-01-24 SDFiles.exe (1.6.1.7)
2009-01-24 SDMain.exe (1.0.0.6)
2009-01-24 SDShred.exe (1.0.2.5)
2009-01-24 SDUpdate.exe (1.6.0.12)
2009-01-24 SpybotSD.exe (1.6.1.44)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-05-05 unins000.exe (51.49.0.0)
2009-01-24 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-24 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-24 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-05-04 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-05-04 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-05-04 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-05-04 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-05-05 Includes\Malware.sbi (*)
2010-05-05 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-04-13 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-05-04 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02 Includes\Spyware.sbi (*)
2010-05-04 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-04-27 Includes\Trojans.sbi (*)
2010-05-04 Includes\TrojansC-02.sbi (*)
2010-05-04 Includes\TrojansC-03.sbi (*)
2010-05-04 Includes\TrojansC-04.sbi (*)
2010-05-04 Includes\TrojansC-05.sbi (*)
2010-05-04 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

0

--- Report generated: 2010-05-06 10:41 ---

DoubleClick: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


Log: Activity: SchedLgU.Txt (Backup file, fixed)
C:\WINDOWS\SchedLgU.Txt

Log: Activity: ntbtlog.txt (Backup file, fixed)
C:\WINDOWS\ntbtlog.txt

Log: Install: setupapi.log (Backup file, fixed)
C:\WINDOWS\setupapi.log

Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemprox.log

Log: Shutdown: System32\wbem\logs\winmgmt.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\winmgmt.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

7-Zip: [SBI $B0066D4E] Compressed archives history (7 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\7-ZIP\Compression\ArcHistory

7-Zip: [SBI $0D2606FE] Extracted archives history (6 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\7-ZIP\Extraction\PathHistory

7-Zip: [SBI $12C3A52C] Folder history (Registry value, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\7-ZIP\FM\FolderHistory

7-Zip: [SBI $3D5692BD] Last used folder (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\7-ZIP\FM\PanelPath0

Ahead Nero ImageDrive: [SBI $F296F859] Last CD image folder (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Ahead\ImageDrive\General\LastFilePath

Internet Explorer: [SBI $FF589D0C] Download directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Internet Explorer\Download Directory

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\a.blip.tv\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\a1.soundcloud.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\admin.brightcove.com\acudeoSession.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\assets.dailyfill.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\bandtools.nabbr.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\bin.clearspring.com\clearspring.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\brightcove.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cache.reverbnation.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cache.vevo.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn-i.dmdentertainment.com\clearspring.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn-i.dmdentertainment.com\com.conviva.livePass.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.gigya.com\listeners2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.livestream.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.livestream.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.visiblemeasures.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.visiblemeasures.com\configData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.visiblemeasures.com\sessionData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.visiblemeasures.com\userData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.widgetserver.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.widgetserver.com\wbx_cookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn1.telemetryverification.net\dbg.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn1.ustream.tv\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn1.ustream.tv\flash.viewer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn1.ustream.tv\viewer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\chase.com\DataStore.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\chatango.com\bw.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\chatango.com\fixed_id.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\chatango.com\mini_login.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\common.scrippsnetworks.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\content.oddcast.com\oddcast_so.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.mochibot.com\com.mochibot.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\crackle.com\crackleSettings.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\d.yimg.com\COSMOSPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\d.yimg.com\COSMOS_FOP.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\d.yimg.com\VolumePrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\d.yimg.com\YEPBWPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\ds.serving-sys.com\userTheme.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\ebaumsworld.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\elite.wrestlingstreams.net\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\farm.sproutbuilder.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\farm.sproutbuilder.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\farm.sproutbuilder.com\sproutp.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\farm.sproutmixer.com\sproutp.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\files.privatecamz.com\appColor.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\fimservecdn.com\novem3.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\flash.quantserve.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\holiday.sprint.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\i.adultswim.com\bible_fight.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\i.adultswim.com\polar_bear_payback.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\i.adultswim.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\i.adultswim.com\VideoPreferences.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\ia.media-imdb.com\IMDBTEST.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\wmtr.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\inplay.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\is1.j.tv2n.net\dbg.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\l.yimg.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\l.yimg.com\LCOMMENGINEMGR.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\l.yimg.com\VolumePrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\l.yimg.com\YEPBWPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\limelinx.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mail.google.com\wakeup.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mcstatic.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\OVPMetricsProvider.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.nintendo.com\flashVolume.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.nintendo.com\music.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\members.livejasmin.com\wmtr.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mochiads.com\com.mochiads.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mochiads.com\services.mochiads.com.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mochibot.com\com.mochibot.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mpsnare.iesnare.com\stm.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\msnbcmedia.msn.com\playerV2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\msnbcmedia.msn.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\msnbcmedia.msn.com\varo_varoDefault.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\naiadsystems.com\naiad.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\news.discovery.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\objects.tremormedia.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\objects.tremormedia.com\com.tremormedia.acudeocomponent.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p.ooyala.com\auth.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p.ooyala.com\auth2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p.ooyala.com\perf.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p1.soundcloud.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pandora.com\v3_Machine.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pandora.com\v3_PerfComp.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pandora.com\v4_UserCredentials.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pfiles.5min.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pl01.load.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pl08.load.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pl16.load.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\player.cdn.targetspot.com\ts_CBSRadio.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\player.hulu.com\BeaconService.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\player.hulu.com\DPPlayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\player.hulu.com\Lightningcast.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pub.widgetbox.com\wbx_cookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\public0.ordienetworks.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\public0.ordienetworks.com\com.ordienetworks.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\redir.adap.tv\adap.tv.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\reverbnation.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\reverbnation.com\com.reverbnation.prowidgets.player.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.mcstatic.com\UUID.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.mcstatic.com\version.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.mcstatic.com\vpPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.ytimg.com\hdTooltipClue2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.ytimg.com\soundData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.ytimg.com\videostats.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s7d5.scene7.com\s7_storage_tracker.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\scienceclarified.com\s.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secure-us.imrworldwide.com\_ggCvar.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secure-us.imrworldwide.com\_ggCvar_temp.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secure-us.imrworldwide.com\_ggMCvar_1.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secureinclude.ebaystatic.com\ebayLSO.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secureinclude.ebaystatic.com\ebayT.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\siteserver.progressive.com\progressive.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\slide.com\slideshow.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.4shared.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.delvenetworks.com\cachedPlayerConfiguration.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.delvenetworks.com\player.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.eventful.com\com.eventful.logging.spids.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.inplay.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.nfl.com\ar.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.nfl.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.scanscout.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.usnews.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.xhamster.com\com.jeroenwijerin.players.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\tap-cdn.rubiconproject.com\anon_user.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\udn.specificclick.net\fug.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\us.mg2.mail.yahoo.com\cookies.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\video.google.com\videostats.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\video.nbcuni.com\AdPolicyInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\vizu.com\acUserData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\wethebesttv.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-91.slide.com\user_loc_lat.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-91.slide.com\user_loc_lon.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-91.slide.com\user_loc_string.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-cdn.meebo.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-cdn.meebo.com\mm.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widgets.clearspring.com\clearspring.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widgets.sparkart.com\clearspring.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www-cdn.justin.tv\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www-cdn.justin.tv\jtv_pdata.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www-cdn.justin.tv\jtv_settings.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.3dmagix.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.crackle.com\crackleSettings.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.dailymotion.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.directv.com\OmnitureFlashCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.harvest.org\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\BeaconService.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\BeaconServiceV2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\ContinuousPlaySetting.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\MastheadSponsor.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\NewSitePlayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\NewSitePlayerEmbed.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.justuseme.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.mrskin.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.myfoxdc.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.naiadsystems.com\naiad.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.native-instruments.com\native-instruments_website_en_products_guitar_guitar-rig-4-pro_.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.nike.com\NavOSAudioPlayerBridge.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.nike.com\NikeOSAPNav.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.paypal.com\paypalLSO.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.paypal.com\ppLsoTest.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.peewee.com\soundData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.poodwaddle.com\worldclock.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.thenewsroom.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.veoh.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.veoh.com\veohUser.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.vimby.com\mediafavorites.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.youtube.com\soundData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.youtube.com\videostats.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\zootubevideo.com\com.jeroenwijering.players.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\a1.soundcloud.com\player.swf\SCPlayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\aa.online-metrix.net\fpc.swf\session.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn4.specificclick.net\img\gu.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#ve\admanager.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\myplick.s3.amazonaws.com\player18.swf\savedVolume.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\myplick.s3.amazonaws.com\player18.swf\viewStats1.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p1.soundcloud.com\player.swf\SCPlayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\rmncdn.com\versionDetect3.swf\user.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\video2.xtube.com\scenes_player.swf\Volume.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\cram.swf\cramjs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\loadplayer.swf\mkstb.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\player.swf\Lightningcast.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\playerembed.swf\Lightningcast.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn-static.viddler.com\flash\simple_player_inplay.swf\undefined.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.livestream.com\grid\PlayerV2.swf\playerCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.livestream.com\grid\PlayerV2.swf\soClientInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\Demo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\OptOut.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\Retargeting.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\Tearsheet.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\Twig.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\iii.ru\static\Vishnu.swf\Vishnu.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat030.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat036.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat066.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat086.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat093.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat106.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat115.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\lads.myspace.com\videos\vplayer.swf\preferences.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\lads.myspacecdn.com\videos\Main.swf\MSMediaPlayerClosedClients.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\lads.myspacecdn.com\videos\Main.swf\MSMediaPlayerCurrentlyPlaying.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\lads.myspacecdn.com\videos\Main.swf\preferences.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media-macys.pictela.net\core\CGBootloader.swf\Pictela.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media-macys2.pictela.net\core\CGBootloader.swf\Pictela.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.azfamily.com\designvideo\bimVideoPlayer20091130c.swf\BIMvidflashplayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\gui\ffGUILogging.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\gui\fps.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\loader\loaderLogging.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\DownShiftHistory.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\MetadataHistory.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\playerCounter.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\qcDemoVal.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\skytide.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\userPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\userPrefs4.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.xvideos.com\swf\flv_player_site_v4.swf\hexaplayerVolumeCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.xvideos.com\swf\xv-player.swf\hexaplayerPopUpCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\twitter.com\flash\twitter_badge.swf\OdeoPodcastPlayerColors.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\void.snocap.com\s\store.swf\SharedObjectLock.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\void.snocap.com\s\storefront.swf\SnocapDownloadManager.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.bigpoint.de\bpid\bpid.swf\bpid.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.freefilefillableforms.com\flash\FreeFileForms.swf\authinfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.myfoxdc.com\video\videoplayer.swf\savedBitRate.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.myfoxtwincities.com\video\videoplayer.swf\savedBitRate.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MS Management Console: [SBI $ECD50EAD] Recent command list (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Microsoft Management Console\Recent File List

MS Management Console: [SBI $ECD50EAD] Recent command list (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $3B9B7B9A] Last CD record path (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\MediaPlayer\Preferences\CDRecordPath

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (4 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Office\12.0\Word\File MRU

MS Regedit: [SBI $C3B62FC1] Recent open key (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Search Assistant\ACMru

RealOne Player 2 (aka RealPlayer 6.0): [SBI $F369C542] Last login time (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\RealNetworks\RealPlayer\6.0\Preferences\LastLoginTime\

RealOne Player 2 (aka RealPlayer 6.0): [SBI $BB3E2788] Last open file directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\RealNetworks\RealPlayer\6.0\Preferences\LastOpenFileDir\

RealOne Player 2 (aka RealPlayer 6.0): [SBI $066A5F4B] Most recent clips #1 (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips1\

Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $9A5665E7] Open with list - .AIF extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AIF\OpenWithList

Windows.OpenWith: [SBI $16E309E0] Open with list - .ASF extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (5 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $3A7F8A99] Open with list - .BZ2 extension (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (3 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (501 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (9 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (7 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (140 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (78 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

WinZip: [SBI $462D4A59] Recent created file list (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\filemenu

WinZip: [SBI $1059E532] Number of times run (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\rrs\Opened

WinZip: [SBI $1059E532] Number of times run (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\rrs\Opened

WinZip: [SBI $669C1037] Default directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\DefDir

WinZip: [SBI $1FCFAF16] Default directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\zDefDir

WinZip: [SBI $1FCFAF16] Default directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\directories\zDefDir

WinZip: [SBI $E95B93ED] Add files directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\AddDir

WinZip: [SBI $E95B93ED] Add files directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\directories\AddDir

WinZip: [SBI $FF613757] Destination directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\ExtractTo

WinZip: [SBI $9EC1EAC6] Add files directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\gzAddDir

WinZip: [SBI $9EC1EAC6] Add files directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\directories\gzAddDir

WinZip: [SBI $214A5C12] Destination directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\gzExtractTo

WinZip: [SBI $214A5C12] Destination directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\directories\gzExtractTo

Cookie: [SBI $49804B54] Cookie (13) (Cookie, fixed)


Cache: [SBI $49804B54] Cache (22) (Cache, fixed)


History: [SBI $49804B54] History (18) (History, fixed)


Cookie: [SBI $49804B54] Cookie (29) (Cookie, fixed)

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-05-05 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-05-04 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-05-04 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-05-04 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-05-04 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-05-05 Includes\Malware.sbi (*)
2010-05-05 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-04-13 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-05-04 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02

0

--- Report generated: 2010-05-06 10:42 ---

DoubleClick: Tracking cookie (Firefox: Administrator (default)) (Cookie, nothing done)


Log: Activity: SchedLgU.Txt (Backup file, fixed)
C:\WINDOWS\SchedLgU.Txt

Log: Activity: ntbtlog.txt (Backup file, fixed)
C:\WINDOWS\ntbtlog.txt

Log: Install: setupapi.log (Backup file, fixed)
C:\WINDOWS\setupapi.log

Log: Shutdown: System32\wbem\logs\wbemcore.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemcore.log

Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemess.log

Log: Shutdown: System32\wbem\logs\wbemprox.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wbemprox.log

Log: Shutdown: System32\wbem\logs\winmgmt.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\winmgmt.log

Log: Shutdown: System32\wbem\logs\wmiprov.log (Backup file, fixed)
C:\WINDOWS\System32\wbem\logs\wmiprov.log

7-Zip: [SBI $B0066D4E] Compressed archives history (7 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\7-ZIP\Compression\ArcHistory

7-Zip: [SBI $0D2606FE] Extracted archives history (6 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\7-ZIP\Extraction\PathHistory

7-Zip: [SBI $12C3A52C] Folder history (Registry value, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\7-ZIP\FM\FolderHistory

7-Zip: [SBI $3D5692BD] Last used folder (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\7-ZIP\FM\PanelPath0

Ahead Nero ImageDrive: [SBI $F296F859] Last CD image folder (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Ahead\ImageDrive\General\LastFilePath

Internet Explorer: [SBI $FF589D0C] Download directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Internet Explorer\Download Directory

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\a.blip.tv\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\a1.soundcloud.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\admin.brightcove.com\acudeoSession.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\assets.dailyfill.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\bandtools.nabbr.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\bin.clearspring.com\clearspring.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\brightcove.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cache.reverbnation.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cache.vevo.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn-i.dmdentertainment.com\clearspring.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn-i.dmdentertainment.com\com.conviva.livePass.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.gigya.com\listeners2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.livestream.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.livestream.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.visiblemeasures.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.visiblemeasures.com\configData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.visiblemeasures.com\sessionData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.visiblemeasures.com\userData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.widgetserver.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.widgetserver.com\wbx_cookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn1.telemetryverification.net\dbg.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn1.ustream.tv\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn1.ustream.tv\flash.viewer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn1.ustream.tv\viewer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\chase.com\DataStore.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\chatango.com\bw.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\chatango.com\fixed_id.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\chatango.com\mini_login.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\common.scrippsnetworks.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\content.oddcast.com\oddcast_so.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.mochibot.com\com.mochibot.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\crackle.com\crackleSettings.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\d.yimg.com\COSMOSPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\d.yimg.com\COSMOS_FOP.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\d.yimg.com\VolumePrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\d.yimg.com\YEPBWPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\ds.serving-sys.com\userTheme.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\ebaumsworld.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\elite.wrestlingstreams.net\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\farm.sproutbuilder.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\farm.sproutbuilder.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\farm.sproutbuilder.com\sproutp.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\farm.sproutmixer.com\sproutp.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\files.privatecamz.com\appColor.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\fimservecdn.com\novem3.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\flash.quantserve.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\holiday.sprint.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\i.adultswim.com\bible_fight.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\i.adultswim.com\polar_bear_payback.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\i.adultswim.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\i.adultswim.com\VideoPreferences.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\ia.media-imdb.com\IMDBTEST.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\wmtr.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\inplay.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\is1.j.tv2n.net\dbg.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\l.yimg.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\l.yimg.com\LCOMMENGINEMGR.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\l.yimg.com\VolumePrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\l.yimg.com\YEPBWPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\limelinx.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mail.google.com\wakeup.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mcstatic.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\OVPMetricsProvider.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.nintendo.com\flashVolume.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.nintendo.com\music.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\members.livejasmin.com\wmtr.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mochiads.com\com.mochiads.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mochiads.com\services.mochiads.com.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mochibot.com\com.mochibot.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\mpsnare.iesnare.com\stm.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\msnbcmedia.msn.com\playerV2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\msnbcmedia.msn.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\msnbcmedia.msn.com\varo_varoDefault.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\naiadsystems.com\naiad.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\news.discovery.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\objects.tremormedia.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\objects.tremormedia.com\com.tremormedia.acudeocomponent.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p.ooyala.com\auth.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p.ooyala.com\auth2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p.ooyala.com\perf.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p1.soundcloud.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pandora.com\v3_Machine.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pandora.com\v3_PerfComp.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pandora.com\v4_UserCredentials.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pfiles.5min.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pl01.load.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pl08.load.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pl16.load.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\player.cdn.targetspot.com\ts_CBSRadio.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\player.hulu.com\BeaconService.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\player.hulu.com\DPPlayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\player.hulu.com\Lightningcast.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\pub.widgetbox.com\wbx_cookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\public0.ordienetworks.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\public0.ordienetworks.com\com.ordienetworks.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\redir.adap.tv\adap.tv.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\reverbnation.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\reverbnation.com\com.reverbnation.prowidgets.player.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.mcstatic.com\UUID.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.mcstatic.com\version.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.mcstatic.com\vpPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.ytimg.com\hdTooltipClue2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.ytimg.com\soundData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s.ytimg.com\videostats.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\s7d5.scene7.com\s7_storage_tracker.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\scienceclarified.com\s.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secure-us.imrworldwide.com\_ggCvar.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secure-us.imrworldwide.com\_ggCvar_temp.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secure-us.imrworldwide.com\_ggMCvar_1.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secureinclude.ebaystatic.com\ebayLSO.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\secureinclude.ebaystatic.com\ebayT.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\siteserver.progressive.com\progressive.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\slide.com\slideshow.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.4shared.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.delvenetworks.com\cachedPlayerConfiguration.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.delvenetworks.com\player.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.eventful.com\com.eventful.logging.spids.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.inplay.tubemogul.com\StreamMinerInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.nfl.com\ar.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.nfl.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.scanscout.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.usnews.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.xhamster.com\com.jeroenwijerin.players.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\tap-cdn.rubiconproject.com\anon_user.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\udn.specificclick.net\fug.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\us.mg2.mail.yahoo.com\cookies.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\video.google.com\videostats.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\video.nbcuni.com\AdPolicyInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\vizu.com\acUserData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\wethebesttv.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-91.slide.com\user_loc_lat.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-91.slide.com\user_loc_lon.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-91.slide.com\user_loc_string.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-cdn.meebo.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widget-cdn.meebo.com\mm.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widgets.clearspring.com\clearspring.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\widgets.sparkart.com\clearspring.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www-cdn.justin.tv\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www-cdn.justin.tv\jtv_pdata.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www-cdn.justin.tv\jtv_settings.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.3dmagix.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.crackle.com\crackleSettings.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.dailymotion.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.directv.com\OmnitureFlashCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.harvest.org\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\BeaconService.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\BeaconServiceV2.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\ContinuousPlaySetting.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\MastheadSponsor.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\NewSitePlayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\NewSitePlayerEmbed.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.justuseme.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.mrskin.com\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.myfoxdc.com\s_br.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.naiadsystems.com\naiad.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.native-instruments.com\native-instruments_website_en_products_guitar_guitar-rig-4-pro_.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.nike.com\NavOSAudioPlayerBridge.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.nike.com\NikeOSAPNav.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.paypal.com\paypalLSO.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.paypal.com\ppLsoTest.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.peewee.com\soundData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.poodwaddle.com\worldclock.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.thenewsroom.com\com.quantserve.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.veoh.com\analytics.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.veoh.com\veohUser.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.vimby.com\mediafavorites.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.youtube.com\soundData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.youtube.com\videostats.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\zootubevideo.com\com.jeroenwijering.players.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\a1.soundcloud.com\player.swf\SCPlayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\aa.online-metrix.net\fpc.swf\session.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn4.specificclick.net\img\gu.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#ve\admanager.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\myplick.s3.amazonaws.com\player18.swf\savedVolume.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\myplick.s3.amazonaws.com\player18.swf\viewStats1.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\p1.soundcloud.com\player.swf\SCPlayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\rmncdn.com\versionDetect3.swf\user.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\video2.xtube.com\scenes_player.swf\Volume.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\cram.swf\cramjs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\loadplayer.swf\mkstb.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\player.swf\Lightningcast.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $E17C7B50] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.hulu.com\playerembed.swf\Lightningcast.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn-static.viddler.com\flash\simple_player_inplay.swf\undefined.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.livestream.com\grid\PlayerV2.swf\playerCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\cdn.livestream.com\grid\PlayerV2.swf\soClientInfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\Demo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\OptOut.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\Retargeting.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\Tearsheet.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\core.videoegg.com\#com\videoegg\Twig.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\iii.ru\static\Vishnu.swf\Vishnu.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat030.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat036.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat066.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat086.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat093.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat106.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\img.livejasmin.com\flash\memberchat115.swf\jasminmember01.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\lads.myspace.com\videos\vplayer.swf\preferences.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\lads.myspacecdn.com\videos\Main.swf\MSMediaPlayerClosedClients.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\lads.myspacecdn.com\videos\Main.swf\MSMediaPlayerCurrentlyPlaying.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\lads.myspacecdn.com\videos\Main.swf\preferences.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media-macys.pictela.net\core\CGBootloader.swf\Pictela.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media-macys2.pictela.net\core\CGBootloader.swf\Pictela.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.azfamily.com\designvideo\bimVideoPlayer20091130c.swf\BIMvidflashplayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\gui\ffGUILogging.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\gui\fps.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\loader\loaderLogging.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\DownShiftHistory.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\MetadataHistory.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\playerCounter.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\qcDemoVal.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\skytide.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\userPrefs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\media.mtvnservices.com\player\release\userPrefs4.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.xvideos.com\swf\flv_player_site_v4.swf\hexaplayerVolumeCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.xvideos.com\swf\xv-player.swf\hexaplayerPopUpCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\static.xvideos.com\swf\xv-player.swf\hexaplayerVolumeCookie.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\twitter.com\flash\twitter_badge.swf\OdeoPodcastPlayerColors.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\void.snocap.com\s\store.swf\SharedObjectLock.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\void.snocap.com\s\storefront.swf\SnocapDownloadManager.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.bigpoint.de\bpid\bpid.swf\bpid.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.freefilefillableforms.com\flash\FreeFileForms.swf\authinfo.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.myfoxdc.com\video\videoplayer.swf\savedBitRate.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Adobe FlashPlayer Cookies: [SBI $FF9960D7] Text file () (File, fixed)
C:\Documents and Settings\cking\Application Data\Macromedia\Flash Player\#SharedObjects\HFRQ9PK3\www.myfoxtwincities.com\video\videoplayer.swf\savedBitRate.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

MS Management Console: [SBI $ECD50EAD] Recent command list (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Microsoft Management Console\Recent File List

MS Management Console: [SBI $ECD50EAD] Recent command list (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $3B9B7B9A] Last CD record path (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\MediaPlayer\Preferences\CDRecordPath

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (4 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Office\12.0\Word\File MRU

MS Regedit: [SBI $C3B62FC1] Recent open key (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Search Assistant\ACMru

RealOne Player 2 (aka RealPlayer 6.0): [SBI $F369C542] Last login time (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\RealNetworks\RealPlayer\6.0\Preferences\LastLoginTime\

RealOne Player 2 (aka RealPlayer 6.0): [SBI $BB3E2788] Last open file directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\RealNetworks\RealPlayer\6.0\Preferences\LastOpenFileDir\

RealOne Player 2 (aka RealPlayer 6.0): [SBI $066A5F4B] Most recent clips #1 (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\RealNetworks\RealPlayer\6.0\Preferences\MostRecentClips1\

Windows: [SBI $1E4E2003] Drivers installation paths (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $9A5665E7] Open with list - .AIF extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AIF\OpenWithList

Windows.OpenWith: [SBI $16E309E0] Open with list - .ASF extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (5 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $3A7F8A99] Open with list - .BZ2 extension (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BZ2\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (3 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (2 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (501 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (9 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (7 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (140 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (78 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry change, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, fixed)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry value, fixed)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

WinZip: [SBI $462D4A59] Recent created file list (1 files) (Registry key, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\filemenu

WinZip: [SBI $1059E532] Number of times run (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\rrs\Opened

WinZip: [SBI $1059E532] Number of times run (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\rrs\Opened

WinZip: [SBI $669C1037] Default directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\DefDir

WinZip: [SBI $1FCFAF16] Default directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\zDefDir

WinZip: [SBI $1FCFAF16] Default directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\directories\zDefDir

WinZip: [SBI $E95B93ED] Add files directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\AddDir

WinZip: [SBI $E95B93ED] Add files directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\directories\AddDir

WinZip: [SBI $FF613757] Destination directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\ExtractTo

WinZip: [SBI $9EC1EAC6] Add files directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\gzAddDir

WinZip: [SBI $9EC1EAC6] Add files directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\directories\gzAddDir

WinZip: [SBI $214A5C12] Destination directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-1004\Software\Nico Mak Computing\WinZip\directories\gzExtractTo

WinZip: [SBI $214A5C12] Destination directory (Registry change, fixed)
HKEY_USERS\S-1-5-21-790525478-1767777339-725345543-500\Software\Nico Mak Computing\WinZip\directories\gzExtractTo

Cookie: [SBI $49804B54] Cookie (13) (Cookie, fixed)


Cache: [SBI $49804B54] Cache (22) (Cache, fixed)


History: [SBI $49804B54] History (18) (History, fixed)


Cookie: [SBI $49804B54] Cookie (29) (Cookie, fixed)

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-05-05 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-05-04 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-05-04 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-05-04 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-05-04 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-05-05 Includes\Malware.sbi (*)
2010-05-05 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2010-04-13 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-05-04 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02

0

:::::CURRENT HIJACK!::::

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:36:23 PM, on 5/25/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\astsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\WINDOWS\system32\sessmgr.exe
C:\WINDOWS\system32\rsvp.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246218603515
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F770A6E-F6B0-4E58-A903-37E59BE9BDFE}: NameServer = 205.152.37.23,205.152.150.23
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\astsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 9701 bytes

0

uninstall list

3ivx MPEG-4 5.0.3 (remove only)
7-Zip 4.65
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe After Effects CS3 Third Party Content
Adobe After Effects CS3 Third Party Content
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps CS4
Adobe Color - Photoshop Specific
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS4
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe Media Player
Adobe MotionPicture Color Files
Adobe PDF Library Files CS4
Adobe Photoshop Elements 8.0
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 8.0
Adobe Premiere Elements 8.0
Adobe Reader 8.1.2
Adobe Setup
Adobe Setup
Adobe Shockwave Player
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AdobeColorCommonSetRGB
AHV content for Acrobat and Flash
Apple Mobile Device Support
Apple Software Update
Application Verifier
ASIO4ALL
Bass Station 1.50
Best Service Ethno World 3 Complete
Bonjour
Broomstick Bass 1.0.0
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Cambridge Advanced Learner's Dictionary - 3rd Edition
CardRecovery
CCleaner (remove only)
Cheat Engine 5.5
Cheetah DVD Burner
ChordWizard Music Theory 3.0
ChordWizard Songtrix Gold 3.0
CM Vocoder
ComicRack v0.9.111
CutePDF Writer 2.7
daDigital50 v1.2
Debugging Tools for Windows (x86)
Dell Resource CD
Drum Controller Standard Tuning Kit
Edirol HQ Orchestral VSTi v1.03
Effectrix
eMedia Intermediate Piano and Keyboard Method
E-MU USB MIDI Windows Drivers Hotfix
energyXT 2.5.1
FL Studio 9
FlipShare
HASP HL Device Driver
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft Document Explorer 2008 (KB953196)
IL Download Manager
IL Gross Beat
ImageSkill Magic Enhancer Lite (remove only)
Intel(R) PRO Network Connections 12.1.12.0
InterVideo DeviceService
iTunes
J2SE Runtime Environment 5.0 Update 6
Jack v1.9.5
Java(TM) 6 Update 17
Java(TM) 6 Update 5
Java(TM) 6 Update 7
K-Lite Codec Pack 3.8.0 Full
KORG Legacy Collection - ANALOG EDITION 2007
KORG Legacy Collection - DIGITAL EDITION
Learning Essentials for Microsoft Office
LinPlug RM IV 4.12c
Mackie Onyx Satellite
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft DirectX SDK (April 2007)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1
Microsoft Math
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Student 2007 for Learning Essentials
Microsoft Student with Encarta Premium 2009
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86
Microsoft Windows SDK for Windows 7 (7.0)
Microsoft Xbox 360 Accessories 1.1
Motorola Wireless Network Adapter
Mozilla Firefox (3.6.3)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Muon Electron v1.12
Native Instruments Controller Editor
Native Instruments Controller Editor
Native Instruments Elektrik Piano 1.5
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS
Native Instruments Guitar Rig 4
Native Instruments Guitar Rig 4
Native Instruments Massive
Native Instruments Pro-53
Native Instruments Service Center
Native Instruments Service Center
Nero 8
neroxml
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
OpenAL
PDF Settings
PhotoKit Color 2 Plug-In Module
PhotoKit Plug-in Module
Pianoteq v2.2.0
PoiZone
Prince of Persia
Prophet V 1.2
ProTrig Drum-Trigger Plug-in
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Registry Medic 5.0
Reimage Repair
Sakura
SAMSUNG CDMA Modem Driver Set
Sawer
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
SkillSoft Course Manager
SmartSound Quicktracks for Premiere Elements 8.0
SmartSound Quicktracks for Premiere Elements 8.0
SONiVOX Playa
Sony CD Architect 5.2
Sony Noise Reduction Plug-In 2.0h
Sony Sound Forge 9.0
Spider-Man(R) - Web of Shadows(TM) 1.1 Patch
Spybot - Search & Destroy
Starplugs-MoonClass Synthesizer 1.01
Starplugs-Vocoder 1.01
Street Fighter IV
SUPERAntiSpyware Free Edition
Syncrosoft License Control
System Medic 4.0
System Requirements Lab
Tiffen Dfx v1.0 for Photoshop
tools-freebsd
tools-linux
tools-netware
tools-solaris
tools-windows
tools-winPre2k
Toon Boom Animate
Toon Boom Storyboard Pro Trial
Toxic Biohazard
TurboTax 2009
TurboTax 2009 wiaiper
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
Ultra Video Joiner 4.8.0108
UltraVNC 1.0.8.2
Uniblue DriverScanner
Uniblue PowerSuite
Uniblue ProcessQuickLink 2
Uniblue ProcessScanner
Uniblue RegistryBooster
Uniblue SpeedUpMyPC
Unique
VCRedistSetup
VideoFX Transitions Pack
VideoFX Transitions Service Pack
Virtual Beat Thang
VMware Workstation
VMware Workstation
Vocal Rack Trial
Vogue
V-Station 1.50
Vyzex MPD24
Wal-Mart Digital Photo Manager
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Driver Package - LOUD Technologies Inc. (MackieAudio) MEDIA (12/15/2009 1.7.0.1)
Windows Driver Package - LOUD Technologies Inc. LoudSubUnitClass (12/15/2009 1.7.0.1)
Windows Imaging Component
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinZip 11.2
WOW
Xilisoft FLV Converter
Xilisoft MP4 Converter
XP TCP/IP Repair
zMatte v2 for Adobe Photoshop

0

Hi, other than the Malwarebytes' and HiJackThis logs I have no idea what those other logs you posted are from.
You have a huge number of running processes yet really no auto starting because you have disabled them using MSCONFIG. You have a large number of auto starting services.
You need to follow all the steps given in our Read Me Sticky
http://www.daniweb.com/forums/thread134865.html
and post back here with all of those requested logs.

0

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 6/18/2008 7:09:04 PM
System Uptime: 5/26/2010 1:39:37 AM (11 hours ago)

Motherboard: Dell Inc. | | 0CU409
Processor: Genuine Intel(R) CPU 2140 @ 1.60GHz | Socket 775 | 1596/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 699 GiB total, 149.591 GiB free.
D: is CDROM (CDFS)
E: is FIXED (NTFS) - 149 GiB total, 36.684 GiB free.
F: is CDROM (CDFS)
G: is CDROM ()
H: is FIXED (NTFS) - 75 GiB total, 13.385 GiB free.
I: is FIXED (NTFS) - 170 GiB total, 35.656 GiB free.
J: is FIXED (NTFS) - 128 GiB total, 11.436 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\1EFC210800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\1EFC210800
Service: NIC1394

Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: Mackie Onyx Satellite
Device ID: ROOT\MEDIA\0000
Manufacturer: LOUD Technologies Inc.
Name: Mackie Onyx Satellite
PNP Device ID: ROOT\MEDIA\0000
Service: MackieAudio

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: VMware Virtual Ethernet Adapter for VMnet1
Device ID: ROOT\VMWARE\0000
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet1
PNP Device ID: ROOT\VMWARE\0000
Service: VMnetAdapter

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: VMware Virtual Ethernet Adapter for VMnet8
Device ID: ROOT\VMWARE\0001
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet8
PNP Device ID: ROOT\VMWARE\0001
Service: VMnetAdapter

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================


3ivx MPEG-4 5.0.3 (remove only)
7-Zip 4.65
Add or Remove Adobe Creative Suite 3 Master Collection
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe After Effects CS3 Third Party Content
Adobe After Effects CS3 Third Party Content
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps CS4
Adobe Color - Photoshop Specific
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS4
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Flash CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe Media Player
Adobe MotionPicture Color Files
Adobe PDF Library Files CS4
Adobe Photoshop Elements 8.0
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 8.0
Adobe Premiere Elements 8.0
Adobe Reader 8.1.2
Adobe Setup
Adobe Setup
Adobe Shockwave Player
Adobe SING CS3
Adobe Stock Photos CS3
Adobe Type Support CS4
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AdobeColorCommonSetRGB
AHV content for Acrobat and Flash
Apple Mobile Device Support
Apple Software Update
Application Verifier
ASIO4ALL
Bass Station 1.50
Best Service Ethno World 3 Complete
Bonjour
Broomstick Bass 1.0.0
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
Cambridge Advanced Learner's Dictionary - 3rd Edition
CardRecovery
CCleaner (remove only)
Cheat Engine 5.5
Cheetah DVD Burner
ChordWizard Music Theory 3.0
ChordWizard Songtrix Gold 3.0
CM Vocoder
ComicRack v0.9.111
CutePDF Writer 2.7
daDigital50 v1.2
Debugging Tools for Windows (x86)
Dell Resource CD
Drum Controller Standard Tuning Kit
Edirol HQ Orchestral VSTi v1.03
Effectrix
eMedia Intermediate Piano and Keyboard Method
E-MU USB MIDI Windows Drivers Hotfix
energyXT 2.5.1
FL Studio 9
FlipShare
HASP HL Device Driver
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft Document Explorer 2008 (KB953196)
IL Download Manager
IL Gross Beat
ImageSkill Magic Enhancer Lite (remove only)
Intel(R) PRO Network Connections 12.1.12.0
InterVideo DeviceService
iTunes
J2SE Runtime Environment 5.0 Update 6
Jack v1.9.5
Java(TM) 6 Update 17
Java(TM) 6 Update 5
Java(TM) 6 Update 7
K-Lite Codec Pack 3.8.0 Full
KORG Legacy Collection - ANALOG EDITION 2007
KORG Legacy Collection - DIGITAL EDITION
Learning Essentials for Microsoft Office
LinPlug RM IV 4.12c
Mackie Onyx Satellite
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft DirectX SDK (April 2007)
Microsoft Document Explorer 2008
Microsoft Document Explorer 2008
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.1
Microsoft Math
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Student 2007 for Learning Essentials
Microsoft Student with Encarta Premium 2009
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ Compilers 2008 Standard Edition - enu - x86
Microsoft Windows SDK for Windows 7 (7.0)
Microsoft Xbox 360 Accessories 1.1
Motorola Wireless Network Adapter
Mozilla Firefox (3.6.3)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Muon Electron v1.12
Native Instruments Controller Editor
Native Instruments Controller Editor
Native Instruments Elektrik Piano 1.5
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS
Native Instruments Guitar Rig 4
Native Instruments Guitar Rig 4
Native Instruments Massive
Native Instruments Pro-53
Native Instruments Service Center
Native Instruments Service Center
Nero 8
neroxml
NVIDIA Drivers
NVIDIA nView Desktop Manager
NVIDIA PhysX
OpenAL
PDF Settings
PhotoKit Color 2 Plug-In Module
PhotoKit Plug-in Module
Pianoteq v2.2.0
PoiZone
Prince of Persia
Prophet V 1.2
ProTrig Drum-Trigger Plug-in
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Registry Medic 5.0
Reimage Repair
Sakura
SAMSUNG CDMA Modem Driver Set
Sawer
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
SkillSoft Course Manager
SmartSound Quicktracks for Premiere Elements 8.0
SmartSound Quicktracks for Premiere Elements 8.0
SONiVOX Playa
Sony CD Architect 5.2
Sony Noise Reduction Plug-In 2.0h
Sony Sound Forge 9.0
Spider-Man(R) - Web of Shadows(TM) 1.1 Patch
Spybot - Search & Destroy
Starplugs-MoonClass Synthesizer 1.01
Starplugs-Vocoder 1.01
Street Fighter IV
SUPERAntiSpyware Free Edition
Syncrosoft License Control
System Medic 4.0
System Requirements Lab
Tiffen Dfx v1.0 for Photoshop
tools-freebsd
tools-linux
tools-netware
tools-solaris
tools-windows
tools-winPre2k
Toon Boom Animate
Toon Boom Storyboard Pro Trial
Toxic Biohazard
TurboTax 2009
TurboTax 2009 wiaiper
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
Ultra Video Joiner 4.8.0108
UltraVNC 1.0.8.2
Uniblue DriverScanner
Uniblue PowerSuite
Uniblue ProcessQuickLink 2
Uniblue ProcessScanner
Uniblue RegistryBooster
Uniblue SpeedUpMyPC
Unique
VCRedistSetup
VideoFX Transitions Pack
VideoFX Transitions Service Pack
Virtual Beat Thang
VMware Workstation
VMware Workstation
Vocal Rack Trial
Vogue
V-Station 1.50
Vyzex MPD24
Wal-Mart Digital Photo Manager
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Driver Package - LOUD Technologies Inc. (MackieAudio) MEDIA (12/15/2009 1.7.0.1)
Windows Driver Package - LOUD Technologies Inc. LoudSubUnitClass (12/15/2009 1.7.0.1)
Windows Imaging Component
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
WinZip 11.2
WOW
Xilisoft FLV Converter
Xilisoft MP4 Converter
XP TCP/IP Repair
zMatte v2 for Adobe Photoshop

==== Event Viewer Messages From Past Week ========

5/26/2010 2:59:19 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the CiSvc service.
5/25/2010 4:06:27 PM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom0.
5/25/2010 3:13:24 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort2.
5/25/2010 3:12:41 PM, error: atapi [9] - The device, \Device\Ide\IdePort2, did not respond within the timeout period.
5/25/2010 12:53:28 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/25/2010 12:44:50 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Fips IKFileSec intelppm pctfw2 SASDIFSV SASKUTIL sbaphd
5/25/2010 12:43:53 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/25/2010 12:10:41 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
5/25/2010 12:10:38 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
5/25/2010 12:10:23 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IKFileSec pctfw2
5/25/2010 12:10:00 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
5/25/2010 1:09:54 PM, error: Service Control Manager [7023] - The Alerter service terminated with the following error: This security ID may not be assigned as the owner of this object.
5/25/2010 1:09:18 PM, error: MackieAudio [5] - Inadequate host controller capabilities.
5/25/2010 1:09:18 PM, error: ALERTER [3173] - There was an error in creating or reading the alerter mailslot. The error code is 1307.
5/25/2010 1:09:12 PM, error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.

==== End Of File ===========================

0

DDS (Ver_10-03-17.01) - NTFSx86
Run by cking at 12:13:09.25 on Wed 05/26/2010
Internet Explorer: 8.0.6001.18241 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2494 [GMT -4:00]

AV: Sunbelt VIPRE *On-access scanning disabled* (Updated) {964FCE60-0B18-4D30-ADD6-EB178909041C}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\astsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\cking\My Documents\Downloads\Programs\s8idokj5.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\cking\My Documents\Downloads\Programs\dds.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\system32\wuauclt.exe

============== Pseudo HJT Report ===============

uStart Page = www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uWindow Title = Microsoft Internet Explorer
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
uPolicies-explorer: NoSMMyPictures = 0 (0x0)
uPolicies-explorer: NoStartMenuMyMusic = 0 (0x0)
uPolicies-explorer: NoRecentDocsNetHood = 0 (0x0)
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: NoActiveDesktop = 1 (0x1)
uPolicies-explorer: DisallowRun = 0 (0x0)
mPolicies-explorer: NoSMMyPictures = 0 (0x0)
mPolicies-explorer: NoStartMenuMyMusic = 0 (0x0)
mPolicies-explorer: NoRecentDocsNetHood = 0 (0x0)
mPolicies-explorer: NoInstrumentation = 0 (0x0)
mPolicies-explorer: NoSimpleStartMenu = 0 (0x0)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: intuit.com\ttlc
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246218603515
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {1F770A6E-F6B0-4E58-A903-37E59BE9BDFE} = 205.152.37.23,205.152.150.23
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: WBSrv - c:\progra~1\stardock\object~1\window~1\wbsrv.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 c:\windows\system32\hgGyvstR
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\cking\applic~1\mozilla\firefox\profiles\iog38i02.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - component: c:\documents and settings\cking\application data\idm\idmmzcc3\components\idmmzcc.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============


=============== Created Last 30 ================

2010-05-25 20:00:03 0 d-----w- c:\program files\SAMSUNG CDMA Modem
2010-05-25 16:14:43 0 d-----w- c:\documents and settings\all users\Uniblue
2010-05-25 16:11:24 0 d-----w- c:\docume~1\cking\applic~1\Uniblue
2010-05-25 16:11:03 0 d-----w- c:\program files\Uniblue
2010-05-25 02:37:07 0 d-----w- c:\windows\system32\CatRoot_bak
2010-05-24 20:48:08 0 d-----w- c:\program files\Jack v1.9.5
2010-05-23 22:32:52 49152 ----a-w- c:\windows\system32\ChCfg.exe
2010-05-23 22:32:35 0 d-----w- c:\windows\system32\RTCOM
2010-05-23 22:32:02 86016 ----a-w- c:\windows\SoundMan.exe
2010-05-23 22:32:02 282624 ----a-w- c:\windows\system32\RTSndMgr.cpl
2010-05-23 22:32:02 1822720 ----a-w- c:\windows\SkyTel.exe
2010-05-23 22:32:01 9715200 ----a-w- c:\windows\RTLCPL.exe
2010-05-23 22:32:01 4403712 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-05-23 22:32:01 1191936 ----a-w- c:\windows\RtlUpd.exe
2010-05-23 22:32:00 2162688 ----a-w- c:\windows\MicCal.exe
2010-05-23 22:32:00 16132608 ----a-w- c:\windows\RTHDCPL.exe
2010-05-23 22:31:56 299008 ----a-w- c:\windows\system32\ALSndMgr.cpl
2010-05-23 22:31:55 69632 ----a-w- c:\windows\Alcmtr.exe
2010-05-23 22:31:55 2808832 ----a-w- c:\windows\alcwzrd.exe
2010-05-23 22:31:55 0 d-----w- c:\program files\Realtek
2010-05-23 22:31:44 520192 ----a-w- c:\windows\RtlExUpd.dll
2010-05-23 22:31:44 315392 ----a-w- c:\windows\HideWin.exe
2010-05-23 19:52:01 0 d-----w- c:\docume~1\cking\applic~1\UltraVNC
2010-05-23 19:49:28 20672 ----a-w- c:\windows\system32\mv2.dll
2010-05-23 19:49:28 10688 ----a-w- c:\windows\system32\drivers\mv2.sys
2010-05-23 19:49:18 0 d-----w- c:\program files\UltraVNC
2010-05-23 04:24:14 40960 ---ha-w- c:\windows\mshtstat.dll
2010-05-23 04:23:44 40960 ---ha-w- c:\windows\system32\mshtstat.dll
2010-05-23 04:06:47 0 d-----w- c:\program files\Megaman X8
2010-05-22 17:21:54 0 d-----w- c:\program files\Beat Kangz
2010-05-22 17:14:29 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-05-22 17:14:29 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-05-22 17:14:26 0 d-----w- c:\program files\Cheat Engine
2010-05-21 01:24:28 0 dc----w- c:\docume~1\alluse~1\applic~1\{F751CA04-FB71-4EC0-ACC9-5B733D122C5E}
2010-05-19 02:45:30 278 ----a-w- c:\windows\ptlic
2010-05-19 02:45:28 0 d-----w- c:\program files\ProTrig
2010-05-18 17:25:38 0 d-----w- c:\docume~1\cking\applic~1\KORG
2010-05-18 17:24:49 0 d-----w- c:\docume~1\alluse~1\applic~1\KORG
2010-05-18 17:24:46 0 d-----w- c:\program files\common files\KORG
2010-05-18 15:43:15 166 ----a-w- c:\windows\system32\Compress.res
2010-05-18 15:39:18 0 d-----w- C:\ReimageTmp
2010-05-18 02:25:44 6656 -c--a-w- c:\windows\system32\dllcache\cmdide.sys
2010-05-18 02:25:43 20736 -c--a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2010-05-18 02:25:43 13952 -c--a-w- c:\windows\system32\dllcache\cmbatt.sys
2010-05-18 02:25:42 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys
2010-05-18 02:25:41 170880 -c--a-w- c:\windows\system32\dllcache\cl546x.dll
2010-05-18 02:25:40 45696 -c--a-w- c:\windows\system32\dllcache\cirrus.sys
2010-05-18 02:25:40 111232 -c--a-w- c:\windows\system32\dllcache\cl5465.dll
2010-05-18 02:25:39 91264 -c--a-w- c:\windows\system32\dllcache\cirrus.dll
2010-05-18 02:25:38 272640 -c--a-w- c:\windows\system32\dllcache\cinemclc.sys
2010-05-18 02:25:37 980034 -c--a-w- c:\windows\system32\dllcache\cicap.sys
2010-05-18 02:21:59 66082 ----a-w- c:\windows\system32\dllcache\c_20924.nls
2010-05-18 02:20:59 97354 ----a-w- c:\windows\system32\dllcache\aspndis3.sys
2010-05-18 02:19:56 208896 ----a-w- c:\windows\system32\dllcache\fpmmcsat.dll
2010-05-18 01:40:28 13824 -c--a-w- c:\windows\system32\dllcache\OLD1E2.tmp
2010-05-18 01:39:59 36128 -c--a-w- c:\windows\system32\dllcache\OLD172.tmp
2010-05-18 01:39:58 96640 -c--a-w- c:\windows\system32\dllcache\OLD16A.tmp
2010-05-18 01:39:58 342336 -c--a-w- c:\windows\system32\dllcache\OLD16E.tmp
2010-05-18 01:39:57 89952 -c--a-w- c:\windows\system32\dllcache\OLD166.tmp
2010-05-18 01:39:57 36992 -c--a-w- c:\windows\system32\dllcache\OLD162.tmp
2010-05-18 01:39:53 37568 -c--a-w- c:\windows\system32\dllcache\OLD15E.tmp
2010-05-18 01:37:15 6272 -c--a-w- c:\windows\system32\dllcache\OLDE3.tmp
2010-05-18 01:37:15 36224 -c--a-w- c:\windows\system32\dllcache\OLDDF.tmp
2010-05-18 01:37:14 12032 -c--a-w- c:\windows\system32\dllcache\OLDDB.tmp
2010-05-18 01:37:13 5248 -c--a-w- c:\windows\system32\dllcache\OLDD3.tmp
2010-05-18 01:37:13 16969 -c--a-w- c:\windows\system32\dllcache\OLDD7.tmp
2010-05-18 01:37:12 27678 -c--a-w- c:\windows\system32\dllcache\OLDCB.tmp
2010-05-18 01:37:12 26624 -c--a-w- c:\windows\system32\dllcache\OLDCF.tmp
2010-05-18 01:37:11 56960 -c--a-w- c:\windows\system32\dllcache\OLDC7.tmp
2010-05-18 01:37:11 55168 -c--a-w- c:\windows\system32\dllcache\OLDC3.tmp
2010-05-18 01:37:10 12800 -c--a-w- c:\windows\system32\dllcache\OLDBF.tmp
2010-05-18 01:37:08 24576 -c--a-w- c:\windows\system32\dllcache\OLDBB.tmp
2010-05-18 01:34:56 20538 -c--a-w- c:\windows\system32\dllcache\OLD48.tmp
2010-05-18 00:10:15 73216 ----a-w- c:\windows\system32\satmconsole.exe
2010-05-17 23:41:27 12 ----a-w- c:\windows\bthservsdp.dat
2010-05-17 23:40:40 0 d-----w- c:\program files\XP TCPIP Repair
2010-05-11 14:02:08 352513 ----a-w- c:\windows\system32\savapi3.dll
2010-05-11 14:02:08 1380403 ----a-w- c:\windows\system32\avgsdk.dll
2010-05-06 15:40:44 171 ----a-w- c:\windows\wininit.ini
2010-05-06 00:23:22 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-05-06 00:23:22 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-05-05 22:21:18 0 d-----w- c:\program files\WinASO
2010-05-05 19:07:28 0 ----a-w- c:\windows\system32\reimage.rep
2010-05-05 19:04:09 0 ----a-w- c:\windows\system32\reimage.nat
2010-05-05 18:40:13 15272 ----a-w- c:\windows\system32\Native.exe
2010-05-05 18:40:11 0 d-----w- C:\ReimageUndo
2010-05-05 18:16:13 266 ----a-w- c:\windows\reimage.ini
2010-05-05 18:15:54 0 d-----w- C:\rei
2010-05-05 18:15:52 0 d-----w- c:\program files\Reimage
2010-05-05 16:35:52 83456 ----a-w- c:\windows\Mackie.exe
2010-05-05 16:35:52 192600 ----a-w- c:\windows\system32\LoudAudioProp.dll
2010-05-05 16:35:52 119384 ----a-w- c:\windows\system32\MackieAsio.dll
2010-05-05 16:35:52 109408 ----a-w- c:\windows\system32\drivers\MackieAudio.sys
2010-05-05 16:35:28 17536 ----a-w- c:\windows\system32\drivers\OXUDIDRV_X32.sys
2010-05-04 19:13:50 0 d-----w- c:\windows\SxsCaPendDel
2010-05-03 05:05:33 0 d-----w- c:\docume~1\alluse~1\applic~1\DivX

==================== Find3M ====================

2010-05-19 02:37:47 2184 ----a-w- c:\windows\Northmood.dat
2010-05-06 22:29:35 107 ----a-w- c:\docume~1\cking\applic~1\netstat.bat
2010-04-29 20:39:38 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 20:39:26 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-09 23:52:21 626688 ----a-w- c:\windows\system32\msvcr80.dll
2009-06-28 16:01:20 524 ----a-w- c:\program files\mpgvfrv.txt
2009-01-08 06:51:01 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009010820090109\index.dat

============= FINISH: 12:17:00.15 ===============

0

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-05-26 01:18:35
Windows 5.1.2600 Service Pack 3
Running: s8idokj5.exe; Driver: C:\DOCUME~1\cking\LOCALS~1\Temp\pggoqkod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\Tcp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\Udp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\RawIp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)

---- EOF - GMER 1.0.15 ----

0

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-26 12:02:25
Windows 5.1.2600 Service Pack 3
Running: s8idokj5.exe; Driver: C:\DOCUME~1\cking\LOCALS~1\Temp\pggoqkod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\drivers\sbaphd.sys (Sunbelt ActiveProtection hook driver/Sunbelt Software) ZwCreateKey [0xB85D44D0]
SSDT \SystemRoot\system32\drivers\sbaphd.sys (Sunbelt ActiveProtection hook driver/Sunbelt Software) ZwSetValueKey [0xB85D4520]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\Tcp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)

Device \Driver\usbhub \Device\USBPDO-12 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\00000083 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\USBPDO-13 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\00000084 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\USBPDO-14 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\00000092 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\00000085 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\USBPDO-15 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\00000086 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\USBPDO-16 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\00000087 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\00000088 hcmon.sys (VMware USB monitor/VMware, Inc.)

AttachedDevice \Driver\Tcpip \Device\Udp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)
AttachedDevice \Driver\Tcpip \Device\RawIp sbtis.sys (Sunbelt TDI Inspection System/Sunbelt Software)

Device \Driver\usbuhci \Device\USBFDO-0 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbuhci \Device\USBFDO-1 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbuhci \Device\USBFDO-2 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbehci \Device\USBFDO-3 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbuhci \Device\USBFDO-4 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbuhci \Device\USBFDO-5 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbuhci \Device\USBFDO-6 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\0000008b hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbehci \Device\USBFDO-7 hcmon.sys (VMware USB monitor/VMware, Inc.)
Device \Driver\usbhub \Device\0000008c hcmon.sys (VMware USB monitor/VMware, Inc.)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@TDSSserv
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@TDSSl
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@tdssservers
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@tdssmain
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@tdssinit
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@TDSSserv
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@TDSSl
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@tdssservers
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@tdssmain
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@tdssinit
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@TDSSserv
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@TDSSl
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@tdssservers
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@tdssmain
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@tdssinit
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet004\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet005\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet006\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet007\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet008\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet009\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet010\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet011\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet012\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys@start 1
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys@type 1
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys@imagepath \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys@group file system
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@TDSSserv \systemroot\system32\drivers\TDSSmqlt.sys
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@TDSSl \systemroot\system32\TDSSoiqt.dll
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@tdssservers \systemroot\system32\TDSSmhlt.dat
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@tdssmain \systemroot\system32\TDSSmtve.dll
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@tdsslog \systemroot\system32\TDSSarxx.dll
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@tdssadw \systemroot\system32\TDSSvkql.dll
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@tdssinit \systemroot\system32\TDSScfmm.dll
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@tdssurls \systemroot\system32\TDSSlxcp.log
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@tdsspanels \systemroot\system32\TDSSnmxh.dll
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@tdsserrors \systemroot\system32\TDSSsahc.log
Reg HKLM\SYSTEM\ControlSet013\Services\TDSSserv.sys\modules@TDSSproc \systemroot\system32\TDSSxhyf.log
Reg HKLM\SYSTEM\ControlSet014\Services\BTHPORT\Parameters\Keys\000a940251ff (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet016\Services\BTHPORT\Parameters\Keys\000a940251ff (not active ControlSet)
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a940251ff
Reg HKLM\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install
Reg HKLM\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install\VxDs
Reg HKLM\SOFTWARE\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install\VxDs@CTE_32 Name 2455237:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}
Reg HKLM\SOFTWARE\Microsoft\Windows\Current Version\{ADD916B7-3238-B642-38AC-F31A4E6EE8C3}\Install
Reg HKLM\SOFTWARE\Microsoft\Windows\Current Version\{ADD916B7-3238-B642-38AC-F31A4E6EE8C3}\Install\VxDs
Reg HKLM\SOFTWARE\Microsoft\Windows\Current Version\{ADD916B7-3238-B642-38AC-F31A4E6EE8C3}\Install\VxDs@DefaultSettings -12:{3C7DA433-1047-9FC4-00BA-978A09424856}
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Install
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{BEFC7A90-3014-0BDD-92E2-185C1095C047}
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{BEFC7A90-3014-0BDD-92E2-185C1095C047}\Version 1.1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Install\xga-1-{BEFC7A90-3014-0BDD-92E2-185C1095C047}\Version 1.1@dat 806585365:{84CFF0F9-EF04-BDF5-F9E8-29FF61EA4BF3}
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG12.00.00.01PROFESSIONAL FB9C0950B57A1F149A708C9601FE19E5E076519CD12CB68661719DF060C286D265D2B7700276D1C6F3A032E2DA59535BA9F08826635C3AF7636C0C6633DC02F83465A06B224590C0AE7EC6F03DB5325600627B9181CBD69DD28763C2EEE6AC978C8A45DA6B8F81B35710DA336FDFF7B2F1C0E74C86858A1B62CAFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CFEBC9E127BECC74CA6171C11EC38DE3DF14DD40FCB01DDCEA52651DB2CEE340D59AE805AE4241A7AB9154599A85AD65A282E9C24CA47D5D75DA2237FBD09CD0D55235DB9E8B0389B86B9E20750CC19CFF31DC4F3041399DB07A4D520E98E71183C38B78C4E619ADD20E139FB471CDFEE9DE68BE37199AF6894F0BF62E879C84C4EC918D7261BB19335A427FD20B400D9DEF8C416BFF1F013706F472D242C53CDC2581BE43AA7418F66B920559EE9A1B567E557F7D0178BEF74AB69AB3B6AE4C4410A733F06B55FABC901288E3BF1432CDAE53EB63AE8819A72D5B64D005CA2DD6627E5B537D37A44E97A5AFBA1E8B3E94F530A43C429A8B1AB41D2C4F88E0747C49C4BDE33F9CFB9444E6633334A98A2CF2D5DD4EF8129D75CE6F589E0F0E2B3607B129091FEF4F1CB448C8B057BEA0B5B166E66EAFB0433ACE1ECD5A5D8D6DDB1F739689B2
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\{FD62BA9E-E0D3-33AF-FC15-FDD755DB3CB6}
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\{FD62BA9E-E0D3-33AF-FC15-FDD755DB3CB6}\Install
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\{FD62BA9E-E0D3-33AF-FC15-FDD755DB3CB6}\Install\xga-3
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\{FD62BA9E-E0D3-33AF-FC15-FDD755DB3CB6}\Install\xga-3\dat
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\{FD62BA9E-E0D3-33AF-FC15-FDD755DB3CB6}\Install\xga-3\dat@default 518022161:{2CDBDDDA-9D26-7991-B2BE-A676FAED050E}
Reg HKLM\SOFTWARE\Microsoft\Windows Install VBX
Reg HKLM\SOFTWARE\Microsoft\Windows Install VBX\Current
Reg HKLM\SOFTWARE\Microsoft\Windows Install VBX\Current\Install
Reg HKLM\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{BEFC7A90-3014-0BDD-92E2-185C1095C047}
Reg HKLM\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{BEFC7A90-3014-0BDD-92E2-185C1095C047}\Version 3.x
Reg HKLM\SOFTWARE\Microsoft\Windows Install VBX\Current\Install\xga-1-{BEFC7A90-3014-0BDD-92E2-185C1095C047}\Version 3.x@dat 1767914624:{D1065C59-BC6F-3253-8D3A-A67E5CBBC166}
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smase._dll
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smase._dll@AplicationGoo 25)#13?a097??lc534?
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smase._dll@ChkAppHelp {C12C1054-6313-7DE9-78AC-98CC32D0ADA8}
Reg HKLM\SOFTWARE\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}@scansk 0xD5 0xA8 0x3C 0x4B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{f60321b6-f569-4477-bc09-49eedfda8828}@Model 324
Reg HKLM\SOFTWARE\Classes\CLSID\{f60321b6-f569-4477-bc09-49eedfda8828}@Therad 21
Reg HKLM\SOFTWARE\Classes\CLSID\{f60321b6-f569-4477-bc09-49eedfda8828}@MData 0x73 0xD5 0xCF 0xB8 ...

0

You have the TDSS rootkit need to do the following:
Note to others reading this thread, these instructions are for THIS computer ONLY. This tool is NEVER to be used unless first instructed to do so by a helper.

Unless you have access to another computer during the program run please print out these instructions for reference as you will not be able to refer to them while this program is running.

Please download ComboFix by sUBs from HERE
· You must download it to and run it from your Desktop
· Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
· Double click combofix.exe & follow the prompts.
· When finished, it will produce a log. Please save that log to post in your next reply along with a fresh HJT log
· Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Run Combofix ONCE only!!

Edited by jholland1964: n/a

0

ComboFix 10-05-26.01 - cking 05/26/2010 19:09:23.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2528 [GMT -4:00]
Running from: c:\documents and settings\cking\Desktop\ComboFix.exe
AV: Sunbelt VIPRE *On-access scanning disabled* (Updated) {964FCE60-0B18-4D30-ADD6-EB178909041C}
.
The following files were disabled during the run:
c:\windows\mshtstat.dll


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\cking\Application Data\chrtmp
c:\documents and settings\cking\Application Data\dach100.dll
C:\install.exe
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI
c:\windows\system32\Chip.dll
c:\windows\system32\Data
c:\windows\system32\lsprst7.dll
c:\windows\system32\ssprs.dll
c:\windows\system32\test.ttt
c:\windows\system32\zlibwapi.dll
c:\windows\UA000106.DLL

----- BITS: Possible infected sites -----

hxxp://doj+|Cv+@J:NGD_DQ{zcxLJS@Q
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((( Files Created from 2010-04-26 to 2010-05-26 )))))))))))))))))))))))))))))))
.

2010-05-25 20:00 . 2010-05-25 20:00 -------- d-----w- c:\program files\SAMSUNG CDMA Modem
2010-05-25 16:14 . 2010-05-25 16:14 -------- d-----w- c:\documents and settings\All Users\Uniblue
2010-05-25 16:11 . 2010-05-25 16:12 -------- d-----w- c:\documents and settings\cking\Application Data\Uniblue
2010-05-25 16:11 . 2010-05-25 16:30 -------- d-----w- c:\program files\Uniblue
2010-05-25 05:40 . 2010-05-25 05:40 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\IsolatedStorage
2010-05-25 02:37 . 2010-05-25 02:37 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-05-24 20:48 . 2010-05-24 20:48 -------- d-----w- c:\program files\Jack v1.9.5
2010-05-24 09:31 . 2010-05-24 09:31 209376 ----a-w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-05-23 22:32 . 2006-08-01 20:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2010-05-23 22:32 . 2010-05-23 22:32 -------- d-----w- c:\windows\system32\RTCOM
2010-05-23 22:32 . 2007-04-13 20:36 1822720 ----a-w- c:\windows\SkyTel.exe
2010-05-23 22:32 . 2006-07-21 21:14 86016 ----a-w- c:\windows\SoundMan.exe
2010-05-23 22:32 . 2007-05-02 21:21 4403712 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-05-23 22:32 . 2007-03-24 00:19 9715200 ----a-w- c:\windows\RTLCPL.exe
2010-05-23 22:32 . 2007-01-16 15:39 1191936 ----a-w- c:\windows\RtlUpd.exe
2010-05-23 22:32 . 2007-04-26 19:27 16132608 ----a-w- c:\windows\RTHDCPL.exe
2010-05-23 22:32 . 2007-04-25 21:55 2162688 ----a-w- c:\windows\MicCal.exe
2010-05-23 22:31 . 2010-05-23 22:31 -------- d-----w- c:\program files\Realtek
2010-05-23 22:31 . 2006-05-04 21:26 2808832 ----a-w- c:\windows\alcwzrd.exe
2010-05-23 22:31 . 2005-05-03 23:43 69632 ----a-w- c:\windows\Alcmtr.exe
2010-05-23 22:31 . 2010-05-23 22:31 315392 ----a-w- c:\windows\HideWin.exe
2010-05-23 22:31 . 2007-01-12 21:54 520192 ----a-w- c:\windows\RtlExUpd.dll
2010-05-23 22:05 . 2010-05-23 22:05 -------- d-----w- c:\documents and settings\cking\Local Settings\Application Data\SupportSoft
2010-05-23 22:01 . 2010-05-23 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\SupportSoft
2010-05-23 21:59 . 2010-05-23 21:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Dell
2010-05-23 19:52 . 2010-05-23 19:52 -------- d-----w- c:\documents and settings\cking\Application Data\UltraVNC
2010-05-23 19:49 . 2010-05-23 19:49 10688 ----a-w- c:\windows\system32\drivers\mv2.sys
2010-05-23 19:49 . 2010-05-23 19:49 20672 ----a-w- c:\windows\system32\mv2.dll
2010-05-23 19:49 . 2010-05-23 20:28 -------- d-----w- c:\program files\UltraVNC
2010-05-23 04:24 . 2010-05-23 04:24 40960 ----a-w- c:\windows\mshtstat.dll
2010-05-23 04:23 . 2010-05-23 04:23 40960 ---ha-w- c:\windows\system32\mshtstat.dll
2010-05-23 04:06 . 2010-05-23 05:09 -------- d-----w- c:\program files\Megaman X8
2010-05-22 17:21 . 2010-05-22 17:21 -------- d-----w- c:\program files\Beat Kangz
2010-05-22 17:14 . 2007-12-26 22:30 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-05-22 17:14 . 2007-12-26 22:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-05-22 17:14 . 2010-05-25 17:02 -------- d-----w- c:\program files\Cheat Engine
2010-05-21 01:24 . 2010-05-21 01:24 -------- dc----w- c:\documents and settings\All Users\Application Data\{F751CA04-FB71-4EC0-ACC9-5B733D122C5E}
2010-05-19 02:45 . 2010-05-19 02:45 -------- d-----w- c:\program files\ProTrig
2010-05-18 18:12 . 2010-05-24 05:13 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Adobe
2010-05-18 17:59 . 2010-05-18 17:59 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2010-05-18 17:25 . 2010-05-18 18:59 -------- d-----w- c:\documents and settings\cking\Application Data\KORG
2010-05-18 17:24 . 2010-05-18 17:30 -------- d-----w- c:\documents and settings\All Users\Application Data\KORG
2010-05-18 17:24 . 2010-05-18 17:30 -------- d-----w- c:\program files\Common Files\KORG
2010-05-18 15:39 . 2010-05-18 15:43 -------- d-----w- C:\ReimageTmp
2010-05-18 02:25 . 2001-08-17 18:51 6656 -c--a-w- c:\windows\system32\dllcache\cmdide.sys
2010-05-18 02:25 . 2008-04-14 05:06 13952 -c--a-w- c:\windows\system32\dllcache\cmbatt.sys
2010-05-18 02:25 . 2001-08-17 18:51 20736 -c--a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2010-05-18 02:25 . 2001-08-17 18:57 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys
2010-05-18 02:25 . 2001-08-17 19:56 170880 -c--a-w- c:\windows\system32\dllcache\cl546x.dll
2010-05-18 02:25 . 2001-08-17 19:56 111232 -c--a-w- c:\windows\system32\dllcache\cl5465.dll
2010-05-18 02:25 . 2001-08-17 18:57 45696 -c--a-w- c:\windows\system32\dllcache\cirrus.sys
2010-05-18 02:25 . 2001-08-17 19:56 91264 -c--a-w- c:\windows\system32\dllcache\cirrus.dll
2010-05-18 02:25 . 2001-08-17 19:02 272640 -c--a-w- c:\windows\system32\dllcache\cinemclc.sys
2010-05-18 02:25 . 2001-08-17 17:13 980034 -c--a-w- c:\windows\system32\dllcache\cicap.sys
2010-05-18 02:21 . 2001-08-17 18:51 13824 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-05-18 02:20 . 2001-08-17 18:51 14848 ----a-w- c:\windows\system32\dllcache\asc3550.sys
2010-05-18 02:19 . 2008-04-14 11:42 20538 ----a-w- c:\windows\system32\dllcache\fpremadm.exe
2010-05-18 00:10 . 2008-04-14 05:46 141056 -c--a-w- c:\windows\system32\dllcache\ks.sys
2010-05-17 23:41 . 2010-05-26 23:15 12 ----a-w- c:\windows\bthservsdp.dat
2010-05-17 23:40 . 2010-05-17 23:40 -------- d-----w- c:\program files\XP TCPIP Repair
2010-05-11 14:02 . 2010-05-11 14:02 352513 ----a-w- c:\windows\system32\savapi3.dll
2010-05-11 14:02 . 2010-05-11 14:02 1380403 ----a-w- c:\windows\system32\avgsdk.dll
2010-05-06 00:23 . 2010-05-06 13:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-05-06 00:23 . 2010-05-06 03:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-05 22:21 . 2010-05-05 22:21 -------- d-----w- c:\program files\WinASO
2010-05-05 18:40 . 2010-05-05 18:40 15272 ----a-w- c:\windows\system32\Native.exe
2010-05-05 18:40 . 2010-05-05 18:40 -------- d-----w- C:\ReimageUndo
2010-05-05 18:15 . 2010-05-18 15:43 -------- d-----w- C:\rei
2010-05-05 18:15 . 2010-05-05 22:43 -------- d-----w- c:\program files\Reimage
2010-05-05 16:35 . 2009-12-15 15:52 192600 ----a-w- c:\windows\system32\LoudAudioProp.dll
2010-05-05 16:35 . 2009-12-15 15:52 119384 ----a-w- c:\windows\system32\MackieAsio.dll
2010-05-05 16:35 . 2009-12-15 15:52 109408 ----a-w- c:\windows\system32\drivers\MackieAudio.sys
2010-05-05 16:35 . 2009-12-15 15:47 83456 ----a-w- c:\windows\Mackie.exe
2010-05-05 16:35 . 2007-10-02 15:42 17536 ----a-w- c:\windows\system32\drivers\OXUDIDRV_X32.sys
2010-05-05 04:48 . 2010-05-05 04:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2010-05-04 19:13 . 2010-05-04 19:13 -------- d-----w- c:\windows\SxsCaPendDel
2010-05-03 15:36 . 2010-05-03 15:45 -------- d-----w- c:\documents and settings\Administrator\Application Data\Auslogics
2010-05-03 05:05 . 2010-05-04 02:44 -------- d-----w- c:\documents and settings\cking\Local Settings\Application Data\kfsgpqtue
2010-05-03 05:05 . 2010-05-04 19:13 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-26 23:19 . 2008-08-10 16:32 -------- d-----w- c:\documents and settings\cking\Application Data\DMCache
2010-05-25 04:51 . 2008-12-09 21:59 -------- d-----w- c:\program files\Enigma Software Group
2010-05-25 04:49 . 2009-02-11 01:03 -------- d-----w- c:\program files\RescuePRO Deluxe
2010-05-25 04:43 . 2008-06-23 23:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-25 04:43 . 2010-03-13 19:35 -------- d-----w- c:\program files\honestech Claymation Studio 2.0
2010-05-25 04:42 . 2008-12-19 06:07 -------- d-----w- c:\program files\Dachshund Software
2010-05-25 04:32 . 2008-06-28 22:28 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-05-25 04:31 . 2010-03-13 21:53 -------- d-----w- c:\program files\AviDvdBurner
2010-05-24 20:26 . 2008-06-24 04:03 -------- d-----w- c:\program files\7-Zip
2010-05-22 17:44 . 2009-04-21 22:25 -------- d-----w- c:\documents and settings\cking\Application Data\PACE Anti-Piracy
2010-05-22 17:44 . 2009-04-21 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\PACE Anti-Piracy
2010-05-20 16:19 . 2008-08-10 16:32 -------- d-----w- c:\documents and settings\cking\Application Data\IDM
2010-05-19 02:47 . 2009-11-15 22:50 -------- d-----w- c:\program files\VstPlugins
2010-05-19 02:37 . 2009-02-21 20:23 2184 ----a-w- c:\windows\Northmood.dat
2010-05-18 17:24 . 2008-10-13 23:04 -------- d-----w- c:\program files\KORG
2010-05-18 15:30 . 2009-05-21 01:49 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-05-18 13:39 . 2010-02-03 17:21 -------- d-----w- c:\documents and settings\cking\Application Data\VMware
2010-05-06 22:29 . 2008-12-20 08:46 107 ----a-w- c:\documents and settings\cking\Application Data\netstat.bat
2010-05-05 22:46 . 2009-05-24 05:28 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-05 22:27 . 2008-12-09 22:41 -------- d-----w- c:\documents and settings\cking\Application Data\Thinstall
2010-05-04 20:44 . 2009-05-07 23:19 -------- d-----w- c:\program files\eFax Messenger 4.4
2010-05-04 02:34 . 2009-03-10 22:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-29 20:39 . 2009-03-10 22:51 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 20:39 . 2009-03-10 22:51 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-13 21:27 . 2009-02-20 00:24 -------- d-----w- c:\program files\TurboTax
2010-04-13 21:27 . 2008-06-20 15:58 107672 ----a-w- c:\documents and settings\cking\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-11 23:20 . 2010-03-13 21:00 -------- d-----w- c:\documents and settings\cking\Application Data\Toon Boom Animation
2010-04-11 23:20 . 2008-07-14 22:14 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2010-04-11 23:15 . 2010-03-13 20:57 -------- d-----w- c:\program files\Toon Boom Animation
2010-04-09 05:57 . 2010-04-09 05:50 -------- d-----w- c:\program files\Celemony
2010-04-09 05:52 . 2010-04-09 05:52 -------- d-----w- c:\program files\Common Files\Tmp
2010-04-09 05:52 . 2010-04-09 05:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Celemony Software GmbH
2010-03-28 20:11 . 2010-03-28 20:05 -------- d-----w- c:\documents and settings\cking\Application Data\Auslogics
2010-03-28 20:01 . 2010-03-28 20:01 -------- d-----w- c:\program files\Auslogics
2010-03-14 19:12 . 2008-06-20 17:51 107504 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-09 23:52 . 2010-03-09 23:52 626688 ----a-w- c:\windows\system32\msvcr80.dll
2009-06-28 16:01 . 2009-06-28 16:01 524 ----a-w- c:\program files\mpgvfrv.txt
2008-08-22 18:49 . 2008-08-22 18:48 24 --sha-w- c:\windows\SF2D8D61F.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-11-18 3171760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-22 13670504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoSimpleStartMenu"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 0 (0x0)
"NoStartMenuMyMusic"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-05-05 04:02 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2005-12-21 03:57 176128 ----a-w- c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\THGuard

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-10-15 02:38 623992 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-12 05:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 23:43 69632 ----a-w- c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Auslogics BoostSpeed]
2009-12-11 22:44 480368 ----a-w- c:\program files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAHeadless]
2009-09-06 10:40 615808 ----a-w- c:\program files\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 11:42 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eFax 4.4]
2008-10-07 20:25 95744 ----a-w- c:\program files\eFax Messenger 4.4\J2GDllCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2007-08-24 12:00 33648 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2009-11-18 00:58 3171760 ----a-w- c:\program files\Internet Download Manager\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-11-20 19:20 290088 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L09AXLRD_87481078]
2008-06-03 09:05 351000 ----a-w- c:\program files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-04-29 20:39 437584 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-12-03 19:21 2213160 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 19:57 153136 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-02-22 05:35 13670504 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
2007-09-02 18:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-04-26 19:27 16132608 ----a-w- c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBAMTray]
2010-01-04 22:04 959824 ----a-w- c:\program files\Sunbelt Software\VIPRE\SBAMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 21:07 2260480 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-05-18 15:30 2017280 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue ProcessQuickLink 2]
2008-04-02 14:50 655640 ----a-w- c:\program files\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"O&O Defrag"=2 (0x2)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager\appcertdlls]
findlpq REG_SZ c:\windows\mshtstat.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Documents and Settings\\cking\\My Documents\\uTorrent_1.82.15123_Portable\\uTorrent_1.82.15123_Portable\\utorrent.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\DDD\\TriDef\\TriDefMediaPlayer\\TriDefMediaPlayer.exe"=
"c:\\Program Files\\VMware\\VMware Workstation\\vmware-authd.exe"=
"c:\\Program Files\\Adobe\\Adobe Premiere Elements 8.0\\Adobe Premiere Elements.exe"=
"c:\\Program Files\\UltraVNC\\winvnc.exe"=
"c:\\Program Files\\UltraVNC\\vncviewer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Jack v1.9.5\\jackd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5900:TCP"= 5900:TCP:vnc5900
"5800:TCP"= 5800:TCP:vnc5800

R1 OxFWLF;OxFWLF;c:\windows\system32\drivers\OxFWLF.sys [6/17/2009 12:13 AM 12447]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [5/14/2009 3:22 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/14/2009 3:22 PM 68168]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [3/21/2010 1:12 AM 13360]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [3/20/2010 11:56 PM 202928]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [9/6/2009 8:06 AM 169312]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3/10/2009 6:51 PM 304464]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [7/17/2009 9:32 AM 3576320]
R2 SBAMSvc;VIPRE Antivirus + Antispyware;c:\program files\Sunbelt Software\VIPRE\SBAMSvc.exe [1/4/2010 6:02 PM 1012080]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [3/21/2010 1:14 AM 69936]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [1/23/2010 12:14 AM 70704]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3/10/2009 6:51 PM 20952]
R3 MOxSAudioSrv;Mackie Satellite Audio Driver;c:\windows\system32\drivers\satmaud.sys [7/7/2006 3:30 PM 92288]
R3 mv2;mv2;c:\windows\system32\drivers\mv2.sys [5/23/2010 3:49 PM 10688]
R3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\drivers\PTSimBus.sys [6/7/2007 1:16 PM 23208]
R3 WinMTBus;WinMount Bus;c:\windows\system32\drivers\WinMTBus.sys [6/18/2008 9:25 PM 196224]
S1 pctfw2;pctfw2;\??\c:\windows\system32\drivers\pctfw2.sys --> c:\windows\system32\drivers\pctfw2.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys --> c:\windows\system32\drivers\Ambfilt.sys [?]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 EMUXMIDI;E-MU Xmidi Driver;c:\windows\system32\drivers\EMUXMIDI.sys [8/19/2006 7:45 AM 134912]
S3 MackieAudio;Mackie Audio Driver;c:\windows\system32\drivers\MackieAudio.sys [5/5/2010 12:35 PM 109408]
S3 OXUDIDRV;OXUDIDRV;c:\windows\system32\drivers\OXUDIDRV_X32.sys [5/5/2010 12:35 PM 17536]
S3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\drivers\PTSimHid.sys [4/23/2007 11:28 AM 14504]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [5/14/2009 3:22 PM 12872]
S3 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [10/13/2009 9:22 AM 95024]
S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [8/10/2008 2:17 PM 18432]
S3 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [1/22/2010 11:00 PM 563760]
S3 xusb20;Xbox 360 Wireless Receiver for Windows Driver Service;c:\windows\system32\drivers\xusb20.sys [6/18/2008 7:18 PM 50048]
.
Contents of the 'Scheduled Tasks' folder

2010-05-21 c:\windows\Tasks\Reimage Reminder.job
- c:\program files\Reimage\Reimage Repair\ReimageReminder.exe [2010-05-16 08:29]

2010-05-26 c:\windows\Tasks\User_Feed_Synchronization-{F5F3FA2F-B225-4884-8D25-9A7AD962B406}.job
- c:\windows\system32\msfeedssync.exe [2008-08-22 09:05]
.
.
------- Supplementary Scan -------
.
uStart Page = www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
TCP: {1F770A6E-F6B0-4E58-A903-37E59BE9BDFE} = 205.152.37.23,205.152.150.23
FF - ProfilePath - c:\documents and settings\cking\Application Data\Mozilla\Firefox\Profiles\iog38i02.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - component: c:\documents and settings\cking\Application Data\IDM\idmmzcc3\components\idmmzcc.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-OODefragTray - c:\program files\OO Software\Defrag\oodtray.exe
MSConfigStartUp-SpyHunter Security Suite - c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-26 19:18
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):d5,a8,3c,4b,fc,2d,ff,40,ee,7d,3a,ad,88,4d,43,0b,20,33,ff,4c,79,
5a,75,15,ce,14,f3,9a,a0,c9,0e,d1,2d,9e,22,cc,2f,a2,20,72,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f60321b6-f569-4477-bc09-49eedfda8828}]
@Denied: (Full) (Everyone)
"Model"=dword:00000144
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\

[HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{4E41A485-04D4-CF7C-6CE3-27F7BEAE7048}\Data*]
@DACL=
"CTE_32 Name"="616740:{C3B8A1BC-8B18-94D5-AD04-2B3354994626}"

[HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{EC3F6705-85EF-4FB1-4E30-80781324E273}\Data*]
@DACL=
"DefaultSettings"="99:{C6DDA450-F687-55DF-CA23-1A5083308C5D}"

[HKEY_LOCAL_MACHINE\software\Microsoft\DirectInput\Compatibility\CLIENT2._EXE35FEFABD00088200*]
@DACL=
"MaxDeviceNameLen"="25Ú?090000B\01Þ2ae3l"
"NoPollSucceed"="{15BB9F64-564A-C4D6-0B5F-700FECFAD6D1}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\Install*Loc\VxDs]
@DACL=
"CTE_32 Name"="2455237:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Current Version\{ADD916B7-3238-B642-38AC-F31A4E6EE8C3}\Install*Loc\VxDs]
@DACL=
"DefaultSettings"="-12:{3C7DA433-1047-9FC4-00BA-978A09424856}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Install*Loc\xga-1-{BEFC7A90-3014-0BDD-92E2-185C1095C047}\Version 1.1]
@DACL=
"dat"="806585365:{84CFF0F9-EF04-BDF5-F9E8-29FF61EA4BF3}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="FB9C0950B57A1F149A708C9601FE19E5E076519CD12CB68661719DF060C286D265D2B7700276D1C6F3A032E2DA59535BA9F08826635C3AF7636C0C6633DC02F83465A06B224590C0AE7EC6F03DB5325600627B9181CBD69DD28763C2EEE6AC978C8A45DA6B8F81B35710DA336FDFF7B2F1C0E74C86858A1B62CAFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CFEBC9E127BECC74CA6171C11EC38DE3DF14DD40FCB01DDCEA52651DB2CEE340D59AE805AE4241A7AB9154599A85AD65A282E9C24CA47D5D75DA2237FBD09CD0D55235DB9E8B0389B86B9E20750CC19CFF31DC4F3041399DB07A4D520E98E71183C38B78C4E619ADD20E139FB471CDFEE9DE68BE37199AF6894F0BF62E879C84C4EC918D7261BB19335A427FD20B400D9DEF8C416BFF1F013706F472D242C53CDC2581BE43AA7418F66B920559EE9A1B567E557F7D0178BEF74AB69AB3B6AE4C4410A733F06B55FABC901288E3BF1432CDAE53EB63AE8819A72D5B64D005CA2DD6627E5B537D37A44E97A5AFBA1E8B3E94F530A43C429A8B1AB41D2C4F88E0747C49C4BDE33F9CFB9444E6633334A98A2CF2D5DD4EF8129D75CE6F589E0F0E2B3607B129091FEF4F1CB448C8B057BEA0B5B166E66EAFB0433ACE1ECD5A5D8D6DDB1F739689B23D054E6CB2524DEBF77DBE5D48AB41D0A886F3F7298A96AFD5B7E266B5946D2859E4D6D7618DDBC44DED4D5548FC29EFBDCB9A67BEBC886FC3A569F5398CDEA2D704FAF79E45CD09615358624F0D6BD8A7B46EB86EE3983D5132A724F3668C90327CB6E2F9E09FCA7E3C445763679FBD1B0CB8ABE40C69F6ED73F68A582408CD27C3FE095EA925D50E74C5823FAFA0F51A083F1F38D014D0D4FE3BC3F62C602D0FB24AFCE03693B491219F3A36DEB606A3F2C861A1CB8B45F9465222751AF2E90047AF82036C119B1277CC497D2A38C66D60BA1C9C488AE769619BD8FD9F3C70C4AC84F736716AA8B3FCD68C2803BE5F085E38D3D7349C9C418D5A64E1FCEBAA0551739D70CA2593D4764F28AE111F298BC818BD5A89AC9A4AFF6EB5A55C0A68F81F0AFFD2D69BF1180A06B7B76C8EACF4134CD97F6DF2451C7DC8ED2C58E5FFE7EE8A0BB6BAFB0377F61CC4353C63DEFAFCCFEA80A4083EBA06B02F64F3F6B765091EF0CF8FC2F3FAD0F05341DB48AB3F2A3B9D59A26C7F64B09302B619F08E44E05F18B1A9F74A04711F7C69003A93ACD130D11F942805D2F23767A02BFA29CA3DE707DA9A86C375C557D157C622285D6F8FEEB0E06F7EA8627A510CAF3605051412B46976DB73F52CE5F5EC449B200F5B8079D4EA9254F610B03BD6853989BAA50D271E3072CDB6272DD85E0F04C736B388F84C5A8399EA14446779BBB557A"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\z*\{{05FF8CB8-4942-FCF6-301D-6930181DE865}}]
@DACL=
"DefaultSettings"="2455258:{37C8840C-72FD-B1F6-4FC1-23A6EF5B6255}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\{FD62BA9E-E0D3-33AF-FC15-FDD755DB3CB6}*\Install*Loc\xga-3\dat]
@DACL=
"default"="518022161:{2CDBDDDA-9D26-7991-B2BE-A676FAED050E}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Install VBX*\Current*Version\Install*Loc\xga-1-{BEFC7A90-3014-0BDD-92E2-185C1095C047}\Version 3.x]
@DACL=
"dat"="1767914624:{D1065C59-BC6F-3253-8D3A-A67E5CBBC166}"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smase._dll*]
@DACL=
"AplicationGoo"="25)#13¾a097?álc534Ö"
"ChkAppHelp"="{C12C1054-6313-7DE9-78AC-98CC32D0ADA8}"

[HKEY_LOCAL_MACHINE\software\Microsoft\WinXGA*\Providers*\{D41D8CD9-8F00-B204-E980-0998ECF8427E}\Current*Set\xga-3\ver]
@DACL=
"KnownSvcs"="925610637:{4BAAA063-DECA-4010-C078-0AB72138E48E}"

[HKEY_LOCAL_MACHINE\software\XBMga*\UUIDs\{29F55768-AF0D-73F8-1937-D48A250F84F7}\xga-3\Install*Loc]
@DACL=
"{19620715-0001-1211-574574-30001}"="232780633:{8242D9E5-DF79-B2CD-4346-9FBAF17080B7}"

[HKEY_LOCAL_MACHINE\software\xGenArts\Sapphire AE\DLL ver*\{A6D90D08-68DD-2B46-E2AC-5782669B2696}]
@DACL=
"CTE_32 Name"="3:{19C42D30-D844-8A07-12A4-E783E7D228F7}"

[HKEY_LOCAL_MACHINE\software\xGenArts\Sapphire AE\DLL ver*\{B08ECCAD-FEC0-A273-8DFD-B47BE795EE25}]
@DACL=
"DefaultSettings"="12:{5351C505-4E6C-6ECA-E5BD-7AE84A571B0A}"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1120)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\System32\BCMLogon.dll
c:\progra~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll

- - - - - - - > 'explorer.exe'(2960)
c:\program files\Sunbelt Software\VIPRE\oehook.dll
c:\windows\mshtstat.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\System32\wltrysvc.exe
c:\windows\System32\bcmwltry.exe
c:\windows\system32\netdde.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\astsrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Flip Video\FlipShare\FlipShareService.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\System32\Drivers\WTSRV.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2010-05-26 19:30:12 - machine was rebooted
ComboFix-quarantined-files.txt 2010-05-26 23:30

Pre-Run: 160,440,852,480 bytes free
Post-Run: 160,304,508,928 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer

Current=17 Default=17 Failed=16 LastKnownGood=14 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,16,17
- - End Of File - - 51B23083DE3560BFDDE7032056C38E90

HIJACK THIS:::::

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:46:18 PM, on 5/26/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\astsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246218603515
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F770A6E-F6B0-4E58-A903-37E59BE9BDFE}: NameServer = 205.152.37.23,205.152.150.23
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\astsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 9778 bytes

0

Thanks. Let me go through all this and I will get back with you. As you can imagine, it will take a bit.

Ok, to be sure, do the following:
Instructions from Bleepingcomputer;
1. Download tdsskiller from the following link and save it to your desktop.

tdsskiller Download Link - http://support.kaspersky.com/viruses/solutions?qid=208280684

2. If you are unable to download the file for some reason, then TDSS may be blocking it. You would then need to download it first to a clean computer and then transfer it to the infected one using an external drive or USB flash drive.

3. Once the tdsskiller.zip file in your desktop, we need to extract the files from the zip file. You can do this by right-clicking on the tdsskiller.zip file and then selecting the Extract All.
At the next screen, keep clicking the Next button until you see a screen which says Extraction Complete. Click the Finish Button.
4. A folder will now open containing two files, including the TDSSKiller.exe program. Before you can run TDSSKiller, you first need to rename it so that you can get it to run. To do this, right-click on the TDSSKiller.exe and select Rename. You can now edit the name of the file and should name it a random name with the .com extension. For example, 123.com or 23kjasd123.com.

5. Once the file is renamed, you should double-click on it to launch it. When you run the program, Windows may display a warning asking if you want to Run the file. If you receive this warning, please click on the Run button to allow TDSSKiller to run. If you did not receive this warning, then TDSSKiller should have started and you can proceed to the next step.
TDSSKiller will now scan your computer for known TDSS variants. If one is found it will state that it has been detected.
6. It will then prompt you to type the word delete into the screen. Type delete and then press enter. TDSSKiller will now state that it will need to reboot the computer to finish the cleaning process. When it asks if you are ready to reboot your computer, press the Y key and press enter on your keyboard.

(If it does not detect anything on your computer please post back with that information)

7. TDSSKiller will now reboot your computer. Once your computer has finished rebooting, the TDSS infection should no longer be active.

8. I now suggest that you scan your computer using MalwareBytes' to remove any traces that may still be present. Update Malwarebytes' Anti-Malware, run a Full Scan with it and have it Remove Everything found. Reboot the computer.
Post back here with the results of both scans.

0

That's great. Now update MBA-M and run the full scan again, remove all found, reboot, then post back with the log.

0

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4148

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18241

5/27/2010 3:17:06 PM
mbam-log-2010-05-27 (15-17-06).txt

Scan type: Full scan (C:\|)
Objects scanned: 787605
Time elapsed: 3 hour(s), 59 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

0

Good, now I would like you to go back into msconfig and re-enable all those items that you have disabled in Start ups, reboot the computer and then do another HiJackThis scan and post the log.

0

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:03:16 AM, on 5/28/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\astsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\Drivers\WTSRV.EXE
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKCU\..\Run: [IDMan(1)] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [L09AXLRD_169435562] "C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2009 DVD\EDICT.EXE" -m
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1246218603515
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F770A6E-F6B0-4E58-A903-37E59BE9BDFE}: NameServer = 205.152.37.23,205.152.150.23
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\astsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: WinTab Service (WinTabService) - Tablet Driver - C:\WINDOWS\System32\Drivers\WTSRV.EXE
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 11096 bytes

-1

Uninstall the programs that you don’t need. These programs take up hard drive space, and they can slow down your computer. You should remove unnecessary startup items. Run Disk Cleanup and Disk Defragmenter on a regular basis. Try to upgrade your memory. These factors will help you to speed up your system during virus scan.

0

My PC memory is maxed out and xp doesn't allow you to use its full cap. i also run Auslogics BoostSpeed which if I'm not mistaken preforms most of the task I'm pretty sure that the step that Judy helped me with is/was most of the root cause she's just having me do some post virus work... BTW she is mindbogglingly amazing when it gets down to Viruses, Spyware and other Nasties.... and probably so much more!

As far as my PC goes.. i noticed when i enabled the start up processes all the fonts on my pc changed in from the usual display also every time i right click now it tries to install vipre before the menu pops up??

0

My PC memory is maxed out and xp doesn't allow you to use its full cap. i also run Auslogics BoostSpeed which if I'm not mistaken preforms most of the task I'm pretty sure that the step that Judy helped me with is/was most of the root cause she's just having me do some post virus work... BTW she is mindbogglingly amazing when it gets down to Viruses, Spyware and other Nasties.... and probably so much more!

As far as my PC goes.. i noticed when i enabled the start up processes all the fonts on my pc changed in from the usual display also every time i right click now it tries to install vipre before the menu pops up??

Thanks for your kind comments. Wonder about the Vipre install nag you are receiving. I am not really familiar with Vipre. Is it fully installed all ready? If you don't have it on there, it is showing in the logs. Possibly this infection damaged it so one step to take would be to uninstall it, download a new install file and reinstall it. Or choose a different av program entirely. This would be up to you. If you choose to go with something different I would recommend either Avira or Avast. They are both highly recommended today. I use Avira Free and am quite pleased with it.
I also have to say I am not at my home computer now and will not be until Tuesday evening, so I don't have all my references here.

0

>>>As far as my PC goes.. i noticed when i enabled the start up processes all the fonts on my pc changed in from the usual display also every time i right click now it tries to install vipre before the menu pops up??
Ok, sorry but was away from home for several days. When you say it tries to install vipre...what exactly do you mean? Vipre seems to all ready be installed, it shows as a starting service and most definitely was running when you did the HJT scan.
As far as the fonts changing when you enabled the start ups again, exactly what do you mean by the fonts changed? Colors, default font, theme? I see nothing in those start ups which would cause this to happen.
To turn off auto starts I recommend that you use Mike Lin's Startup Control Panel rather than msconfig. msconfig is really meant to be a troubleshooter rather than a permanent solution. Just download and install the program. Once installed it is located in the Control Panel with a little computer icon labeled Startup. Open the program and go through the various Tabs there. Remove the check marks from the programs you don't need to auto start. Ok your way out, reboot the computer then those unneeded auto starts will no longer be running all the time.
One thing you need to do is stop that SpyBot TeaTimer for good. It can interfere with fixes that are done. To do this do the following:
* Run Spybot-S&D in Advanced Mode
* If it is not already set to do this, go to the Mode menu
select
Advanced Mode
* On the left hand side, click on Tools
* Then click on the Resident icon in the list
* Uncheck
Resident TeaTimer
and OK any prompts.
* Restart your computer

Now here are the programs which do not need to auto start:
Malwarebytes' Anti-Malware
Acrobat Assistant 8.0
QuickTime Task
IDMan (for some reason there are two instances of this showing. This can be started when needed)
AdobeUpdater
L09AXLRD_169435562-Microsoft Student with Encarta Premium
RocketDock-this one is user's choice. If you feel you need it then you can allow it to auto start but it isn't required

>>>My PC memory is maxed out and xp doesn't allow you to use its full cap
Not really sure what you mean by this. Your memory should never be maxed out if things are configured correctly. How much memory do you have? Assume you mean RAM.

-1

If you want to free up space all you need is C Cleaner it works great and as for the virus all you really need is Spybot Search and Destroy it rarely ever fails

Votes + Comments
SpyBot is NOT an anti-virus program.
0

If you want to free up space all you need is C Cleaner it works great and as for the virus all you really need is Spybot Search and Destroy it rarely ever fails

SpyBot is NOT all a person needs. If that is all you are using then prepare for major infections. It is NOT an anti-virus program. CCleaner cleans temp files not unneeded programs. You need to research before you post.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.