Virus Stuck on Computer?

2 posters

WiredWX Christian Hobby Weather Tools :: GeekPolice tech support archive :: Technical Support

Virus Stuck on Computer?13th September 2009, 4:05 am

Whenever I try to go to certain sites, like Facebook or Youtube, a black screen(on firefox) pops up with a white lined red box saying that that site is restricted based on my security preferences. However, I can't open my Trend Micro Security program unless I'm in safe mode, and only then, it goes directly to scan and just finds a single thing called troj.generic (or something along the likes of) and it's been there for a year, not causing any problems.

I have Malware-Bytes installed, but whenever I try to run it, it loads for a moment, will go to a scan when start one, and then closes about 5 seconds into it. When I'm not on Safe mode, I can't use the Task Manager because it says the administator disabled it.

I never use the administator account, and I'm only able to access it when I go onto my computer in safe mode. The Task Manager works fine when I log onto that account, but not my normal one. I'm logged onto the Administrator right now, because I can use the Task Manager, but a Hijack this scan won't run, even though it will on my normal account that's not on safe mode.

It's very confusing, please help!

-I'm going to log onto my other account and try to run a HijackThis scan when I get back.

Re: Virus Stuck on Computer?13th September 2009, 10:26 am

Hi

I see you are still having issues as noted here: http://www.geekpolice.net/virus-spyware-malware-removal-f11/many-problems-with-my-computer-including-protection-system-t12005-30.htm#85800

==

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

Double-click SystemLook.exe to run it.
Copy the content of the following codebox into the main textfield:
Code:
:filefind scecli.dll netlogon.dll eventlog.dll
Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

==

Please download ComboFix from Here or Here to your Desktop.

**Note:
In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**

If you are using Firefox, make sure that your download settings are as follows:
- Tools->Options->Main tab
- Set to "Always ask me where to Save the files".

During the download, rename Combofix to Combo-Fix as follows:

Virus Stuck on Computer? CF_download_FF

Virus Stuck on Computer? CF_download_rename

It is important you rename Combofix during the download, but not after.

Please do not rename Combofix to other names, but only to the one indicated.

Close any open browsers.

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

-----------------------------------------------------------

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
-----------------------------------------------------------

Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

-----------------------------------------------------------

Double click on combo-Fix.exe & follow the prompts.

When finished, it will produce a report for you.

Please post the "C:\Combo-Fix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

If you still cannot get this to run, try booting into Safe Mode, and run it there.

To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode."

If this doesn't work either, try the same method (above method), but name
Combofix.exe to iexplore.exe instead, or winlogon.exe.
This is because it also happens in some cases that malware blocks EVERY process except for what is in its own whitelist, so this whitelist also includes system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

==

In your next reply, please make sure the following is attached:
-ComboFix log
-SystemLook log

Re: Virus Stuck on Computer?15th September 2009, 1:12 am

ComboFix 09-09-14.02 - Owner 09/14/2009 19:47.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1022.631 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\Combo-Fix.exe
AV: Trend Micro Internet Security *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: Trend Micro Personal Firewall *disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\izonip.bat
c:\documents and settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.lnk
c:\documents and settings\Owner\Local Settings\Application Data\edugi.reg
c:\documents and settings\Owner\Local Settings\Application Data\hubo.inf
c:\documents and settings\Owner\Start Menu\Advanced Virus Remover.lnk
c:\program files\AdvancedVirusRemover
c:\program files\AdvancedVirusRemover\PAVRM.exe
c:\program files\sFX
c:\program files\Windows Police Pro
c:\program files\Windows Police Pro\msvcm80.dll
c:\program files\Windows Police Pro\msvcp80.dll
c:\program files\Windows Police Pro\msvcr80.dll
c:\program files\Windows Police Pro\windows Police Pro.exe
C:\sitkrb.exe
C:\uskwdhpq.exe
c:\windows\010112010146118114.dat
c:\windows\0101120101464849.dat
c:\windows\934fdfg34fgjf23
c:\windows\Fonts\mlog
c:\windows\igykemiha.bat
c:\windows\Install.txt
c:\windows\Installer\6299b30.msi
c:\windows\jestertb.dll
c:\windows\kyqabu.inf
c:\windows\okugyl.dll
c:\windows\ppp3.dat
c:\windows\ppp4.dat
c:\windows\run.log
c:\windows\system32\_004376_.tmp.dll
c:\windows\system32\_004377_.tmp.dll
c:\windows\system32\_004378_.tmp.dll
c:\windows\system32\_004379_.tmp.dll
c:\windows\system32\_004386_.tmp.dll
c:\windows\system32\_004387_.tmp.dll
c:\windows\system32\_004388_.tmp.dll
c:\windows\system32\_004389_.tmp.dll
c:\windows\system32\_004391_.tmp.dll
c:\windows\system32\_004392_.tmp.dll
c:\windows\system32\_004395_.tmp.dll
c:\windows\system32\_004396_.tmp.dll
c:\windows\system32\_004398_.tmp.dll
c:\windows\system32\_004399_.tmp.dll
c:\windows\system32\_004400_.tmp.dll
c:\windows\system32\_004402_.tmp.dll
c:\windows\system32\_004403_.tmp.dll
c:\windows\system32\_004405_.tmp.dll
c:\windows\system32\_004406_.tmp.dll
c:\windows\system32\_004410_.tmp.dll
c:\windows\system32\_004411_.tmp.dll
c:\windows\system32\_004413_.tmp.dll
c:\windows\system32\_004416_.tmp.dll
c:\windows\system32\_004418_.tmp.dll
c:\windows\system32\_004419_.tmp.dll
c:\windows\system32\_004420_.tmp.dll
c:\windows\system32\_004421_.tmp.dll
c:\windows\system32\_004422_.tmp.dll
c:\windows\system32\_004425_.tmp.dll
c:\windows\system32\_004426_.tmp.dll
c:\windows\system32\_004427_.tmp.dll
c:\windows\system32\_004428_.tmp.dll
c:\windows\system32\_004429_.tmp.dll
c:\windows\system32\_004434_.tmp.dll
c:\windows\system32\_004436_.tmp.dll
c:\windows\system32\_004437_.tmp.dll
c:\windows\system32\_004618_.tmp.dll
c:\windows\system32\_004619_.tmp.dll
c:\windows\system32\_004620_.tmp.dll
c:\windows\system32\_004621_.tmp.dll
c:\windows\system32\_004628_.tmp.dll
c:\windows\system32\_004629_.tmp.dll
c:\windows\system32\_004630_.tmp.dll
c:\windows\system32\_004631_.tmp.dll
c:\windows\system32\_004633_.tmp.dll
c:\windows\system32\_004634_.tmp.dll
c:\windows\system32\_004637_.tmp.dll
c:\windows\system32\_004638_.tmp.dll
c:\windows\system32\_004640_.tmp.dll
c:\windows\system32\_004641_.tmp.dll
c:\windows\system32\_004642_.tmp.dll
c:\windows\system32\_004644_.tmp.dll
c:\windows\system32\_004645_.tmp.dll
c:\windows\system32\_004647_.tmp.dll
c:\windows\system32\_004648_.tmp.dll
c:\windows\system32\_004652_.tmp.dll
c:\windows\system32\_004653_.tmp.dll
c:\windows\system32\_004655_.tmp.dll
c:\windows\system32\_004658_.tmp.dll
c:\windows\system32\_004660_.tmp.dll
c:\windows\system32\_004661_.tmp.dll
c:\windows\system32\_004662_.tmp.dll
c:\windows\system32\_004663_.tmp.dll
c:\windows\system32\_004664_.tmp.dll
c:\windows\system32\_004667_.tmp.dll
c:\windows\system32\_004668_.tmp.dll
c:\windows\system32\_004669_.tmp.dll
c:\windows\system32\_004670_.tmp.dll
c:\windows\system32\_004671_.tmp.dll
c:\windows\system32\_004676_.tmp.dll
c:\windows\system32\_004678_.tmp.dll
c:\windows\system32\_004679_.tmp.dll
c:\windows\system32\18467.exe
c:\windows\system32\41.exe
c:\windows\system32\advapi32new.dll
c:\windows\system32\apphelpnew.dll
c:\windows\system32\AVR09.exe
c:\windows\system32\config\systemprofile\Desktop\Advanced Virus Remover.lnk
c:\windows\system32\crypt32new.dll
c:\windows\system32\d3d10core.dll
c:\windows\system32\Data
c:\windows\system32\ddDEsot.dll
c:\windows\system32\drivers\hjgruifbtowdlt.sys
c:\windows\system32\drivers\UACgqqlfgkbdi.sys
c:\windows\system32\dwmapi.dll
c:\windows\system32\dxgi.dll
c:\windows\system32\flashd32.dll
c:\windows\system32\hjgruiauxtkbsm.dll
c:\windows\system32\hjgruijxtqxxor.dll
c:\windows\system32\hjgruikiinigqw.dll
c:\windows\system32\hjgruimnbfvlne.dll
c:\windows\system32\hjgruinfpxmayg.dat
c:\windows\system32\hjgruinvbadsjj.dll
c:\windows\system32\hjgruiqdcblnlw.dat
c:\windows\system32\hjgruiriyusibc.dat
c:\windows\system32\hjgruiubuweciu.dat
c:\windows\system32\Install.txt
c:\windows\system32\kernel32new.dll
c:\windows\system32\msvcrtnew.dll
c:\windows\system32\ntdsapinew.dll
c:\windows\system32\onhelp.htm
c:\windows\system32\powrprofnew.dll
c:\windows\system32\secur32new.dll
c:\windows\system32\sonhelp.htm
c:\windows\system32\sysnet.dat
c:\windows\system32\tapi.nfo
c:\windows\system32\UACptojqfjspx.dll
c:\windows\system32\UACxoopvgvrdwgucwign.dat
c:\windows\system32\UACywqrpentvxoeaejnk.db
c:\windows\system32\user32new.dll
c:\windows\system32\winhelper.dll
c:\windows\system32\winstanew.dll
c:\windows\system32\winupdate.exe

c:\windows\system32\proquota.exe . . . is missing!!

Infected copy of c:\windows\system32\eventlog.dll was found and disinfected
Restored copy from - c:\windows\system32\dllcache\eventlog.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_hjgruimnwubowl
-------\Legacy_hjgruimnwubowl
-------\Service_UACd.sys
-------\Legacy_UACd.sys
-------\Legacy_6TO4
-------\Legacy_ANTIPPRO2009_100
-------\Legacy_MSNCACHE
-------\Legacy_PCMSTUB
-------\Legacy_SFXDRV
-------\Legacy_SOPIDKC
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Service_6to4
-------\Service_AntipPro2009_100
-------\Service_pcmstub
-------\Service_sFxdrv

((((((((((((((((((((((((( Files Created from 2009-08-15 to 2009-09-15 )))))))))))))))))))))))))))))))
.

2009-09-13 03:15 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-13 03:14 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-13 03:14 . 2009-09-13 03:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-12 02:37 . 2009-09-12 02:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\AdobeUM
2009-09-12 02:37 . 2009-09-12 02:37 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
2009-09-11 21:32 . 2009-09-11 21:40 -------- d-----w- c:\program files\RegScrubVistaXP
2009-09-11 21:03 . 2009-09-11 21:03 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-09-09 13:41 . 2009-09-09 13:41 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Mozilla
2009-09-09 13:07 . 2009-09-09 13:07 2198 ----a-w- C:\eoA7Q.bat
2009-09-09 13:06 . 2009-09-09 13:06 2198 ----a-w- C:\gUzxUvF.bat
2009-09-09 13:06 . 2009-09-09 13:06 2048 ----a-w- C:\khwx.exe
2009-09-09 13:06 . 2009-09-09 13:06 28160 ----a-w- C:\snpprnco.exe
2009-09-09 13:06 . 2009-09-09 13:06 88064 ----a-w- C:\oqnxehuw.exe
2009-09-08 23:29 . 2009-09-08 23:29 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2009-09-06 01:38 . 2009-09-06 01:39 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Temp
2009-08-24 23:26 . 2009-08-24 23:26 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\PCHealth
2009-08-22 08:01 . 2009-08-22 08:01 -------- d-----w- C:\a38061ec44a40dac19122860
2009-08-21 08:04 . 2009-08-21 08:04 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-21 08:03 . 2009-08-21 08:03 -------- d-----w- c:\program files\MSBuild
2009-08-21 08:03 . 2009-08-21 08:03 -------- d-----w- c:\program files\Reference Assemblies
2009-08-21 08:03 . 2009-08-21 08:03 -------- d-----w- C:\060865e421b441991762161bff15b5
2009-08-21 08:03 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-21 08:03 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-21 08:03 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-21 08:03 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-21 08:03 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-21 08:03 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-21 08:03 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-21 08:00 . 2009-08-21 08:00 -------- d-----w- C:\4c2d92f28c3fd666dfc15b0fa2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-11 21:09 . 2008-09-05 21:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-10 00:05 . 2009-01-08 21:33 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-09-09 23:59 . 2009-01-08 21:33 -------- d-----w- c:\program files\NOS
2009-09-08 23:15 . 2009-07-20 01:05 10752 ----a-w- c:\windows\DCEBoot.exe
2009-09-07 00:01 . 2009-01-24 19:47 -------- d-----w- c:\documents and settings\Owner\Application Data\gtk-2.0
2009-08-30 01:00 . 2008-07-21 05:46 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-27 00:18 . 2009-06-19 22:18 -------- d-----w- c:\documents and settings\Owner\Application Data\SystemRequirementsLab
2009-08-26 18:40 . 2008-07-21 18:32 -------- d-----w- c:\documents and settings\Owner\Application Data\AdobeUM
2009-08-24 23:48 . 2008-07-18 19:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-08-22 14:03 . 2008-07-18 21:14 108304 -c--a-w- c:\documents and settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-15 00:59 . 2009-08-15 00:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo
2009-08-15 00:59 . 2009-08-15 00:59 -------- d-----w- c:\documents and settings\Owner\Application Data\Yahoo
2009-08-15 00:58 . 2009-03-26 01:31 -------- d-----w- c:\program files\Yahoo! Games
2009-08-14 21:19 . 2009-07-20 00:27 -------- d-----w- c:\program files\Trend Micro
2009-08-05 09:11 . 2004-08-04 10:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-24 15:58 . 2009-07-24 15:58 -------- d-----w- c:\documents and settings\Owner\Application Data\Canon
2009-07-24 04:02 . 2008-08-09 17:48 -------- d-----w- c:\documents and settings\Owner\Application Data\U3
2009-07-24 03:43 . 2009-07-24 03:43 -------- d-----w- c:\program files\Malwarebytes'Anti-Malware
2009-07-20 00:31 . 2008-07-20 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro
2009-07-20 00:15 . 2008-08-30 01:45 -------- d-----w- c:\program files\Veoh Networks
2009-07-20 00:13 . 2008-07-19 03:33 -------- d-----w- c:\program files\Real
2009-07-20 00:12 . 2009-04-16 18:18 -------- d-----w- c:\program files\RealArcade
2009-07-20 00:11 . 2009-07-20 00:11 -------- d-----w- c:\documents and settings\Owner\Application Data\MSNInstaller
2009-07-20 00:09 . 2009-02-17 03:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-17 18:55 . 2004-08-04 10:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 14:28 . 2009-07-13 14:28 18456 ----a-w- c:\windows\system32\owyca.pif
2009-07-13 14:28 . 2009-07-13 14:28 18190 ----a-w- c:\program files\Common Files\rupoj._dl
2009-07-13 14:28 . 2009-07-13 14:28 17217 ----a-w- c:\documents and settings\Owner\Local Settings\Application Data\isyjybo.bin
2009-07-13 14:28 . 2009-07-13 14:28 16880 ----a-w- c:\program files\Common Files\ovijikoroq.com
2009-07-13 14:28 . 2009-07-13 14:28 16086 ----a-w- c:\windows\wazoguju.pif
2009-07-13 14:28 . 2009-07-13 14:28 16021 ----a-w- c:\documents and settings\All Users\Application Data\ykony.exe
2009-07-13 14:28 . 2009-07-13 14:28 15789 ----a-w- c:\documents and settings\All Users\Application Data\pytynap.sys
2009-07-13 14:28 . 2009-07-13 14:28 13882 ----a-w- c:\program files\Common Files\botukameh.scr
2009-07-13 14:28 . 2009-07-13 14:28 13511 ----a-w- c:\windows\system32\zawibys.exe
2009-07-13 14:28 . 2009-07-13 14:28 12883 ----a-w- c:\windows\piny.sys
2009-07-13 14:28 . 2009-07-13 14:28 12423 ----a-w- c:\windows\jimav.sys
2009-07-13 14:28 . 2009-07-13 14:28 12209 ----a-w- c:\program files\Common Files\ehativu.ban
2009-07-13 07:18 . 2004-08-04 10:00 233472 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-29 16:12 . 2006-03-04 03:33 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 16:12 . 2004-08-04 10:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 16:12 . 2004-08-04 10:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-04-19 19:01 . 2009-04-19 19:00 199 -c--a-w- c:\program files\tutorialState.dat
2008-03-09 13:25 . 2009-02-22 01:49 236 -c-ha-w- c:\program files\Common Files\dx.reg
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2008-02-29 4670704]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2009-02-22 492808]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-10-12 57344]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"basicsmssmenu"="c:\documents and settings\Owner\My Documents\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-07-10 289064]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2008-07-19 26112]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-02-10 344064]
"CTSysVol"="c:\program files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-04 61440]
"UfSeAgnt.exe"="c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe" [2009-04-01 995528]
"P17Helper"="P17.dll" - c:\windows\system32\P17.dll [2004-06-10 60928]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"OE"="c:\program files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe" [2009-02-22 492808]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [7/19/2009 7:29 PM 50192]
R2 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security\TmPfw.exe [7/19/2009 7:29 PM 497008]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2/22/2009 5:56 AM 36368]
R2 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [7/19/2009 7:29 PM 677128]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [7/18/2008 2:05 PM 24652]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2/22/2009 5:56 AM 335376]
S3 getPlusHelper;getPlus(R) Helper;c:\windows\System32\svchost.exe -k getPlusHelper [8/4/2004 5:00 AM 14336]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11/6/2007 3:22 PM 34064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2009-09-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-12 00:57]
.
.
------- Supplementary Scan -------
.
uLocal Page =
uStart Page = hxxp://www.google.com
mLocal Page =
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: &AOL Toolbar search - c:\program files\AOL Toolbar\toolbar.dll/SEARCH.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://download.playfirst.com/play/game/doggiedash/DoggieDash.1.0.0.9.cab
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\b0685nnp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - furry-paws.com
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101664&gct=&gc=1&q=
FF - plugin: c:\documents and settings\All Users\Application Data\RealArcade\npraclient.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppopcaploader.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npraclient.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Aim6 - (no file)
HKLM-Run-UIUCU - (no file)
HKU-Default-Run-Advanced Virus Remover - c:\program files\AdvancedVirusRemover\PAVRM.exe
ShellExecuteHooks-{38101905-D80F-4788-96F6-986A8186178A} - c:\windows\system32\flashd32.dll
AddRemove-SystemRequirementsLab - c:\program files\SystemRequirementsLab\Uninstall.exe
AddRemove-Win Police Pro - c:\program files\Windows Police Pro\AntiSpyware_Uninstall.exe
AddRemove-{6FE24A8F-3777-B94A-FE11-A559C5EDE14F} - c:\windows\system32\bwryuiiqjs.dll-uninst.exe
AddRemove-{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} - c:\program files\NOS\bin\getPlus_HelperSvc.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-14 19:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.nbcuni.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.nbcuni.com\AdPolicyInfo.sol 111 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.neopets.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.neopets.com\UserPrefs.sol 46 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.redorbit.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.redorbit.com\VideoPlayer
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.redorbit.com\VideoPlayer\redorbitVideoPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.redorbit.com\VideoPlayer\redorbitVideoPlayer.swf\Lightningcast.sol 56 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\videos.video-loader.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\videos.video-loader.com\preroll
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\videos.video-loader.com\preroll\TV2NPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\videos.video-loader.com\preroll\TV2NPlayer.swf\tv2nIntegrationPlayer.sol 101 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\vidshadow.vo.llnwd.net
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\vidshadow.vo.llnwd.net\vidshadow.sol 118 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\vizu.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\vizu.com\acUserData.sol 5718 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\void.snocap.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\void.snocap.com\s
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\void.snocap.com\s\store.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\void.snocap.com\s\store.swf\SharedObjectLock.sol 54 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\void.snocap.com\s\storefront.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\void.snocap.com\s\storefront.swf\SnocapDownloadManager.sol 52 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\vox-static.liverail.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\wat.tv
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\wat.tv\images
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\wat.tv\images\v2.5
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\wat.tv\images\v2.5\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\wat.tv\images\v2.5\flash\player.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\wat.tv\images\v2.5\flash\player.swf\watPlayer.sol 60 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#Sharecatchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\webmessenger.yahoo.com\eden_cookie.sol 1311 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.yourfilehost.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.yourfilehost.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.yourfilehost.com\flash\flvplayer7.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.yourfilehost.com\flash\flvplayer7.swf\UserVolume.sol 55 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.youtube.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.youtube.com\soundData.sol 58 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.youtube.com\videostats.sol 199 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\static.twitter.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\static.twitter.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\static.twitter.com\flash\widgets
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\static.twitter.com\flash\widgets\profile
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\static.twitter.com\flash\widgets\profile\TwitterWidget.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\stuff.pyzam.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\stuff.pyzam.com\com.quantserve.sol 74 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\googleplayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\googleplayer.swf\mediaPlayerUserSettings.sol 94 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\s
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\s\4lS77yaJ_k8
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\s\4lS77yaJ_k8\googleplayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\s\4lS77yaJ_k8\googleplayer.swf\mediaPlayerUserSettings.sol 94 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\s\ztlPrL9D4z8
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\s\ztlPrL9D4z8\googleplayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\s\ztlPrL9D4z8\googleplayer.swf\mediaPlayerUserSettings.sol 94 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\video.google.com\videostats.sol 199 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\wp.vizu.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\wp.vizu.com\vizuUserData.sol 644 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.funnyhub.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.funnyhub.com\com.jeroenwijering.players.sol 66 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.podtech.net
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.podtech.net\podtech-player.sol 263 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.yikers.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.yikers.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.yikers.com\flash\FLVPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.yikers.com\flash\FLVPlayer.swf\UserVolume.sol 55 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.guba.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.guba.com\f
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.guba.com\f\root.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.guba.com\f\root.swf\guba_video.sol 73 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.happymeal.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.he.playlist.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.he.playlist.com\com.jeroenwijering.players.sol 66 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.he.playlist.com\mc
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.he.playlist.com\mc\mp3player_new.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.he.playlist.com\mc\mp3player_new.swf\ppl5.sol 49 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.he.playlist.com\players
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.he.playlist.com\players\642aa
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.he.playlist.com\players\642aa\mp3player.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.he.playlist.com\players\642aa\mp3player.swf\ppl5.sol 49 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7595.29
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7595.29\HeavyVideoPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7595.29\HeavyVideoPlayer.swf\json_data.sol 48 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7809
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7809\HeavyVideoPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7809\HeavyVideoPlayer.swf\json_data.sol 48 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7859
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7859\HeavyVideoPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7859\HeavyVideoPlayer.swf\json_data.sol 48 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7859\hp_video_player.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\7859\hp_video_player.swf\marquee_player_volume.sol 51 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\8042.34
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\8042.34\HeavyVideoPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\8042.34\HeavyVideoPlayer.swf\json_data.sol 48 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\8042.36
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\8042.36\HeavyVideoPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\8042.36\HeavyVideoPlayer.swf\json_data.sol 48 bytes

Re: Virus Stuck on Computer?15th September 2009, 1:13 am

c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\8042.41
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\8042.41\HeavyVideoPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.heavy.com\flash\8042.41\HeavyVideoPlayer.swf\json_data.sol 48 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.howcast.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.howcast.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.howcast.com\flash\embedded_player.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.howcast.com\flash\embedded_player.swf\HowcastVideoPlayer.sol 78 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.hulu.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.hulu.com\BeaconService.sol 88 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.hulu.com\playerembed.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.hulu.com\playerembed.swf\Lightningcast.sol 55 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.hulu.com\playerembed.swf\NewSitePlayer.sol 62 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.kontraband.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.kontraband.com\com.jeroenwijering.players.sol 66 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.lala.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.lala.com\external
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.lala.com\external\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.lala.com\external\flash\SingleSongWidget.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.livevideo.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.livevideo.com\flvplayer
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.livevideo.com\flvplayer\flvplayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.livevideo.com\flvplayer\flvplayer.swf\UserVolume.sol 55 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.manga.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.manga.com\s_br.sol 35 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\games
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\games\skateboard-jam
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\games\skateboard-jam\en
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\games\skateboard-jam\en\skateboard_jam.dcr
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\games\skateboard-jam\en\skateboard_jam.dcr\skate_jam.sol 229 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\MiniclipComponents.sol 154 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\players
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\players\swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\players\swf\components
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.miniclip.com\players\swf\components\loginbox.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.movietome.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.movietome.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.movietome.com\flash\media_player
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.movietome.com\flash\media_player\proteus_metacritic.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\cookie.sol 98 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\apps
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\apps\player
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\apps\player\flex
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\apps\player\flex\Loader.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\apps\player\flex\Loader.swf\loaderLogging.sol 54 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\flash\module
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\flash\module\mtv
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\flash\module\mtv\playerlib
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\flash\module\mtv\playerlib\0.2.3.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\flash\module\mtv\playerlib\0.2.3.swf\mediaplayer.sol 63 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\flash\module\mtv\playerlib\0.2.3.swf\Popup.sol 150 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\flash\module\mtv\playerlib\0.2.3.swf\PSCPlaylist.sol 53 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\global\flash\module\mtv\playerlib\0.2.3.swf\syndicated.sol 73 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\gui
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\gui\com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\gui\com\mtvnservices
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\gui\com\mtvnservices\media
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\gui\com\mtvnservices\media\player
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\gui\com\mtvnservices\media\player\gui
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\gui\com\mtvnservices\media\player\gui\FFMod.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\gui\com\mtvnservices\media\player\gui\FFMod.swf\ffGUILogging.sol 52 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\player
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\player\release
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\player\release\DownShiftHistory.sol 59 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\player\release\MetadataHistory.sol 1450 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\player\release\playerCounter.sol 260 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.mtv.com\[[IMPORT]]\media.mtvnservices.com\player\release\userPrefs.sol 233 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.myfoxphoenix.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.myfoxphoenix.com\video
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.myfoxphoenix.com\video\videoplayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.myfoxphoenix.com\video\videoplayer.swf\savedBitRate.sol 61 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\cookie.sol 98 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\s_br.sol 35 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\global
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\global\apps
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\flex
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\flex\Loader.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\global\apps\player\flex\Loader.swf\loaderLogging.sol 54 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\player
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\player\gui
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\player\gui\ffGUILogging.sol 52 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\player\release
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\player\release\DownShiftHistory.sol 59 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\player\release\MetadataHistory.sol 4850 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\player\release\playerCounter.sol 260 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.nick.com\[[IMPORT]]\media.mtvnservices.com\player\release\userPrefs.sol 434 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.oddcast.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.oddcast.com\affiliates
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.oddcast.com\affiliates\affiliateSharedObject.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.oddcast.com\affiliates\affiliateSharedObject.swf\affData.sol 184 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.oneminuteu.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.oneminuteu.com\OMUContentVideoPlayer2.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.oneminuteu.com\OMUContentVideoPlayer2.swf\JLKFWEF_now_playing_player_volume.sol 72 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.optimusid.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.optimusid.com\optmid.sol 75 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.orato.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.orato.com\themes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.orato.com\themes\orato
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.orato.com\themes\orato\swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.orato.com\themes\orato\swf\series.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.orato.com\themes\orato\swf\series.swf\TestMovie_Config_Info.sol 341 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.ourstage.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.ourstage.com\SimplePlayer.sol 47 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.paypal.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.paypal.com\paypalLSO.sol 111 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.paypal.com\ppLsoTest.sol 48 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.paypalobjects.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.paypalobjects.com\ppLsoTest.sol 48 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.picnik.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.picnik.com\ClientState.sol 7231 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\stupidvideos.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\stupidvideos.com\StreamMinerInfo.sol 57 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\suitesmart.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\suitesmart.com\_f5e.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\suitesmart.com\_f5e.swf\5thElement.sol 417 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swf.neopets.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swf.neopets.com\flash_enabled_check.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swf.neopets.com\flash_enabled_check.swf\flashenabledcheck.sol 73 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swfs.ilike.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swfs.ilike.com\actions.sol 145 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swfs.ilike.com\audioPlayer.sol 68 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swfs.ilike.com\cm_audioPlayer.sol 86 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swfs.ilike.com\cm_mediaPlayer.sol 86 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swfs.ilike.com\swfs
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\swfs.ilike.com\swfs\audio.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tdi.cachefly.net
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tdi.cachefly.net\s_br.sol 41 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\technorati.whsites.net
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\technorati.whsites.net\analytics.sol 499 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\timerime.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\timerime.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\timerime.com\flash\timerimeSWF.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\timerime.com\flash\timerimeSWF.swf\timerime.sol 77 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tinypic.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tinypic.com\com.quantserve.sol 74 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tmz.vo.llnwd.net
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tmz.vo.llnwd.net\o28
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tmz.vo.llnwd.net\o28\player
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tmz.vo.llnwd.net\o28\player\rightrail
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tmz.vo.llnwd.net\o28\player\rightrail\rightrail.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tmz.vo.llnwd.net\o28\player\rightrail\rightrail.swf\PlayerUserData.sol 126 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\toysrus.shoplocal.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\toysrus.shoplocal.com\toysrus
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\toysrus.shoplocal.com\toysrus\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\toysrus.shoplocal.com\toysrus\flash\toysrus
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\toysrus.shoplocal.com\toysrus\flash\toysrus\Toysrus.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\toysrus.shoplocal.com\toysrus\flash\toysrus\Toysrus.swf\scflex.09073117402007619717803418319S.543.sol 170 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tpc.googlesyndication.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\trc.taboolasyndication.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\trc.taboolasyndication.com\taboolaTickerSession.sol 99 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\trc.taboolasyndication.com\taboolaTickerSession_fivemin.sol 107 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tubemogul.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tubemogul.com\InPlayCounts.sol 70 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\tubemogul.com\StreamMinerInfo.sol 59 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\twitter.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\twitter.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\twitter.com\flash\twitter_badge.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\twitter.com\flash\twitter_badge.swf\OdeoPodcastPlayerColors.sol 65 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\udn.specificclick.net
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\udn.specificclick.net\fug.sol 33 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\udn.specificclick.net\fui.sol 47 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\udn.specificclick.net\uf.sol 72 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\udn.specificclick.net\ufo.sol 73 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\update.videoegg.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\update.videoegg.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\update.videoegg.com\flash\player
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\update.videoegg.com\flash\player\player.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\update.videoegg.com\flash\player\player.swf\VE_Cookie.sol 65 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\uploads.ungrounded.net
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\uploads.ungrounded.net\457000
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\uploads.ungrounded.net\457000\457466_Mercenaries2.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\uploads.ungrounded.net\457000\457466_Mercenaries2.swf\MERCS2SAVE_F16.sol 512 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.addictinggames.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.addictinggames.com\D78AQSAKQLQWI9
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.addictinggames.com\D78AQSAKQLQWI9\1659.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.addictinggames.com\D78AQSAKQLQWI9\1659.swf\daBud.sol 1841 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.addictinggames.com\D78AQSAKQLQWI9\4555.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.addictinggames.com\D78AQSAKQLQWI9\4555.swf\FPAWorld2.sol 255 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.addictinggames.com\D78AQSAKQLQWI9\5672.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.addictinggames.com\D78AQSAKQLQWI9\5672.swf\tattooGame.sol 728 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.adultswim.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.adultswim.com\VideoBrowser.sol 49 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.agentpanelgold2.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.agentpanelgold2.com\ClientSharedObject.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.agentpanelgold2.com\ClientSharedObject.swf\LastAgent.sol 48 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.americanidol.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.americanidol.com\swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.americanidol.com\swf\videoPlayer
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.americanidol.com\swf\videoPlayer\AmericanIdolPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.aolcdn.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.aolcdn.com\ch_news
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.aolcdn.com\ch_news\hotseatwidget.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.bigticketdepot.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blackeyedpeas.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blackeyedpeas.com\media
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blackeyedpeas.com\media\FergieAudioPlayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blackeyedpeas.com\media\FergieAudioPlayer.swf\TestMovie_Config_Info.sol 341 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com\f2
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com\f2\libraries
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com\f2\libraries\LightningCastComponent.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com\f2\libraries\LightningCastComponent.swf\Lightningcast.sol 56 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com\f2\player.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com\f2\player.swf\blinkxPlayer.sol 228 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com\f2\player.swf\blinkxPlayerSkin1.sol 233 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com\f2\player.swf\blinkxSombreroPlayer.sol 170 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blinkx.com\f2\player.swf\blue.sol 111 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blogger.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blogger.com\img
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blogger.com\img\videoplayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.blogger.com\img\videoplayer.swf\mediaPlayerUserSettings.sol 94 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.borders.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.borders.com\wcsstore
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.borders.com\wcsstore\allurent
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.borders.com\wcsstore\allurent\display
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.borders.com\wcsstore\allurent\display\AppDisplay.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.borders.com\wcsstore\allurent\display\AppDisplay.swf\MagicShelf.Bookcase.sol 72 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.borders.com\wcsstore\allurent\display\AppDisplay.swf\MagicShelf.SessionId.sol 92 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.borders.com\wcsstore\allurent\display\AppDisplay.swf\MagicShelf.Shelf.New_Fiction.sol 91 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.candystand.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.candystand.com\games
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.candystand.com\games\kickflip
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.candystand.com\games\kickflip\kickflip_en.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.candystand.com\games\kickflip\kickflip_en.swf\StimunationMiniFlip.sol 1162 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartfly.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartfly.com\analytics.sol 510 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\CN_users.sol 65 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\eds
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\eds\culdesacsmash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\eds\culdesacsmash\CDS_Smash.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\eds\culdesacsmash\CDS_Smash.swf\cds_smash_profile.sol 2881 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\eds\wheelsoffury
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\eds\wheelsoffury\CDS_Smash.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\eds\wheelsoffury\CDS_Smash.swf\cds_smash2_profile_6.sol 863 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\naruto
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\naruto\battleforleafvillage
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\naruto\battleforleafvillage\naruto3.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\games\naruto\battleforleafvillage\naruto3.swf\haska-naruto3.sol 168 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\s_br.sol 41 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.cartoonnetwork.com\VideoBrowser.sol 54 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.catslikefelix.co.uk
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.catslikefelix.co.uk\felixPersistantData.sol 93 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.colgatewisp.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.colgatewisp.com\clearspring.sol 696 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.colgatewisp.com\wisp_vote.sol 95 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.comegetyousome.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.crackle.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.crackle.com\crackleSettings.sol 69 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.crackle.com\s_br.sol 35 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.crackle.com\tracking.sol 53 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.crazymonkeygames.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.crazymonkeygames.com\jkf6Tr
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.crazymonkeygames.com\jkf6Tr\eternalred.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.crazymonkeygames.com\jkf6Tr\eternalred.swf\gameSave.sol 416 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.dailymotion.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.dailymotion.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.dailymotion.com\flash\dmplayer
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.dailymotion.com\flash\dmplayer\dmplayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.dailymotion.com\flash\dmplayer\dmplayer.swf\dmplayer.sol 89 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.direct2drive.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.direct2drive.com\FMPCookie.sol 51 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.direct2drive.com\s_br.sol 41 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.discoverykidsgames.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.discoverykidsgames.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.discoverykidsgames.com\flash\flowplayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.emusic.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.etsy.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.etsy.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.etsy.com\flash\time
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.etsy.com\flash\time\storqueTicker_v2.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.etsy.com\flash\time\storqueTicker_v2.swf\TestMovie_Config_Info.sol 341 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.famecast.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.famecast.com\com.quantserve.sol 74 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.famecast.com\flash
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.famecast.com\flash\20
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.famecast.com\flash\20\mediaplayer.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.famecast.com\flash\20\mediaplayer.swf\fcdata.sol 50 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.fanfiction.net
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.fanfiction.net\cookies.sol 67 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.filmschoolrejects.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.filmschoolrejects.com\com.jeroenwijerin.players.sol 65 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.finetune.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.finetune.com\finetune.user.sol 77 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.flickr.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.flickr.com\apps
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.flickr.com\apps\slideshow
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.flickr.com\apps\slideshow\show.swf
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.flickr.com\apps\video
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.flickr.com\apps\video\control.swf.v60248
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.flickr.com\apps\video\control.swf.v61761
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.flickr.com\apps\video\control.swf.v61761\video_player_prefs2.sol 58 bytes
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.frappr.com
c:\documents and settings\Owner\Application Data\Macromedia\Flash Player\#SharedObjects\A3ZJ2DEC\www.frappr.com\com.quantserve.sol 74 bytes

scan completed successfully
hidden files: 406

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\/*3*!*£*£*ÿ*"!\AIM

Password Cracker]
"Directory"="c:\\Program Files\\AIM

Password Cracker"
"Version"="1.1 Beta"
"Uninstaller"=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1936)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\IME\SPGRMR.DLL
c:\windows\system32\msi.dll
c:\program files\Common Files\Microsoft Shared\INK\SKCHUI.DLL
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Trend Micro\BM\TMBMSRV.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\documents and settings\Owner\My Documents\Service\SyncServicesBasics.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTSVCCDA.EXE
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Trend Micro\Internet Security\SfCtlCom.exe
c:\windows\system32\MsPMSPSv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\program files\Yahoo!\Widgets\YahooWidgets.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
c:\program files\Trend Micro\Internet Security\UfUpdUi.exe
c:\program files\Java\jre1.6.0_07\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2009-09-15 20:05 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-15 01:05

Pre-Run: 90,056,773,632 bytes free
Post-Run: 91,852,500,992 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

813 --- E O F --- 2009-09-14 08:00

That's the Combo-Fix Log. I'll post the System Look in a second...

Re: Virus Stuck on Computer?15th September 2009, 1:15 am

SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 19:27 on 14/09/2009 by Owner (Administrator - Elevation successful)

========== filefind ==========

Searching for "scecli.dll"
C:\WINDOWS\SoftwareDistribution\Download\79123dd72d0f61d4ed8c7a816ed338d7\scecli.dll --a--c 181248 bytes [02:14 02/12/2008] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\scecli.dll --a--c 181248 bytes [00:12 14/04/2008] [00:12 14/04/2008] A86BB5E61BF3E39B62AB4C7E7085A084
C:\WINDOWS\system32\dllcache\scecli.dll --a--c 180224 bytes [04:46 27/02/2009] [10:00 04/08/2004] 0F78E27F563F2AAF74B91A49E2ABF19A
C:\WINDOWS\system32\scecli.dll --a--- 180224 bytes [10:00 04/08/2004] [10:00 04/08/2004] 0F78E27F563F2AAF74B91A49E2ABF19A

Searching for "netlogon.dll"
C:\WINDOWS\SoftwareDistribution\Download\79123dd72d0f61d4ed8c7a816ed338d7\netlogon.dll --a--- 407040 bytes [02:13 02/12/2008] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\netlogon.dll --a--c 407040 bytes [00:12 14/04/2008] [00:12 14/04/2008] 1B7F071C51B77C272875C3A23E1E4550
C:\WINDOWS\system32\dllcache\netlogon.dll --a--c 407040 bytes [04:46 27/02/2009] [10:00 04/08/2004] 96353FCECBA774BB8DA74A1C6507015A
C:\WINDOWS\system32\netlogon.dll --a--- 407040 bytes [10:00 04/08/2004] [10:00 04/08/2004] 96353FCECBA774BB8DA74A1C6507015A

Searching for "eventlog.dll"
C:\WINDOWS\SoftwareDistribution\Download\79123dd72d0f61d4ed8c7a816ed338d7\eventlog.dll --a--c 56320 bytes [02:12 02/12/2008] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656
C:\WINDOWS\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\eventlog.dll --a--c 56320 bytes [00:11 14/04/2008] [00:11 14/04/2008] 6D4FEB43EE538FC5428CC7F0565AA656
C:\WINDOWS\system32\dllcache\eventlog.dll --a--c 55808 bytes [04:46 27/02/2009] [10:00 04/08/2004] 82B24CB70E5944E6E34662205A2A5B78
C:\WINDOWS\system32\eventlog.dll --a--- 61952 bytes [10:00 04/08/2004] [10:00 04/08/2004] (Unable to calculate MD5)

-=End Of File=-

And there's the systemlook! Thank you so much for the Combo-Fix, it worked great! I can FINALLY hear internet sound on my computer which I didn't even think was related to this problem. The website restrictions are gone as well. HijackThis is saying I don't have the right files to open it, so I'm going to try to re-install it and post the log.

Re: Virus Stuck on Computer?15th September 2009, 2:09 am

Hi

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

File::
C:\eoA7Q.bat
C:\gUzxUvF.bat
C:\khwx.exe
C:\snpprnco.exe
C:\oqnxehuw.exe
c:\windows\system32\owyca.pif
c:\program files\Common Files\rupoj._dl
c:\documents and settings\Owner\Local Settings\Application Data\isyjybo.bin
c:\program files\Common Files\ovijikoroq.com
c:\windows\wazoguju.pif
c:\documents and settings\All Users\Application Data\ykony.exe
c:\documents and settings\All Users\Application Data\pytynap.sys
c:\program files\Common Files\botukameh.scr
c:\windows\system32\zawibys.exe
c:\windows\piny.sys
c:\windows\jimav.sys
c:\program files\Common Files\ehativu.ban

DirLook::
c:\Program Files\AIM Password Cracker

Suspect::
c:\windows\DCEBoot.exe

Save this as CFScript.txt, in the same location as ComboFix.exe

Virus Stuck on Computer? CFScriptB-4

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Virus Stuck on Computer?

descriptionVirus Stuck on Computer?13th September 2009, 4:05 am

descriptionRe: Virus Stuck on Computer?13th September 2009, 10:26 am

descriptionRe: Virus Stuck on Computer?15th September 2009, 1:12 am

descriptionRe: Virus Stuck on Computer?15th September 2009, 1:13 am

descriptionRe: Virus Stuck on Computer?15th September 2009, 1:15 am

descriptionRe: Virus Stuck on Computer?15th September 2009, 2:09 am

descriptionRe: Virus Stuck on Computer?