Downloader.Agent2.FGA in three separate locations.

Benoso · 07-09-2009, 07:15 PM

Hi, over the past week or so while doing day-to-day things I've had three popups from AVG Free, 'Threat Detected!' with Downloader.Agent2.FGA being detected. All three times I've pressed Heal but obviously since it's coming back it's not healing all too well.

Here's a screenshot from the Virus Vault showing its locations:

----

DDS (Ver_09-06-26.01) - NTFSx86
Run by Ben at 1:04:49.50 on 10/07/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2047.1127 [GMT 1:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Razer\DeathAdder\razerhid.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\DOCUME~1\Ben\LOCALS~1\Temp\IHU1.tmp.exe
C:\Program Files\a-squared Free\a2service.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DeskPins\DeskPins.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Razer\DeathAdder\razertra.exe
C:\Program Files\Razer\DeathAdder\razerofa.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Xfire\xfire.exe
C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\mspaint.exe
C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ben\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ben\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Page =
mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mi1933~1\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Google Update] "c:\documents and settings\ben\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [RTHDCPL] "c:\windows\RTHDCPL.EXE"
mRun: [Alcmtr] "c:\windows\ALCMTR.EXE"
mRun: [JMB36X IDE Setup] "c:\windows\raidtool\xInsIDE.exe"
mRun: [36X Raid Configurer] "c:\windows\system32\xRaidSetup.exe" boot
mRun: [NvCplDaemon] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] "c:\windows\system32\nwiz.exe" /install
mRun: [NvMediaCenter] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AVG8_TRAY] "c:\progra~1\avg\avg8\avgtray.exe"
mRun: [Start WingMan Profiler] c:\program files\logitech\gaming software\LWEMon.exe /noui
mRun: [btbb_UninstallTracking] c:\docume~1\ben\locals~1\temp\IHU1.tmp.exe /uninstalltrackingvendor=btbb
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
Trusted Zone: ketsujin.com\fighterace
Trusted Zone: ketsujin.com\primary
Trusted Zone: ketsujin.com\update
Trusted Zone: ketsujin.com\www
Trusted Zone: stormofaces.com\www
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\mi1933~1\office12\GR99D3~1.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mi1933~1\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\ben\applic~1\mozilla\firefox\profiles\zx281x56.default\
FF - component: c:\documents and settings\ben\application data\mozilla\firefox\profiles\zx281x56.default\extensions\speedtest@gotomyhelp.com\components\NetDiag.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\ben\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npBTEmailConfig.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlc\npvlc.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-1-21 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-6-2 335752]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-6-2 27784]
R2 a2free;a-squared Free Service;c:\program files\a-squared free\a2service.exe [2009-6-11 718880]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-9-1 298776]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [2008-6-1 38656]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [2008-6-1 10880]
S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\postgresql\8.3\bin\pg_ctl.exe [2008-9-19 65536]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1029456]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2009-1-24 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2009-1-24 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2009-1-24 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [2009-1-24 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [2009-1-24 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [2009-1-24 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [2009-1-24 110120]
S3 SWUSBFLT;Microsoft SideWinder VIA Filter Driver;c:\windows\system32\drivers\SWUSBFLT.SYS [2009-6-28 3968]

=============== Created Last 30 ================

==================== Find3M ====================

2009-07-08 18:10 138,920 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-08 18:10 189,072 a------- c:\windows\system32\PnkBstrB.exe
2009-07-02 09:48 335,752 a------- c:\windows\system32\drivers\avgldx86.sys
2009-06-11 18:36 28,276 a------- c:\windows\system32\drivers\MxlW2k.sys
2009-05-27 14:58 15,688 a------- c:\windows\system32\lsdelete.exe
2009-05-15 12:42 11,952 a------- c:\windows\system32\avgrsstx.dll
2008-06-01 15:39 22,328 a------- c:\docume~1\ben\applic~1\PnkBstrK.sys
2006-06-23 23:48 32,768 a----r-- c:\windows\inf\UpdateUSB.exe

============= FINISH: 1:05:06.12 ===============

jmw3 · 07-11-2009, 02:04 AM

Hello & Welcome to TSF

Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

In the meantime please note the following:

Any recommendations made are for your computer problems only and should NOT be used on any other computer.
Please DO NOT run any scans/tools or other fixes unless I ask you to. This is very important for several reasons. Here are just two of them:
1. The tools that we use are very powerful and can cause >>irreparable damage<< to your computer if not used correctly.
2. Commercial scanners, for the most part can not completely remove some of the more "resistant" infections. This makes it much more difficult to get rid of completely.
If you get stuck or are unsure of something please ask for a further explanation, do not guess.
It will require more than one round to properly clean your system. Continue to respond to this thread until I give you the All Clean! even if symptoms seemingly abate.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.
If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave & if there is no contact for that amount of time I will have to assume you have abandoned your topic.

Thanks

P2P Warning!
IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

µTorrent

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.
P2P file sharing used to be fairly safe. That is no longer true. I'd like you to read the Perils of P2P File Sharing where we explain why it's not a good idea to have them.
References for the risk of these programs can be found in these links: http://www.microsoft.com/windows/ie/...rotection.mspx
http://www.techweb.com/wire/160500554
http://www.internetworldstats.com/articles/art053.htm
See Clean/Infected P2P Programs here

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

ComboFix
Download ComboFix from one of these locations (DO NOT download ComboFix from anywhere else but one of the provided links):
Link 1
Link 2

**IMPORTANT !!! Save ComboFix.exe to your Desktop**

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
A guide to do this can be found here
Double click on ComboFix.exe & follow the prompts
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply

A word of warning: Neither I nor sUBs are responsible for any damage you may cause to your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

To post in next reply:
ComboFix log
Update on how the computer is running

Benoso · 07-11-2009, 05:27 AM

ComboFix 09-07-09.08 - Ben 11/07/2009 12:23.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2047.1536 [GMT 1:00]
Running from: c:\documents and settings\Ben\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\33a98e6.msi

.
((((((((((((((((((((((((( Files Created from 2009-06-11 to 2009-07-11 )))))))))))))))))))))))))))))))
.

2009-07-10 09:21 . 2009-07-02 08:48 2054424 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll
2009-07-10 09:21 . 2009-07-02 08:48 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll
2009-07-08 22:13 . 2009-07-08 22:13 -------- d-----w- c:\program files\AirAttack uPnP Configurator
2009-07-08 16:28 . 2009-07-08 16:28 -------- d-----w- c:\documents and settings\Ben\Application Data\Motive
2009-07-08 16:27 . 2009-07-09 22:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive
2009-07-08 16:27 . 2009-07-09 22:13 -------- d-----w- c:\program files\Common Files\Motive
2009-07-08 16:27 . 2009-07-09 22:11 -------- d-----w- c:\program files\BT Broadband Desktop Help
2009-07-08 16:27 . 2009-07-08 16:27 -------- d-----w- c:\program files\Citrix
2009-07-08 16:27 . 2009-02-02 09:38 218496 ------w- c:\windows\system32\BTEmailConfig.dll
2009-07-08 16:27 . 2009-07-08 16:27 -------- d-----w- c:\windows\BTV.0000
2009-07-08 16:26 . 2001-10-11 10:26 65536 ----a-w- c:\windows\system32\YCRWin32.dll
2009-07-08 16:26 . 2002-01-05 05:18 84992 ----a-w- c:\windows\system32\ATL70.DLL
2009-07-08 16:26 . 2009-07-09 22:17 -------- d-----w- c:\program files\Yahoo!
2009-07-08 16:25 . 2009-07-08 16:25 -------- d-----w- c:\program files\BTHomeHub
2009-07-07 13:43 . 2009-07-07 13:43 -------- d-----w- c:\program files\PFPortChecker
2009-07-06 14:24 . 2009-07-06 14:24 10134 ----a-r- c:\documents and settings\Ben\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-07-06 14:24 . 2009-07-06 14:24 -------- d-----w- c:\program files\Microsoft WSE
2009-07-04 03:00 . 2009-07-06 14:12 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\VirtuaTennis2009
2009-07-04 02:49 . 2009-07-04 02:49 -------- d-----w- c:\program files\SEGA
2009-07-04 02:36 . 2009-07-04 02:36 -------- d-----w- c:\program files\7-Zip
2009-07-02 19:26 . 2009-07-02 19:26 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-07-02 08:50 . 2009-07-02 08:51 -------- d-----w- c:\program files\Democracy2
2009-07-02 00:50 . 2009-07-02 00:50 4096 ----a-w- c:\windows\d3dx.dat
2009-07-02 00:50 . 2009-07-09 22:20 -------- d-----w- c:\program files\Democracy2 Demo
2009-06-28 18:34 . 2001-08-17 13:02 2688 -c--a-w- c:\windows\system32\dllcache\hidswvd.sys
2009-06-28 18:34 . 2001-08-17 13:02 2688 ----a-w- c:\windows\system32\drivers\HIDSwvd.sys
2009-06-28 18:34 . 2004-08-03 22:08 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2009-06-28 18:34 . 2004-08-03 22:08 59136 ----a-w- c:\windows\system32\drivers\GcKernel.sys
2009-06-28 18:34 . 2001-08-17 21:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2009-06-28 18:34 . 2001-08-17 21:36 10240 ----a-w- c:\windows\system32\swpdflt2.dll
2009-06-28 18:34 . 2001-08-17 13:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2009-06-28 18:34 . 2001-08-17 13:02 3968 ----a-w- c:\windows\system32\drivers\SWUSBFLT.SYS
2009-06-22 21:12 . 2009-06-22 21:12 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\Logitech
2009-06-22 17:09 . 2004-08-03 21:58 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-06-22 17:09 . 2004-08-03 21:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-06-22 17:08 . 2009-06-22 17:08 -------- d-----w- c:\program files\Common Files\Logitech
2009-06-22 17:08 . 2009-06-22 17:08 -------- d-----w- c:\program files\Logitech
2009-06-22 14:06 . 2009-06-29 14:07 314712 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\threatwork.exe
2009-06-22 14:06 . 2009-07-06 14:00 25440 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\savapibridge.dll
2009-06-22 14:06 . 2009-06-29 14:07 169312 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavamessage.dll
2009-06-22 14:06 . 2009-06-29 14:07 348496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavalicense.dll
2009-06-22 14:06 . 2009-06-29 14:07 298336 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\UpdateManager.dll
2009-06-22 14:05 . 2009-07-06 14:00 1630560 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Resources.dll
2009-06-22 14:05 . 2009-06-29 14:07 85352 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\AAWDriverTool.exe
2009-06-22 14:04 . 2009-06-29 14:07 664424 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\CEAPI.dll
2009-06-22 14:04 . 2009-06-29 14:07 563064 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe
2009-06-22 14:04 . 2009-06-29 14:07 566632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe
2009-06-22 14:04 . 2009-07-06 13:59 2353480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-06-22 14:02 . 2009-06-29 14:07 629072 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWWSC.exe
2009-06-22 14:02 . 2009-06-29 14:07 520024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWTray.exe
2009-06-22 14:02 . 2009-06-29 14:07 1029456 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWService.exe
2009-06-19 18:35 . 2009-06-19 18:35 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-06-19 17:53 . 2009-07-10 23:25 -------- d-----w- c:\program files\Air Attack

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-11 11:18 . 2008-06-02 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-07-10 20:04 . 2009-01-13 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-07-10 16:26 . 2008-08-11 01:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-10 01:17 . 2008-06-07 11:47 -------- d-----w- c:\documents and settings\Ben\Application Data\uTorrent
2009-07-09 23:51 . 2008-06-01 14:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-09 23:44 . 2009-06-11 01:56 -------- d-----w- c:\program files\a-squared Free
2009-07-09 22:42 . 2008-08-11 01:54 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-09 22:10 . 2008-09-25 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Kontiki
2009-07-09 20:11 . 2008-06-01 18:09 -------- d-----w- c:\documents and settings\Ben\Application Data\Xfire
2009-07-09 00:54 . 2008-12-10 03:45 -------- d-----w- c:\documents and settings\Ben\Application Data\Skype
2009-07-08 23:13 . 2008-06-01 18:09 -------- d-----w- c:\program files\Xfire
2009-07-08 22:37 . 2008-12-10 03:46 -------- d-----w- c:\documents and settings\Ben\Application Data\skypePM
2009-07-08 21:44 . 2009-03-09 23:59 -------- d-----w- c:\program files\PKR
2009-07-08 17:10 . 2008-06-01 14:39 138920 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-08 17:10 . 2008-06-01 14:39 189072 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-06 23:17 . 2009-05-11 11:00 -------- d-----w- c:\documents and settings\Ben\Application Data\dvdcss
2009-07-06 14:19 . 2008-07-08 13:56 -------- d-----w- c:\program files\Electronic Arts
2009-07-02 08:48 . 2008-06-02 19:48 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-29 14:07 . 2009-05-27 13:58 84832 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\ShellExt.dll
2009-06-29 14:07 . 2009-05-27 13:58 246128 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\RPAPI.dll
2009-06-29 14:07 . 2009-05-27 13:58 40288 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\PrivacyClean.dll
2009-06-19 00:39 . 2008-06-23 20:06 -------- d-----w- c:\documents and settings\Ben\Application Data\mIRC
2009-06-18 23:52 . 2008-06-23 20:06 -------- d-----w- c:\program files\mIRC
2009-06-18 20:33 . 2008-08-12 17:05 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-17 22:27 . 2009-06-07 12:39 -------- d-----w- c:\program files\PokerOfficer
2009-06-17 10:38 . 2008-06-02 19:48 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-11 23:07 . 2008-07-13 17:04 -------- d-----w- c:\program files\Soulseek
2009-06-11 17:36 . 2008-06-14 11:42 28276 ----a-w- c:\windows\system32\drivers\MxlW2k.sys
2009-06-07 15:12 . 2009-01-10 01:22 -------- d-----w- c:\program files\WordBiz
2009-06-07 15:11 . 2009-01-24 05:12 -------- d-----w- c:\documents and settings\Ben\Application Data\Sony
2009-06-07 15:10 . 2009-04-27 11:42 -------- d-----w- c:\program files\Poker Grapher
2009-06-07 15:10 . 2008-09-08 11:35 -------- d-----w- c:\program files\OpenOffice.org 2.4
2009-06-07 15:07 . 2008-09-24 12:09 -------- d-----w- c:\program files\Google
2009-06-07 12:39 . 2009-06-07 12:39 -------- d-----w- c:\documents and settings\Ben\Application Data\InstallShield
2009-05-27 13:58 . 2009-05-27 13:58 15688 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lsdelete.exe
2009-05-27 13:58 . 2009-01-21 17:46 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-05-22 06:39 . 2009-05-22 06:39 -------- d-----w- c:\program files\DeskPins
2009-05-21 22:29 . 2008-09-08 13:37 1 ----a-w- c:\documents and settings\Ben\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-05-21 22:29 . 2008-09-08 13:36 -------- d-----w- c:\documents and settings\Ben\Application Data\OpenOffice.org2
2009-05-15 11:42 . 2008-06-02 19:48 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-13 14:37 . 2009-05-13 14:37 -------- d-----w- c:\program files\PokerEV
2009-04-27 14:04 . 2009-04-27 14:04 64160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\lbd.sys
2009-04-27 10:40 . 2008-06-01 13:56 73856 ----a-w- c:\documents and settings\Ben\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-10 133104]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="c:\windows\RTHDCPL.EXE" [2007-03-21 16126464]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-04 8523776]
"nwiz"="c:\windows\system32\nwiz.exe" [2007-12-04 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-04 81920]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 92168]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-15 11:42 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Ben^Start Menu^Programs^Startup^DeskPins.lnk]
path=c:\documents and settings\Ben\Start Menu\Programs\Startup\DeskPins.lnk
backup=c:\windows\pss\DeskPins.lnkStartup

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"kdx"=c:\program files\Kontiki\KHost.exe -all
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"MMTray"=c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
"Ad-Watch"=c:\program files\Lavasoft\Ad-Aware\AAWTray.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"=
"c:\\Documents and Settings\\Ben\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\slsk.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"28960:UDP"= 28960:UDP:cod2
"8888:TCP"= 8888:TCP:utor
"8888:UDP"= 8888:UDP:utor2

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [21/01/2009 15:59 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [02/06/2008 20:48 335752]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [01/09/2008 13:33 298776]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [01/06/2008 15:06 38656]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [01/06/2008 15:53 10880]
S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [19/09/2008 03:03 65536]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34 1029456]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [24/01/2009 06:01 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [24/01/2009 06:03 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [24/01/2009 06:03 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [24/01/2009 06:05 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [24/01/2009 06:06 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [24/01/2009 06:04 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [24/01/2009 06:06 110120]
S3 SWUSBFLT;Microsoft SideWinder VIA Filter Driver;c:\windows\system32\drivers\SWUSBFLT.SYS [28/06/2009 19:34 3968]
.
Contents of the 'Scheduled Tasks' folder

2009-07-08 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:07]

2009-07-11 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-13 19:14]

2009-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1220945662-682003330-1003Core.job
- c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-10 17:23]

2009-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1220945662-682003330-1003UA.job
- c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-10 17:23]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
Trusted Zone: ketsujin.com\fighterace
Trusted Zone: ketsujin.com\primary
Trusted Zone: ketsujin.com\update
Trusted Zone: ketsujin.com\www
Trusted Zone: stormofaces.com\www
FF - ProfilePath - c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\zx281x56.default\
FF - component: c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\zx281x56.default\extensions\speedtest@gotomyhelp.com\components\NetDiag.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npBTEmailConfig.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLC\npvlc.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-11 12:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008]
"GameDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\games"
"ShortlistDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\shortlists"
"ScreenshotsDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008"
"SaveDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\"
"HistoryDir"="e:\\Untagged\\New Folder\\FM Genie Scout 2008\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2008\\data\\updates\\update-802\\db\\802\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinID"=dword:00000001
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"WindowState"=dword:00000000
"Currency"=dword:00000056
"WindowHeight"=dword:0000026d
"WindowWidth"=dword:000003fc
"WindowLeft"=dword:0000014a
"WindowTop"=dword:000000d7
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Clubs]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000032
"Position4"=dword:00000004
"Visible4"=dword:00000001
"Width4"=dword:00000032
"Position5"=dword:00000005
"Visible5"=dword:00000001
"Width5"=dword:00000050
"Position6"=dword:00000006
"Visible6"=dword:00000001
"Width6"=dword:00000050
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000002d
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000001e
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000001e
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000001e
"Position13"=dword:0000000d
"Visible13"=dword:00000001
"Width13"=dword:0000003c
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000032
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:00000032
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000032
"Position17"=dword:00000011
"Visible17"=dword:00000001
"Width17"=dword:00000050
"Position18"=dword:00000012
"Visible18"=dword:00000001
"Width18"=dword:00000050
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Players]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:0000008f
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000037
"Position4"=dword:00000008
"Visible4"=dword:00000001
"Width4"=dword:00000023
"Position5"=dword:00000009
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:0000000a
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:0000000c
"Visible7"=dword:00000001
"Width7"=dword:0000004b
"Position8"=dword:0000000d
"Visible8"=dword:00000001
"Width8"=dword:0000004b
"Position9"=dword:0000000e
"Visible9"=dword:00000001
"Width9"=dword:00000050
"Position10"=dword:00000010
"Visible10"=dword:00000000
"Width10"=dword:00000050
"Position11"=dword:00000011
"Visible11"=dword:00000000
"Width11"=dword:0000004b
"Position12"=dword:00000012
"Visible12"=dword:00000000
"Width12"=dword:0000002d
"Position13"=dword:00000013
"Visible13"=dword:00000000
"Width13"=dword:0000003c
"Position14"=dword:00000014
"Visible14"=dword:00000000
"Width14"=dword:0000004b
"Position15"=dword:00000015
"Visible15"=dword:00000000
"Width15"=dword:00000064
"Position16"=dword:00000016
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000017
"Visible17"=dword:00000000
"Width17"=dword:0000004b
"Position18"=dword:00000018
"Visible18"=dword:00000000
"Width18"=dword:00000064
"Position19"=dword:00000019
"Visible19"=dword:00000000
"Width19"=dword:0000003c
"Position20"=dword:0000001a
"Visible20"=dword:00000000
"Width20"=dword:0000004b
"Position21"=dword:0000001b
"Visible21"=dword:00000000
"Width21"=dword:00000050
"Position22"=dword:0000001c
"Visible22"=dword:00000000
"Width22"=dword:00000073
"Position23"=dword:0000001d
"Visible23"=dword:00000000
"Width23"=dword:00000050
"Position24"=dword:0000001e
"Visible24"=dword:00000000
"Width24"=dword:0000005a
"Position25"=dword:0000001f
"Visible25"=dword:00000000
"Width25"=dword:0000006e
"Position26"=dword:00000020
"Visible26"=dword:00000000
"Width26"=dword:00000064
"Position27"=dword:00000021
"Visible27"=dword:00000000
"Width27"=dword:00000087
"Position28"=dword:00000022
"Visible28"=dword:00000000
"Width28"=dword:00000064
"Position29"=dword:00000023
"Visible29"=dword:00000000
"Width29"=dword:00000064
"Position30"=dword:00000024
"Visible30"=dword:00000000
"Width30"=dword:00000046
"Position31"=dword:00000025
"Visible31"=dword:00000000
"Width31"=dword:0000004b
"Position32"=dword:00000026
"Visible32"=dword:00000000
"Width32"=dword:00000046
"Position33"=dword:00000027
"Visible33"=dword:00000000
"Width33"=dword:0000004b
"Position34"=dword:00000028
"Visible34"=dword:00000000
"Width34"=dword:0000003c
"Position35"=dword:0000002a
"Visible35"=dword:00000000
"Width35"=dword:00000064
"Position36"=dword:0000002e
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000030
"Visible37"=dword:00000000
"Width37"=dword:0000005f
"Position38"=dword:00000033
"Visible38"=dword:00000000
"Width38"=dword:00000091
"Position39"=dword:00000035
"Visible39"=dword:00000000
"Width39"=dword:0000003c
"Position40"=dword:0000002c
"Visible40"=dword:00000000
"Width40"=dword:0000005a
"Position41"=dword:00000036
"Visible41"=dword:00000000
"Width41"=dword:00000041
"Position42"=dword:00000029
"Visible42"=dword:00000000
"Width42"=dword:00000050
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000055
"Position44"=dword:0000002d
"Visible44"=dword:00000000
"Width44"=dword:0000005f
"Position45"=dword:00000037
"Visible45"=dword:00000000
"Width45"=dword:00000050
"Position46"=dword:00000038
"Visible46"=dword:00000000
"Width46"=dword:0000004b
"Position47"=dword:00000039
"Visible47"=dword:00000000
"Width47"=dword:0000004b
"Position48"=dword:0000003a
"Visible48"=dword:00000000
"Width48"=dword:00000046
"Position49"=dword:0000003b
"Visible49"=dword:00000000
"Width49"=dword:00000032
"Position50"=dword:0000003c
"Visible50"=dword:00000000
"Width50"=dword:0000003c
"Position51"=dword:0000003d
"Visible51"=dword:00000000
"Width51"=dword:0000004b
"Position52"=dword:0000003e
"Visible52"=dword:00000000
"Width52"=dword:0000003c
"Position53"=dword:0000003f
"Visible53"=dword:00000000
"Width53"=dword:00000037
"Position54"=dword:00000040
"Visible54"=dword:00000000
"Width54"=dword:00000069
"Position55"=dword:00000041
"Visible55"=dword:00000000
"Width55"=dword:0000005a
"Position56"=dword:00000044
"Visible56"=dword:00000000
"Width56"=dword:0000004b
"Position57"=dword:00000045
"Visible57"=dword:00000000
"Width57"=dword:0000004b
"Position58"=dword:00000046
"Visible58"=dword:00000000
"Width58"=dword:00000037
"Position59"=dword:00000047
"Visible59"=dword:00000000
"Width59"=dword:0000003c
"Position60"=dword:00000048
"Visible60"=dword:00000000
"Width60"=dword:0000003c
"Position61"=dword:00000049
"Visible61"=dword:00000000
"Width61"=dword:00000041
"Position62"=dword:0000004a
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000004b
"Visible63"=dword:00000000
"Width63"=dword:0000003c
"Position64"=dword:0000004c
"Visible64"=dword:00000000
"Width64"=dword:0000003c
"Position65"=dword:0000004d
"Visible65"=dword:00000000
"Width65"=dword:0000004b
"Position66"=dword:0000004e
"Visible66"=dword:00000000
"Width66"=dword:0000003c
"Position67"=dword:0000004f
"Visible67"=dword:00000000
"Width67"=dword:00000046
"Position68"=dword:00000050
"Visible68"=dword:00000000
"Width68"=dword:00000028
"Position69"=dword:00000051
"Visible69"=dword:00000000
"Width69"=dword:00000041
"Position70"=dword:00000052
"Visible70"=dword:00000000
"Width70"=dword:0000003c
"Position71"=dword:00000053
"Visible71"=dword:00000000
"Width71"=dword:00000069
"Position72"=dword:00000054
"Visible72"=dword:00000000
"Width72"=dword:00000041
"Position73"=dword:00000055
"Visible73"=dword:00000000
"Width73"=dword:0000005f
"Position74"=dword:00000056
"Visible74"=dword:00000000
"Width74"=dword:0000003c
"Position75"=dword:00000057
"Visible75"=dword:00000000
"Width75"=dword:00000037
"Position76"=dword:00000058
"Visible76"=dword:00000000
"Width76"=dword:0000004b
"Position77"=dword:00000059
"Visible77"=dword:00000000
"Width77"=dword:00000050
"Position78"=dword:0000005a
"Visible78"=dword:00000000
"Width78"=dword:00000037
"Position79"=dword:0000005b
"Visible79"=dword:00000000
"Width79"=dword:00000037
"Position80"=dword:0000005c
"Visible80"=dword:00000000
"Width80"=dword:0000005a
"Position81"=dword:0000005d
"Visible81"=dword:00000000
"Width81"=dword:0000004b
"Position82"=dword:0000005e
"Visible82"=dword:00000000
"Width82"=dword:00000055
"Position83"=dword:0000005f
"Visible83"=dword:00000000
"Width83"=dword:0000002d
"Position84"=dword:00000060
"Visible84"=dword:00000000
"Width84"=dword:00000037
"Position85"=dword:00000061
"Visible85"=dword:00000000
"Width85"=dword:0000003c
"Position86"=dword:00000062
"Visible86"=dword:00000000
"Width86"=dword:00000046
"Position87"=dword:00000063
"Visible87"=dword:00000000
"Width87"=dword:0000003c
"Position88"=dword:00000064
"Visible88"=dword:00000000
"Width88"=dword:0000005a
"Position89"=dword:00000065
"Visible89"=dword:00000000
"Width89"=dword:0000003c
"Position90"=dword:00000066
"Visible90"=dword:00000000
"Width90"=dword:00000050
"Position91"=dword:00000067
"Visible91"=dword:00000000
"Width91"=dword:00000046
"Position92"=dword:00000068
"Visible92"=dword:00000000
"Width92"=dword:0000005a
"Position93"=dword:00000069
"Visible93"=dword:00000000
"Width93"=dword:00000037
"Position94"=dword:0000006a
"Visible94"=dword:00000000
"Width94"=dword:0000003c
"Position95"=dword:0000006b
"Visible95"=dword:00000000
"Width95"=dword:0000003c
"Position96"=dword:0000006c
"Visible96"=dword:00000000
"Width96"=dword:00000046
"Position97"=dword:0000006d
"Visible97"=dword:00000000
"Width97"=dword:00000046
"Position98"=dword:0000006e
"Visible98"=dword:00000000
"Width98"=dword:00000055
"Position99"=dword:0000006f
"Visible99"=dword:00000000
"Width99"=dword:00000073
"Position100"=dword:00000042
"Visible100"=dword:00000000
"Width100"=dword:00000041
"Position101"=dword:00000070
"Visible101"=dword:00000000
"Width101"=dword:0000003c
"Position102"=dword:00000071
"Visible102"=dword:00000000
"Width102"=dword:0000003c
"Position103"=dword:00000072
"Visible103"=dword:00000000
"Width103"=dword:00000046
"Position104"=dword:00000073
"Visible104"=dword:00000000
"Width104"=dword:0000003c
"Position105"=dword:00000074
"Visible105"=dword:00000000
"Width105"=dword:00000041
"Position106"=dword:0000000f
"Visible106"=dword:00000001
"Width106"=dword:00000050
"Position107"=dword:0000000b
"Visible107"=dword:00000001
"Width107"=dword:00000028
"Position108"=dword:00000043
"Visible108"=dword:00000000
"Width108"=dword:00000050
"Position109"=dword:0000002f
"Visible109"=dword:00000000
"Width109"=dword:00000050
"Position110"=dword:00000031
"Visible110"=dword:00000000
"Width110"=dword:00000055
"Position111"=dword:00000032
"Visible111"=dword:00000000
"Width111"=dword:00000082
"Position112"=dword:00000034
"Visible112"=dword:00000000
"Width112"=dword:00000087
"Position113"=dword:00000075
"Visible113"=dword:00000000
"Width113"=dword:00000050
"Position114"=dword:00000076
"Visible114"=dword:00000000
"Width114"=dword:00000050
"Position115"=dword:00000077
"Visible115"=dword:00000000
"Width115"=dword:00000050
"Position116"=dword:00000078
"Visible116"=dword:00000000
"Width116"=dword:00000050
"Position117"=dword:00000079
"Visible117"=dword:00000000
"Width117"=dword:00000050
"Position118"=dword:0000007a
"Visible118"=dword:00000000
"Width118"=dword:00000050
"Position119"=dword:0000007b
"Visible119"=dword:00000000
"Width119"=dword:00000050
"Position120"=dword:0000007c
"Visible120"=dword:00000000
"Width120"=dword:00000050
"Position121"=dword:0000007d
"Visible121"=dword:00000000
"Width121"=dword:00000050
"Position122"=dword:0000007e
"Visible122"=dword:00000000
"Width122"=dword:00000050
"Position123"=dword:0000007f
"Visible123"=dword:00000000
"Width123"=dword:00000050
"Position124"=dword:00000080
"Visible124"=dword:00000000
"Width124"=dword:00000050
"Position125"=dword:00000081
"Visible125"=dword:00000000
"Width125"=dword:00000050
"Position126"=dword:00000082
"Visible126"=dword:00000000
"Width126"=dword:00000050
"Position127"=dword:00000083
"Visible127"=dword:00000000
"Width127"=dword:00000050
"Position128"=dword:00000084
"Visible128"=dword:00000000
"Width128"=dword:00000050
"Position129"=dword:00000085
"Visible129"=dword:00000000
"Width129"=dword:00000050
"Position130"=dword:00000086
"Visible130"=dword:00000000
"Width130"=dword:00000050
"Position131"=dword:00000087
"Visible131"=dword:00000000
"Width131"=dword:00000050
"Position132"=dword:00000088
"Visible132"=dword:00000000
"Width132"=dword:00000050
"Position133"=dword:00000089
"Visible133"=dword:00000000
"Width133"=dword:00000050
"Position134"=dword:0000008a
"Visible134"=dword:00000000
"Width134"=dword:00000050
"Position135"=dword:0000008b
"Visible135"=dword:00000000
"Width135"=dword:00000050
"Position136"=dword:0000008c
"Visible136"=dword:00000000
"Width136"=dword:00000050
"Position137"=dword:0000008d
"Visible137"=dword:00000000
"Width137"=dword:00000050
"Position138"=dword:0000008e
"Visible138"=dword:00000000
"Width138"=dword:00000050
"Position139"=dword:0000008f
"Visible139"=dword:00000000
"Width139"=dword:00000050
"Position140"=dword:00000090
"Visible140"=dword:00000000
"Width140"=dword:00000050
"Position141"=dword:00000091
"Visible141"=dword:00000000
"Width141"=dword:00000050
"Position142"=dword:00000092
"Visible142"=dword:00000000
"Width142"=dword:00000050
"Position143"=dword:00000093
"Visible143"=dword:00000000
"Width143"=dword:00000050
"Position144"=dword:00000094
"Visible144"=dword:00000000
"Width144"=dword:00000050
"Position145"=dword:00000095
"Visible145"=dword:00000000
"Width145"=dword:00000050
"Position146"=dword:00000004
"Visible146"=dword:00000000
"Width146"=dword:00000037
"Position147"=dword:00000005
"Visible147"=dword:00000000
"Width147"=dword:00000028
"Position148"=dword:00000006
"Visible148"=dword:00000000
"Width148"=dword:00000037
"Position149"=dword:00000007
"Visible149"=dword:00000001
"Width149"=dword:00000028

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Staff]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000069
"Position4"=dword:00000005
"Visible4"=dword:00000001
"Width4"=dword:00000028
"Position5"=dword:00000006
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:00000004
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000004b
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000002d
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000003c
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000004b
"Position13"=dword:0000000d
"Visible13"=dword:00000000
"Width13"=dword:00000064
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000064
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:0000004b
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000011
"Visible17"=dword:00000000
"Width17"=dword:0000003c
"Position18"=dword:00000012
"Visible18"=dword:00000000
"Width18"=dword:0000004b
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
"Position20"=dword:00000014
"Visible20"=dword:00000000
"Width20"=dword:00000046
"Position21"=dword:00000015
"Visible21"=dword:00000000
"Width21"=dword:0000004b
"Position22"=dword:00000016
"Visible22"=dword:00000000
"Width22"=dword:00000046
"Position23"=dword:00000017
"Visible23"=dword:00000000
"Width23"=dword:00000046
"Position24"=dword:00000018
"Visible24"=dword:00000000
"Width24"=dword:0000003c
"Position25"=dword:00000019
"Visible25"=dword:00000000
"Width25"=dword:00000041
"Position26"=dword:0000001a
"Visible26"=dword:00000000
"Width26"=dword:0000003c
"Position27"=dword:0000001b
"Visible27"=dword:00000000
"Width27"=dword:00000055
"Position28"=dword:0000001c
"Visible28"=dword:00000000
"Width28"=dword:00000069
"Position29"=dword:0000001d
"Visible29"=dword:00000000
"Width29"=dword:0000006e
"Position30"=dword:0000001e
"Visible30"=dword:00000000
"Width30"=dword:00000064
"Position31"=dword:0000001f
"Visible31"=dword:00000000
"Width31"=dword:00000078
"Position32"=dword:00000020
"Visible32"=dword:00000000
"Width32"=dword:00000064
"Position33"=dword:00000021
"Visible33"=dword:00000000
"Width33"=dword:00000087
"Position34"=dword:00000022
"Visible34"=dword:00000000
"Width34"=dword:00000069
"Position35"=dword:00000023
"Visible35"=dword:00000000
"Width35"=dword:0000006e
"Position36"=dword:00000024
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000025
"Visible37"=dword:00000000
"Width37"=dword:0000004b
"Position38"=dword:00000026
"Visible38"=dword:00000000
"Width38"=dword:0000002d
"Position39"=dword:00000027
"Visible39"=dword:00000000
"Width39"=dword:00000055
"Position40"=dword:00000028
"Visible40"=dword:00000000
"Width40"=dword:00000046
"Position41"=dword:00000029
"Visible41"=dword:00000000
"Width41"=dword:0000004b
"Position42"=dword:0000002a
"Visible42"=dword:00000000
"Width42"=dword:0000003c
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000046
"Position44"=dword:0000002c
"Visible44"=dword:00000000
"Width44"=dword:00000073
"Position45"=dword:0000002d
"Visible45"=dword:00000000
"Width45"=dword:0000004b
"Position46"=dword:0000002e
"Visible46"=dword:00000000
"Width46"=dword:00000073
"Position47"=dword:0000002f
"Visible47"=dword:00000000
"Width47"=dword:0000007d
"Position48"=dword:00000030
"Visible48"=dword:00000000
"Width48"=dword:0000006e
"Position49"=dword:00000031
"Visible49"=dword:00000000
"Width49"=dword:00000037
"Position50"=dword:00000032
"Visible50"=dword:00000000
"Width50"=dword:00000064
"Position51"=dword:00000033
"Visible51"=dword:00000000
"Width51"=dword:00000037
"Position52"=dword:00000034
"Visible52"=dword:00000000
"Width52"=dword:0000004b
"Position53"=dword:00000035
"Visible53"=dword:00000000
"Width53"=dword:00000046
"Position54"=dword:00000036
"Visible54"=dword:00000000
"Width54"=dword:00000037
"Position55"=dword:00000037
"Visible55"=dword:00000000
"Width55"=dword:0000003c
"Position56"=dword:00000038
"Visible56"=dword:00000000
"Width56"=dword:00000055
"Position57"=dword:00000039
"Visible57"=dword:00000000
"Width57"=dword:0000003c
"Position58"=dword:0000003a
"Visible58"=dword:00000000
"Width58"=dword:0000003c
"Position59"=dword:0000003b
"Visible59"=dword:00000000
"Width59"=dword:00000055
"Position60"=dword:0000003c
"Visible60"=dword:00000000
"Width60"=dword:00000046
"Position61"=dword:0000003d
"Visible61"=dword:00000000
"Width61"=dword:0000004b
"Position62"=dword:0000003e
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000003f
"Visible63"=dword:00000000
"Width63"=dword:0000005a
"Position64"=dword:00000040
"Visible64"=dword:00000000
"Width64"=dword:0000006e
"Position65"=dword:00000041
"Visible65"=dword:00000000
"Width65"=dword:00000050
"Position66"=dword:00000042
"Visible66"=dword:00000000
"Width66"=dword:00000032
"Position67"=dword:00000043
"Visible67"=dword:00000000
"Width67"=dword:00000064
"Position68"=dword:00000044
"Visible68"=dword:00000000
"Width68"=dword:0000004b
"Position69"=dword:00000045
"Visible69"=dword:00000000
"Width69"=dword:0000002d
"Position70"=dword:00000046
"Visible70"=dword:00000000
"Width70"=dword:0000004b
"Position71"=dword:00000047
"Visible71"=dword:00000000
"Width71"=dword:0000005a
"Position72"=dword:00000048
"Visible72"=dword:00000000
"Width72"=dword:0000005a
"Position73"=dword:00000049
"Visible73"=dword:00000000
"Width73"=dword:00000050
"Position74"=dword:0000004a
"Visible74"=dword:00000000
"Width74"=dword:0000004b
"Position75"=dword:0000004b
"Visible75"=dword:00000000
"Width75"=dword:00000050
"Position76"=dword:0000004c
"Visible76"=dword:00000000
"Width76"=dword:0000005a
"Position77"=dword:0000004d
"Visible77"=dword:00000000
"Width77"=dword:00000041
"Position78"=dword:0000004e
"Visible78"=dword:00000000
"Width78"=dword:00000041
"Position79"=dword:0000004f
"Visible79"=dword:00000000
"Width79"=dword:00000041
"Position80"=dword:00000050
"Visible80"=dword:00000000
"Width80"=dword:00000041
"Position81"=dword:00000051
"Visible81"=dword:00000000
"Width81"=dword:00000041
"Position82"=dword:00000052
"Visible82"=dword:00000000
"Width82"=dword:00000041
"Position83"=dword:00000053
"Visible83"=dword:00000000
"Width83"=dword:00000041
"Position84"=dword:00000054
"Visible84"=dword:00000000
"Width84"=dword:00000041
"Position85"=dword:00000055
"Visible85"=dword:00000000
"Width85"=dword:00000041
"Position86"=dword:00000056
"Visible86"=dword:00000000
"Width86"=dword:00000050

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Rating Coefficients]
"GKWeightCoef"=dword:00000064
"GKCurrentAbilityCoef"=dword:00000000
"GKCornersCoef"=dword:00000000
"GKCrossingCoef"=dword:00000000
"GKDribblingCoef"=dword:00000000
"GKFinishingCoef"=dword:00000000
"GKFirstTouchCoef"=dword:00000000
"GKFreeKicksCoef"=dword:00000000
"GKHeadingCoef"=dword:00000000
"GKLongShotsCoef"=dword:00000000
"GKLongThrowsCoef"=dword:00000000
"GKMarkingCoef"=dword:00000000
"GKPassingCoef"=dword:00000000
"GKPenaltiesCoef"=dword:00000000
"GKTacklingCoef"=dword:00000005
"GKTechniqueCoef"=dword:00000000
"GKLeftFootCoef"=dword:00000000
"GKRightFootCoef"=dword:00000000
"GKAggressionCoef"=dword:0000000a
"GKAnticipationCoef"=dword:00000005
"GKBraveryCoef"=dword:00000014
"GKComposureCoef"=dword:00000014
"GKConcentrationCoef"=dword:0000000a
"GKConsistencyCoef"=dword:0000000a
"GKCreativityCoef"=dword:00000000
"GKDecisionsCoef"=dword:00000014
"GKDeterminationCoef"=dword:0000000a
"GKDirtinessCoef"=dword:fffffffb
"GKFlairCoef"=dword:00000000
"GKImportantMatchesCoef"=dword:0000000a
"GKInfluenceCoef"=dword:0000000a
"GKOffTheBallCoef"=dword:00000000
"GKPositioningCoef"=dword:00000050
"GKTeamworkCoef"=dword:00000005
"GKWorkRateCoef"=dword:00000000
"GKAccelerationCoef"=dword:00000005
"GKAgilityCoef"=dword:0000000a
"GKBalanceCoef"=dword:0000000a
"GKInjuryPronenessCoef"=dword:fffffffb
"GKJumpingCoef"=dword:00000050
"GKNaturalFitnessCoef"=dword:00000005
"GKPaceCoef"=dword:00000000
"GKStaminaCoef"=dword:00000000
"GKStrengthCoef"=dword:0000000a
"GKVersatilityCoef"=dword:00000000
"GKAerialAbilityCoef"=dword:00000032
"GKCommandOfAreaCoef"=dword:00000014
"GKCommunicationCoef"=dword:00000032
"GKEccentricityCoef"=dword:ffffffec
"GKHandlingCoef"=dword:00000064
"GKKickingCoef"=dword:0000000a
"GKOneOnOnesCoef"=dword:00000032
"GKReflexesCoef"=dword:00000064
"GKRushingOutCoef"=dword:00000014
"GKTendencyToPunchCoef"=dword:fffffff6
"GKThrowingCoef"=dword:0000000a
"GKAdaptabilityCoef"=dword:00000005
"GKAmbitionCoef"=dword:0000000a
"GKControversyCoef"=dword:fffffffb
"GKLoyalityCoef"=dword:00000005
"GKPressureCoef"=dword:00000005
"GKProfessionalismCoef"=dword:00000005
"GKSportsmanshipCoef"=dword:00000005
"GKTemperamentCoef"=dword:00000005
"SWWeightCoef"=dword:00000066
"SWCurrentAbilityCoef"=dword:00000000
"SWCornersCoef"=dword:00000000
"SWCrossingCoef"=dword:00000000
"SWDribblingCoef"=dword:00000000
"SWFinishingCoef"=dword:00000000
"SWFirstTouchCoef"=dword:00000014
"SWFreeKicksCoef"=dword:0000000a
"SWHeadingCoef"=dword:00000064
"SWLongShotsCoef"=dword:0000000a
"SWLongThrowsCoef"=dword:00000000
"SWMarkingCoef"=dword:00000064
"SWPassingCoef"=dword:0000000a
"SWPenaltiesCoef"=dword:00000005
"SWTacklingCoef"=dword:00000064
"SWTechniqueCoef"=dword:0000000a
"SWLeftFootCoef"=dword:00000005
"SWRightFootCoef"=dword:00000005
"SWAggressionCoef"=dword:00000014
"SWAnticipationCoef"=dword:00000014
"SWBraveryCoef"=dword:00000028
"SWComposureCoef"=dword:00000028
"SWConcentrationCoef"=dword:0000003c
"SWConsistencyCoef"=dword:0000000a
"SWCreativityCoef"=dword:0000000a
"SWDecisionsCoef"=dword:00000014
"SWDeterminationCoef"=dword:0000000a
"SWDirtinessCoef"=dword:ffffffe7
"SWFlairCoef"=dword:00000000
"SWImportantMatchesCoef"=dword:0000000a
"SWInfluenceCoef"=dword:0000000a
"SWOffTheBallCoef"=dword:0000000a
"SWPositioningCoef"=dword:00000064
"SWTeamworkCoef"=dword:00000028
"SWWorkRateCoef"=dword:00000014
"SWAccelerationCoef"=dword:0000001e
"SWAgilityCoef"=dword:0000000a
"SWBalanceCoef"=dword:00000014
"SWInjuryPronenessCoef"=dword:fffffffb
"SWJumpingCoef"=dword:00000064
"SWNaturalFitnessCoef"=dword:00000005
"SWPaceCoef"=dword:00000014
"SWStaminaCoef"=dword:0000000a
"SWStrengthCoef"=dword:00000050
"SWVersatilityCoef"=dword:00000005
"SWAerialAbilityCoef"=dword:00000000
"SWCommandOfAreaCoef"=dword:00000000
"SWCommunicationCoef"=dword:00000000
"SWEccentricityCoef"=dword:00000000
"SWHandlingCoef"=dword:00000000
"SWKickingCoef"=dword:00000000
"SWOneOnOnesCoef"=dword:00000005
"SWReflexesCoef"=dword:00000005
"SWRushingOutCoef"=dword:00000000
"SWTendencyToPunchCoef"=dword:00000000
"SWThrowingCoef"=dword:00000000
"SWAdaptabilityCoef"=dword:00000005
"SWAmbitionCoef"=dword:0000000a
"SWControversyCoef"=dword:fffffffb
"SWLoyalityCoef"=dword:00000005
"SWPressureCoef"=dword:00000005
"SWProfessionalismCoef"=dword:00000005
"SWSportsmanshipCoef"=dword:00000005
"SWTemperamentCoef"=dword:00000005
"CBWeightCoef"=dword:00000064
"CBCurrentAbilityCoef"=dword:00000000
"CBCornersCoef"=dword:00000000
"CBCrossingCoef"=dword:00000000
"CBDribblingCoef"=dword:00000000
"CBFinishingCoef"=dword:00000000
"CBFirstTouchCoef"=dword:00000014
"CBFreeKicksCoef"=dword:0000000a
"CBHeadingCoef"=dword:00000064
"CBLongShotsCoef"=dword:0000000a
"CBLongThrowsCoef"=dword:00000000
"CBMarkingCoef"=dword:00000050
"CBPassingCoef"=dword:00000014
"CBPenaltiesCoef"=dword:00000005
"CBTacklingCoef"=dword:00000064
"CBTechniqueCoef"=dword:0000000a
"CBLeftFootCoef"=dword:00000005
"CBRightFootCoef"=dword:00000005
"CBAggressionCoef"=dword:00000014
"CBAnticipationCoef"=dword:00000014
"CBBraveryCoef"=dword:00000028
"CBComposureCoef"=dword:00000014
"CBConcentrationCoef"=dword:00000028
"CBConsistencyCoef"=dword:0000000a
"CBCreativityCoef"=dword:0000000a
"CBDecisionsCoef"=dword:00000014
"CBDeterminationCoef"=dword:0000000a
"CBDirtinessCoef"=dword:ffffffec
"CBFlairCoef"=dword:00000000
"CBImportantMatchesCoef"=dword:0000000a
"CBInfluenceCoef"=dword:0000000a
"CBOffTheBallCoef"=dword:0000000a
"CBPositioningCoef"=dword:00000050
"CBTeamworkCoef"=dword:00000028
"CBWorkRateCoef"=dword:00000014
"CBAccelerationCoef"=dword:00000028
"CBAgilityCoef"=dword:0000000a
"CBBalanceCoef"=dword:00000014
"CBInjuryPronenessCoef"=dword:fffffffb
"CBJumpingCoef"=dword:00000064
"CBNaturalFitnessCoef"=dword:00000005
"CBPaceCoef"=dword:0000001e
"CBStaminaCoef"=dword:0000000a
"CBStrengthCoef"=dword:0000003c
"CBVersatilityCoef"=dword:00000005
"CBAerialAbilityCoef"=dword:00000000
"CBCommandOfAreaCoef"=dword:00000000
"CBCommunicationCoef"=dword:00000000
"CBEccentricityCoef"=dword:00000000
"CBHandlingCoef"=dword:00000000
"CBKickingCoef"=dword:00000000
"CBOneOnOnesCoef"=dword:00000005
"CBReflexesCoef"=dword:00000005
"CBRushingOutCoef"=dword:00000000
"CBTendencyToPunchCoef"=dword:00000000
"CBThrowingCoef"=dword:00000000
"CBAdaptabilityCoef"=dword:00000005
"CBAmbitionCoef"=dword:0000000a
"CBControversyCoef"=dword:fffffffb
"CBLoyalityCoef"=dword:00000005
"CBPressureCoef"=dword:00000005
"CBProfessionalismCoef"=dword:00000005
"CBSportsmanshipCoef"=dword:00000005
"CBTemperamentCoef"=dword:00000005
"FBWeightCoef"=dword:00000069
"FBCurrentAbilityCoef"=dword:00000000
"FBCornersCoef"=dword:0000000a
"FBCrossingCoef"=dword:0000001e
"FBDribblingCoef"=dword:00000014
"FBFinishingCoef"=dword:00000000
"FBFirstTouchCoef"=dword:00000014
"FBFreeKicksCoef"=dword:0000000a
"FBHeadingCoef"=dword:0000003c
"FBLongShotsCoef"=dword:0000000a
"FBLongThrowsCoef"=dword:0000000a
"FBMarkingCoef"=dword:0000003c
"FBPassingCoef"=dword:0000001e
"FBPenaltiesCoef"=dword:00000005
"FBTacklingCoef"=dword:00000064
"FBTechniqueCoef"=dword:00000014
"FBLeftFootCoef"=dword:00000005
"FBRightFootCoef"=dword:00000005
"FBAggressionCoef"=dword:0000000f
"FBAnticipationCoef"=dword:00000050
"FBBraveryCoef"=dword:00000014
"FBComposureCoef"=dword:0000000a
"FBConcentrationCoef"=dword:0000001e
"FBConsistencyCoef"=dword:0000000a
"FBCreativityCoef"=dword:0000000a
"FBDecisionsCoef"=dword:00000014
"FBDeterminationCoef"=dword:0000000a
"FBDirtinessCoef"=dword:fffffff6
"FBFlairCoef"=dword:00000005
"FBImportantMatchesCoef"=dword:0000000a
"FBInfluenceCoef"=dword:0000000a
"FBOffTheBallCoef"=dword:00000014
"FBPositioningCoef"=dword:00000064
"FBTeamworkCoef"=dword:00000014
"FBWorkRateCoef"=dword:00000014
"FBAccelerationCoef"=dword:0000003c
"FBAgilityCoef"=dword:0000000a
"FBBalanceCoef"=dword:00000014
"FBInjuryPronenessCoef"=dword:fffffffb
"FBJumpingCoef"=dword:0000003c
"FBNaturalFitnessCoef"=dword:00000005
"FBPaceCoef"=dword:00000050
"FBStaminaCoef"=dword:0000003c
"FBStrengthCoef"=dword:00000028
"FBVersatilityCoef"=dword:00000005
"FBAerialAbilityCoef"=dword:00000000
"FBCommandOfAreaCoef"=dword:00000000
"FBCommunicationCoef"=dword:00000000
"FBEccentricityCoef"=dword:00000000
"FBHandlingCoef"=dword:00000000
"FBKickingCoef"=dword:00000000
"FBOneOnOnesCoef"=dword:00000005
"FBReflexesCoef"=dword:00000005
"FBRushingOutCoef"=dword:00000000
"FBTendencyToPunchCoef"=dword:00000000
"FBThrowingCoef"=dword:00000000
"FBAdaptabilityCoef"=dword:00000005
"FBAmbitionCoef"=dword:0000000a
"FBControversyCoef"=dword:fffffffb
"FBLoyalityCoef"=dword:00000005
"FBPressureCoef"=dword:00000005
"FBProfessionalismCoef"=dword:00000005
"FBSportsmanshipCoef"=dword:00000005
"FBTemperamentCoef"=dword:00000005
"WBWeightCoef"=dword:0000006c
"WBCurrentAbilityCoef"=dword:00000000
"WBCornersCoef"=dword:0000000a
"WBCrossingCoef"=dword:0000003c
"WBDribblingCoef"=dword:00000028
"WBFinishingCoef"=dword:0000000a
"WBFirstTouchCoef"=dword:00000014
"WBFreeKicksCoef"=dword:0000000a
"WBHeadingCoef"=dword:00000028
"WBLongShotsCoef"=dword:00000014
"WBLongThrowsCoef"=dword:0000000a
"WBMarkingCoef"=dword:0000003c
"WBPassingCoef"=dword:00000028
"WBPenaltiesCoef"=dword:00000005
"WBTacklingCoef"=dword:00000064
"WBTechniqueCoef"=dword:00000028
"WBLeftFootCoef"=dword:00000005
"WBRightFootCoef"=dword:00000005
"WBAggressionCoef"=dword:0000000a
"WBAnticipationCoef"=dword:00000050
"WBBraveryCoef"=dword:0000000a
"WBComposureCoef"=dword:0000000a
"WBConcentrationCoef"=dword:00000014
"WBConsistencyCoef"=dword:0000000a
"WBCreativityCoef"=dword:00000014
"WBDecisionsCoef"=dword:00000014
"WBDeterminationCoef"=dword:0000000a
"WBDirtinessCoef"=dword:fffffff6
"WBFlairCoef"=dword:0000000a
"WBImportantMatchesCoef"=dword:0000000a
"WBInfluenceCoef"=dword:0000000a
"WBOffTheBallCoef"=dword:00000014
"WBPositioningCoef"=dword:00000064
"WBTeamworkCoef"=dword:00000014
"WBWorkRateCoef"=dword:00000028
"WBAccelerationCoef"=dword:00000050
"WBAgilityCoef"=dword:0000000a
"WBBalanceCoef"=dword:00000014
"WBInjuryPronenessCoef"=dword:fffffffb
"WBJumpingCoef"=dword:00000014
"WBNaturalFitnessCoef"=dword:00000005
"WBPaceCoef"=dword:00000064
"WBStaminaCoef"=dword:00000050
"WBStrengthCoef"=dword:00000028
"WBVersatilityCoef"=dword:00000005
"WBAerialAbilityCoef"=dword:00000000
"WBCommandOfAreaCoef"=dword:00000000
"WBCommunicationCoef"=dword:00000000
"WBEccentricityCoef"=dword:00000000
"WBHandlingCoef"=dword:00000000
"WBKickingCoef"=dword:00000000
"WBOneOnOnesCoef"=dword:00000005
"WBReflexesCoef"=dword:00000005
"WBRushingOutCoef"=dword:00000000
"WBTendencyToPunchCoef"=dword:00000000
"WBThrowingCoef"=dword:00000000
"WBAdaptabilityCoef"=dword:00000005
"WBAmbitionCoef"=dword:0000000a
"WBControversyCoef"=dword:fffffffb
"WBLoyalityCoef"=dword:00000005
"WBPressureCoef"=dword:00000005
"WBProfessionalismCoef"=dword:00000005
"WBSportsmanshipCoef"=dword:00000005
"WBTemperamentCoef"=dword:00000005
"DMWeightCoef"=dword:00000067
"DMCurrentAbilityCoef"=dword:00000000
"DMCornersCoef"=dword:0000000a
"DMCrossingCoef"=dword:0000001e
"DMDribblingCoef"=dword:00000014
"DMFinishingCoef"=dword:0000000a
"DMFirstTouchCoef"=dword:0000001e
"DMFreeKicksCoef"=dword:0000000a
"DMHeadingCoef"=dword:00000028
"DMLongShotsCoef"=dword:00000014
"DMLongThrowsCoef"=dword:00000005
"DMMarkingCoef"=dword:0000003c
"DMPassingCoef"=dword:00000028
"DMPenaltiesCoef"=dword:00000005
"DMTacklingCoef"=dword:00000064
"DMTechniqueCoef"=dword:0000001e
"DMLeftFootCoef"=dword:00000005
"DMRightFootCoef"=dword:00000005
"DMAggressionCoef"=dword:00000028
"DMAnticipationCoef"=dword:00000028
"DMBraveryCoef"=dword:00000014
"DMComposureCoef"=dword:0000000a
"DMConcentrationCoef"=dword:00000014
"DMConsistencyCoef"=dword:0000000a
"DMCreativityCoef"=dword:00000014
"DMDecisionsCoef"=dword:00000014
"DMDeterminationCoef"=dword:0000000a
"DMDirtinessCoef"=dword:fffffff6
"DMFlairCoef"=dword:0000000a
"DMImportantMatchesCoef"=dword:0000000a
"DMInfluenceCoef"=dword:0000000a
"DMOffTheBallCoef"=dword:0000001e
"DMPositioningCoef"=dword:00000050
"DMTeamworkCoef"=dword:00000028
"DMWorkRateCoef"=dword:00000050
"DMAccelerationCoef"=dword:00000028
"DMAgilityCoef"=dword:0000000a
"DMBalanceCoef"=dword:0000000a
"DMInjuryPronenessCoef"=dword:fffffffb
"DMJumpingCoef"=dword:00000028
"DMNaturalFitnessCoef"=dword:00000005
"DMPaceCoef"=dword:00000028
"DMStaminaCoef"=dword:0000003c
"DMStrengthCoef"=dword:00000028
"DMVersatilityCoef"=dword:00000005
"DMAerialAbilityCoef"=dword:00000000
"DMCommandOfAreaCoef"=dword:00000000
"DMCommunicationCoef"=dword:00000000
"DMEccentricityCoef"=dword:00000000
"DMHandlingCoef"=dword:00000000
"DMKickingCoef"=dword:00000000
"DMOneOnOnesCoef"=dword:00000005
"DMReflexesCoef"=dword:00000005
"DMRushingOutCoef"=dword:00000000
"DMTendencyToPunchCoef"=dword:00000000
"DMThrowingCoef"=dword:00000000
"DMAdaptabilityCoef"=dword:00000005
"DMAmbitionCoef"=dword:0000000a
"DMControversyCoef"=dword:fffffffb
"DMLoyalityCoef"=dword:00000005
"DMPressureCoef"=dword:00000005
"DMProfessionalismCoef"=dword:00000005
"DMSportsmanshipCoef"=dword:00000005
"DMTemperamentCoef"=dword:00000005
"MWeightCoef"=dword:00000068
"MCurrentAbilityCoef"=dword:00000000
"MCornersCoef"=dword:0000000a
"MCrossingCoef"=dword:00000028
"MDribblingCoef"=dword:00000032
"MFinishingCoef"=dword:00000014
"MFirstTouchCoef"=dword:0000001e
"MFreeKicksCoef"=dword:0000000a
"MHeadingCoef"=dword:0000001e
"MLongShotsCoef"=dword:00000014
"MLongThrowsCoef"=dword:00000005
"MMarkingCoef"=dword:00000028
"MPassingCoef"=dword:00000046
"MPenaltiesCoef"=dword:00000005
"MTacklingCoef"=dword:0000003c
"MTechniqueCoef"=dword:00000032
"MLeftFootCoef"=dword:00000005
"MRightFootCoef"=dword:00000005
"MAggressionCoef"=dword:0000001e
"MAnticipationCoef"=dword:00000028
"MBraveryCoef"=dword:0000000a
"MComposureCoef"=dword:0000000a
"MConcentrationCoef"=dword:0000000a
"MConsistencyCoef"=dword:0000000a
"MCreativityCoef"=dword:0000003c
"MDecisionsCoef"=dword:0000001e
"MDeterminationCoef"=dword:0000000a
"MDirtinessCoef"=dword:fffffffb
"MFlairCoef"=dword:0000000a
"MImportantMatchesCoef"=dword:0000000a
"MInfluenceCoef"=dword:0000000a
"MOffTheBallCoef"=dword:00000028
"MPositioningCoef"=dword:00000028
"MTeamworkCoef"=dword:00000032
"MWorkRateCoef"=dword:00000032
"MAccelerationCoef"=dword:00000032
"MAgilityCoef"=dword:0000000a
"MBalanceCoef"=dword:0000000a
"MInjuryPronenessCoef"=dword:fffffffb
"MJumpingCoef"=dword:00000028
"MNaturalFitnessCoef"=dword:00000005
"MPaceCoef"=dword:00000028
"MStaminaCoef"=dword:0000003c
"MStrengthCoef"=dword:0000001e
"MVersatilityCoef"=dword:00000005
"MAerialAbilityCoef"=dword:00000000
"MCommandOfAreaCoef"=dword:00000000
"MCommunicationCoef"=dword:00000000
"MEccentricityCoef"=dword:00000000
"MHandlingCoef"=dword:00000000
"MKickingCoef"=dword:00000000
"MOneOnOnesCoef"=dword:00000005
"MReflexesCoef"=dword:00000005
"MRushingOutCoef"=dword:00000000
"MTendencyToPunchCoef"=dword:00000000
"MThrowingCoef"=dword:00000000
"MAdaptabilityCoef"=dword:00000005
"MAmbitionCoef"=dword:0000000a
"MControversyCoef"=dword:fffffffb
"MLoyalityCoef"=dword:00000005
"MPressureCoef"=dword:00000005
"MProfessionalismCoef"=dword:00000005
"MSportsmanshipCoef"=dword:00000005
"MTemperamentCoef"=dword:00000005
"AMWeightCoef"=dword:00000068
"AMCurrentAbilityCoef"=dword:00000000
"AMCornersCoef"=dword:0000000a
"AMCrossingCoef"=dword:0000003c
"AMDribblingCoef"=dword:00000050
"AMFinishingCoef"=dword:00000028
"AMFirstTouchCoef"=dword:0000001e
"AMFreeKicksCoef"=dword:0000000a
"AMHeadingCoef"=dword:00000014
"AMLongShotsCoef"=dword:00000014
"AMLongThrowsCoef"=dword:00000005
"AMMarkingCoef"=dword:0000000a
"AMPassingCoef"=dword:00000064
"AMPenaltiesCoef"=dword:00000005
"AMTacklingCoef"=dword:0000000a
"AMTechniqueCoef"=dword:00000050
"AMLeftFootCoef"=dword:00000005
"AMRightFootCoef"=dword:00000005
"AMAggressionCoef"=dword:0000000a
"AMAnticipationCoef"=dword:0000001e
"AMBraveryCoef"=dword:0000000a
"AMComposureCoef"=dword:0000000a
"AMConcentrationCoef"=dword:0000000a
"AMConsistencyCoef"=dword:0000000a
"AMCreativityCoef"=dword:00000064
"AMDecisionsCoef"=dword:00000028
"AMDeterminationCoef"=dword:0000000a
"AMDirtinessCoef"=dword:fffffffb
"AMFlairCoef"=dword:00000014
"AMImportantMatchesCoef"=dword:0000000a
"AMInfluenceCoef"=dword:0000000a
"AMOffTheBallCoef"=dword:0000003c
"AMPositioningCoef"=dword:00000014
"AMTeamworkCoef"=dword:0000003c
"AMWorkRateCoef"=dword:00000014
"AMAccelerationCoef"=dword:0000003c
"AMAgilityCoef"=dword:0000000a
"AMBalanceCoef"=dword:0000000a
"AMInjuryPronenessCoef"=dword:fffffffb
"AMJumpingCoef"=dword:00000014
"AMNaturalFitnessCoef"=dword:00000005
"AMPaceCoef"=dword:0000003c
"AMStaminaCoef"=dword:0000003c
"AMStrengthCoef"=dword:00000014
"AMVersatilityCoef"=dword:00000005
"AMAerialAbilityCoef"=dword:00000000
"AMCommandOfAreaCoef"=dword:00000000
"AMCommunicationCoef"=dword:00000000
"AMEccentricityCoef"=dword:00000000
"AMHandlingCoef"=dword:00000000
"AMKickingCoef"=dword:00000000
"AMOneOnOnesCoef"=dword:00000005
"AMReflexesCoef"=dword:00000005
"AMRushingOutCoef"=dword:00000000
"AMTendencyToPunchCoef"=dword:00000000
"AMThrowingCoef"=dword:00000000
"AMAdaptabilityCoef"=dword:00000005
"AMAmbitionCoef"=dword:0000000a
"AMControversyCoef"=dword:fffffffb
"AMLoyalityCoef"=dword:00000005
"AMPressureCoef"=dword:00000005
"AMProfessionalismCoef"=dword:00000005
"AMSportsmanshipCoef"=dword:00000005
"AMTemperamentCoef"=dword:00000005
"WWeightCoef"=dword:00000069
"WCurrentAbilityCoef"=dword:00000000
"WCornersCoef"=dword:0000000a
"WCrossingCoef"=dword:00000064
"WDribblingCoef"=dword:00000064
"WFinishingCoef"=dword:0000003c
"WFirstTouchCoef"=dword:0000001e
"WFreeKicksCoef"=dword:0000000a
"WHeadingCoef"=dword:00000014
"WLongShotsCoef"=dword:00000014
"WLongThrowsCoef"=dword:00000005
"WMarkingCoef"=dword:0000000a
"WPassingCoef"=dword:0000003c
"WPenaltiesCoef"=dword:00000005
"WTacklingCoef"=dword:0000000a
"WTechniqueCoef"=dword:00000050
"WLeftFootCoef"=dword:00000005
"WRightFootCoef"=dword:00000005
"WAggressionCoef"=dword:0000000a
"WAnticipationCoef"=dword:00000014
"WBraveryCoef"=dword:0000000a
"WComposureCoef"=dword:0000000a
"WConcentrationCoef"=dword:0000000a
"WConsistencyCoef"=dword:0000000a
"WCreativityCoef"=dword:0000003c
"WDecisionsCoef"=dword:00000014
"WDeterminationCoef"=dword:0000000a
"WDirtinessCoef"=dword:fffffffb
"WFlairCoef"=dword:0000000a
"WImportantMatchesCoef"=dword:00000014
"WInfluenceCoef"=dword:0000000a
"WOffTheBallCoef"=dword:0000003c
"WPositioningCoef"=dword:00000014
"WTeamworkCoef"=dword:0000001e
"WWorkRateCoef"=dword:0000001e
"WAccelerationCoef"=dword:00000050
"WAgilityCoef"=dword:00000014
"WBalanceCoef"=dword:0000000a
"WInjuryPronenessCoef"=dword:fffffffb
"WJumpingCoef"=dword:00000014
"WNaturalFitnessCoef"=dword:00000005
"WPaceCoef"=dword:00000064
"WStaminaCoef"=dword:0000003c
"WStrengthCoef"=dword:00000014
"WVersatilityCoef"=dword:00000005
"WAerialAbilityCoef"=dword:00000000
"WCommandOfAreaCoef"=dword:00000000
"WCommunicationCoef"=dword:00000000
"WEccentricityCoef"=dword:00000000
"WHandlingCoef"=dword:00000000
"WKickingCoef"=dword:00000000
"WOneOnOnesCoef"=dword:00000005
"WReflexesCoef"=dword:00000005
"WRushingOutCoef"=dword:00000000
"WTendencyToPunchCoef"=dword:00000000
"WThrowingCoef"=dword:00000000
"WAdaptabilityCoef"=dword:00000005
"WAmbitionCoef"=dword:0000000a
"WControversyCoef"=dword:fffffffb
"WLoyalityCoef"=dword:00000005
"WPressureCoef"=dword:00000005
"WProfessionalismCoef"=dword:00000005
"WSportsmanshipCoef"=dword:00000005
"WTemperamentCoef"=dword:00000005
"FSTWeightCoef"=dword:00000067
"FSTCurrentAbilityCoef"=dword:00000000
"FSTCornersCoef"=dword:0000000a
"FSTCrossingCoef"=dword:0000000a
"FSTDribblingCoef"=dword:00000050
"FSTFinishingCoef"=dword:00000064
"FSTFirstTouchCoef"=dword:00000028
"FSTFreeKicksCoef"=dword:0000000a
"FSTHeadingCoef"=dword:00000028
"FSTLongShotsCoef"=dword:00000014
"FSTLongThrowsCoef"=dword:00000000
"FSTMarkingCoef"=dword:00000000
"FSTPassingCoef"=dword:00000028
"FSTPenaltiesCoef"=dword:00000005
"FSTTacklingCoef"=dword:00000000
"FSTTechniqueCoef"=dword:00000050
"FSTLeftFootCoef"=dword:00000005
"FSTRightFootCoef"=dword:00000005
"FSTAggressionCoef"=dword:0000000a
"FSTAnticipationCoef"=dword:0000000a
"FSTBraveryCoef"=dword:0000000a
"FSTComposureCoef"=dword:0000000a
"FSTConcentrationCoef"=dword:0000000a
"FSTConsistencyCoef"=dword:0000000a
"FSTCreativityCoef"=dword:00000028
"FSTDecisionsCoef"=dword:0000000a
"FSTDeterminationCoef"=dword:0000000a
"FSTDirtinessCoef"=dword:fffffffb
"FSTFlairCoef"=dword:0000000a
"FSTImportantMatchesCoef"=dword:0000000a
"FSTInfluenceCoef"=dword:0000000a
"FSTOffTheBallCoef"=dword:00000050
"FSTPositioningCoef"=dword:0000000a
"FSTTeamworkCoef"=dword:0000000a
"FSTWorkRateCoef"=dword:0000000a
"FSTAccelerationCoef"=dword:00000064
"FSTAgilityCoef"=dword:00000028
"FSTBalanceCoef"=dword:0000000a
"FSTInjuryPronenessCoef"=dword:fffffffb
"FSTJumpingCoef"=dword:00000014
"FSTNaturalFitnessCoef"=dword:00000005
"FSTPaceCoef"=dword:00000064
"FSTStaminaCoef"=dword:00000028
"FSTStrengthCoef"=dword:00000014
"FSTVersatilityCoef"=dword:00000005
"FSTAerialAbilityCoef"=dword:00000000
"FSTCommandOfAreaCoef"=dword:00000000
"FSTCommunicationCoef"=dword:00000000
"FSTEccentricityCoef"=dword:00000000
"FSTHandlingCoef"=dword:00000000
"FSTKickingCoef"=dword:00000000
"FSTOneOnOnesCoef"=dword:00000005
"FSTReflexesCoef"=dword:00000005
"FSTRushingOutCoef"=dword:00000000
"FSTTendencyToPunchCoef"=dword:00000000
"FSTThrowingCoef"=dword:00000000
"FSTAdaptabilityCoef"=dword:00000005
"FSTAmbitionCoef"=dword:0000000a
"FSTControversyCoef"=dword:fffffffb
"FSTLoyalityCoef"=dword:00000005
"FSTPressureCoef"=dword:00000005
"FSTProfessionalismCoef"=dword:00000005
"FSTSportsmanshipCoef"=dword:00000005
"FSTTemperamentCoef"=dword:00000005
"TSTWeightCoef"=dword:00000067
"TSTCurrentAbilityCoef"=dword:00000000
"TSTCornersCoef"=dword:00000000
"TSTCrossingCoef"=dword:0000000a
"TSTDribblingCoef"=dword:0000003c
"TSTFinishingCoef"=dword:00000050
"TSTFirstTouchCoef"=dword:0000001e
"TSTFreeKicksCoef"=dword:0000000a
"TSTHeadingCoef"=dword:00000064
"TSTLongShotsCoef"=dword:00000014
"TSTLongThrowsCoef"=dword:00000000
"TSTMarkingCoef"=dword:00000000
"TSTPassingCoef"=dword:00000028
"TSTPenaltiesCoef"=dword:00000005
"TSTTacklingCoef"=dword:00000000
"TSTTechniqueCoef"=dword:00000028
"TSTLeftFootCoef"=dword:00000005
"TSTRightFootCoef"=dword:00000005
"TSTAggressionCoef"=dword:00000014
"TSTAnticipationCoef"=dword:0000000a
"TSTBraveryCoef"=dword:00000014
"TSTComposureCoef"=dword:0000000a
"TSTConcentrationCoef"=dword:0000000a
"TSTConsistencyCoef"=dword:0000000a
"TSTCreativityCoef"=dword:00000014
"TSTDecisionsCoef"=dword:0000000a
"TSTDeterminationCoef"=dword:0000000a
"TSTDirtinessCoef"=dword:fffffffb
"TSTFlairCoef"=dword:0000000a
"TSTImportantMatchesCoef"=dword:0000000a
"TSTInfluenceCoef"=dword:0000000a
"TSTOffTheBallCoef"=dword:00000050
"TSTPositioningCoef"=dword:00000014
"TSTTeamworkCoef"=dword:0000000a
"TSTWorkRateCoef"=dword:0000000a
"TSTAccelerationCoef"=dword:00000028
"TSTAgilityCoef"=dword:00000014
"TSTBalanceCoef"=dword:00000014
"TSTInjuryPronenessCoef"=dword:fffffffb
"TSTJumpingCoef"=dword:00000064
"TSTNaturalFitnessCoef"=dword:00000005
"TSTPaceCoef"=dword:00000028
"TSTStaminaCoef"=dword:00000014
"TSTStrengthCoef"=dword:00000050
"TSTVersatilityCoef"=dword:00000005
"TSTAerialAbilityCoef"=dword:00000000
"TSTCommandOfAreaCoef"=dword:00000000
"TSTCommunicationCoef"=dword:00000000
"TSTEccentricityCoef"=dword:00000000
"TSTHandlingCoef"=dword:00000000
"TSTKickingCoef"=dword:00000000
"TSTOneOnOnesCoef"=dword:00000005
"TSTReflexesCoef"=dword:00000005
"TSTRushingOutCoef"=dword:00000000
"TSTTendencyToPunchCoef"=dword:00000000
"TSTThrowingCoef"=dword:00000000
"TSTAdaptabilityCoef"=dword:00000005
"TSTAmbitionCoef"=dword:0000000a
"TSTControversyCoef"=dword:fffffffb
"TSTLoyalityCoef"=dword:00000005
"TSTPressureCoef"=dword:00000005
"TSTProfessionalismCoef"=dword:00000005
"TSTSportsmanshipCoef"=dword:00000005
"TSTTemperamentCoef"=dword:00000005

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]
"GameDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\games"
"ShortlistDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\shortlists"
"ScreenshotsDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009"
"SaveDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\"
"HistoryDir"="c:\\Documents and Settings\\Ben\\Desktop\\FM Genie Scout 2009 XE\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinName"="Champions League"
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000066
"UniqueID"="55-EA80-EF7F"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:cb,cb,1d,84,17,d3,49,00,8a,f2,73,e7,23,01,ba,23,ae,b3,64,04,52,
d1,3e,47,d9,79,29,77,32,29,e7,9b,04,58,05,5f,2a,ef,f9,42,a6,e1,b0,11,31,b7,\
"rkeysecu"=hex:ee,b0,f8,e6,7e,82,3f,18,10,8c,1e,cb,48,39,5d,77

[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
Completion time: 2009-07-11 12:25
ComboFix-quarantined-files.txt 2009-07-11 11:25

Pre-Run: 46,432,641,024 bytes free
Post-Run: 46,418,788,352 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

1848

Performance-wise, everything seems ok, haven't had another alert from AVG about the initial virus so far.

jmw3 · 07-11-2009, 07:36 AM

Hi

AV: AVG Anti-Virus Free *On-access scanning enabled* - Please ensure you disable AVG prior to running ComboFix.

CFScript
Close any open browsers.
Open notepad and copy/paste the text in the code box below into it:

Code:

DDS::
uStart Page = about:blank
mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/*http://uk.docs.yahoo.com/info/bt_side.html
uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
Trusted Zone: ketsujin.com\fighterace
Trusted Zone: ketsujin.com\primary
Trusted Zone: ketsujin.com\update
Trusted Zone: ketsujin.com\www
Trusted Zone: stormofaces.com\www

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe
When finished, it shall produce a log for you at "C:\ComboFix.txt"
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall
A word of warning: Neither I nor sUBs are responsible for any damage you may cause to your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

Update Java Runtime
You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, & also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 14.

Download the latest version of Java Runtime Environment (JRE) 6 Here
Scroll down to where it says "Java SE Runtime Environment (JRE) 6 Update 14. The Java SE Runtime Environment (JRE) allows end-users to run Java applications."
Click the Download button to the right
Select the Windows platform from the dropdown menu
Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement". Click on Continue.The page will refresh
Click on the link to download Windows Offline Installation & save the file to your desktop
Close any programs you may have running - especially your web browser
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs & remove all older versions of Java
Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions
Reboot your computer once all Java components are removed
Then from your desktop double-click on jre-6u14-windows-i586-p.exe to install the newest version

After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
- On the General tab, under Temporary Internet Files, click the Settings button
- Next, click on the Delete Files button
- There are two options in the window to clear the cache - Leave BOTH Checked
  - Applications and Applets
    Trace and Log Files
- Click OK on Delete Temporary Files Window
  Note: This deletes ALL the Downloaded Applications and Applets from the CACHE
- Click OK to leave the Temporary Files Window
- Click OK to leave the Java Control Panel

Kaspersky Online Scan
Do an online scan with >Kaspersky Online Scanner<

Read through the requirements and privacy statement and click on Accept button
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run
When the downloads have finished, click on Settings
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
  Archives
  Mail databases
Click on My Computer under Scan
Once the scan is complete, it will display the results. Click on View Scan Report
You will see a list of infected items there. Click on Save Report As...
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button
Please post this log in your next reply

To post in next reply:
ComboFix log
Kaspersky Scan log

Benoso · 07-11-2009, 10:55 AM

ComboFix 09-07-09.08 - Ben 11/07/2009 14:40.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2047.1494 [GMT 1:00]
Running from: c:\documents and settings\Ben\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Ben\Desktop\cfscript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((( Files Created from 2009-06-11 to 2009-07-11 )))))))))))))))))))))))))))))))
.

2009-07-10 09:21 . 2009-07-02 08:48 2054424 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll
2009-07-10 09:21 . 2009-07-02 08:48 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll
2009-07-08 22:13 . 2009-07-08 22:13 -------- d-----w- c:\program files\AirAttack uPnP Configurator
2009-07-08 16:28 . 2009-07-08 16:28 -------- d-----w- c:\documents and settings\Ben\Application Data\Motive
2009-07-08 16:27 . 2009-07-09 22:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive
2009-07-08 16:27 . 2009-07-09 22:13 -------- d-----w- c:\program files\Common Files\Motive
2009-07-08 16:27 . 2009-07-09 22:11 -------- d-----w- c:\program files\BT Broadband Desktop Help
2009-07-08 16:27 . 2009-07-08 16:27 -------- d-----w- c:\program files\Citrix
2009-07-08 16:27 . 2009-02-02 09:38 218496 ------w- c:\windows\system32\BTEmailConfig.dll
2009-07-08 16:27 . 2009-07-08 16:27 -------- d-----w- c:\windows\BTV.0000
2009-07-08 16:26 . 2001-10-11 10:26 65536 ----a-w- c:\windows\system32\YCRWin32.dll
2009-07-08 16:26 . 2002-01-05 05:18 84992 ----a-w- c:\windows\system32\ATL70.DLL
2009-07-08 16:26 . 2009-07-09 22:17 -------- d-----w- c:\program files\Yahoo!
2009-07-08 16:25 . 2009-07-08 16:25 -------- d-----w- c:\program files\BTHomeHub
2009-07-07 13:43 . 2009-07-07 13:43 -------- d-----w- c:\program files\PFPortChecker
2009-07-06 14:24 . 2009-07-06 14:24 10134 ----a-r- c:\documents and settings\Ben\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-07-06 14:24 . 2009-07-06 14:24 -------- d-----w- c:\program files\Microsoft WSE
2009-07-04 03:00 . 2009-07-06 14:12 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\VirtuaTennis2009
2009-07-04 02:49 . 2009-07-04 02:49 -------- d-----w- c:\program files\SEGA
2009-07-04 02:36 . 2009-07-04 02:36 -------- d-----w- c:\program files\7-Zip
2009-07-02 19:26 . 2009-07-02 19:26 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-07-02 08:50 . 2009-07-02 08:51 -------- d-----w- c:\program files\Democracy2
2009-07-02 00:50 . 2009-07-02 00:50 4096 ----a-w- c:\windows\d3dx.dat
2009-07-02 00:50 . 2009-07-09 22:20 -------- d-----w- c:\program files\Democracy2 Demo
2009-06-28 18:34 . 2001-08-17 13:02 2688 -c--a-w- c:\windows\system32\dllcache\hidswvd.sys
2009-06-28 18:34 . 2001-08-17 13:02 2688 ----a-w- c:\windows\system32\drivers\HIDSwvd.sys
2009-06-28 18:34 . 2004-08-03 22:08 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2009-06-28 18:34 . 2004-08-03 22:08 59136 ----a-w- c:\windows\system32\drivers\GcKernel.sys
2009-06-28 18:34 . 2001-08-17 21:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll
2009-06-28 18:34 . 2001-08-17 21:36 10240 ----a-w- c:\windows\system32\swpdflt2.dll
2009-06-28 18:34 . 2001-08-17 13:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys
2009-06-28 18:34 . 2001-08-17 13:02 3968 ----a-w- c:\windows\system32\drivers\SWUSBFLT.SYS
2009-06-22 21:12 . 2009-06-22 21:12 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\Logitech
2009-06-22 17:09 . 2004-08-03 21:58 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-06-22 17:09 . 2004-08-03 21:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-06-22 17:08 . 2009-06-22 17:08 -------- d-----w- c:\program files\Common Files\Logitech
2009-06-22 17:08 . 2009-06-22 17:08 -------- d-----w- c:\program files\Logitech
2009-06-22 14:06 . 2009-06-29 14:07 314712 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\threatwork.exe
2009-06-22 14:06 . 2009-07-06 14:00 25440 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\savapibridge.dll
2009-06-22 14:06 . 2009-06-29 14:07 169312 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavamessage.dll
2009-06-22 14:06 . 2009-06-29 14:07 348496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavalicense.dll
2009-06-22 14:06 . 2009-06-29 14:07 298336 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\UpdateManager.dll
2009-06-22 14:05 . 2009-07-06 14:00 1630560 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Resources.dll
2009-06-22 14:05 . 2009-06-29 14:07 85352 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\AAWDriverTool.exe
2009-06-22 14:04 . 2009-06-29 14:07 664424 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\CEAPI.dll
2009-06-22 14:04 . 2009-06-29 14:07 563064 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe
2009-06-22 14:04 . 2009-06-29 14:07 566632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe
2009-06-22 14:04 . 2009-07-06 13:59 2353480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-06-22 14:02 . 2009-06-29 14:07 629072 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWWSC.exe
2009-06-22 14:02 . 2009-06-29 14:07 520024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWTray.exe
2009-06-22 14:02 . 2009-06-29 14:07 1029456 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWService.exe
2009-06-19 18:35 . 2009-06-19 18:35 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-06-19 17:53 . 2009-07-10 23:25 -------- d-----w- c:\program files\Air Attack

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-11 11:45 . 2008-06-01 13:56 73408 ----a-w- c:\documents and settings\Ben\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-11 11:18 . 2008-06-02 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-07-10 20:04 . 2009-01-13 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-07-10 16:26 . 2008-08-11 01:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-07-10 01:17 . 2008-06-07 11:47 -------- d-----w- c:\documents and settings\Ben\Application Data\uTorrent
2009-07-09 23:51 . 2008-06-01 14:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-09 23:44 . 2009-06-11 01:56 -------- d-----w- c:\program files\a-squared Free
2009-07-09 22:42 . 2008-08-11 01:54 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-09 22:10 . 2008-09-25 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Kontiki
2009-07-09 20:11 . 2008-06-01 18:09 -------- d-----w- c:\documents and settings\Ben\Application Data\Xfire
2009-07-09 00:54 . 2008-12-10 03:45 -------- d-----w- c:\documents and settings\Ben\Application Data\Skype
2009-07-08 23:13 . 2008-06-01 18:09 -------- d-----w- c:\program files\Xfire
2009-07-08 22:37 . 2008-12-10 03:46 -------- d-----w- c:\documents and settings\Ben\Application Data\skypePM
2009-07-08 21:44 . 2009-03-09 23:59 -------- d-----w- c:\program files\PKR
2009-07-08 17:10 . 2008-06-01 14:39 138920 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-08 17:10 . 2008-06-01 14:39 189072 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-07-06 23:17 . 2009-05-11 11:00 -------- d-----w- c:\documents and settings\Ben\Application Data\dvdcss
2009-07-06 14:19 . 2008-07-08 13:56 -------- d-----w- c:\program files\Electronic Arts
2009-07-02 08:48 . 2008-06-02 19:48 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-29 14:07 . 2009-05-27 13:58 84832 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\ShellExt.dll
2009-06-29 14:07 . 2009-05-27 13:58 246128 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\RPAPI.dll
2009-06-29 14:07 . 2009-05-27 13:58 40288 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\PrivacyClean.dll
2009-06-19 00:39 . 2008-06-23 20:06 -------- d-----w- c:\documents and settings\Ben\Application Data\mIRC
2009-06-18 23:52 . 2008-06-23 20:06 -------- d-----w- c:\program files\mIRC
2009-06-18 20:33 . 2008-08-12 17:05 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-17 22:27 . 2009-06-07 12:39 -------- d-----w- c:\program files\PokerOfficer
2009-06-17 10:38 . 2008-06-02 19:48 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-11 23:07 . 2008-07-13 17:04 -------- d-----w- c:\program files\Soulseek
2009-06-11 17:36 . 2008-06-14 11:42 28276 ----a-w- c:\windows\system32\drivers\MxlW2k.sys
2009-06-07 15:12 . 2009-01-10 01:22 -------- d-----w- c:\program files\WordBiz
2009-06-07 15:11 . 2009-01-24 05:12 -------- d-----w- c:\documents and settings\Ben\Application Data\Sony
2009-06-07 15:10 . 2009-04-27 11:42 -------- d-----w- c:\program files\Poker Grapher
2009-06-07 15:10 . 2008-09-08 11:35 -------- d-----w- c:\program files\OpenOffice.org 2.4
2009-06-07 15:07 . 2008-09-24 12:09 -------- d-----w- c:\program files\Google
2009-06-07 12:39 . 2009-06-07 12:39 -------- d-----w- c:\documents and settings\Ben\Application Data\InstallShield
2009-05-27 13:58 . 2009-05-27 13:58 15688 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lsdelete.exe
2009-05-27 13:58 . 2009-01-21 17:46 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-05-22 06:39 . 2009-05-22 06:39 -------- d-----w- c:\program files\DeskPins
2009-05-21 22:29 . 2008-09-08 13:37 1 ----a-w- c:\documents and settings\Ben\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2009-05-21 22:29 . 2008-09-08 13:36 -------- d-----w- c:\documents and settings\Ben\Application Data\OpenOffice.org2
2009-05-15 11:42 . 2008-06-02 19:48 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-13 14:37 . 2009-05-13 14:37 -------- d-----w- c:\program files\PokerEV
2009-04-27 14:04 . 2009-04-27 14:04 64160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\lbd.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-10 133104]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="c:\windows\RTHDCPL.EXE" [2007-03-21 16126464]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-04 8523776]
"nwiz"="c:\windows\system32\nwiz.exe" [2007-12-04 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-04 81920]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 92168]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-15 11:42 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck lsdelete\0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Ben^Start Menu^Programs^Startup^DeskPins.lnk]
path=c:\documents and settings\Ben\Start Menu\Programs\Startup\DeskPins.lnk
backup=c:\windows\pss\DeskPins.lnkStartup

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"kdx"=c:\program files\Kontiki\KHost.exe -all
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"MMTray"=c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
"Ad-Watch"=c:\program files\Lavasoft\Ad-Aware\AAWTray.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"=
"c:\\Documents and Settings\\Ben\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\slsk.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"28960:UDP"= 28960:UDP:cod2
"8888:TCP"= 8888:TCP:utor
"8888:UDP"= 8888:UDP:utor2

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [21/01/2009 15:59 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [02/06/2008 20:48 335752]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [01/09/2008 13:33 298776]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [01/06/2008 15:06 38656]
R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [01/06/2008 15:53 10880]
S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [19/09/2008 03:03 65536]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34 1029456]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [24/01/2009 06:01 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [24/01/2009 06:03 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [24/01/2009 06:03 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [24/01/2009 06:05 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [24/01/2009 06:06 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [24/01/2009 06:04 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [24/01/2009 06:06 110120]
S3 SWUSBFLT;Microsoft SideWinder VIA Filter Driver;c:\windows\system32\drivers\SWUSBFLT.SYS [28/06/2009 19:34 3968]
.
Contents of the 'Scheduled Tasks' folder

2009-07-08 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:07]

2009-07-11 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-13 19:14]

2009-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1220945662-682003330-1003Core.job
- c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-10 17:23]

2009-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1220945662-682003330-1003UA.job
- c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-10 17:23]
.
.
------- Supplementary Scan -------
.
uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\zx281x56.default\
FF - component: c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\zx281x56.default\extensions\speedtest@gotomyhelp.com\components\NetDiag.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-11 14:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008]
"GameDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\games"
"ShortlistDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\shortlists"
"ScreenshotsDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008"
"SaveDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\"
"HistoryDir"="e:\\Untagged\\New Folder\\FM Genie Scout 2008\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2008\\data\\updates\\update-802\\db\\802\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinID"=dword:00000001
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"WindowState"=dword:00000000
"Currency"=dword:00000056
"WindowHeight"=dword:0000026d
"WindowWidth"=dword:000003fc
"WindowLeft"=dword:0000014a
"WindowTop"=dword:000000d7
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Clubs]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000032
"Position4"=dword:00000004
"Visible4"=dword:00000001
"Width4"=dword:00000032
"Position5"=dword:00000005
"Visible5"=dword:00000001
"Width5"=dword:00000050
"Position6"=dword:00000006
"Visible6"=dword:00000001
"Width6"=dword:00000050
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000002d
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000001e
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000001e
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000001e
"Position13"=dword:0000000d
"Visible13"=dword:00000001
"Width13"=dword:0000003c
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000032
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:00000032
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000032
"Position17"=dword:00000011
"Visible17"=dword:00000001
"Width17"=dword:00000050
"Position18"=dword:00000012
"Visible18"=dword:00000001
"Width18"=dword:00000050
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Players]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:0000008f
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000037
"Position4"=dword:00000008
"Visible4"=dword:00000001
"Width4"=dword:00000023
"Position5"=dword:00000009
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:0000000a
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:0000000c
"Visible7"=dword:00000001
"Width7"=dword:0000004b
"Position8"=dword:0000000d
"Visible8"=dword:00000001
"Width8"=dword:0000004b
"Position9"=dword:0000000e
"Visible9"=dword:00000001
"Width9"=dword:00000050
"Position10"=dword:00000010
"Visible10"=dword:00000000
"Width10"=dword:00000050
"Position11"=dword:00000011
"Visible11"=dword:00000000
"Width11"=dword:0000004b
"Position12"=dword:00000012
"Visible12"=dword:00000000
"Width12"=dword:0000002d
"Position13"=dword:00000013
"Visible13"=dword:00000000
"Width13"=dword:0000003c
"Position14"=dword:00000014
"Visible14"=dword:00000000
"Width14"=dword:0000004b
"Position15"=dword:00000015
"Visible15"=dword:00000000
"Width15"=dword:00000064
"Position16"=dword:00000016
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000017
"Visible17"=dword:00000000
"Width17"=dword:0000004b
"Position18"=dword:00000018
"Visible18"=dword:00000000
"Width18"=dword:00000064
"Position19"=dword:00000019
"Visible19"=dword:00000000
"Width19"=dword:0000003c
"Position20"=dword:0000001a
"Visible20"=dword:00000000
"Width20"=dword:0000004b
"Position21"=dword:0000001b
"Visible21"=dword:00000000
"Width21"=dword:00000050
"Position22"=dword:0000001c
"Visible22"=dword:00000000
"Width22"=dword:00000073
"Position23"=dword:0000001d
"Visible23"=dword:00000000
"Width23"=dword:00000050
"Position24"=dword:0000001e
"Visible24"=dword:00000000
"Width24"=dword:0000005a
"Position25"=dword:0000001f
"Visible25"=dword:00000000
"Width25"=dword:0000006e
"Position26"=dword:00000020
"Visible26"=dword:00000000
"Width26"=dword:00000064
"Position27"=dword:00000021
"Visible27"=dword:00000000
"Width27"=dword:00000087
"Position28"=dword:00000022
"Visible28"=dword:00000000
"Width28"=dword:00000064
"Position29"=dword:00000023
"Visible29"=dword:00000000
"Width29"=dword:00000064
"Position30"=dword:00000024
"Visible30"=dword:00000000
"Width30"=dword:00000046
"Position31"=dword:00000025
"Visible31"=dword:00000000
"Width31"=dword:0000004b
"Position32"=dword:00000026
"Visible32"=dword:00000000
"Width32"=dword:00000046
"Position33"=dword:00000027
"Visible33"=dword:00000000
"Width33"=dword:0000004b
"Position34"=dword:00000028
"Visible34"=dword:00000000
"Width34"=dword:0000003c
"Position35"=dword:0000002a
"Visible35"=dword:00000000
"Width35"=dword:00000064
"Position36"=dword:0000002e
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000030
"Visible37"=dword:00000000
"Width37"=dword:0000005f
"Position38"=dword:00000033
"Visible38"=dword:00000000
"Width38"=dword:00000091
"Position39"=dword:00000035
"Visible39"=dword:00000000
"Width39"=dword:0000003c
"Position40"=dword:0000002c
"Visible40"=dword:00000000
"Width40"=dword:0000005a
"Position41"=dword:00000036
"Visible41"=dword:00000000
"Width41"=dword:00000041
"Position42"=dword:00000029
"Visible42"=dword:00000000
"Width42"=dword:00000050
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000055
"Position44"=dword:0000002d
"Visible44"=dword:00000000
"Width44"=dword:0000005f
"Position45"=dword:00000037
"Visible45"=dword:00000000
"Width45"=dword:00000050
"Position46"=dword:00000038
"Visible46"=dword:00000000
"Width46"=dword:0000004b
"Position47"=dword:00000039
"Visible47"=dword:00000000
"Width47"=dword:0000004b
"Position48"=dword:0000003a
"Visible48"=dword:00000000
"Width48"=dword:00000046
"Position49"=dword:0000003b
"Visible49"=dword:00000000
"Width49"=dword:00000032
"Position50"=dword:0000003c
"Visible50"=dword:00000000
"Width50"=dword:0000003c
"Position51"=dword:0000003d
"Visible51"=dword:00000000
"Width51"=dword:0000004b
"Position52"=dword:0000003e
"Visible52"=dword:00000000
"Width52"=dword:0000003c
"Position53"=dword:0000003f
"Visible53"=dword:00000000
"Width53"=dword:00000037
"Position54"=dword:00000040
"Visible54"=dword:00000000
"Width54"=dword:00000069
"Position55"=dword:00000041
"Visible55"=dword:00000000
"Width55"=dword:0000005a
"Position56"=dword:00000044
"Visible56"=dword:00000000
"Width56"=dword:0000004b
"Position57"=dword:00000045
"Visible57"=dword:00000000
"Width57"=dword:0000004b
"Position58"=dword:00000046
"Visible58"=dword:00000000
"Width58"=dword:00000037
"Position59"=dword:00000047
"Visible59"=dword:00000000
"Width59"=dword:0000003c
"Position60"=dword:00000048
"Visible60"=dword:00000000
"Width60"=dword:0000003c
"Position61"=dword:00000049
"Visible61"=dword:00000000
"Width61"=dword:00000041
"Position62"=dword:0000004a
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000004b
"Visible63"=dword:00000000
"Width63"=dword:0000003c
"Position64"=dword:0000004c
"Visible64"=dword:00000000
"Width64"=dword:0000003c
"Position65"=dword:0000004d
"Visible65"=dword:00000000
"Width65"=dword:0000004b
"Position66"=dword:0000004e
"Visible66"=dword:00000000
"Width66"=dword:0000003c
"Position67"=dword:0000004f
"Visible67"=dword:00000000
"Width67"=dword:00000046
"Position68"=dword:00000050
"Visible68"=dword:00000000
"Width68"=dword:00000028
"Position69"=dword:00000051
"Visible69"=dword:00000000
"Width69"=dword:00000041
"Position70"=dword:00000052
"Visible70"=dword:00000000
"Width70"=dword:0000003c
"Position71"=dword:00000053
"Visible71"=dword:00000000
"Width71"=dword:00000069
"Position72"=dword:00000054
"Visible72"=dword:00000000
"Width72"=dword:00000041
"Position73"=dword:00000055
"Visible73"=dword:00000000
"Width73"=dword:0000005f
"Position74"=dword:00000056
"Visible74"=dword:00000000
"Width74"=dword:0000003c
"Position75"=dword:00000057
"Visible75"=dword:00000000
"Width75"=dword:00000037
"Position76"=dword:00000058
"Visible76"=dword:00000000
"Width76"=dword:0000004b
"Position77"=dword:00000059
"Visible77"=dword:00000000
"Width77"=dword:00000050
"Position78"=dword:0000005a
"Visible78"=dword:00000000
"Width78"=dword:00000037
"Position79"=dword:0000005b
"Visible79"=dword:00000000
"Width79"=dword:00000037
"Position80"=dword:0000005c
"Visible80"=dword:00000000
"Width80"=dword:0000005a
"Position81"=dword:0000005d
"Visible81"=dword:00000000
"Width81"=dword:0000004b
"Position82"=dword:0000005e
"Visible82"=dword:00000000
"Width82"=dword:00000055
"Position83"=dword:0000005f
"Visible83"=dword:00000000
"Width83"=dword:0000002d
"Position84"=dword:00000060
"Visible84"=dword:00000000
"Width84"=dword:00000037
"Position85"=dword:00000061
"Visible85"=dword:00000000
"Width85"=dword:0000003c
"Position86"=dword:00000062
"Visible86"=dword:00000000
"Width86"=dword:00000046
"Position87"=dword:00000063
"Visible87"=dword:00000000
"Width87"=dword:0000003c
"Position88"=dword:00000064
"Visible88"=dword:00000000
"Width88"=dword:0000005a
"Position89"=dword:00000065
"Visible89"=dword:00000000
"Width89"=dword:0000003c
"Position90"=dword:00000066
"Visible90"=dword:00000000
"Width90"=dword:00000050
"Position91"=dword:00000067
"Visible91"=dword:00000000
"Width91"=dword:00000046
"Position92"=dword:00000068
"Visible92"=dword:00000000
"Width92"=dword:0000005a
"Position93"=dword:00000069
"Visible93"=dword:00000000
"Width93"=dword:00000037
"Position94"=dword:0000006a
"Visible94"=dword:00000000
"Width94"=dword:0000003c
"Position95"=dword:0000006b
"Visible95"=dword:00000000
"Width95"=dword:0000003c
"Position96"=dword:0000006c
"Visible96"=dword:00000000
"Width96"=dword:00000046
"Position97"=dword:0000006d
"Visible97"=dword:00000000
"Width97"=dword:00000046
"Position98"=dword:0000006e
"Visible98"=dword:00000000
"Width98"=dword:00000055
"Position99"=dword:0000006f
"Visible99"=dword:00000000
"Width99"=dword:00000073
"Position100"=dword:00000042
"Visible100"=dword:00000000
"Width100"=dword:00000041
"Position101"=dword:00000070
"Visible101"=dword:00000000
"Width101"=dword:0000003c
"Position102"=dword:00000071
"Visible102"=dword:00000000
"Width102"=dword:0000003c
"Position103"=dword:00000072
"Visible103"=dword:00000000
"Width103"=dword:00000046
"Position104"=dword:00000073
"Visible104"=dword:00000000
"Width104"=dword:0000003c
"Position105"=dword:00000074
"Visible105"=dword:00000000
"Width105"=dword:00000041
"Position106"=dword:0000000f
"Visible106"=dword:00000001
"Width106"=dword:00000050
"Position107"=dword:0000000b
"Visible107"=dword:00000001
"Width107"=dword:00000028
"Position108"=dword:00000043
"Visible108"=dword:00000000
"Width108"=dword:00000050
"Position109"=dword:0000002f
"Visible109"=dword:00000000
"Width109"=dword:00000050
"Position110"=dword:00000031
"Visible110"=dword:00000000
"Width110"=dword:00000055
"Position111"=dword:00000032
"Visible111"=dword:00000000
"Width111"=dword:00000082
"Position112"=dword:00000034
"Visible112"=dword:00000000
"Width112"=dword:00000087
"Position113"=dword:00000075
"Visible113"=dword:00000000
"Width113"=dword:00000050
"Position114"=dword:00000076
"Visible114"=dword:00000000
"Width114"=dword:00000050
"Position115"=dword:00000077
"Visible115"=dword:00000000
"Width115"=dword:00000050
"Position116"=dword:00000078
"Visible116"=dword:00000000
"Width116"=dword:00000050
"Position117"=dword:00000079
"Visible117"=dword:00000000
"Width117"=dword:00000050
"Position118"=dword:0000007a
"Visible118"=dword:00000000
"Width118"=dword:00000050
"Position119"=dword:0000007b
"Visible119"=dword:00000000
"Width119"=dword:00000050
"Position120"=dword:0000007c
"Visible120"=dword:00000000
"Width120"=dword:00000050
"Position121"=dword:0000007d
"Visible121"=dword:00000000
"Width121"=dword:00000050
"Position122"=dword:0000007e
"Visible122"=dword:00000000
"Width122"=dword:00000050
"Position123"=dword:0000007f
"Visible123"=dword:00000000
"Width123"=dword:00000050
"Position124"=dword:00000080
"Visible124"=dword:00000000
"Width124"=dword:00000050
"Position125"=dword:00000081
"Visible125"=dword:00000000
"Width125"=dword:00000050
"Position126"=dword:00000082
"Visible126"=dword:00000000
"Width126"=dword:00000050
"Position127"=dword:00000083
"Visible127"=dword:00000000
"Width127"=dword:00000050
"Position128"=dword:00000084
"Visible128"=dword:00000000
"Width128"=dword:00000050
"Position129"=dword:00000085
"Visible129"=dword:00000000
"Width129"=dword:00000050
"Position130"=dword:00000086
"Visible130"=dword:00000000
"Width130"=dword:00000050
"Position131"=dword:00000087
"Visible131"=dword:00000000
"Width131"=dword:00000050
"Position132"=dword:00000088
"Visible132"=dword:00000000
"Width132"=dword:00000050
"Position133"=dword:00000089
"Visible133"=dword:00000000
"Width133"=dword:00000050
"Position134"=dword:0000008a
"Visible134"=dword:00000000
"Width134"=dword:00000050
"Position135"=dword:0000008b
"Visible135"=dword:00000000
"Width135"=dword:00000050
"Position136"=dword:0000008c
"Visible136"=dword:00000000
"Width136"=dword:00000050
"Position137"=dword:0000008d
"Visible137"=dword:00000000
"Width137"=dword:00000050
"Position138"=dword:0000008e
"Visible138"=dword:00000000
"Width138"=dword:00000050
"Position139"=dword:0000008f
"Visible139"=dword:00000000
"Width139"=dword:00000050
"Position140"=dword:00000090
"Visible140"=dword:00000000
"Width140"=dword:00000050
"Position141"=dword:00000091
"Visible141"=dword:00000000
"Width141"=dword:00000050
"Position142"=dword:00000092
"Visible142"=dword:00000000
"Width142"=dword:00000050
"Position143"=dword:00000093
"Visible143"=dword:00000000
"Width143"=dword:00000050
"Position144"=dword:00000094
"Visible144"=dword:00000000
"Width144"=dword:00000050
"Position145"=dword:00000095
"Visible145"=dword:00000000
"Width145"=dword:00000050
"Position146"=dword:00000004
"Visible146"=dword:00000000
"Width146"=dword:00000037
"Position147"=dword:00000005
"Visible147"=dword:00000000
"Width147"=dword:00000028
"Position148"=dword:00000006
"Visible148"=dword:00000000
"Width148"=dword:00000037
"Position149"=dword:00000007
"Visible149"=dword:00000001
"Width149"=dword:00000028

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Columns\Staff]
"Position0"=dword:00000000
"Visible0"=dword:00000001
"Width0"=dword:0000007d
"Position1"=dword:00000001
"Visible1"=dword:00000001
"Width1"=dword:00000064
"Position2"=dword:00000002
"Visible2"=dword:00000001
"Width2"=dword:00000064
"Position3"=dword:00000003
"Visible3"=dword:00000001
"Width3"=dword:00000069
"Position4"=dword:00000005
"Visible4"=dword:00000001
"Width4"=dword:00000028
"Position5"=dword:00000006
"Visible5"=dword:00000001
"Width5"=dword:00000028
"Position6"=dword:00000004
"Visible6"=dword:00000001
"Width6"=dword:00000028
"Position7"=dword:00000007
"Visible7"=dword:00000001
"Width7"=dword:00000050
"Position8"=dword:00000008
"Visible8"=dword:00000000
"Width8"=dword:00000050
"Position9"=dword:00000009
"Visible9"=dword:00000000
"Width9"=dword:0000004b
"Position10"=dword:0000000a
"Visible10"=dword:00000000
"Width10"=dword:0000002d
"Position11"=dword:0000000b
"Visible11"=dword:00000000
"Width11"=dword:0000003c
"Position12"=dword:0000000c
"Visible12"=dword:00000000
"Width12"=dword:0000004b
"Position13"=dword:0000000d
"Visible13"=dword:00000000
"Width13"=dword:00000064
"Position14"=dword:0000000e
"Visible14"=dword:00000000
"Width14"=dword:00000064
"Position15"=dword:0000000f
"Visible15"=dword:00000000
"Width15"=dword:0000004b
"Position16"=dword:00000010
"Visible16"=dword:00000000
"Width16"=dword:00000064
"Position17"=dword:00000011
"Visible17"=dword:00000000
"Width17"=dword:0000003c
"Position18"=dword:00000012
"Visible18"=dword:00000000
"Width18"=dword:0000004b
"Position19"=dword:00000013
"Visible19"=dword:00000000
"Width19"=dword:00000050
"Position20"=dword:00000014
"Visible20"=dword:00000000
"Width20"=dword:00000046
"Position21"=dword:00000015
"Visible21"=dword:00000000
"Width21"=dword:0000004b
"Position22"=dword:00000016
"Visible22"=dword:00000000
"Width22"=dword:00000046
"Position23"=dword:00000017
"Visible23"=dword:00000000
"Width23"=dword:00000046
"Position24"=dword:00000018
"Visible24"=dword:00000000
"Width24"=dword:0000003c
"Position25"=dword:00000019
"Visible25"=dword:00000000
"Width25"=dword:00000041
"Position26"=dword:0000001a
"Visible26"=dword:00000000
"Width26"=dword:0000003c
"Position27"=dword:0000001b
"Visible27"=dword:00000000
"Width27"=dword:00000055
"Position28"=dword:0000001c
"Visible28"=dword:00000000
"Width28"=dword:00000069
"Position29"=dword:0000001d
"Visible29"=dword:00000000
"Width29"=dword:0000006e
"Position30"=dword:0000001e
"Visible30"=dword:00000000
"Width30"=dword:00000064
"Position31"=dword:0000001f
"Visible31"=dword:00000000
"Width31"=dword:00000078
"Position32"=dword:00000020
"Visible32"=dword:00000000
"Width32"=dword:00000064
"Position33"=dword:00000021
"Visible33"=dword:00000000
"Width33"=dword:00000087
"Position34"=dword:00000022
"Visible34"=dword:00000000
"Width34"=dword:00000069
"Position35"=dword:00000023
"Visible35"=dword:00000000
"Width35"=dword:0000006e
"Position36"=dword:00000024
"Visible36"=dword:00000000
"Width36"=dword:00000073
"Position37"=dword:00000025
"Visible37"=dword:00000000
"Width37"=dword:0000004b
"Position38"=dword:00000026
"Visible38"=dword:00000000
"Width38"=dword:0000002d
"Position39"=dword:00000027
"Visible39"=dword:00000000
"Width39"=dword:00000055
"Position40"=dword:00000028
"Visible40"=dword:00000000
"Width40"=dword:00000046
"Position41"=dword:00000029
"Visible41"=dword:00000000
"Width41"=dword:0000004b
"Position42"=dword:0000002a
"Visible42"=dword:00000000
"Width42"=dword:0000003c
"Position43"=dword:0000002b
"Visible43"=dword:00000000
"Width43"=dword:00000046
"Position44"=dword:0000002c
"Visible44"=dword:00000000
"Width44"=dword:00000073
"Position45"=dword:0000002d
"Visible45"=dword:00000000
"Width45"=dword:0000004b
"Position46"=dword:0000002e
"Visible46"=dword:00000000
"Width46"=dword:00000073
"Position47"=dword:0000002f
"Visible47"=dword:00000000
"Width47"=dword:0000007d
"Position48"=dword:00000030
"Visible48"=dword:00000000
"Width48"=dword:0000006e
"Position49"=dword:00000031
"Visible49"=dword:00000000
"Width49"=dword:00000037
"Position50"=dword:00000032
"Visible50"=dword:00000000
"Width50"=dword:00000064
"Position51"=dword:00000033
"Visible51"=dword:00000000
"Width51"=dword:00000037
"Position52"=dword:00000034
"Visible52"=dword:00000000
"Width52"=dword:0000004b
"Position53"=dword:00000035
"Visible53"=dword:00000000
"Width53"=dword:00000046
"Position54"=dword:00000036
"Visible54"=dword:00000000
"Width54"=dword:00000037
"Position55"=dword:00000037
"Visible55"=dword:00000000
"Width55"=dword:0000003c
"Position56"=dword:00000038
"Visible56"=dword:00000000
"Width56"=dword:00000055
"Position57"=dword:00000039
"Visible57"=dword:00000000
"Width57"=dword:0000003c
"Position58"=dword:0000003a
"Visible58"=dword:00000000
"Width58"=dword:0000003c
"Position59"=dword:0000003b
"Visible59"=dword:00000000
"Width59"=dword:00000055
"Position60"=dword:0000003c
"Visible60"=dword:00000000
"Width60"=dword:00000046
"Position61"=dword:0000003d
"Visible61"=dword:00000000
"Width61"=dword:0000004b
"Position62"=dword:0000003e
"Visible62"=dword:00000000
"Width62"=dword:00000055
"Position63"=dword:0000003f
"Visible63"=dword:00000000
"Width63"=dword:0000005a
"Position64"=dword:00000040
"Visible64"=dword:00000000
"Width64"=dword:0000006e
"Position65"=dword:00000041
"Visible65"=dword:00000000
"Width65"=dword:00000050
"Position66"=dword:00000042
"Visible66"=dword:00000000
"Width66"=dword:00000032
"Position67"=dword:00000043
"Visible67"=dword:00000000
"Width67"=dword:00000064
"Position68"=dword:00000044
"Visible68"=dword:00000000
"Width68"=dword:0000004b
"Position69"=dword:00000045
"Visible69"=dword:00000000
"Width69"=dword:0000002d
"Position70"=dword:00000046
"Visible70"=dword:00000000
"Width70"=dword:0000004b
"Position71"=dword:00000047
"Visible71"=dword:00000000
"Width71"=dword:0000005a
"Position72"=dword:00000048
"Visible72"=dword:00000000
"Width72"=dword:0000005a
"Position73"=dword:00000049
"Visible73"=dword:00000000
"Width73"=dword:00000050
"Position74"=dword:0000004a
"Visible74"=dword:00000000
"Width74"=dword:0000004b
"Position75"=dword:0000004b
"Visible75"=dword:00000000
"Width75"=dword:00000050
"Position76"=dword:0000004c
"Visible76"=dword:00000000
"Width76"=dword:0000005a
"Position77"=dword:0000004d
"Visible77"=dword:00000000
"Width77"=dword:00000041
"Position78"=dword:0000004e
"Visible78"=dword:00000000
"Width78"=dword:00000041
"Position79"=dword:0000004f
"Visible79"=dword:00000000
"Width79"=dword:00000041
"Position80"=dword:00000050
"Visible80"=dword:00000000
"Width80"=dword:00000041
"Position81"=dword:00000051
"Visible81"=dword:00000000
"Width81"=dword:00000041
"Position82"=dword:00000052
"Visible82"=dword:00000000
"Width82"=dword:00000041
"Position83"=dword:00000053
"Visible83"=dword:00000000
"Width83"=dword:00000041
"Position84"=dword:00000054
"Visible84"=dword:00000000
"Width84"=dword:00000041
"Position85"=dword:00000055
"Visible85"=dword:00000000
"Width85"=dword:00000041
"Position86"=dword:00000056
"Visible86"=dword:00000000
"Width86"=dword:00000050

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2008\Rating Coefficients]
"GKWeightCoef"=dword:00000064
"GKCurrentAbilityCoef"=dword:00000000
"GKCornersCoef"=dword:00000000
"GKCrossingCoef"=dword:00000000
"GKDribblingCoef"=dword:00000000
"GKFinishingCoef"=dword:00000000
"GKFirstTouchCoef"=dword:00000000
"GKFreeKicksCoef"=dword:00000000
"GKHeadingCoef"=dword:00000000
"GKLongShotsCoef"=dword:00000000
"GKLongThrowsCoef"=dword:00000000
"GKMarkingCoef"=dword:00000000
"GKPassingCoef"=dword:00000000
"GKPenaltiesCoef"=dword:00000000
"GKTacklingCoef"=dword:00000005
"GKTechniqueCoef"=dword:00000000
"GKLeftFootCoef"=dword:00000000
"GKRightFootCoef"=dword:00000000
"GKAggressionCoef"=dword:0000000a
"GKAnticipationCoef"=dword:00000005
"GKBraveryCoef"=dword:00000014
"GKComposureCoef"=dword:00000014
"GKConcentrationCoef"=dword:0000000a
"GKConsistencyCoef"=dword:0000000a
"GKCreativityCoef"=dword:00000000
"GKDecisionsCoef"=dword:00000014
"GKDeterminationCoef"=dword:0000000a
"GKDirtinessCoef"=dword:fffffffb
"GKFlairCoef"=dword:00000000
"GKImportantMatchesCoef"=dword:0000000a
"GKInfluenceCoef"=dword:0000000a
"GKOffTheBallCoef"=dword:00000000
"GKPositioningCoef"=dword:00000050
"GKTeamworkCoef"=dword:00000005
"GKWorkRateCoef"=dword:00000000
"GKAccelerationCoef"=dword:00000005
"GKAgilityCoef"=dword:0000000a
"GKBalanceCoef"=dword:0000000a
"GKInjuryPronenessCoef"=dword:fffffffb
"GKJumpingCoef"=dword:00000050
"GKNaturalFitnessCoef"=dword:00000005
"GKPaceCoef"=dword:00000000
"GKStaminaCoef"=dword:00000000
"GKStrengthCoef"=dword:0000000a
"GKVersatilityCoef"=dword:00000000
"GKAerialAbilityCoef"=dword:00000032
"GKCommandOfAreaCoef"=dword:00000014
"GKCommunicationCoef"=dword:00000032
"GKEccentricityCoef"=dword:ffffffec
"GKHandlingCoef"=dword:00000064
"GKKickingCoef"=dword:0000000a
"GKOneOnOnesCoef"=dword:00000032
"GKReflexesCoef"=dword:00000064
"GKRushingOutCoef"=dword:00000014
"GKTendencyToPunchCoef"=dword:fffffff6
"GKThrowingCoef"=dword:0000000a
"GKAdaptabilityCoef"=dword:00000005
"GKAmbitionCoef"=dword:0000000a
"GKControversyCoef"=dword:fffffffb
"GKLoyalityCoef"=dword:00000005
"GKPressureCoef"=dword:00000005
"GKProfessionalismCoef"=dword:00000005
"GKSportsmanshipCoef"=dword:00000005
"GKTemperamentCoef"=dword:00000005
"SWWeightCoef"=dword:00000066
"SWCurrentAbilityCoef"=dword:00000000
"SWCornersCoef"=dword:00000000
"SWCrossingCoef"=dword:00000000
"SWDribblingCoef"=dword:00000000
"SWFinishingCoef"=dword:00000000
"SWFirstTouchCoef"=dword:00000014
"SWFreeKicksCoef"=dword:0000000a
"SWHeadingCoef"=dword:00000064
"SWLongShotsCoef"=dword:0000000a
"SWLongThrowsCoef"=dword:00000000
"SWMarkingCoef"=dword:00000064
"SWPassingCoef"=dword:0000000a
"SWPenaltiesCoef"=dword:00000005
"SWTacklingCoef"=dword:00000064
"SWTechniqueCoef"=dword:0000000a
"SWLeftFootCoef"=dword:00000005
"SWRightFootCoef"=dword:00000005
"SWAggressionCoef"=dword:00000014
"SWAnticipationCoef"=dword:00000014
"SWBraveryCoef"=dword:00000028
"SWComposureCoef"=dword:00000028
"SWConcentrationCoef"=dword:0000003c
"SWConsistencyCoef"=dword:0000000a
"SWCreativityCoef"=dword:0000000a
"SWDecisionsCoef"=dword:00000014
"SWDeterminationCoef"=dword:0000000a
"SWDirtinessCoef"=dword:ffffffe7
"SWFlairCoef"=dword:00000000
"SWImportantMatchesCoef"=dword:0000000a
"SWInfluenceCoef"=dword:0000000a
"SWOffTheBallCoef"=dword:0000000a
"SWPositioningCoef"=dword:00000064
"SWTeamworkCoef"=dword:00000028
"SWWorkRateCoef"=dword:00000014
"SWAccelerationCoef"=dword:0000001e
"SWAgilityCoef"=dword:0000000a
"SWBalanceCoef"=dword:00000014
"SWInjuryPronenessCoef"=dword:fffffffb
"SWJumpingCoef"=dword:00000064
"SWNaturalFitnessCoef"=dword:00000005
"SWPaceCoef"=dword:00000014
"SWStaminaCoef"=dword:0000000a
"SWStrengthCoef"=dword:00000050
"SWVersatilityCoef"=dword:00000005
"SWAerialAbilityCoef"=dword:00000000
"SWCommandOfAreaCoef"=dword:00000000
"SWCommunicationCoef"=dword:00000000
"SWEccentricityCoef"=dword:00000000
"SWHandlingCoef"=dword:00000000
"SWKickingCoef"=dword:00000000
"SWOneOnOnesCoef"=dword:00000005
"SWReflexesCoef"=dword:00000005
"SWRushingOutCoef"=dword:00000000
"SWTendencyToPunchCoef"=dword:00000000
"SWThrowingCoef"=dword:00000000
"SWAdaptabilityCoef"=dword:00000005
"SWAmbitionCoef"=dword:0000000a
"SWControversyCoef"=dword:fffffffb
"SWLoyalityCoef"=dword:00000005
"SWPressureCoef"=dword:00000005
"SWProfessionalismCoef"=dword:00000005
"SWSportsmanshipCoef"=dword:00000005
"SWTemperamentCoef"=dword:00000005
"CBWeightCoef"=dword:00000064
"CBCurrentAbilityCoef"=dword:00000000
"CBCornersCoef"=dword:00000000
"CBCrossingCoef"=dword:00000000
"CBDribblingCoef"=dword:00000000
"CBFinishingCoef"=dword:00000000
"CBFirstTouchCoef"=dword:00000014
"CBFreeKicksCoef"=dword:0000000a
"CBHeadingCoef"=dword:00000064
"CBLongShotsCoef"=dword:0000000a
"CBLongThrowsCoef"=dword:00000000
"CBMarkingCoef"=dword:00000050
"CBPassingCoef"=dword:00000014
"CBPenaltiesCoef"=dword:00000005
"CBTacklingCoef"=dword:00000064
"CBTechniqueCoef"=dword:0000000a
"CBLeftFootCoef"=dword:00000005
"CBRightFootCoef"=dword:00000005
"CBAggressionCoef"=dword:00000014
"CBAnticipationCoef"=dword:00000014
"CBBraveryCoef"=dword:00000028
"CBComposureCoef"=dword:00000014
"CBConcentrationCoef"=dword:00000028
"CBConsistencyCoef"=dword:0000000a
"CBCreativityCoef"=dword:0000000a
"CBDecisionsCoef"=dword:00000014
"CBDeterminationCoef"=dword:0000000a
"CBDirtinessCoef"=dword:ffffffec
"CBFlairCoef"=dword:00000000
"CBImportantMatchesCoef"=dword:0000000a
"CBInfluenceCoef"=dword:0000000a
"CBOffTheBallCoef"=dword:0000000a
"CBPositioningCoef"=dword:00000050
"CBTeamworkCoef"=dword:00000028
"CBWorkRateCoef"=dword:00000014
"CBAccelerationCoef"=dword:00000028
"CBAgilityCoef"=dword:0000000a
"CBBalanceCoef"=dword:00000014
"CBInjuryPronenessCoef"=dword:fffffffb
"CBJumpingCoef"=dword:00000064
"CBNaturalFitnessCoef"=dword:00000005
"CBPaceCoef"=dword:0000001e
"CBStaminaCoef"=dword:0000000a
"CBStrengthCoef"=dword:0000003c
"CBVersatilityCoef"=dword:00000005
"CBAerialAbilityCoef"=dword:00000000
"CBCommandOfAreaCoef"=dword:00000000
"CBCommunicationCoef"=dword:00000000
"CBEccentricityCoef"=dword:00000000
"CBHandlingCoef"=dword:00000000
"CBKickingCoef"=dword:00000000
"CBOneOnOnesCoef"=dword:00000005
"CBReflexesCoef"=dword:00000005
"CBRushingOutCoef"=dword:00000000
"CBTendencyToPunchCoef"=dword:00000000
"CBThrowingCoef"=dword:00000000
"CBAdaptabilityCoef"=dword:00000005
"CBAmbitionCoef"=dword:0000000a
"CBControversyCoef"=dword:fffffffb
"CBLoyalityCoef"=dword:00000005
"CBPressureCoef"=dword:00000005
"CBProfessionalismCoef"=dword:00000005
"CBSportsmanshipCoef"=dword:00000005
"CBTemperamentCoef"=dword:00000005
"FBWeightCoef"=dword:00000069
"FBCurrentAbilityCoef"=dword:00000000
"FBCornersCoef"=dword:0000000a
"FBCrossingCoef"=dword:0000001e
"FBDribblingCoef"=dword:00000014
"FBFinishingCoef"=dword:00000000
"FBFirstTouchCoef"=dword:00000014
"FBFreeKicksCoef"=dword:0000000a
"FBHeadingCoef"=dword:0000003c
"FBLongShotsCoef"=dword:0000000a
"FBLongThrowsCoef"=dword:0000000a
"FBMarkingCoef"=dword:0000003c
"FBPassingCoef"=dword:0000001e
"FBPenaltiesCoef"=dword:00000005
"FBTacklingCoef"=dword:00000064
"FBTechniqueCoef"=dword:00000014
"FBLeftFootCoef"=dword:00000005
"FBRightFootCoef"=dword:00000005
"FBAggressionCoef"=dword:0000000f
"FBAnticipationCoef"=dword:00000050
"FBBraveryCoef"=dword:00000014
"FBComposureCoef"=dword:0000000a
"FBConcentrationCoef"=dword:0000001e
"FBConsistencyCoef"=dword:0000000a
"FBCreativityCoef"=dword:0000000a
"FBDecisionsCoef"=dword:00000014
"FBDeterminationCoef"=dword:0000000a
"FBDirtinessCoef"=dword:fffffff6
"FBFlairCoef"=dword:00000005
"FBImportantMatchesCoef"=dword:0000000a
"FBInfluenceCoef"=dword:0000000a
"FBOffTheBallCoef"=dword:00000014
"FBPositioningCoef"=dword:00000064
"FBTeamworkCoef"=dword:00000014
"FBWorkRateCoef"=dword:00000014
"FBAccelerationCoef"=dword:0000003c
"FBAgilityCoef"=dword:0000000a
"FBBalanceCoef"=dword:00000014
"FBInjuryPronenessCoef"=dword:fffffffb
"FBJumpingCoef"=dword:0000003c
"FBNaturalFitnessCoef"=dword:00000005
"FBPaceCoef"=dword:00000050
"FBStaminaCoef"=dword:0000003c
"FBStrengthCoef"=dword:00000028
"FBVersatilityCoef"=dword:00000005
"FBAerialAbilityCoef"=dword:00000000
"FBCommandOfAreaCoef"=dword:00000000
"FBCommunicationCoef"=dword:00000000
"FBEccentricityCoef"=dword:00000000
"FBHandlingCoef"=dword:00000000
"FBKickingCoef"=dword:00000000
"FBOneOnOnesCoef"=dword:00000005
"FBReflexesCoef"=dword:00000005
"FBRushingOutCoef"=dword:00000000
"FBTendencyToPunchCoef"=dword:00000000
"FBThrowingCoef"=dword:00000000
"FBAdaptabilityCoef"=dword:00000005
"FBAmbitionCoef"=dword:0000000a
"FBControversyCoef"=dword:fffffffb
"FBLoyalityCoef"=dword:00000005
"FBPressureCoef"=dword:00000005
"FBProfessionalismCoef"=dword:00000005
"FBSportsmanshipCoef"=dword:00000005
"FBTemperamentCoef"=dword:00000005
"WBWeightCoef"=dword:0000006c
"WBCurrentAbilityCoef"=dword:00000000
"WBCornersCoef"=dword:0000000a
"WBCrossingCoef"=dword:0000003c
"WBDribblingCoef"=dword:00000028
"WBFinishingCoef"=dword:0000000a
"WBFirstTouchCoef"=dword:00000014
"WBFreeKicksCoef"=dword:0000000a
"WBHeadingCoef"=dword:00000028
"WBLongShotsCoef"=dword:00000014
"WBLongThrowsCoef"=dword:0000000a
"WBMarkingCoef"=dword:0000003c
"WBPassingCoef"=dword:00000028
"WBPenaltiesCoef"=dword:00000005
"WBTacklingCoef"=dword:00000064
"WBTechniqueCoef"=dword:00000028
"WBLeftFootCoef"=dword:00000005
"WBRightFootCoef"=dword:00000005
"WBAggressionCoef"=dword:0000000a
"WBAnticipationCoef"=dword:00000050
"WBBraveryCoef"=dword:0000000a
"WBComposureCoef"=dword:0000000a
"WBConcentrationCoef"=dword:00000014
"WBConsistencyCoef"=dword:0000000a
"WBCreativityCoef"=dword:00000014
"WBDecisionsCoef"=dword:00000014
"WBDeterminationCoef"=dword:0000000a
"WBDirtinessCoef"=dword:fffffff6
"WBFlairCoef"=dword:0000000a
"WBImportantMatchesCoef"=dword:0000000a
"WBInfluenceCoef"=dword:0000000a
"WBOffTheBallCoef"=dword:00000014
"WBPositioningCoef"=dword:00000064
"WBTeamworkCoef"=dword:00000014
"WBWorkRateCoef"=dword:00000028
"WBAccelerationCoef"=dword:00000050
"WBAgilityCoef"=dword:0000000a
"WBBalanceCoef"=dword:00000014
"WBInjuryPronenessCoef"=dword:fffffffb
"WBJumpingCoef"=dword:00000014
"WBNaturalFitnessCoef"=dword:00000005
"WBPaceCoef"=dword:00000064
"WBStaminaCoef"=dword:00000050
"WBStrengthCoef"=dword:00000028
"WBVersatilityCoef"=dword:00000005
"WBAerialAbilityCoef"=dword:00000000
"WBCommandOfAreaCoef"=dword:00000000
"WBCommunicationCoef"=dword:00000000
"WBEccentricityCoef"=dword:00000000
"WBHandlingCoef"=dword:00000000
"WBKickingCoef"=dword:00000000
"WBOneOnOnesCoef"=dword:00000005
"WBReflexesCoef"=dword:00000005
"WBRushingOutCoef"=dword:00000000
"WBTendencyToPunchCoef"=dword:00000000
"WBThrowingCoef"=dword:00000000
"WBAdaptabilityCoef"=dword:00000005
"WBAmbitionCoef"=dword:0000000a
"WBControversyCoef"=dword:fffffffb
"WBLoyalityCoef"=dword:00000005
"WBPressureCoef"=dword:00000005
"WBProfessionalismCoef"=dword:00000005
"WBSportsmanshipCoef"=dword:00000005
"WBTemperamentCoef"=dword:00000005
"DMWeightCoef"=dword:00000067
"DMCurrentAbilityCoef"=dword:00000000
"DMCornersCoef"=dword:0000000a
"DMCrossingCoef"=dword:0000001e
"DMDribblingCoef"=dword:00000014
"DMFinishingCoef"=dword:0000000a
"DMFirstTouchCoef"=dword:0000001e
"DMFreeKicksCoef"=dword:0000000a
"DMHeadingCoef"=dword:00000028
"DMLongShotsCoef"=dword:00000014
"DMLongThrowsCoef"=dword:00000005
"DMMarkingCoef"=dword:0000003c
"DMPassingCoef"=dword:00000028
"DMPenaltiesCoef"=dword:00000005
"DMTacklingCoef"=dword:00000064
"DMTechniqueCoef"=dword:0000001e
"DMLeftFootCoef"=dword:00000005
"DMRightFootCoef"=dword:00000005
"DMAggressionCoef"=dword:00000028
"DMAnticipationCoef"=dword:00000028
"DMBraveryCoef"=dword:00000014
"DMComposureCoef"=dword:0000000a
"DMConcentrationCoef"=dword:00000014
"DMConsistencyCoef"=dword:0000000a
"DMCreativityCoef"=dword:00000014
"DMDecisionsCoef"=dword:00000014
"DMDeterminationCoef"=dword:0000000a
"DMDirtinessCoef"=dword:fffffff6
"DMFlairCoef"=dword:0000000a
"DMImportantMatchesCoef"=dword:0000000a
"DMInfluenceCoef"=dword:0000000a
"DMOffTheBallCoef"=dword:0000001e
"DMPositioningCoef"=dword:00000050
"DMTeamworkCoef"=dword:00000028
"DMWorkRateCoef"=dword:00000050
"DMAccelerationCoef"=dword:00000028
"DMAgilityCoef"=dword:0000000a
"DMBalanceCoef"=dword:0000000a
"DMInjuryPronenessCoef"=dword:fffffffb
"DMJumpingCoef"=dword:00000028
"DMNaturalFitnessCoef"=dword:00000005
"DMPaceCoef"=dword:00000028
"DMStaminaCoef"=dword:0000003c
"DMStrengthCoef"=dword:00000028
"DMVersatilityCoef"=dword:00000005
"DMAerialAbilityCoef"=dword:00000000
"DMCommandOfAreaCoef"=dword:00000000
"DMCommunicationCoef"=dword:00000000
"DMEccentricityCoef"=dword:00000000
"DMHandlingCoef"=dword:00000000
"DMKickingCoef"=dword:00000000
"DMOneOnOnesCoef"=dword:00000005
"DMReflexesCoef"=dword:00000005
"DMRushingOutCoef"=dword:00000000
"DMTendencyToPunchCoef"=dword:00000000
"DMThrowingCoef"=dword:00000000
"DMAdaptabilityCoef"=dword:00000005
"DMAmbitionCoef"=dword:0000000a
"DMControversyCoef"=dword:fffffffb
"DMLoyalityCoef"=dword:00000005
"DMPressureCoef"=dword:00000005
"DMProfessionalismCoef"=dword:00000005
"DMSportsmanshipCoef"=dword:00000005
"DMTemperamentCoef"=dword:00000005
"MWeightCoef"=dword:00000068
"MCurrentAbilityCoef"=dword:00000000
"MCornersCoef"=dword:0000000a
"MCrossingCoef"=dword:00000028
"MDribblingCoef"=dword:00000032
"MFinishingCoef"=dword:00000014
"MFirstTouchCoef"=dword:0000001e
"MFreeKicksCoef"=dword:0000000a
"MHeadingCoef"=dword:0000001e
"MLongShotsCoef"=dword:00000014
"MLongThrowsCoef"=dword:00000005
"MMarkingCoef"=dword:00000028
"MPassingCoef"=dword:00000046
"MPenaltiesCoef"=dword:00000005
"MTacklingCoef"=dword:0000003c
"MTechniqueCoef"=dword:00000032
"MLeftFootCoef"=dword:00000005
"MRightFootCoef"=dword:00000005
"MAggressionCoef"=dword:0000001e
"MAnticipationCoef"=dword:00000028
"MBraveryCoef"=dword:0000000a
"MComposureCoef"=dword:0000000a
"MConcentrationCoef"=dword:0000000a
"MConsistencyCoef"=dword:0000000a
"MCreativityCoef"=dword:0000003c
"MDecisionsCoef"=dword:0000001e
"MDeterminationCoef"=dword:0000000a
"MDirtinessCoef"=dword:fffffffb
"MFlairCoef"=dword:0000000a
"MImportantMatchesCoef"=dword:0000000a
"MInfluenceCoef"=dword:0000000a
"MOffTheBallCoef"=dword:00000028
"MPositioningCoef"=dword:00000028
"MTeamworkCoef"=dword:00000032
"MWorkRateCoef"=dword:00000032
"MAccelerationCoef"=dword:00000032
"MAgilityCoef"=dword:0000000a
"MBalanceCoef"=dword:0000000a
"MInjuryPronenessCoef"=dword:fffffffb
"MJumpingCoef"=dword:00000028
"MNaturalFitnessCoef"=dword:00000005
"MPaceCoef"=dword:00000028
"MStaminaCoef"=dword:0000003c
"MStrengthCoef"=dword:0000001e
"MVersatilityCoef"=dword:00000005
"MAerialAbilityCoef"=dword:00000000
"MCommandOfAreaCoef"=dword:00000000
"MCommunicationCoef"=dword:00000000
"MEccentricityCoef"=dword:00000000
"MHandlingCoef"=dword:00000000
"MKickingCoef"=dword:00000000
"MOneOnOnesCoef"=dword:00000005
"MReflexesCoef"=dword:00000005
"MRushingOutCoef"=dword:00000000
"MTendencyToPunchCoef"=dword:00000000
"MThrowingCoef"=dword:00000000
"MAdaptabilityCoef"=dword:00000005
"MAmbitionCoef"=dword:0000000a
"MControversyCoef"=dword:fffffffb
"MLoyalityCoef"=dword:00000005
"MPressureCoef"=dword:00000005
"MProfessionalismCoef"=dword:00000005
"MSportsmanshipCoef"=dword:00000005
"MTemperamentCoef"=dword:00000005
"AMWeightCoef"=dword:00000068
"AMCurrentAbilityCoef"=dword:00000000
"AMCornersCoef"=dword:0000000a
"AMCrossingCoef"=dword:0000003c
"AMDribblingCoef"=dword:00000050
"AMFinishingCoef"=dword:00000028
"AMFirstTouchCoef"=dword:0000001e
"AMFreeKicksCoef"=dword:0000000a
"AMHeadingCoef"=dword:00000014
"AMLongShotsCoef"=dword:00000014
"AMLongThrowsCoef"=dword:00000005
"AMMarkingCoef"=dword:0000000a
"AMPassingCoef"=dword:00000064
"AMPenaltiesCoef"=dword:00000005
"AMTacklingCoef"=dword:0000000a
"AMTechniqueCoef"=dword:00000050
"AMLeftFootCoef"=dword:00000005
"AMRightFootCoef"=dword:00000005
"AMAggressionCoef"=dword:0000000a
"AMAnticipationCoef"=dword:0000001e
"AMBraveryCoef"=dword:0000000a
"AMComposureCoef"=dword:0000000a
"AMConcentrationCoef"=dword:0000000a
"AMConsistencyCoef"=dword:0000000a
"AMCreativityCoef"=dword:00000064
"AMDecisionsCoef"=dword:00000028
"AMDeterminationCoef"=dword:0000000a
"AMDirtinessCoef"=dword:fffffffb
"AMFlairCoef"=dword:00000014
"AMImportantMatchesCoef"=dword:0000000a
"AMInfluenceCoef"=dword:0000000a
"AMOffTheBallCoef"=dword:0000003c
"AMPositioningCoef"=dword:00000014
"AMTeamworkCoef"=dword:0000003c
"AMWorkRateCoef"=dword:00000014
"AMAccelerationCoef"=dword:0000003c
"AMAgilityCoef"=dword:0000000a
"AMBalanceCoef"=dword:0000000a
"AMInjuryPronenessCoef"=dword:fffffffb
"AMJumpingCoef"=dword:00000014
"AMNaturalFitnessCoef"=dword:00000005
"AMPaceCoef"=dword:0000003c
"AMStaminaCoef"=dword:0000003c
"AMStrengthCoef"=dword:00000014
"AMVersatilityCoef"=dword:00000005
"AMAerialAbilityCoef"=dword:00000000
"AMCommandOfAreaCoef"=dword:00000000
"AMCommunicationCoef"=dword:00000000
"AMEccentricityCoef"=dword:00000000
"AMHandlingCoef"=dword:00000000
"AMKickingCoef"=dword:00000000
"AMOneOnOnesCoef"=dword:00000005
"AMReflexesCoef"=dword:00000005
"AMRushingOutCoef"=dword:00000000
"AMTendencyToPunchCoef"=dword:00000000
"AMThrowingCoef"=dword:00000000
"AMAdaptabilityCoef"=dword:00000005
"AMAmbitionCoef"=dword:0000000a
"AMControversyCoef"=dword:fffffffb
"AMLoyalityCoef"=dword:00000005
"AMPressureCoef"=dword:00000005
"AMProfessionalismCoef"=dword:00000005
"AMSportsmanshipCoef"=dword:00000005
"AMTemperamentCoef"=dword:00000005
"WWeightCoef"=dword:00000069
"WCurrentAbilityCoef"=dword:00000000
"WCornersCoef"=dword:0000000a
"WCrossingCoef"=dword:00000064
"WDribblingCoef"=dword:00000064
"WFinishingCoef"=dword:0000003c
"WFirstTouchCoef"=dword:0000001e
"WFreeKicksCoef"=dword:0000000a
"WHeadingCoef"=dword:00000014
"WLongShotsCoef"=dword:00000014
"WLongThrowsCoef"=dword:00000005
"WMarkingCoef"=dword:0000000a
"WPassingCoef"=dword:0000003c
"WPenaltiesCoef"=dword:00000005
"WTacklingCoef"=dword:0000000a
"WTechniqueCoef"=dword:00000050
"WLeftFootCoef"=dword:00000005
"WRightFootCoef"=dword:00000005
"WAggressionCoef"=dword:0000000a
"WAnticipationCoef"=dword:00000014
"WBraveryCoef"=dword:0000000a
"WComposureCoef"=dword:0000000a
"WConcentrationCoef"=dword:0000000a
"WConsistencyCoef"=dword:0000000a
"WCreativityCoef"=dword:0000003c
"WDecisionsCoef"=dword:00000014
"WDeterminationCoef"=dword:0000000a
"WDirtinessCoef"=dword:fffffffb
"WFlairCoef"=dword:0000000a
"WImportantMatchesCoef"=dword:00000014
"WInfluenceCoef"=dword:0000000a
"WOffTheBallCoef"=dword:0000003c
"WPositioningCoef"=dword:00000014
"WTeamworkCoef"=dword:0000001e
"WWorkRateCoef"=dword:0000001e
"WAccelerationCoef"=dword:00000050
"WAgilityCoef"=dword:00000014
"WBalanceCoef"=dword:0000000a
"WInjuryPronenessCoef"=dword:fffffffb
"WJumpingCoef"=dword:00000014
"WNaturalFitnessCoef"=dword:00000005
"WPaceCoef"=dword:00000064
"WStaminaCoef"=dword:0000003c
"WStrengthCoef"=dword:00000014
"WVersatilityCoef"=dword:00000005
"WAerialAbilityCoef"=dword:00000000
"WCommandOfAreaCoef"=dword:00000000
"WCommunicationCoef"=dword:00000000
"WEccentricityCoef"=dword:00000000
"WHandlingCoef"=dword:00000000
"WKickingCoef"=dword:00000000
"WOneOnOnesCoef"=dword:00000005
"WReflexesCoef"=dword:00000005
"WRushingOutCoef"=dword:00000000
"WTendencyToPunchCoef"=dword:00000000
"WThrowingCoef"=dword:00000000
"WAdaptabilityCoef"=dword:00000005
"WAmbitionCoef"=dword:0000000a
"WControversyCoef"=dword:fffffffb
"WLoyalityCoef"=dword:00000005
"WPressureCoef"=dword:00000005
"WProfessionalismCoef"=dword:00000005
"WSportsmanshipCoef"=dword:00000005
"WTemperamentCoef"=dword:00000005
"FSTWeightCoef"=dword:00000067
"FSTCurrentAbilityCoef"=dword:00000000
"FSTCornersCoef"=dword:0000000a
"FSTCrossingCoef"=dword:0000000a
"FSTDribblingCoef"=dword:00000050
"FSTFinishingCoef"=dword:00000064
"FSTFirstTouchCoef"=dword:00000028
"FSTFreeKicksCoef"=dword:0000000a
"FSTHeadingCoef"=dword:00000028
"FSTLongShotsCoef"=dword:00000014
"FSTLongThrowsCoef"=dword:00000000
"FSTMarkingCoef"=dword:00000000
"FSTPassingCoef"=dword:00000028
"FSTPenaltiesCoef"=dword:00000005
"FSTTacklingCoef"=dword:00000000
"FSTTechniqueCoef"=dword:00000050
"FSTLeftFootCoef"=dword:00000005
"FSTRightFootCoef"=dword:00000005
"FSTAggressionCoef"=dword:0000000a
"FSTAnticipationCoef"=dword:0000000a
"FSTBraveryCoef"=dword:0000000a
"FSTComposureCoef"=dword:0000000a
"FSTConcentrationCoef"=dword:0000000a
"FSTConsistencyCoef"=dword:0000000a
"FSTCreativityCoef"=dword:00000028
"FSTDecisionsCoef"=dword:0000000a
"FSTDeterminationCoef"=dword:0000000a
"FSTDirtinessCoef"=dword:fffffffb
"FSTFlairCoef"=dword:0000000a
"FSTImportantMatchesCoef"=dword:0000000a
"FSTInfluenceCoef"=dword:0000000a
"FSTOffTheBallCoef"=dword:00000050
"FSTPositioningCoef"=dword:0000000a
"FSTTeamworkCoef"=dword:0000000a
"FSTWorkRateCoef"=dword:0000000a
"FSTAccelerationCoef"=dword:00000064
"FSTAgilityCoef"=dword:00000028
"FSTBalanceCoef"=dword:0000000a
"FSTInjuryPronenessCoef"=dword:fffffffb
"FSTJumpingCoef"=dword:00000014
"FSTNaturalFitnessCoef"=dword:00000005
"FSTPaceCoef"=dword:00000064
"FSTStaminaCoef"=dword:00000028
"FSTStrengthCoef"=dword:00000014
"FSTVersatilityCoef"=dword:00000005
"FSTAerialAbilityCoef"=dword:00000000
"FSTCommandOfAreaCoef"=dword:00000000
"FSTCommunicationCoef"=dword:00000000
"FSTEccentricityCoef"=dword:00000000
"FSTHandlingCoef"=dword:00000000
"FSTKickingCoef"=dword:00000000
"FSTOneOnOnesCoef"=dword:00000005
"FSTReflexesCoef"=dword:00000005
"FSTRushingOutCoef"=dword:00000000
"FSTTendencyToPunchCoef"=dword:00000000
"FSTThrowingCoef"=dword:00000000
"FSTAdaptabilityCoef"=dword:00000005
"FSTAmbitionCoef"=dword:0000000a
"FSTControversyCoef"=dword:fffffffb
"FSTLoyalityCoef"=dword:00000005
"FSTPressureCoef"=dword:00000005
"FSTProfessionalismCoef"=dword:00000005
"FSTSportsmanshipCoef"=dword:00000005
"FSTTemperamentCoef"=dword:00000005
"TSTWeightCoef"=dword:00000067
"TSTCurrentAbilityCoef"=dword:00000000
"TSTCornersCoef"=dword:00000000
"TSTCrossingCoef"=dword:0000000a
"TSTDribblingCoef"=dword:0000003c
"TSTFinishingCoef"=dword:00000050
"TSTFirstTouchCoef"=dword:0000001e
"TSTFreeKicksCoef"=dword:0000000a
"TSTHeadingCoef"=dword:00000064
"TSTLongShotsCoef"=dword:00000014
"TSTLongThrowsCoef"=dword:00000000
"TSTMarkingCoef"=dword:00000000
"TSTPassingCoef"=dword:00000028
"TSTPenaltiesCoef"=dword:00000005
"TSTTacklingCoef"=dword:00000000
"TSTTechniqueCoef"=dword:00000028
"TSTLeftFootCoef"=dword:00000005
"TSTRightFootCoef"=dword:00000005
"TSTAggressionCoef"=dword:00000014
"TSTAnticipationCoef"=dword:0000000a
"TSTBraveryCoef"=dword:00000014
"TSTComposureCoef"=dword:0000000a
"TSTConcentrationCoef"=dword:0000000a
"TSTConsistencyCoef"=dword:0000000a
"TSTCreativityCoef"=dword:00000014
"TSTDecisionsCoef"=dword:0000000a
"TSTDeterminationCoef"=dword:0000000a
"TSTDirtinessCoef"=dword:fffffffb
"TSTFlairCoef"=dword:0000000a
"TSTImportantMatchesCoef"=dword:0000000a
"TSTInfluenceCoef"=dword:0000000a
"TSTOffTheBallCoef"=dword:00000050
"TSTPositioningCoef"=dword:00000014
"TSTTeamworkCoef"=dword:0000000a
"TSTWorkRateCoef"=dword:0000000a
"TSTAccelerationCoef"=dword:00000028
"TSTAgilityCoef"=dword:00000014
"TSTBalanceCoef"=dword:00000014
"TSTInjuryPronenessCoef"=dword:fffffffb
"TSTJumpingCoef"=dword:00000064
"TSTNaturalFitnessCoef"=dword:00000005
"TSTPaceCoef"=dword:00000028
"TSTStaminaCoef"=dword:00000014
"TSTStrengthCoef"=dword:00000050
"TSTVersatilityCoef"=dword:00000005
"TSTAerialAbilityCoef"=dword:00000000
"TSTCommandOfAreaCoef"=dword:00000000
"TSTCommunicationCoef"=dword:00000000
"TSTEccentricityCoef"=dword:00000000
"TSTHandlingCoef"=dword:00000000
"TSTKickingCoef"=dword:00000000
"TSTOneOnOnesCoef"=dword:00000005
"TSTReflexesCoef"=dword:00000005
"TSTRushingOutCoef"=dword:00000000
"TSTTendencyToPunchCoef"=dword:00000000
"TSTThrowingCoef"=dword:00000000
"TSTAdaptabilityCoef"=dword:00000005
"TSTAmbitionCoef"=dword:0000000a
"TSTControversyCoef"=dword:fffffffb
"TSTLoyalityCoef"=dword:00000005
"TSTPressureCoef"=dword:00000005
"TSTProfessionalismCoef"=dword:00000005
"TSTSportsmanshipCoef"=dword:00000005
"TSTTemperamentCoef"=dword:00000005

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]
"GameDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\games"
"ShortlistDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\shortlists"
"ScreenshotsDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009"
"SaveDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\"
"HistoryDir"="c:\\Documents and Settings\\Ben\\Desktop\\FM Genie Scout 2009 XE\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"SkinName"="Champions League"
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000066
"UniqueID"="55-EA80-EF7F"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""

[HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:cb,cb,1d,84,17,d3,49,00,8a,f2,73,e7,23,01,ba,23,ae,b3,64,04,52,
d1,3e,47,d9,79,29,77,32,29,e7,9b,04,58,05,5f,2a,ef,f9,42,a6,e1,b0,11,31,b7,\
"rkeysecu"=hex:ee,b0,f8,e6,7e,82,3f,18,10,8c,1e,cb,48,39,5d,77

[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2444)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-07-11 14:45
ComboFix-quarantined-files.txt 2009-07-11 13:45
ComboFix2.txt 2009-07-11 11:25

Pre-Run: 46,410,969,088 bytes free
Post-Run: 46,404,603,904 bytes free

1834

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Saturday, July 11, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Saturday, July 11, 2009 16:27:15
Records in database: 2460453
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
G:\
J:\

Scan statistics:
Files scanned: 105752
Threat name: 1
Infected objects: 3
Suspicious objects: 0
Duration of the scan: 02:36:21

File name / Threat name / Threats count
C:\Program Files\mIRC\backups\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.g 1
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.g 1
C:\System Volume Information\_restore{3927DF9E-284E-49C0-8E2D-5072F317035A}\RP345\A0048719.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.g 1

The selected area was scanned.

jmw3 · 07-11-2009, 04:56 PM

Hi
Looks good.

Update Adobe Reader
Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version: Adobe Reader 9.1
You can download it from http://www.adobe.com/products/acrobat/readstep2.html
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed Uncheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Adobe 9 is a large program and if you prefer a smaller program you can get Foxit 3 instead from http://www.foxitsoftware.com/pdf/rd_intro.php

Clean Up
Now we need to clear out the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately.
Remove ComboFix
The following will implement some cleanup procedures as well as reset System Restore points:
Click Start > Run then copy/paste the following bolded text into the Run box and click OK:
ComboFix /u
OTC
Download OTC by Old Timer here & save it to your desktop.
Double click on OTC.exe. Click on CleanUp!.
You will receive a prompt that it needs to restart the computer to remove the files. Click Yes.
It will restart your computer automatically. If it doesn't, please restart your computer manually.
You can delete the following from your desktop:
DDS.scr
The Gmer zip file
Any logs that may have been saved to your desktop

All Clean
Congratulations, good work, your system is now clean. Now that your system is safe we would like you to keep it that way.
Take the time to follow these recommendations & it will greatly reduce the risk of further infections and greatly diminish the chances of you having to visit here again.

Microsoft Windows Update
Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found.
To update Windows
Go to Start > All Programs > Windows Update
To update Office
Open up any Office program.
Go to Help > Check for Updates

Malwarebytes' Anti-Malware
Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee.
You can download it here & find a tutorial here.

SpywareBlaster
Download and install Javacools SpywareBlaster from here
SpywareBlaster adds a list of ActiveX controls, tracking cookies and sites which will be blocked in either Internet Explorer or Firefox browsers. You need to manually check for updates regularly.

Download and Install a HOSTS File
A HOSTS file is a big list of bad web sites. The list has a specific format, a specific name, (name is just HOSTS with no file extension), and a specific location. Your machine always looks at that file in that location before connecting to a web site to verify the address. So the HOSTS listing can be used to "short circuit" a request to a bad website by giving it the address of your own machine.

Download BlueTack's HOSTS Manager here, using Internet Explorer (Firefox won't work):

A short distance down the page in the centre, click on the Download button
Agree to the license
On the next page, to the right side of where it says Download Estimates, right click on the underlined word Hosts Manager choose Save Target As and download the installer Hosts20setup.exe to your desktop
Double click the Installer on your desktop and let it Install the Hosts Manager
After the installation is complete, click on the Hosts Manager icon on your desktop. (You can delete the other Hosts Switch icon from your desktop)
When the Hosts Manager comes up, click the small down arrows on the right side of the bar labeled Options and Tools,
Click Disable DNS Service. This is important
In the Left Pane, click Download
It will load 80,000 lines or more. When it finishes, also in the left pane, click Replace, and then click Save

You can use this manager to handle your HOSTS file download, edits, and most any other HOSTS issue.
If you have a separate party firewall or Winpatrol, you may have to give permissions at various times to Unlock the present default HOSTS file and install the new one.

Web of Trust
WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

Green to go
Yellow for caution
Red to stop

WOT has an addon available for both Firefox and Internet Explorer.

Install WinPatrol
Download it here
You can find information about how WinPatrol works here

Firewall
As the term conveys, a firewall is an extra layer of security installed onto computers, which restricts access to systems from the outside world.[b] [color=blue][u]Firewalls protect against hackers and malicious intruders.

Download a firewall a from one of these sources:
1)Webroot Desktop Firewall (Registration is needed to download the firewall)
2)PC Tools Firewall Plus
3)Netchina S3 2008
4)ZoneAlarm (uncheck ZoneAlarm Spy Blocker during installation if you choose this one)

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.

Read some information here on how to prevent Malware.

Hopefully these steps will help keep your computer clean.

Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference!
The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

Benoso · 07-11-2009, 05:53 PM

What about the three 'results' that the Kaspersky online scan found? Were they false positives?

jmw3 · 07-11-2009, 06:17 PM

Hi

mIRC is always flagged basically due to the way it works. It's nothing to worry about. As you can see it actually says: not-a-virus:Client-IRC.Win32.mIRC.g

jmw3 · 07-12-2009, 08:33 PM

Hello Benoso
Since this issue appears resolved, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here:

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help

jmw3

07-11-2009, 02:04 AM	#2 (permalink)
jmw3 Analyst, Security Team Join Date: Jan 2009 Location: Western Australia Posts: 187 OS: Vista Home Premium SP2	Re: Downloader.Agent2.FGA in three separate locations. Hello & Welcome to TSF Please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription. In the meantime please note the following: Any recommendations made are for your computer problems only and should NOT be used on any other computer. Please DO NOT run any scans/tools or other fixes unless I ask you to. This is very important for several reasons. Here are just two of them: 1. The tools that we use are very powerful and can cause >>irreparable damage<< to your computer if not used correctly. 2. Commercial scanners, for the most part can not completely remove some of the more "resistant" infections. This makes it much more difficult to get rid of completely. If you get stuck or are unsure of something please ask for a further explanation, do not guess. It will require more than one round to properly clean your system. Continue to respond to this thread until I give you the All Clean! even if symptoms seemingly abate. Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave & if there is no contact for that amount of time I will have to assume you have abandoned your topic. Thanks P2P Warning! IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer. µTorrent Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur. P2P file sharing used to be fairly safe. That is no longer true. I'd like you to read the Perils of P2P File Sharing where we explain why it's not a good idea to have them. References for the risk of these programs can be found in these links: http://www.microsoft.com/windows/ie/...rotection.mspx http://www.techweb.com/wire/160500554 http://www.internetworldstats.com/articles/art053.htm See Clean/Infected P2P Programs here I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs. ComboFix Download ComboFix from one of these locations (DO NOT download ComboFix from anywhere else but one of the provided links): Link 1 Link 2 IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here Double click on ComboFix.exe & follow the prompts As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply A word of warning: Neither I nor sUBs are responsible for any damage you may cause to your machine by running ComboFix on your own. This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a forum helper To post in next reply: ComboFix log Update on how the computer is running __________________ Member Alliance of Security Analysis Professionals UNITE**

07-11-2009, 05:27 AM	#3 (permalink)
Benoso Registered User Join Date: Oct 2006 Posts: 18 OS: WinXP	Re: Downloader.Agent2.FGA in three separate locations. ComboFix 09-07-09.08 - Ben 11/07/2009 12:23.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2047.1536 [GMT 1:00] Running from: c:\documents and settings\Ben\Desktop\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Installer\33a98e6.msi . ((((((((((((((((((((((((( Files Created from 2009-06-11 to 2009-07-11 ))))))))))))))))))))))))))))))) . 2009-07-10 09:21 . 2009-07-02 08:48 2054424 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll 2009-07-10 09:21 . 2009-07-02 08:48 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll 2009-07-08 22:13 . 2009-07-08 22:13 -------- d-----w- c:\program files\AirAttack uPnP Configurator 2009-07-08 16:28 . 2009-07-08 16:28 -------- d-----w- c:\documents and settings\Ben\Application Data\Motive 2009-07-08 16:27 . 2009-07-09 22:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive 2009-07-08 16:27 . 2009-07-09 22:13 -------- d-----w- c:\program files\Common Files\Motive 2009-07-08 16:27 . 2009-07-09 22:11 -------- d-----w- c:\program files\BT Broadband Desktop Help 2009-07-08 16:27 . 2009-07-08 16:27 -------- d-----w- c:\program files\Citrix 2009-07-08 16:27 . 2009-02-02 09:38 218496 ------w- c:\windows\system32\BTEmailConfig.dll 2009-07-08 16:27 . 2009-07-08 16:27 -------- d-----w- c:\windows\BTV.0000 2009-07-08 16:26 . 2001-10-11 10:26 65536 ----a-w- c:\windows\system32\YCRWin32.dll 2009-07-08 16:26 . 2002-01-05 05:18 84992 ----a-w- c:\windows\system32\ATL70.DLL 2009-07-08 16:26 . 2009-07-09 22:17 -------- d-----w- c:\program files\Yahoo! 2009-07-08 16:25 . 2009-07-08 16:25 -------- d-----w- c:\program files\BTHomeHub 2009-07-07 13:43 . 2009-07-07 13:43 -------- d-----w- c:\program files\PFPortChecker 2009-07-06 14:24 . 2009-07-06 14:24 10134 ----a-r- c:\documents and settings\Ben\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe 2009-07-06 14:24 . 2009-07-06 14:24 -------- d-----w- c:\program files\Microsoft WSE 2009-07-04 03:00 . 2009-07-06 14:12 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\VirtuaTennis2009 2009-07-04 02:49 . 2009-07-04 02:49 -------- d-----w- c:\program files\SEGA 2009-07-04 02:36 . 2009-07-04 02:36 -------- d-----w- c:\program files\7-Zip 2009-07-02 19:26 . 2009-07-02 19:26 41808 ----a-w- c:\windows\system32\xfcodec.dll 2009-07-02 08:50 . 2009-07-02 08:51 -------- d-----w- c:\program files\Democracy2 2009-07-02 00:50 . 2009-07-02 00:50 4096 ----a-w- c:\windows\d3dx.dat 2009-07-02 00:50 . 2009-07-09 22:20 -------- d-----w- c:\program files\Democracy2 Demo 2009-06-28 18:34 . 2001-08-17 13:02 2688 -c--a-w- c:\windows\system32\dllcache\hidswvd.sys 2009-06-28 18:34 . 2001-08-17 13:02 2688 ----a-w- c:\windows\system32\drivers\HIDSwvd.sys 2009-06-28 18:34 . 2004-08-03 22:08 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys 2009-06-28 18:34 . 2004-08-03 22:08 59136 ----a-w- c:\windows\system32\drivers\GcKernel.sys 2009-06-28 18:34 . 2001-08-17 21:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll 2009-06-28 18:34 . 2001-08-17 21:36 10240 ----a-w- c:\windows\system32\swpdflt2.dll 2009-06-28 18:34 . 2001-08-17 13:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys 2009-06-28 18:34 . 2001-08-17 13:02 3968 ----a-w- c:\windows\system32\drivers\SWUSBFLT.SYS 2009-06-22 21:12 . 2009-06-22 21:12 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\Logitech 2009-06-22 17:09 . 2004-08-03 21:58 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2009-06-22 17:09 . 2004-08-03 21:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2009-06-22 17:08 . 2009-06-22 17:08 -------- d-----w- c:\program files\Common Files\Logitech 2009-06-22 17:08 . 2009-06-22 17:08 -------- d-----w- c:\program files\Logitech 2009-06-22 14:06 . 2009-06-29 14:07 314712 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\threatwork.exe 2009-06-22 14:06 . 2009-07-06 14:00 25440 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\savapibridge.dll 2009-06-22 14:06 . 2009-06-29 14:07 169312 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavamessage.dll 2009-06-22 14:06 . 2009-06-29 14:07 348496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavalicense.dll 2009-06-22 14:06 . 2009-06-29 14:07 298336 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\UpdateManager.dll 2009-06-22 14:05 . 2009-07-06 14:00 1630560 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Resources.dll 2009-06-22 14:05 . 2009-06-29 14:07 85352 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\AAWDriverTool.exe 2009-06-22 14:04 . 2009-06-29 14:07 664424 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\CEAPI.dll 2009-06-22 14:04 . 2009-06-29 14:07 563064 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe 2009-06-22 14:04 . 2009-06-29 14:07 566632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe 2009-06-22 14:04 . 2009-07-06 13:59 2353480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-Aware.exe 2009-06-22 14:02 . 2009-06-29 14:07 629072 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWWSC.exe 2009-06-22 14:02 . 2009-06-29 14:07 520024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWTray.exe 2009-06-22 14:02 . 2009-06-29 14:07 1029456 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWService.exe 2009-06-19 18:35 . 2009-06-19 18:35 -------- d-----w- c:\program files\Teamspeak2_RC2 2009-06-19 17:53 . 2009-07-10 23:25 -------- d-----w- c:\program files\Air Attack . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-11 11:18 . 2008-06-02 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-07-10 20:04 . 2009-01-13 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-07-10 16:26 . 2008-08-11 01:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-07-10 01:17 . 2008-06-07 11:47 -------- d-----w- c:\documents and settings\Ben\Application Data\uTorrent 2009-07-09 23:51 . 2008-06-01 14:02 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-09 23:44 . 2009-06-11 01:56 -------- d-----w- c:\program files\a-squared Free 2009-07-09 22:42 . 2008-08-11 01:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-07-09 22:10 . 2008-09-25 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Kontiki 2009-07-09 20:11 . 2008-06-01 18:09 -------- d-----w- c:\documents and settings\Ben\Application Data\Xfire 2009-07-09 00:54 . 2008-12-10 03:45 -------- d-----w- c:\documents and settings\Ben\Application Data\Skype 2009-07-08 23:13 . 2008-06-01 18:09 -------- d-----w- c:\program files\Xfire 2009-07-08 22:37 . 2008-12-10 03:46 -------- d-----w- c:\documents and settings\Ben\Application Data\skypePM 2009-07-08 21:44 . 2009-03-09 23:59 -------- d-----w- c:\program files\PKR 2009-07-08 17:10 . 2008-06-01 14:39 138920 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-07-08 17:10 . 2008-06-01 14:39 189072 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-07-06 23:17 . 2009-05-11 11:00 -------- d-----w- c:\documents and settings\Ben\Application Data\dvdcss 2009-07-06 14:19 . 2008-07-08 13:56 -------- d-----w- c:\program files\Electronic Arts 2009-07-02 08:48 . 2008-06-02 19:48 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-06-29 14:07 . 2009-05-27 13:58 84832 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\ShellExt.dll 2009-06-29 14:07 . 2009-05-27 13:58 246128 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\RPAPI.dll 2009-06-29 14:07 . 2009-05-27 13:58 40288 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\PrivacyClean.dll 2009-06-19 00:39 . 2008-06-23 20:06 -------- d-----w- c:\documents and settings\Ben\Application Data\mIRC 2009-06-18 23:52 . 2008-06-23 20:06 -------- d-----w- c:\program files\mIRC 2009-06-18 20:33 . 2008-08-12 17:05 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-17 22:27 . 2009-06-07 12:39 -------- d-----w- c:\program files\PokerOfficer 2009-06-17 10:38 . 2008-06-02 19:48 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-11 23:07 . 2008-07-13 17:04 -------- d-----w- c:\program files\Soulseek 2009-06-11 17:36 . 2008-06-14 11:42 28276 ----a-w- c:\windows\system32\drivers\MxlW2k.sys 2009-06-07 15:12 . 2009-01-10 01:22 -------- d-----w- c:\program files\WordBiz 2009-06-07 15:11 . 2009-01-24 05:12 -------- d-----w- c:\documents and settings\Ben\Application Data\Sony 2009-06-07 15:10 . 2009-04-27 11:42 -------- d-----w- c:\program files\Poker Grapher 2009-06-07 15:10 . 2008-09-08 11:35 -------- d-----w- c:\program files\OpenOffice.org 2.4 2009-06-07 15:07 . 2008-09-24 12:09 -------- d-----w- c:\program files\Google 2009-06-07 12:39 . 2009-06-07 12:39 -------- d-----w- c:\documents and settings\Ben\Application Data\InstallShield 2009-05-27 13:58 . 2009-05-27 13:58 15688 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lsdelete.exe 2009-05-27 13:58 . 2009-01-21 17:46 15688 ----a-w- c:\windows\system32\lsdelete.exe 2009-05-22 06:39 . 2009-05-22 06:39 -------- d-----w- c:\program files\DeskPins 2009-05-21 22:29 . 2008-09-08 13:37 1 ----a-w- c:\documents and settings\Ben\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys 2009-05-21 22:29 . 2008-09-08 13:36 -------- d-----w- c:\documents and settings\Ben\Application Data\OpenOffice.org2 2009-05-15 11:42 . 2008-06-02 19:48 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-05-13 14:37 . 2009-05-13 14:37 -------- d-----w- c:\program files\PokerEV 2009-04-27 14:04 . 2009-04-27 14:04 64160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\lbd.sys 2009-04-27 10:40 . 2008-06-01 13:56 73856 ----a-w- c:\documents and settings\Ben\Local Settings\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-10 133104] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="c:\windows\RTHDCPL.EXE" [2007-03-21 16126464] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-04 8523776] "nwiz"="c:\windows\system32\nwiz.exe" [2007-12-04 1626112] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-04 81920] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 92168] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-05-15 11:42 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0autocheck lsdelete\0lsdelete [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Ben^Start Menu^Programs^Startup^DeskPins.lnk] path=c:\documents and settings\Ben\Start Menu\Programs\Startup\DeskPins.lnk backup=c:\windows\pss\DeskPins.lnkStartup [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized "kdx"=c:\program files\Kontiki\KHost.exe -all "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "MMTray"=c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe "Ad-Watch"=c:\program files\Lavasoft\Ad-Aware\AAWTray.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Xfire\\xfire.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"= "c:\\Documents and Settings\\Ben\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\slsk.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "28960:UDP"= 28960:UDP:cod2 "8888:TCP"= 8888:TCP:utor "8888:UDP"= 8888:UDP:utor2 R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [21/01/2009 15:59 64160] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [02/06/2008 20:48 335752] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [01/09/2008 13:33 298776] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [01/06/2008 15:06 38656] R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [01/06/2008 15:53 10880] S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [19/09/2008 03:03 65536] S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34 1029456] S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [24/01/2009 06:01 83880] S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [24/01/2009 06:03 15016] S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [24/01/2009 06:03 110632] S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [24/01/2009 06:05 104616] S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [24/01/2009 06:06 25512] S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [24/01/2009 06:04 100648] S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [24/01/2009 06:06 110120] S3 SWUSBFLT;Microsoft SideWinder VIA Filter Driver;c:\windows\system32\drivers\SWUSBFLT.SYS [28/06/2009 19:34 3968] . Contents of the 'Scheduled Tasks' folder 2009-07-08 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:07] 2009-07-11 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-13 19:14] 2009-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1220945662-682003330-1003Core.job - c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-10 17:23] 2009-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1220945662-682003330-1003UA.job - c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-10 17:23] . . ------- Supplementary Scan ------- . uStart Page = about:blank mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/http://uk.docs.yahoo.com/info/bt_side.html uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/http://uk.search.yahoo.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 Trusted Zone: ketsujin.com\fighterace Trusted Zone: ketsujin.com\primary Trusted Zone: ketsujin.com\update Trusted Zone: ketsujin.com\www Trusted Zone: stormofaces.com\www FF - ProfilePath - c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\zx281x56.default\ FF - component: c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\zx281x56.default\extensions\speedtest@gotomyhelp.com\components\NetDiag.dll FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - plugin: c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npBTEmailConfig.dll FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll FF - plugin: c:\program files\Veetle\VLC\npvlc.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews..wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-11 12:24 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008] "GameDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\games" "ShortlistDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\shortlists" "ScreenshotsDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008" "SaveDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\" "HistoryDir"="e:\\Untagged\\New Folder\\FM Genie Scout 2008\\History Points" "LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2008\\data\\updates\\update-802\\db\\802\\lang_db.dat" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "SkinID"=dword:00000001 "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "WindowState"=dword:00000000 "Currency"=dword:00000056 "WindowHeight"=dword:0000026d "WindowWidth"=dword:000003fc "WindowLeft"=dword:0000014a "WindowTop"=dword:000000d7 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008\Columns\Clubs] "Position0"=dword:00000000 "Visible0"=dword:00000001 "Width0"=dword:0000007d "Position1"=dword:00000001 "Visible1"=dword:00000001 "Width1"=dword:00000064 "Position2"=dword:00000002 "Visible2"=dword:00000001 "Width2"=dword:00000064 "Position3"=dword:00000003 "Visible3"=dword:00000001 "Width3"=dword:00000032 "Position4"=dword:00000004 "Visible4"=dword:00000001 "Width4"=dword:00000032 "Position5"=dword:00000005 "Visible5"=dword:00000001 "Width5"=dword:00000050 "Position6"=dword:00000006 "Visible6"=dword:00000001 "Width6"=dword:00000050 "Position7"=dword:00000007 "Visible7"=dword:00000001 "Width7"=dword:00000050 "Position8"=dword:00000008 "Visible8"=dword:00000000 "Width8"=dword:00000050 "Position9"=dword:00000009 "Visible9"=dword:00000000 "Width9"=dword:0000002d "Position10"=dword:0000000a "Visible10"=dword:00000000 "Width10"=dword:0000001e "Position11"=dword:0000000b "Visible11"=dword:00000000 "Width11"=dword:0000001e "Position12"=dword:0000000c "Visible12"=dword:00000000 "Width12"=dword:0000001e "Position13"=dword:0000000d "Visible13"=dword:00000001 "Width13"=dword:0000003c "Position14"=dword:0000000e "Visible14"=dword:00000000 "Width14"=dword:00000032 "Position15"=dword:0000000f "Visible15"=dword:00000000 "Width15"=dword:00000032 "Position16"=dword:00000010 "Visible16"=dword:00000000 "Width16"=dword:00000032 "Position17"=dword:00000011 "Visible17"=dword:00000001 "Width17"=dword:00000050 "Position18"=dword:00000012 "Visible18"=dword:00000001 "Width18"=dword:00000050 "Position19"=dword:00000013 "Visible19"=dword:00000000 "Width19"=dword:00000050 [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008\Columns\Players] "Position0"=dword:00000000 "Visible0"=dword:00000001 "Width0"=dword:0000007d "Position1"=dword:00000001 "Visible1"=dword:00000001 "Width1"=dword:0000008f "Position2"=dword:00000002 "Visible2"=dword:00000001 "Width2"=dword:00000064 "Position3"=dword:00000003 "Visible3"=dword:00000001 "Width3"=dword:00000037 "Position4"=dword:00000008 "Visible4"=dword:00000001 "Width4"=dword:00000023 "Position5"=dword:00000009 "Visible5"=dword:00000001 "Width5"=dword:00000028 "Position6"=dword:0000000a "Visible6"=dword:00000001 "Width6"=dword:00000028 "Position7"=dword:0000000c "Visible7"=dword:00000001 "Width7"=dword:0000004b "Position8"=dword:0000000d "Visible8"=dword:00000001 "Width8"=dword:0000004b "Position9"=dword:0000000e "Visible9"=dword:00000001 "Width9"=dword:00000050 "Position10"=dword:00000010 "Visible10"=dword:00000000 "Width10"=dword:00000050 "Position11"=dword:00000011 "Visible11"=dword:00000000 "Width11"=dword:0000004b "Position12"=dword:00000012 "Visible12"=dword:00000000 "Width12"=dword:0000002d "Position13"=dword:00000013 "Visible13"=dword:00000000 "Width13"=dword:0000003c "Position14"=dword:00000014 "Visible14"=dword:00000000 "Width14"=dword:0000004b "Position15"=dword:00000015 "Visible15"=dword:00000000 "Width15"=dword:00000064 "Position16"=dword:00000016 "Visible16"=dword:00000000 "Width16"=dword:00000064 "Position17"=dword:00000017 "Visible17"=dword:00000000 "Width17"=dword:0000004b "Position18"=dword:00000018 "Visible18"=dword:00000000 "Width18"=dword:00000064 "Position19"=dword:00000019 "Visible19"=dword:00000000 "Width19"=dword:0000003c "Position20"=dword:0000001a "Visible20"=dword:00000000 "Width20"=dword:0000004b "Position21"=dword:0000001b "Visible21"=dword:00000000 "Width21"=dword:00000050 "Position22"=dword:0000001c "Visible22"=dword:00000000 "Width22"=dword:00000073 "Position23"=dword:0000001d "Visible23"=dword:00000000 "Width23"=dword:00000050 "Position24"=dword:0000001e "Visible24"=dword:00000000 "Width24"=dword:0000005a "Position25"=dword:0000001f "Visible25"=dword:00000000 "Width25"=dword:0000006e "Position26"=dword:00000020 "Visible26"=dword:00000000 "Width26"=dword:00000064 "Position27"=dword:00000021 "Visible27"=dword:00000000 "Width27"=dword:00000087 "Position28"=dword:00000022 "Visible28"=dword:00000000 "Width28"=dword:00000064 "Position29"=dword:00000023 "Visible29"=dword:00000000 "Width29"=dword:00000064 "Position30"=dword:00000024 "Visible30"=dword:00000000 "Width30"=dword:00000046 "Position31"=dword:00000025 "Visible31"=dword:00000000 "Width31"=dword:0000004b "Position32"=dword:00000026 "Visible32"=dword:00000000 "Width32"=dword:00000046 "Position33"=dword:00000027 "Visible33"=dword:00000000 "Width33"=dword:0000004b "Position34"=dword:00000028 "Visible34"=dword:00000000 "Width34"=dword:0000003c "Position35"=dword:0000002a "Visible35"=dword:00000000 "Width35"=dword:00000064 "Position36"=dword:0000002e "Visible36"=dword:00000000 "Width36"=dword:00000073 "Position37"=dword:00000030 "Visible37"=dword:00000000 "Width37"=dword:0000005f "Position38"=dword:00000033 "Visible38"=dword:00000000 "Width38"=dword:00000091 "Position39"=dword:00000035 "Visible39"=dword:00000000 "Width39"=dword:0000003c "Position40"=dword:0000002c "Visible40"=dword:00000000 "Width40"=dword:0000005a "Position41"=dword:00000036 "Visible41"=dword:00000000 "Width41"=dword:00000041 "Position42"=dword:00000029 "Visible42"=dword:00000000 "Width42"=dword:00000050 "Position43"=dword:0000002b "Visible43"=dword:00000000 "Width43"=dword:00000055 "Position44"=dword:0000002d "Visible44"=dword:00000000 "Width44"=dword:0000005f "Position45"=dword:00000037 "Visible45"=dword:00000000 "Width45"=dword:00000050 "Position46"=dword:00000038 "Visible46"=dword:00000000 "Width46"=dword:0000004b "Position47"=dword:00000039 "Visible47"=dword:00000000 "Width47"=dword:0000004b "Position48"=dword:0000003a "Visible48"=dword:00000000 "Width48"=dword:00000046 "Position49"=dword:0000003b "Visible49"=dword:00000000 "Width49"=dword:00000032 "Position50"=dword:0000003c "Visible50"=dword:00000000 "Width50"=dword:0000003c "Position51"=dword:0000003d "Visible51"=dword:00000000 "Width51"=dword:0000004b "Position52"=dword:0000003e "Visible52"=dword:00000000 "Width52"=dword:0000003c "Position53"=dword:0000003f "Visible53"=dword:00000000 "Width53"=dword:00000037 "Position54"=dword:00000040 "Visible54"=dword:00000000 "Width54"=dword:00000069 "Position55"=dword:00000041 "Visible55"=dword:00000000 "Width55"=dword:0000005a "Position56"=dword:00000044 "Visible56"=dword:00000000 "Width56"=dword:0000004b "Position57"=dword:00000045 "Visible57"=dword:00000000 "Width57"=dword:0000004b "Position58"=dword:00000046 "Visible58"=dword:00000000 "Width58"=dword:00000037 "Position59"=dword:00000047 "Visible59"=dword:00000000 "Width59"=dword:0000003c "Position60"=dword:00000048 "Visible60"=dword:00000000 "Width60"=dword:0000003c "Position61"=dword:00000049 "Visible61"=dword:00000000 "Width61"=dword:00000041 "Position62"=dword:0000004a "Visible62"=dword:00000000 "Width62"=dword:00000055 "Position63"=dword:0000004b "Visible63"=dword:00000000 "Width63"=dword:0000003c "Position64"=dword:0000004c "Visible64"=dword:00000000 "Width64"=dword:0000003c "Position65"=dword:0000004d "Visible65"=dword:00000000 "Width65"=dword:0000004b "Position66"=dword:0000004e "Visible66"=dword:00000000 "Width66"=dword:0000003c "Position67"=dword:0000004f "Visible67"=dword:00000000 "Width67"=dword:00000046 "Position68"=dword:00000050 "Visible68"=dword:00000000 "Width68"=dword:00000028 "Position69"=dword:00000051 "Visible69"=dword:00000000 "Width69"=dword:00000041 "Position70"=dword:00000052 "Visible70"=dword:00000000 "Width70"=dword:0000003c "Position71"=dword:00000053 "Visible71"=dword:00000000 "Width71"=dword:00000069 "Position72"=dword:00000054 "Visible72"=dword:00000000 "Width72"=dword:00000041 "Position73"=dword:00000055 "Visible73"=dword:00000000 "Width73"=dword:0000005f "Position74"=dword:00000056 "Visible74"=dword:00000000 "Width74"=dword:0000003c "Position75"=dword:00000057 "Visible75"=dword:00000000 "Width75"=dword:00000037 "Position76"=dword:00000058 "Visible76"=dword:00000000 "Width76"=dword:0000004b "Position77"=dword:00000059 "Visible77"=dword:00000000 "Width77"=dword:00000050 "Position78"=dword:0000005a "Visible78"=dword:00000000 "Width78"=dword:00000037 "Position79"=dword:0000005b "Visible79"=dword:00000000 "Width79"=dword:00000037 "Position80"=dword:0000005c "Visible80"=dword:00000000 "Width80"=dword:0000005a "Position81"=dword:0000005d "Visible81"=dword:00000000 "Width81"=dword:0000004b "Position82"=dword:0000005e "Visible82"=dword:00000000 "Width82"=dword:00000055 "Position83"=dword:0000005f "Visible83"=dword:00000000 "Width83"=dword:0000002d "Position84"=dword:00000060 "Visible84"=dword:00000000 "Width84"=dword:00000037 "Position85"=dword:00000061 "Visible85"=dword:00000000 "Width85"=dword:0000003c "Position86"=dword:00000062 "Visible86"=dword:00000000 "Width86"=dword:00000046 "Position87"=dword:00000063 "Visible87"=dword:00000000 "Width87"=dword:0000003c "Position88"=dword:00000064 "Visible88"=dword:00000000 "Width88"=dword:0000005a "Position89"=dword:00000065 "Visible89"=dword:00000000 "Width89"=dword:0000003c "Position90"=dword:00000066 "Visible90"=dword:00000000 "Width90"=dword:00000050 "Position91"=dword:00000067 "Visible91"=dword:00000000 "Width91"=dword:00000046 "Position92"=dword:00000068 "Visible92"=dword:00000000 "Width92"=dword:0000005a "Position93"=dword:00000069 "Visible93"=dword:00000000 "Width93"=dword:00000037 "Position94"=dword:0000006a "Visible94"=dword:00000000 "Width94"=dword:0000003c "Position95"=dword:0000006b "Visible95"=dword:00000000 "Width95"=dword:0000003c "Position96"=dword:0000006c "Visible96"=dword:00000000 "Width96"=dword:00000046 "Position97"=dword:0000006d "Visible97"=dword:00000000 "Width97"=dword:00000046 "Position98"=dword:0000006e "Visible98"=dword:00000000 "Width98"=dword:00000055 "Position99"=dword:0000006f "Visible99"=dword:00000000 "Width99"=dword:00000073 "Position100"=dword:00000042 "Visible100"=dword:00000000 "Width100"=dword:00000041 "Position101"=dword:00000070 "Visible101"=dword:00000000 "Width101"=dword:0000003c "Position102"=dword:00000071 "Visible102"=dword:00000000 "Width102"=dword:0000003c "Position103"=dword:00000072 "Visible103"=dword:00000000 "Width103"=dword:00000046 "Position104"=dword:00000073 "Visible104"=dword:00000000 "Width104"=dword:0000003c "Position105"=dword:00000074 "Visible105"=dword:00000000 "Width105"=dword:00000041 "Position106"=dword:0000000f "Visible106"=dword:00000001 "Width106"=dword:00000050 "Position107"=dword:0000000b "Visible107"=dword:00000001 "Width107"=dword:00000028 "Position108"=dword:00000043 "Visible108"=dword:00000000 "Width108"=dword:00000050 "Position109"=dword:0000002f "Visible109"=dword:00000000 "Width109"=dword:00000050 "Position110"=dword:00000031 "Visible110"=dword:00000000 "Width110"=dword:00000055 "Position111"=dword:00000032 "Visible111"=dword:00000000 "Width111"=dword:00000082 "Position112"=dword:00000034 "Visible112"=dword:00000000 "Width112"=dword:00000087 "Position113"=dword:00000075 "Visible113"=dword:00000000 "Width113"=dword:00000050 "Position114"=dword:00000076 "Visible114"=dword:00000000 "Width114"=dword:00000050 "Position115"=dword:00000077 "Visible115"=dword:00000000 "Width115"=dword:00000050 "Position116"=dword:00000078 "Visible116"=dword:00000000 "Width116"=dword:00000050 "Position117"=dword:00000079 "Visible117"=dword:00000000 "Width117"=dword:00000050 "Position118"=dword:0000007a "Visible118"=dword:00000000 "Width118"=dword:00000050 "Position119"=dword:0000007b "Visible119"=dword:00000000 "Width119"=dword:00000050 "Position120"=dword:0000007c "Visible120"=dword:00000000 "Width120"=dword:00000050 "Position121"=dword:0000007d "Visible121"=dword:00000000 "Width121"=dword:00000050 "Position122"=dword:0000007e "Visible122"=dword:00000000 "Width122"=dword:00000050 "Position123"=dword:0000007f "Visible123"=dword:00000000 "Width123"=dword:00000050 "Position124"=dword:00000080 "Visible124"=dword:00000000 "Width124"=dword:00000050 "Position125"=dword:00000081 "Visible125"=dword:00000000 "Width125"=dword:00000050 "Position126"=dword:00000082 "Visible126"=dword:00000000 "Width126"=dword:00000050 "Position127"=dword:00000083 "Visible127"=dword:00000000 "Width127"=dword:00000050 "Position128"=dword:00000084 "Visible128"=dword:00000000 "Width128"=dword:00000050 "Position129"=dword:00000085 "Visible129"=dword:00000000 "Width129"=dword:00000050 "Position130"=dword:00000086 "Visible130"=dword:00000000 "Width130"=dword:00000050 "Position131"=dword:00000087 "Visible131"=dword:00000000 "Width131"=dword:00000050 "Position132"=dword:00000088 "Visible132"=dword:00000000 "Width132"=dword:00000050 "Position133"=dword:00000089 "Visible133"=dword:00000000 "Width133"=dword:00000050 "Position134"=dword:0000008a "Visible134"=dword:00000000 "Width134"=dword:00000050 "Position135"=dword:0000008b "Visible135"=dword:00000000 "Width135"=dword:00000050 "Position136"=dword:0000008c "Visible136"=dword:00000000 "Width136"=dword:00000050 "Position137"=dword:0000008d "Visible137"=dword:00000000 "Width137"=dword:00000050 "Position138"=dword:0000008e "Visible138"=dword:00000000 "Width138"=dword:00000050 "Position139"=dword:0000008f "Visible139"=dword:00000000 "Width139"=dword:00000050 "Position140"=dword:00000090 "Visible140"=dword:00000000 "Width140"=dword:00000050 "Position141"=dword:00000091 "Visible141"=dword:00000000 "Width141"=dword:00000050 "Position142"=dword:00000092 "Visible142"=dword:00000000 "Width142"=dword:00000050 "Position143"=dword:00000093 "Visible143"=dword:00000000 "Width143"=dword:00000050 "Position144"=dword:00000094 "Visible144"=dword:00000000 "Width144"=dword:00000050 "Position145"=dword:00000095 "Visible145"=dword:00000000 "Width145"=dword:00000050 "Position146"=dword:00000004 "Visible146"=dword:00000000 "Width146"=dword:00000037 "Position147"=dword:00000005 "Visible147"=dword:00000000 "Width147"=dword:00000028 "Position148"=dword:00000006 "Visible148"=dword:00000000 "Width148"=dword:00000037 "Position149"=dword:00000007 "Visible149"=dword:00000001 "Width149"=dword:00000028 [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008\Columns\Staff] "Position0"=dword:00000000 "Visible0"=dword:00000001 "Width0"=dword:0000007d "Position1"=dword:00000001 "Visible1"=dword:00000001 "Width1"=dword:00000064 "Position2"=dword:00000002 "Visible2"=dword:00000001 "Width2"=dword:00000064 "Position3"=dword:00000003 "Visible3"=dword:00000001 "Width3"=dword:00000069 "Position4"=dword:00000005 "Visible4"=dword:00000001 "Width4"=dword:00000028 "Position5"=dword:00000006 "Visible5"=dword:00000001 "Width5"=dword:00000028 "Position6"=dword:00000004 "Visible6"=dword:00000001 "Width6"=dword:00000028 "Position7"=dword:00000007 "Visible7"=dword:00000001 "Width7"=dword:00000050 "Position8"=dword:00000008 "Visible8"=dword:00000000 "Width8"=dword:00000050 "Position9"=dword:00000009 "Visible9"=dword:00000000 "Width9"=dword:0000004b "Position10"=dword:0000000a "Visible10"=dword:00000000 "Width10"=dword:0000002d "Position11"=dword:0000000b "Visible11"=dword:00000000 "Width11"=dword:0000003c "Position12"=dword:0000000c "Visible12"=dword:00000000 "Width12"=dword:0000004b "Position13"=dword:0000000d "Visible13"=dword:00000000 "Width13"=dword:00000064 "Position14"=dword:0000000e "Visible14"=dword:00000000 "Width14"=dword:00000064 "Position15"=dword:0000000f "Visible15"=dword:00000000 "Width15"=dword:0000004b "Position16"=dword:00000010 "Visible16"=dword:00000000 "Width16"=dword:00000064 "Position17"=dword:00000011 "Visible17"=dword:00000000 "Width17"=dword:0000003c "Position18"=dword:00000012 "Visible18"=dword:00000000 "Width18"=dword:0000004b "Position19"=dword:00000013 "Visible19"=dword:00000000 "Width19"=dword:00000050 "Position20"=dword:00000014 "Visible20"=dword:00000000 "Width20"=dword:00000046 "Position21"=dword:00000015 "Visible21"=dword:00000000 "Width21"=dword:0000004b "Position22"=dword:00000016 "Visible22"=dword:00000000 "Width22"=dword:00000046 "Position23"=dword:00000017 "Visible23"=dword:00000000 "Width23"=dword:00000046 "Position24"=dword:00000018 "Visible24"=dword:00000000 "Width24"=dword:0000003c "Position25"=dword:00000019 "Visible25"=dword:00000000 "Width25"=dword:00000041 "Position26"=dword:0000001a "Visible26"=dword:00000000 "Width26"=dword:0000003c "Position27"=dword:0000001b "Visible27"=dword:00000000 "Width27"=dword:00000055 "Position28"=dword:0000001c "Visible28"=dword:00000000 "Width28"=dword:00000069 "Position29"=dword:0000001d "Visible29"=dword:00000000 "Width29"=dword:0000006e "Position30"=dword:0000001e "Visible30"=dword:00000000 "Width30"=dword:00000064 "Position31"=dword:0000001f "Visible31"=dword:00000000 "Width31"=dword:00000078 "Position32"=dword:00000020 "Visible32"=dword:00000000 "Width32"=dword:00000064 "Position33"=dword:00000021 "Visible33"=dword:00000000 "Width33"=dword:00000087 "Position34"=dword:00000022 "Visible34"=dword:00000000 "Width34"=dword:00000069 "Position35"=dword:00000023 "Visible35"=dword:00000000 "Width35"=dword:0000006e "Position36"=dword:00000024 "Visible36"=dword:00000000 "Width36"=dword:00000073 "Position37"=dword:00000025 "Visible37"=dword:00000000 "Width37"=dword:0000004b "Position38"=dword:00000026 "Visible38"=dword:00000000 "Width38"=dword:0000002d "Position39"=dword:00000027 "Visible39"=dword:00000000 "Width39"=dword:00000055 "Position40"=dword:00000028 "Visible40"=dword:00000000 "Width40"=dword:00000046 "Position41"=dword:00000029 "Visible41"=dword:00000000 "Width41"=dword:0000004b "Position42"=dword:0000002a "Visible42"=dword:00000000 "Width42"=dword:0000003c "Position43"=dword:0000002b "Visible43"=dword:00000000 "Width43"=dword:00000046 "Position44"=dword:0000002c "Visible44"=dword:00000000 "Width44"=dword:00000073 "Position45"=dword:0000002d "Visible45"=dword:00000000 "Width45"=dword:0000004b "Position46"=dword:0000002e "Visible46"=dword:00000000 "Width46"=dword:00000073 "Position47"=dword:0000002f "Visible47"=dword:00000000 "Width47"=dword:0000007d "Position48"=dword:00000030 "Visible48"=dword:00000000 "Width48"=dword:0000006e "Position49"=dword:00000031 "Visible49"=dword:00000000 "Width49"=dword:00000037 "Position50"=dword:00000032 "Visible50"=dword:00000000 "Width50"=dword:00000064 "Position51"=dword:00000033 "Visible51"=dword:00000000 "Width51"=dword:00000037 "Position52"=dword:00000034 "Visible52"=dword:00000000 "Width52"=dword:0000004b "Position53"=dword:00000035 "Visible53"=dword:00000000 "Width53"=dword:00000046 "Position54"=dword:00000036 "Visible54"=dword:00000000 "Width54"=dword:00000037 "Position55"=dword:00000037 "Visible55"=dword:00000000 "Width55"=dword:0000003c "Position56"=dword:00000038 "Visible56"=dword:00000000 "Width56"=dword:00000055 "Position57"=dword:00000039 "Visible57"=dword:00000000 "Width57"=dword:0000003c "Position58"=dword:0000003a "Visible58"=dword:00000000 "Width58"=dword:0000003c "Position59"=dword:0000003b "Visible59"=dword:00000000 "Width59"=dword:00000055 "Position60"=dword:0000003c "Visible60"=dword:00000000 "Width60"=dword:00000046 "Position61"=dword:0000003d "Visible61"=dword:00000000 "Width61"=dword:0000004b "Position62"=dword:0000003e "Visible62"=dword:00000000 "Width62"=dword:00000055 "Position63"=dword:0000003f "Visible63"=dword:00000000 "Width63"=dword:0000005a "Position64"=dword:00000040 "Visible64"=dword:00000000 "Width64"=dword:0000006e "Position65"=dword:00000041 "Visible65"=dword:00000000 "Width65"=dword:00000050 "Position66"=dword:00000042 "Visible66"=dword:00000000 "Width66"=dword:00000032 "Position67"=dword:00000043 "Visible67"=dword:00000000 "Width67"=dword:00000064 "Position68"=dword:00000044 "Visible68"=dword:00000000 "Width68"=dword:0000004b "Position69"=dword:00000045 "Visible69"=dword:00000000 "Width69"=dword:0000002d "Position70"=dword:00000046 "Visible70"=dword:00000000 "Width70"=dword:0000004b "Position71"=dword:00000047 "Visible71"=dword:00000000 "Width71"=dword:0000005a "Position72"=dword:00000048 "Visible72"=dword:00000000 "Width72"=dword:0000005a "Position73"=dword:00000049 "Visible73"=dword:00000000 "Width73"=dword:00000050 "Position74"=dword:0000004a "Visible74"=dword:00000000 "Width74"=dword:0000004b "Position75"=dword:0000004b "Visible75"=dword:00000000 "Width75"=dword:00000050 "Position76"=dword:0000004c "Visible76"=dword:00000000 "Width76"=dword:0000005a "Position77"=dword:0000004d "Visible77"=dword:00000000 "Width77"=dword:00000041 "Position78"=dword:0000004e "Visible78"=dword:00000000 "Width78"=dword:00000041 "Position79"=dword:0000004f "Visible79"=dword:00000000 "Width79"=dword:00000041 "Position80"=dword:00000050 "Visible80"=dword:00000000 "Width80"=dword:00000041 "Position81"=dword:00000051 "Visible81"=dword:00000000 "Width81"=dword:00000041 "Position82"=dword:00000052 "Visible82"=dword:00000000 "Width82"=dword:00000041 "Position83"=dword:00000053 "Visible83"=dword:00000000 "Width83"=dword:00000041 "Position84"=dword:00000054 "Visible84"=dword:00000000 "Width84"=dword:00000041 "Position85"=dword:00000055 "Visible85"=dword:00000000 "Width85"=dword:00000041 "Position86"=dword:00000056 "Visible86"=dword:00000000 "Width86"=dword:00000050 [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008\Rating Coefficients] "GKWeightCoef"=dword:00000064 "GKCurrentAbilityCoef"=dword:00000000 "GKCornersCoef"=dword:00000000 "GKCrossingCoef"=dword:00000000 "GKDribblingCoef"=dword:00000000 "GKFinishingCoef"=dword:00000000 "GKFirstTouchCoef"=dword:00000000 "GKFreeKicksCoef"=dword:00000000 "GKHeadingCoef"=dword:00000000 "GKLongShotsCoef"=dword:00000000 "GKLongThrowsCoef"=dword:00000000 "GKMarkingCoef"=dword:00000000 "GKPassingCoef"=dword:00000000 "GKPenaltiesCoef"=dword:00000000 "GKTacklingCoef"=dword:00000005 "GKTechniqueCoef"=dword:00000000 "GKLeftFootCoef"=dword:00000000 "GKRightFootCoef"=dword:00000000 "GKAggressionCoef"=dword:0000000a "GKAnticipationCoef"=dword:00000005 "GKBraveryCoef"=dword:00000014 "GKComposureCoef"=dword:00000014 "GKConcentrationCoef"=dword:0000000a "GKConsistencyCoef"=dword:0000000a "GKCreativityCoef"=dword:00000000 "GKDecisionsCoef"=dword:00000014 "GKDeterminationCoef"=dword:0000000a "GKDirtinessCoef"=dword:fffffffb "GKFlairCoef"=dword:00000000 "GKImportantMatchesCoef"=dword:0000000a "GKInfluenceCoef"=dword:0000000a "GKOffTheBallCoef"=dword:00000000 "GKPositioningCoef"=dword:00000050 "GKTeamworkCoef"=dword:00000005 "GKWorkRateCoef"=dword:00000000 "GKAccelerationCoef"=dword:00000005 "GKAgilityCoef"=dword:0000000a "GKBalanceCoef"=dword:0000000a "GKInjuryPronenessCoef"=dword:fffffffb "GKJumpingCoef"=dword:00000050 "GKNaturalFitnessCoef"=dword:00000005 "GKPaceCoef"=dword:00000000 "GKStaminaCoef"=dword:00000000 "GKStrengthCoef"=dword:0000000a "GKVersatilityCoef"=dword:00000000 "GKAerialAbilityCoef"=dword:00000032 "GKCommandOfAreaCoef"=dword:00000014 "GKCommunicationCoef"=dword:00000032 "GKEccentricityCoef"=dword:ffffffec "GKHandlingCoef"=dword:00000064 "GKKickingCoef"=dword:0000000a "GKOneOnOnesCoef"=dword:00000032 "GKReflexesCoef"=dword:00000064 "GKRushingOutCoef"=dword:00000014 "GKTendencyToPunchCoef"=dword:fffffff6 "GKThrowingCoef"=dword:0000000a "GKAdaptabilityCoef"=dword:00000005 "GKAmbitionCoef"=dword:0000000a "GKControversyCoef"=dword:fffffffb "GKLoyalityCoef"=dword:00000005 "GKPressureCoef"=dword:00000005 "GKProfessionalismCoef"=dword:00000005 "GKSportsmanshipCoef"=dword:00000005 "GKTemperamentCoef"=dword:00000005 "SWWeightCoef"=dword:00000066 "SWCurrentAbilityCoef"=dword:00000000 "SWCornersCoef"=dword:00000000 "SWCrossingCoef"=dword:00000000 "SWDribblingCoef"=dword:00000000 "SWFinishingCoef"=dword:00000000 "SWFirstTouchCoef"=dword:00000014 "SWFreeKicksCoef"=dword:0000000a "SWHeadingCoef"=dword:00000064 "SWLongShotsCoef"=dword:0000000a "SWLongThrowsCoef"=dword:00000000 "SWMarkingCoef"=dword:00000064 "SWPassingCoef"=dword:0000000a "SWPenaltiesCoef"=dword:00000005 "SWTacklingCoef"=dword:00000064 "SWTechniqueCoef"=dword:0000000a "SWLeftFootCoef"=dword:00000005 "SWRightFootCoef"=dword:00000005 "SWAggressionCoef"=dword:00000014 "SWAnticipationCoef"=dword:00000014 "SWBraveryCoef"=dword:00000028 "SWComposureCoef"=dword:00000028 "SWConcentrationCoef"=dword:0000003c "SWConsistencyCoef"=dword:0000000a "SWCreativityCoef"=dword:0000000a "SWDecisionsCoef"=dword:00000014 "SWDeterminationCoef"=dword:0000000a "SWDirtinessCoef"=dword:ffffffe7 "SWFlairCoef"=dword:00000000 "SWImportantMatchesCoef"=dword:0000000a "SWInfluenceCoef"=dword:0000000a "SWOffTheBallCoef"=dword:0000000a "SWPositioningCoef"=dword:00000064 "SWTeamworkCoef"=dword:00000028 "SWWorkRateCoef"=dword:00000014 "SWAccelerationCoef"=dword:0000001e "SWAgilityCoef"=dword:0000000a "SWBalanceCoef"=dword:00000014 "SWInjuryPronenessCoef"=dword:fffffffb "SWJumpingCoef"=dword:00000064 "SWNaturalFitnessCoef"=dword:00000005 "SWPaceCoef"=dword:00000014 "SWStaminaCoef"=dword:0000000a "SWStrengthCoef"=dword:00000050 "SWVersatilityCoef"=dword:00000005 "SWAerialAbilityCoef"=dword:00000000 "SWCommandOfAreaCoef"=dword:00000000 "SWCommunicationCoef"=dword:00000000 "SWEccentricityCoef"=dword:00000000 "SWHandlingCoef"=dword:00000000 "SWKickingCoef"=dword:00000000 "SWOneOnOnesCoef"=dword:00000005 "SWReflexesCoef"=dword:00000005 "SWRushingOutCoef"=dword:00000000 "SWTendencyToPunchCoef"=dword:00000000 "SWThrowingCoef"=dword:00000000 "SWAdaptabilityCoef"=dword:00000005 "SWAmbitionCoef"=dword:0000000a "SWControversyCoef"=dword:fffffffb "SWLoyalityCoef"=dword:00000005 "SWPressureCoef"=dword:00000005 "SWProfessionalismCoef"=dword:00000005 "SWSportsmanshipCoef"=dword:00000005 "SWTemperamentCoef"=dword:00000005 "CBWeightCoef"=dword:00000064 "CBCurrentAbilityCoef"=dword:00000000 "CBCornersCoef"=dword:00000000 "CBCrossingCoef"=dword:00000000 "CBDribblingCoef"=dword:00000000 "CBFinishingCoef"=dword:00000000 "CBFirstTouchCoef"=dword:00000014 "CBFreeKicksCoef"=dword:0000000a "CBHeadingCoef"=dword:00000064 "CBLongShotsCoef"=dword:0000000a "CBLongThrowsCoef"=dword:00000000 "CBMarkingCoef"=dword:00000050 "CBPassingCoef"=dword:00000014 "CBPenaltiesCoef"=dword:00000005 "CBTacklingCoef"=dword:00000064 "CBTechniqueCoef"=dword:0000000a "CBLeftFootCoef"=dword:00000005 "CBRightFootCoef"=dword:00000005 "CBAggressionCoef"=dword:00000014 "CBAnticipationCoef"=dword:00000014 "CBBraveryCoef"=dword:00000028 "CBComposureCoef"=dword:00000014 "CBConcentrationCoef"=dword:00000028 "CBConsistencyCoef"=dword:0000000a "CBCreativityCoef"=dword:0000000a "CBDecisionsCoef"=dword:00000014 "CBDeterminationCoef"=dword:0000000a "CBDirtinessCoef"=dword:ffffffec "CBFlairCoef"=dword:00000000 "CBImportantMatchesCoef"=dword:0000000a "CBInfluenceCoef"=dword:0000000a "CBOffTheBallCoef"=dword:0000000a "CBPositioningCoef"=dword:00000050 "CBTeamworkCoef"=dword:00000028 "CBWorkRateCoef"=dword:00000014 "CBAccelerationCoef"=dword:00000028 "CBAgilityCoef"=dword:0000000a "CBBalanceCoef"=dword:00000014 "CBInjuryPronenessCoef"=dword:fffffffb "CBJumpingCoef"=dword:00000064 "CBNaturalFitnessCoef"=dword:00000005 "CBPaceCoef"=dword:0000001e "CBStaminaCoef"=dword:0000000a "CBStrengthCoef"=dword:0000003c "CBVersatilityCoef"=dword:00000005 "CBAerialAbilityCoef"=dword:00000000 "CBCommandOfAreaCoef"=dword:00000000 "CBCommunicationCoef"=dword:00000000 "CBEccentricityCoef"=dword:00000000 "CBHandlingCoef"=dword:00000000 "CBKickingCoef"=dword:00000000 "CBOneOnOnesCoef"=dword:00000005 "CBReflexesCoef"=dword:00000005 "CBRushingOutCoef"=dword:00000000 "CBTendencyToPunchCoef"=dword:00000000 "CBThrowingCoef"=dword:00000000 "CBAdaptabilityCoef"=dword:00000005 "CBAmbitionCoef"=dword:0000000a "CBControversyCoef"=dword:fffffffb "CBLoyalityCoef"=dword:00000005 "CBPressureCoef"=dword:00000005 "CBProfessionalismCoef"=dword:00000005 "CBSportsmanshipCoef"=dword:00000005 "CBTemperamentCoef"=dword:00000005 "FBWeightCoef"=dword:00000069 "FBCurrentAbilityCoef"=dword:00000000 "FBCornersCoef"=dword:0000000a "FBCrossingCoef"=dword:0000001e "FBDribblingCoef"=dword:00000014 "FBFinishingCoef"=dword:00000000 "FBFirstTouchCoef"=dword:00000014 "FBFreeKicksCoef"=dword:0000000a "FBHeadingCoef"=dword:0000003c "FBLongShotsCoef"=dword:0000000a "FBLongThrowsCoef"=dword:0000000a "FBMarkingCoef"=dword:0000003c "FBPassingCoef"=dword:0000001e "FBPenaltiesCoef"=dword:00000005 "FBTacklingCoef"=dword:00000064 "FBTechniqueCoef"=dword:00000014 "FBLeftFootCoef"=dword:00000005 "FBRightFootCoef"=dword:00000005 "FBAggressionCoef"=dword:0000000f "FBAnticipationCoef"=dword:00000050 "FBBraveryCoef"=dword:00000014 "FBComposureCoef"=dword:0000000a "FBConcentrationCoef"=dword:0000001e "FBConsistencyCoef"=dword:0000000a "FBCreativityCoef"=dword:0000000a "FBDecisionsCoef"=dword:00000014 "FBDeterminationCoef"=dword:0000000a "FBDirtinessCoef"=dword:fffffff6 "FBFlairCoef"=dword:00000005 "FBImportantMatchesCoef"=dword:0000000a "FBInfluenceCoef"=dword:0000000a "FBOffTheBallCoef"=dword:00000014 "FBPositioningCoef"=dword:00000064 "FBTeamworkCoef"=dword:00000014 "FBWorkRateCoef"=dword:00000014 "FBAccelerationCoef"=dword:0000003c "FBAgilityCoef"=dword:0000000a "FBBalanceCoef"=dword:00000014 "FBInjuryPronenessCoef"=dword:fffffffb "FBJumpingCoef"=dword:0000003c "FBNaturalFitnessCoef"=dword:00000005 "FBPaceCoef"=dword:00000050 "FBStaminaCoef"=dword:0000003c "FBStrengthCoef"=dword:00000028 "FBVersatilityCoef"=dword:00000005 "FBAerialAbilityCoef"=dword:00000000 "FBCommandOfAreaCoef"=dword:00000000 "FBCommunicationCoef"=dword:00000000 "FBEccentricityCoef"=dword:00000000 "FBHandlingCoef"=dword:00000000 "FBKickingCoef"=dword:00000000 "FBOneOnOnesCoef"=dword:00000005 "FBReflexesCoef"=dword:00000005 "FBRushingOutCoef"=dword:00000000 "FBTendencyToPunchCoef"=dword:00000000 "FBThrowingCoef"=dword:00000000 "FBAdaptabilityCoef"=dword:00000005 "FBAmbitionCoef"=dword:0000000a "FBControversyCoef"=dword:fffffffb "FBLoyalityCoef"=dword:00000005 "FBPressureCoef"=dword:00000005 "FBProfessionalismCoef"=dword:00000005 "FBSportsmanshipCoef"=dword:00000005 "FBTemperamentCoef"=dword:00000005 "WBWeightCoef"=dword:0000006c "WBCurrentAbilityCoef"=dword:00000000 "WBCornersCoef"=dword:0000000a "WBCrossingCoef"=dword:0000003c "WBDribblingCoef"=dword:00000028 "WBFinishingCoef"=dword:0000000a "WBFirstTouchCoef"=dword:00000014 "WBFreeKicksCoef"=dword:0000000a "WBHeadingCoef"=dword:00000028 "WBLongShotsCoef"=dword:00000014 "WBLongThrowsCoef"=dword:0000000a "WBMarkingCoef"=dword:0000003c "WBPassingCoef"=dword:00000028 "WBPenaltiesCoef"=dword:00000005 "WBTacklingCoef"=dword:00000064 "WBTechniqueCoef"=dword:00000028 "WBLeftFootCoef"=dword:00000005 "WBRightFootCoef"=dword:00000005 "WBAggressionCoef"=dword:0000000a "WBAnticipationCoef"=dword:00000050 "WBBraveryCoef"=dword:0000000a "WBComposureCoef"=dword:0000000a "WBConcentrationCoef"=dword:00000014 "WBConsistencyCoef"=dword:0000000a "WBCreativityCoef"=dword:00000014 "WBDecisionsCoef"=dword:00000014 "WBDeterminationCoef"=dword:0000000a "WBDirtinessCoef"=dword:fffffff6 "WBFlairCoef"=dword:0000000a "WBImportantMatchesCoef"=dword:0000000a "WBInfluenceCoef"=dword:0000000a "WBOffTheBallCoef"=dword:00000014 "WBPositioningCoef"=dword:00000064 "WBTeamworkCoef"=dword:00000014 "WBWorkRateCoef"=dword:00000028 "WBAccelerationCoef"=dword:00000050 "WBAgilityCoef"=dword:0000000a "WBBalanceCoef"=dword:00000014 "WBInjuryPronenessCoef"=dword:fffffffb "WBJumpingCoef"=dword:00000014 "WBNaturalFitnessCoef"=dword:00000005 "WBPaceCoef"=dword:00000064 "WBStaminaCoef"=dword:00000050 "WBStrengthCoef"=dword:00000028 "WBVersatilityCoef"=dword:00000005 "WBAerialAbilityCoef"=dword:00000000 "WBCommandOfAreaCoef"=dword:00000000 "WBCommunicationCoef"=dword:00000000 "WBEccentricityCoef"=dword:00000000 "WBHandlingCoef"=dword:00000000 "WBKickingCoef"=dword:00000000 "WBOneOnOnesCoef"=dword:00000005 "WBReflexesCoef"=dword:00000005 "WBRushingOutCoef"=dword:00000000 "WBTendencyToPunchCoef"=dword:00000000 "WBThrowingCoef"=dword:00000000 "WBAdaptabilityCoef"=dword:00000005 "WBAmbitionCoef"=dword:0000000a "WBControversyCoef"=dword:fffffffb "WBLoyalityCoef"=dword:00000005 "WBPressureCoef"=dword:00000005 "WBProfessionalismCoef"=dword:00000005 "WBSportsmanshipCoef"=dword:00000005 "WBTemperamentCoef"=dword:00000005 "DMWeightCoef"=dword:00000067 "DMCurrentAbilityCoef"=dword:00000000 "DMCornersCoef"=dword:0000000a "DMCrossingCoef"=dword:0000001e "DMDribblingCoef"=dword:00000014 "DMFinishingCoef"=dword:0000000a "DMFirstTouchCoef"=dword:0000001e "DMFreeKicksCoef"=dword:0000000a "DMHeadingCoef"=dword:00000028 "DMLongShotsCoef"=dword:00000014 "DMLongThrowsCoef"=dword:00000005 "DMMarkingCoef"=dword:0000003c "DMPassingCoef"=dword:00000028 "DMPenaltiesCoef"=dword:00000005 "DMTacklingCoef"=dword:00000064 "DMTechniqueCoef"=dword:0000001e "DMLeftFootCoef"=dword:00000005 "DMRightFootCoef"=dword:00000005 "DMAggressionCoef"=dword:00000028 "DMAnticipationCoef"=dword:00000028 "DMBraveryCoef"=dword:00000014 "DMComposureCoef"=dword:0000000a "DMConcentrationCoef"=dword:00000014 "DMConsistencyCoef"=dword:0000000a "DMCreativityCoef"=dword:00000014 "DMDecisionsCoef"=dword:00000014 "DMDeterminationCoef"=dword:0000000a "DMDirtinessCoef"=dword:fffffff6 "DMFlairCoef"=dword:0000000a "DMImportantMatchesCoef"=dword:0000000a "DMInfluenceCoef"=dword:0000000a "DMOffTheBallCoef"=dword:0000001e "DMPositioningCoef"=dword:00000050 "DMTeamworkCoef"=dword:00000028 "DMWorkRateCoef"=dword:00000050 "DMAccelerationCoef"=dword:00000028 "DMAgilityCoef"=dword:0000000a "DMBalanceCoef"=dword:0000000a "DMInjuryPronenessCoef"=dword:fffffffb "DMJumpingCoef"=dword:00000028 "DMNaturalFitnessCoef"=dword:00000005 "DMPaceCoef"=dword:00000028 "DMStaminaCoef"=dword:0000003c "DMStrengthCoef"=dword:00000028 "DMVersatilityCoef"=dword:00000005 "DMAerialAbilityCoef"=dword:00000000 "DMCommandOfAreaCoef"=dword:00000000 "DMCommunicationCoef"=dword:00000000 "DMEccentricityCoef"=dword:00000000 "DMHandlingCoef"=dword:00000000 "DMKickingCoef"=dword:00000000 "DMOneOnOnesCoef"=dword:00000005 "DMReflexesCoef"=dword:00000005 "DMRushingOutCoef"=dword:00000000 "DMTendencyToPunchCoef"=dword:00000000 "DMThrowingCoef"=dword:00000000 "DMAdaptabilityCoef"=dword:00000005 "DMAmbitionCoef"=dword:0000000a "DMControversyCoef"=dword:fffffffb "DMLoyalityCoef"=dword:00000005 "DMPressureCoef"=dword:00000005 "DMProfessionalismCoef"=dword:00000005 "DMSportsmanshipCoef"=dword:00000005 "DMTemperamentCoef"=dword:00000005 "MWeightCoef"=dword:00000068 "MCurrentAbilityCoef"=dword:00000000 "MCornersCoef"=dword:0000000a "MCrossingCoef"=dword:00000028 "MDribblingCoef"=dword:00000032 "MFinishingCoef"=dword:00000014 "MFirstTouchCoef"=dword:0000001e "MFreeKicksCoef"=dword:0000000a "MHeadingCoef"=dword:0000001e "MLongShotsCoef"=dword:00000014 "MLongThrowsCoef"=dword:00000005 "MMarkingCoef"=dword:00000028 "MPassingCoef"=dword:00000046 "MPenaltiesCoef"=dword:00000005 "MTacklingCoef"=dword:0000003c "MTechniqueCoef"=dword:00000032 "MLeftFootCoef"=dword:00000005 "MRightFootCoef"=dword:00000005 "MAggressionCoef"=dword:0000001e "MAnticipationCoef"=dword:00000028 "MBraveryCoef"=dword:0000000a "MComposureCoef"=dword:0000000a "MConcentrationCoef"=dword:0000000a "MConsistencyCoef"=dword:0000000a "MCreativityCoef"=dword:0000003c "MDecisionsCoef"=dword:0000001e "MDeterminationCoef"=dword:0000000a "MDirtinessCoef"=dword:fffffffb "MFlairCoef"=dword:0000000a "MImportantMatchesCoef"=dword:0000000a "MInfluenceCoef"=dword:0000000a "MOffTheBallCoef"=dword:00000028 "MPositioningCoef"=dword:00000028 "MTeamworkCoef"=dword:00000032 "MWorkRateCoef"=dword:00000032 "MAccelerationCoef"=dword:00000032 "MAgilityCoef"=dword:0000000a "MBalanceCoef"=dword:0000000a "MInjuryPronenessCoef"=dword:fffffffb "MJumpingCoef"=dword:00000028 "MNaturalFitnessCoef"=dword:00000005 "MPaceCoef"=dword:00000028 "MStaminaCoef"=dword:0000003c "MStrengthCoef"=dword:0000001e "MVersatilityCoef"=dword:00000005 "MAerialAbilityCoef"=dword:00000000 "MCommandOfAreaCoef"=dword:00000000 "MCommunicationCoef"=dword:00000000 "MEccentricityCoef"=dword:00000000 "MHandlingCoef"=dword:00000000 "MKickingCoef"=dword:00000000 "MOneOnOnesCoef"=dword:00000005 "MReflexesCoef"=dword:00000005 "MRushingOutCoef"=dword:00000000 "MTendencyToPunchCoef"=dword:00000000 "MThrowingCoef"=dword:00000000 "MAdaptabilityCoef"=dword:00000005 "MAmbitionCoef"=dword:0000000a "MControversyCoef"=dword:fffffffb "MLoyalityCoef"=dword:00000005 "MPressureCoef"=dword:00000005 "MProfessionalismCoef"=dword:00000005 "MSportsmanshipCoef"=dword:00000005 "MTemperamentCoef"=dword:00000005 "AMWeightCoef"=dword:00000068 "AMCurrentAbilityCoef"=dword:00000000 "AMCornersCoef"=dword:0000000a "AMCrossingCoef"=dword:0000003c "AMDribblingCoef"=dword:00000050 "AMFinishingCoef"=dword:00000028 "AMFirstTouchCoef"=dword:0000001e "AMFreeKicksCoef"=dword:0000000a "AMHeadingCoef"=dword:00000014 "AMLongShotsCoef"=dword:00000014 "AMLongThrowsCoef"=dword:00000005 "AMMarkingCoef"=dword:0000000a "AMPassingCoef"=dword:00000064 "AMPenaltiesCoef"=dword:00000005 "AMTacklingCoef"=dword:0000000a "AMTechniqueCoef"=dword:00000050 "AMLeftFootCoef"=dword:00000005 "AMRightFootCoef"=dword:00000005 "AMAggressionCoef"=dword:0000000a "AMAnticipationCoef"=dword:0000001e "AMBraveryCoef"=dword:0000000a "AMComposureCoef"=dword:0000000a "AMConcentrationCoef"=dword:0000000a "AMConsistencyCoef"=dword:0000000a "AMCreativityCoef"=dword:00000064 "AMDecisionsCoef"=dword:00000028 "AMDeterminationCoef"=dword:0000000a "AMDirtinessCoef"=dword:fffffffb "AMFlairCoef"=dword:00000014 "AMImportantMatchesCoef"=dword:0000000a "AMInfluenceCoef"=dword:0000000a "AMOffTheBallCoef"=dword:0000003c "AMPositioningCoef"=dword:00000014 "AMTeamworkCoef"=dword:0000003c "AMWorkRateCoef"=dword:00000014 "AMAccelerationCoef"=dword:0000003c "AMAgilityCoef"=dword:0000000a "AMBalanceCoef"=dword:0000000a "AMInjuryPronenessCoef"=dword:fffffffb "AMJumpingCoef"=dword:00000014 "AMNaturalFitnessCoef"=dword:00000005 "AMPaceCoef"=dword:0000003c "AMStaminaCoef"=dword:0000003c "AMStrengthCoef"=dword:00000014 "AMVersatilityCoef"=dword:00000005 "AMAerialAbilityCoef"=dword:00000000 "AMCommandOfAreaCoef"=dword:00000000 "AMCommunicationCoef"=dword:00000000 "AMEccentricityCoef"=dword:00000000 "AMHandlingCoef"=dword:00000000 "AMKickingCoef"=dword:00000000 "AMOneOnOnesCoef"=dword:00000005 "AMReflexesCoef"=dword:00000005 "AMRushingOutCoef"=dword:00000000 "AMTendencyToPunchCoef"=dword:00000000 "AMThrowingCoef"=dword:00000000 "AMAdaptabilityCoef"=dword:00000005 "AMAmbitionCoef"=dword:0000000a "AMControversyCoef"=dword:fffffffb "AMLoyalityCoef"=dword:00000005 "AMPressureCoef"=dword:00000005 "AMProfessionalismCoef"=dword:00000005 "AMSportsmanshipCoef"=dword:00000005 "AMTemperamentCoef"=dword:00000005 "WWeightCoef"=dword:00000069 "WCurrentAbilityCoef"=dword:00000000 "WCornersCoef"=dword:0000000a "WCrossingCoef"=dword:00000064 "WDribblingCoef"=dword:00000064 "WFinishingCoef"=dword:0000003c "WFirstTouchCoef"=dword:0000001e "WFreeKicksCoef"=dword:0000000a "WHeadingCoef"=dword:00000014 "WLongShotsCoef"=dword:00000014 "WLongThrowsCoef"=dword:00000005 "WMarkingCoef"=dword:0000000a "WPassingCoef"=dword:0000003c "WPenaltiesCoef"=dword:00000005 "WTacklingCoef"=dword:0000000a "WTechniqueCoef"=dword:00000050 "WLeftFootCoef"=dword:00000005 "WRightFootCoef"=dword:00000005 "WAggressionCoef"=dword:0000000a "WAnticipationCoef"=dword:00000014 "WBraveryCoef"=dword:0000000a "WComposureCoef"=dword:0000000a "WConcentrationCoef"=dword:0000000a "WConsistencyCoef"=dword:0000000a "WCreativityCoef"=dword:0000003c "WDecisionsCoef"=dword:00000014 "WDeterminationCoef"=dword:0000000a "WDirtinessCoef"=dword:fffffffb "WFlairCoef"=dword:0000000a "WImportantMatchesCoef"=dword:00000014 "WInfluenceCoef"=dword:0000000a "WOffTheBallCoef"=dword:0000003c "WPositioningCoef"=dword:00000014 "WTeamworkCoef"=dword:0000001e "WWorkRateCoef"=dword:0000001e "WAccelerationCoef"=dword:00000050 "WAgilityCoef"=dword:00000014 "WBalanceCoef"=dword:0000000a "WInjuryPronenessCoef"=dword:fffffffb "WJumpingCoef"=dword:00000014 "WNaturalFitnessCoef"=dword:00000005 "WPaceCoef"=dword:00000064 "WStaminaCoef"=dword:0000003c "WStrengthCoef"=dword:00000014 "WVersatilityCoef"=dword:00000005 "WAerialAbilityCoef"=dword:00000000 "WCommandOfAreaCoef"=dword:00000000 "WCommunicationCoef"=dword:00000000 "WEccentricityCoef"=dword:00000000 "WHandlingCoef"=dword:00000000 "WKickingCoef"=dword:00000000 "WOneOnOnesCoef"=dword:00000005 "WReflexesCoef"=dword:00000005 "WRushingOutCoef"=dword:00000000 "WTendencyToPunchCoef"=dword:00000000 "WThrowingCoef"=dword:00000000 "WAdaptabilityCoef"=dword:00000005 "WAmbitionCoef"=dword:0000000a "WControversyCoef"=dword:fffffffb "WLoyalityCoef"=dword:00000005 "WPressureCoef"=dword:00000005 "WProfessionalismCoef"=dword:00000005 "WSportsmanshipCoef"=dword:00000005 "WTemperamentCoef"=dword:00000005 "FSTWeightCoef"=dword:00000067 "FSTCurrentAbilityCoef"=dword:00000000 "FSTCornersCoef"=dword:0000000a "FSTCrossingCoef"=dword:0000000a "FSTDribblingCoef"=dword:00000050 "FSTFinishingCoef"=dword:00000064 "FSTFirstTouchCoef"=dword:00000028 "FSTFreeKicksCoef"=dword:0000000a "FSTHeadingCoef"=dword:00000028 "FSTLongShotsCoef"=dword:00000014 "FSTLongThrowsCoef"=dword:00000000 "FSTMarkingCoef"=dword:00000000 "FSTPassingCoef"=dword:00000028 "FSTPenaltiesCoef"=dword:00000005 "FSTTacklingCoef"=dword:00000000 "FSTTechniqueCoef"=dword:00000050 "FSTLeftFootCoef"=dword:00000005 "FSTRightFootCoef"=dword:00000005 "FSTAggressionCoef"=dword:0000000a "FSTAnticipationCoef"=dword:0000000a "FSTBraveryCoef"=dword:0000000a "FSTComposureCoef"=dword:0000000a "FSTConcentrationCoef"=dword:0000000a "FSTConsistencyCoef"=dword:0000000a "FSTCreativityCoef"=dword:00000028 "FSTDecisionsCoef"=dword:0000000a "FSTDeterminationCoef"=dword:0000000a "FSTDirtinessCoef"=dword:fffffffb "FSTFlairCoef"=dword:0000000a "FSTImportantMatchesCoef"=dword:0000000a "FSTInfluenceCoef"=dword:0000000a "FSTOffTheBallCoef"=dword:00000050 "FSTPositioningCoef"=dword:0000000a "FSTTeamworkCoef"=dword:0000000a "FSTWorkRateCoef"=dword:0000000a "FSTAccelerationCoef"=dword:00000064 "FSTAgilityCoef"=dword:00000028 "FSTBalanceCoef"=dword:0000000a "FSTInjuryPronenessCoef"=dword:fffffffb "FSTJumpingCoef"=dword:00000014 "FSTNaturalFitnessCoef"=dword:00000005 "FSTPaceCoef"=dword:00000064 "FSTStaminaCoef"=dword:00000028 "FSTStrengthCoef"=dword:00000014 "FSTVersatilityCoef"=dword:00000005 "FSTAerialAbilityCoef"=dword:00000000 "FSTCommandOfAreaCoef"=dword:00000000 "FSTCommunicationCoef"=dword:00000000 "FSTEccentricityCoef"=dword:00000000 "FSTHandlingCoef"=dword:00000000 "FSTKickingCoef"=dword:00000000 "FSTOneOnOnesCoef"=dword:00000005 "FSTReflexesCoef"=dword:00000005 "FSTRushingOutCoef"=dword:00000000 "FSTTendencyToPunchCoef"=dword:00000000 "FSTThrowingCoef"=dword:00000000 "FSTAdaptabilityCoef"=dword:00000005 "FSTAmbitionCoef"=dword:0000000a "FSTControversyCoef"=dword:fffffffb "FSTLoyalityCoef"=dword:00000005 "FSTPressureCoef"=dword:00000005 "FSTProfessionalismCoef"=dword:00000005 "FSTSportsmanshipCoef"=dword:00000005 "FSTTemperamentCoef"=dword:00000005 "TSTWeightCoef"=dword:00000067 "TSTCurrentAbilityCoef"=dword:00000000 "TSTCornersCoef"=dword:00000000 "TSTCrossingCoef"=dword:0000000a "TSTDribblingCoef"=dword:0000003c "TSTFinishingCoef"=dword:00000050 "TSTFirstTouchCoef"=dword:0000001e "TSTFreeKicksCoef"=dword:0000000a "TSTHeadingCoef"=dword:00000064 "TSTLongShotsCoef"=dword:00000014 "TSTLongThrowsCoef"=dword:00000000 "TSTMarkingCoef"=dword:00000000 "TSTPassingCoef"=dword:00000028 "TSTPenaltiesCoef"=dword:00000005 "TSTTacklingCoef"=dword:00000000 "TSTTechniqueCoef"=dword:00000028 "TSTLeftFootCoef"=dword:00000005 "TSTRightFootCoef"=dword:00000005 "TSTAggressionCoef"=dword:00000014 "TSTAnticipationCoef"=dword:0000000a "TSTBraveryCoef"=dword:00000014 "TSTComposureCoef"=dword:0000000a "TSTConcentrationCoef"=dword:0000000a "TSTConsistencyCoef"=dword:0000000a "TSTCreativityCoef"=dword:00000014 "TSTDecisionsCoef"=dword:0000000a "TSTDeterminationCoef"=dword:0000000a "TSTDirtinessCoef"=dword:fffffffb "TSTFlairCoef"=dword:0000000a "TSTImportantMatchesCoef"=dword:0000000a "TSTInfluenceCoef"=dword:0000000a "TSTOffTheBallCoef"=dword:00000050 "TSTPositioningCoef"=dword:00000014 "TSTTeamworkCoef"=dword:0000000a "TSTWorkRateCoef"=dword:0000000a "TSTAccelerationCoef"=dword:00000028 "TSTAgilityCoef"=dword:00000014 "TSTBalanceCoef"=dword:00000014 "TSTInjuryPronenessCoef"=dword:fffffffb "TSTJumpingCoef"=dword:00000064 "TSTNaturalFitnessCoef"=dword:00000005 "TSTPaceCoef"=dword:00000028 "TSTStaminaCoef"=dword:00000014 "TSTStrengthCoef"=dword:00000050 "TSTVersatilityCoef"=dword:00000005 "TSTAerialAbilityCoef"=dword:00000000 "TSTCommandOfAreaCoef"=dword:00000000 "TSTCommunicationCoef"=dword:00000000 "TSTEccentricityCoef"=dword:00000000 "TSTHandlingCoef"=dword:00000000 "TSTKickingCoef"=dword:00000000 "TSTOneOnOnesCoef"=dword:00000005 "TSTReflexesCoef"=dword:00000005 "TSTRushingOutCoef"=dword:00000000 "TSTTendencyToPunchCoef"=dword:00000000 "TSTThrowingCoef"=dword:00000000 "TSTAdaptabilityCoef"=dword:00000005 "TSTAmbitionCoef"=dword:0000000a "TSTControversyCoef"=dword:fffffffb "TSTLoyalityCoef"=dword:00000005 "TSTPressureCoef"=dword:00000005 "TSTProfessionalismCoef"=dword:00000005 "TSTSportsmanshipCoef"=dword:00000005 "TSTTemperamentCoef"=dword:00000005 [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2009 XE] "GameDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\games" "ShortlistDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\shortlists" "ScreenshotsDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009" "SaveDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\" "HistoryDir"="c:\\Documents and Settings\\Ben\\Desktop\\FM Genie Scout 2009 XE\\History Points" "LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "SkinName"="Champions League" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000066 "UniqueID"="55-EA80-EF7F" "Currency"=dword:00000056 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\SecuROM\License information] "datasecu"=hex:cb,cb,1d,84,17,d3,49,00,8a,f2,73,e7,23,01,ba,23,ae,b3,64,04,52, d1,3e,47,d9,79,29,77,32,29,e7,9b,04,58,05,5f,2a,ef,f9,42,a6,e1,b0,11,31,b7,\ "rkeysecu"=hex:ee,b0,f8,e6,7e,82,3f,18,10,8c,1e,cb,48,39,5d,77 [HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG] "Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d, bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\ . Completion time: 2009-07-11 12:25 ComboFix-quarantined-files.txt 2009-07-11 11:25 Pre-Run: 46,432,641,024 bytes free Post-Run: 46,418,788,352 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn 1848 Performance-wise, everything seems ok, haven't had another alert from AVG about the initial virus so far.

07-11-2009, 07:36 AM	#4 (permalink)
jmw3 Analyst, Security Team Join Date: Jan 2009 Location: Western Australia Posts: 187 OS: Vista Home Premium SP2	Re: Downloader.Agent2.FGA in three separate locations. Hi AV: AVG Anti-Virus Free On-access scanning enabled - Please ensure you disable AVG prior to running ComboFix. CFScript Close any open browsers. Open notepad and copy/paste the text in the code box below into it: Code: DDS:: uStart Page = about:blank mSearch Bar = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/sb/http://uk.docs.yahoo.com/info/bt_side.html uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/http://uk.search.yahoo.com/ Trusted Zone: ketsujin.com\fighterace Trusted Zone: ketsujin.com\primary Trusted Zone: ketsujin.com\update Trusted Zone: ketsujin.com\www Trusted Zone: stormofaces.com\www Save this as CFScript.txt, in the same location as ComboFix.exe Refering to the picture above, drag CFScript into ComboFix.exe When finished, it shall produce a log for you at "C:\ComboFix.txt" Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall A word of warning: Neither I nor sUBs are responsible for any damage you may cause to your machine by running ComboFix on your own. This tool is not a toy and not for everyday use. ComboFix SHOULD NOT be used unless requested by a forum helper Update Java Runtime You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, & also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 14. Download the latest version of Java Runtime Environment (JRE) 6 Here Scroll down to where it says "Java SE Runtime Environment (JRE) 6 Update 14. The Java SE Runtime Environment (JRE) allows end-users to run Java applications." Click the Download button to the right Select the Windows platform from the dropdown menu Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement". Click on Continue.The page will refresh Click on the link to download Windows Offline Installation & save the file to your desktop Close any programs you may have running - especially your web browser Go to Start > Settings > Control Panel, double-click on Add/Remove Programs & remove all older versions of Java Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java(TM) 6) in the name Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions Reboot your computer once all Java components are removed Then from your desktop double-click on jre-6u14-windows-i586-p.exe to install the newest version After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup) On the General tab, under Temporary Internet Files, click the Settings button Next, click on the Delete Files button There are two options in the window to clear the cache - Leave BOTH Checked Applications and Applets Trace and Log Files Click OK on Delete Temporary Files Window Note: This deletes ALL the Downloaded Applications and Applets from the CACHE Click OK to leave the Temporary Files Window Click OK to leave the Java Control Panel Kaspersky Online Scan Do an online scan with >Kaspersky Online Scanner< Read through the requirements and privacy statement and click on Accept button It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run When the downloads have finished, click on Settings Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs Archives Mail databases Click on My Computer under Scan Once the scan is complete, it will display the results. Click on View Scan Report You will see a list of infected items there. Click on Save Report As... Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button Please post this log in your next reply To post in next reply: ComboFix log Kaspersky Scan log __________________ Member *Alliance of Security Analysis Professionals* UNITE

07-11-2009, 10:55 AM	#5 (permalink)
Benoso Registered User Join Date: Oct 2006 Posts: 18 OS: WinXP	Re: Downloader.Agent2.FGA in three separate locations. ComboFix 09-07-09.08 - Ben 11/07/2009 14:40.2.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.2047.1494 [GMT 1:00] Running from: c:\documents and settings\Ben\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Ben\Desktop\cfscript.txt AV: AVG Anti-Virus Free On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((( Files Created from 2009-06-11 to 2009-07-11 ))))))))))))))))))))))))))))))) . 2009-07-10 09:21 . 2009-07-02 08:48 2054424 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll 2009-07-10 09:21 . 2009-07-02 08:48 2167576 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgresf.dll 2009-07-08 22:13 . 2009-07-08 22:13 -------- d-----w- c:\program files\AirAttack uPnP Configurator 2009-07-08 16:28 . 2009-07-08 16:28 -------- d-----w- c:\documents and settings\Ben\Application Data\Motive 2009-07-08 16:27 . 2009-07-09 22:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive 2009-07-08 16:27 . 2009-07-09 22:13 -------- d-----w- c:\program files\Common Files\Motive 2009-07-08 16:27 . 2009-07-09 22:11 -------- d-----w- c:\program files\BT Broadband Desktop Help 2009-07-08 16:27 . 2009-07-08 16:27 -------- d-----w- c:\program files\Citrix 2009-07-08 16:27 . 2009-02-02 09:38 218496 ------w- c:\windows\system32\BTEmailConfig.dll 2009-07-08 16:27 . 2009-07-08 16:27 -------- d-----w- c:\windows\BTV.0000 2009-07-08 16:26 . 2001-10-11 10:26 65536 ----a-w- c:\windows\system32\YCRWin32.dll 2009-07-08 16:26 . 2002-01-05 05:18 84992 ----a-w- c:\windows\system32\ATL70.DLL 2009-07-08 16:26 . 2009-07-09 22:17 -------- d-----w- c:\program files\Yahoo! 2009-07-08 16:25 . 2009-07-08 16:25 -------- d-----w- c:\program files\BTHomeHub 2009-07-07 13:43 . 2009-07-07 13:43 -------- d-----w- c:\program files\PFPortChecker 2009-07-06 14:24 . 2009-07-06 14:24 10134 ----a-r- c:\documents and settings\Ben\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe 2009-07-06 14:24 . 2009-07-06 14:24 -------- d-----w- c:\program files\Microsoft WSE 2009-07-04 03:00 . 2009-07-06 14:12 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\VirtuaTennis2009 2009-07-04 02:49 . 2009-07-04 02:49 -------- d-----w- c:\program files\SEGA 2009-07-04 02:36 . 2009-07-04 02:36 -------- d-----w- c:\program files\7-Zip 2009-07-02 19:26 . 2009-07-02 19:26 41808 ----a-w- c:\windows\system32\xfcodec.dll 2009-07-02 08:50 . 2009-07-02 08:51 -------- d-----w- c:\program files\Democracy2 2009-07-02 00:50 . 2009-07-02 00:50 4096 ----a-w- c:\windows\d3dx.dat 2009-07-02 00:50 . 2009-07-09 22:20 -------- d-----w- c:\program files\Democracy2 Demo 2009-06-28 18:34 . 2001-08-17 13:02 2688 -c--a-w- c:\windows\system32\dllcache\hidswvd.sys 2009-06-28 18:34 . 2001-08-17 13:02 2688 ----a-w- c:\windows\system32\drivers\HIDSwvd.sys 2009-06-28 18:34 . 2004-08-03 22:08 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys 2009-06-28 18:34 . 2004-08-03 22:08 59136 ----a-w- c:\windows\system32\drivers\GcKernel.sys 2009-06-28 18:34 . 2001-08-17 21:36 10240 -c--a-w- c:\windows\system32\dllcache\swpdflt2.dll 2009-06-28 18:34 . 2001-08-17 21:36 10240 ----a-w- c:\windows\system32\swpdflt2.dll 2009-06-28 18:34 . 2001-08-17 13:02 3968 -c--a-w- c:\windows\system32\dllcache\swusbflt.sys 2009-06-28 18:34 . 2001-08-17 13:02 3968 ----a-w- c:\windows\system32\drivers\SWUSBFLT.SYS 2009-06-22 21:12 . 2009-06-22 21:12 -------- d-----w- c:\documents and settings\Ben\Local Settings\Application Data\Logitech 2009-06-22 17:09 . 2004-08-03 21:58 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2009-06-22 17:09 . 2004-08-03 21:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2009-06-22 17:08 . 2009-06-22 17:08 -------- d-----w- c:\program files\Common Files\Logitech 2009-06-22 17:08 . 2009-06-22 17:08 -------- d-----w- c:\program files\Logitech 2009-06-22 14:06 . 2009-06-29 14:07 314712 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\threatwork.exe 2009-06-22 14:06 . 2009-07-06 14:00 25440 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\savapibridge.dll 2009-06-22 14:06 . 2009-06-29 14:07 169312 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavamessage.dll 2009-06-22 14:06 . 2009-06-29 14:07 348496 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lavalicense.dll 2009-06-22 14:06 . 2009-06-29 14:07 298336 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\UpdateManager.dll 2009-06-22 14:05 . 2009-07-06 14:00 1630560 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Resources.dll 2009-06-22 14:05 . 2009-06-29 14:07 85352 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\AAWDriverTool.exe 2009-06-22 14:04 . 2009-06-29 14:07 664424 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\CEAPI.dll 2009-06-22 14:04 . 2009-06-29 14:07 563064 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe 2009-06-22 14:04 . 2009-06-29 14:07 566632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe 2009-06-22 14:04 . 2009-07-06 13:59 2353480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Ad-Aware.exe 2009-06-22 14:02 . 2009-06-29 14:07 629072 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWWSC.exe 2009-06-22 14:02 . 2009-06-29 14:07 520024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWTray.exe 2009-06-22 14:02 . 2009-06-29 14:07 1029456 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\AAWService.exe 2009-06-19 18:35 . 2009-06-19 18:35 -------- d-----w- c:\program files\Teamspeak2_RC2 2009-06-19 17:53 . 2009-07-10 23:25 -------- d-----w- c:\program files\Air Attack . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-11 11:45 . 2008-06-01 13:56 73408 ----a-w- c:\documents and settings\Ben\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-07-11 11:18 . 2008-06-02 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-07-10 20:04 . 2009-01-13 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-07-10 16:26 . 2008-08-11 01:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-07-10 01:17 . 2008-06-07 11:47 -------- d-----w- c:\documents and settings\Ben\Application Data\uTorrent 2009-07-09 23:51 . 2008-06-01 14:02 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-09 23:44 . 2009-06-11 01:56 -------- d-----w- c:\program files\a-squared Free 2009-07-09 22:42 . 2008-08-11 01:54 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-07-09 22:10 . 2008-09-25 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Kontiki 2009-07-09 20:11 . 2008-06-01 18:09 -------- d-----w- c:\documents and settings\Ben\Application Data\Xfire 2009-07-09 00:54 . 2008-12-10 03:45 -------- d-----w- c:\documents and settings\Ben\Application Data\Skype 2009-07-08 23:13 . 2008-06-01 18:09 -------- d-----w- c:\program files\Xfire 2009-07-08 22:37 . 2008-12-10 03:46 -------- d-----w- c:\documents and settings\Ben\Application Data\skypePM 2009-07-08 21:44 . 2009-03-09 23:59 -------- d-----w- c:\program files\PKR 2009-07-08 17:10 . 2008-06-01 14:39 138920 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-07-08 17:10 . 2008-06-01 14:39 189072 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-07-06 23:17 . 2009-05-11 11:00 -------- d-----w- c:\documents and settings\Ben\Application Data\dvdcss 2009-07-06 14:19 . 2008-07-08 13:56 -------- d-----w- c:\program files\Electronic Arts 2009-07-02 08:48 . 2008-06-02 19:48 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-06-29 14:07 . 2009-05-27 13:58 84832 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\ShellExt.dll 2009-06-29 14:07 . 2009-05-27 13:58 246128 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\RPAPI.dll 2009-06-29 14:07 . 2009-05-27 13:58 40288 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\PrivacyClean.dll 2009-06-19 00:39 . 2008-06-23 20:06 -------- d-----w- c:\documents and settings\Ben\Application Data\mIRC 2009-06-18 23:52 . 2008-06-23 20:06 -------- d-----w- c:\program files\mIRC 2009-06-18 20:33 . 2008-08-12 17:05 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-17 22:27 . 2009-06-07 12:39 -------- d-----w- c:\program files\PokerOfficer 2009-06-17 10:38 . 2008-06-02 19:48 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-11 23:07 . 2008-07-13 17:04 -------- d-----w- c:\program files\Soulseek 2009-06-11 17:36 . 2008-06-14 11:42 28276 ----a-w- c:\windows\system32\drivers\MxlW2k.sys 2009-06-07 15:12 . 2009-01-10 01:22 -------- d-----w- c:\program files\WordBiz 2009-06-07 15:11 . 2009-01-24 05:12 -------- d-----w- c:\documents and settings\Ben\Application Data\Sony 2009-06-07 15:10 . 2009-04-27 11:42 -------- d-----w- c:\program files\Poker Grapher 2009-06-07 15:10 . 2008-09-08 11:35 -------- d-----w- c:\program files\OpenOffice.org 2.4 2009-06-07 15:07 . 2008-09-24 12:09 -------- d-----w- c:\program files\Google 2009-06-07 12:39 . 2009-06-07 12:39 -------- d-----w- c:\documents and settings\Ben\Application Data\InstallShield 2009-05-27 13:58 . 2009-05-27 13:58 15688 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\lsdelete.exe 2009-05-27 13:58 . 2009-01-21 17:46 15688 ----a-w- c:\windows\system32\lsdelete.exe 2009-05-22 06:39 . 2009-05-22 06:39 -------- d-----w- c:\program files\DeskPins 2009-05-21 22:29 . 2008-09-08 13:37 1 ----a-w- c:\documents and settings\Ben\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys 2009-05-21 22:29 . 2008-09-08 13:36 -------- d-----w- c:\documents and settings\Ben\Application Data\OpenOffice.org2 2009-05-15 11:42 . 2008-06-02 19:48 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-05-13 14:37 . 2009-05-13 14:37 -------- d-----w- c:\program files\PokerEV 2009-04-27 14:04 . 2009-04-27 14:04 64160 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\update\Drivers\32\lbd.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-10 133104] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="c:\windows\RTHDCPL.EXE" [2007-03-21 16126464] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-04 8523776] "nwiz"="c:\windows\system32\nwiz.exe" [2007-12-04 1626112] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-04 81920] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-12 1948440] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-01-21 92168] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-05-15 11:42 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0autocheck lsdelete\0lsdelete [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Ben^Start Menu^Programs^Startup^DeskPins.lnk] path=c:\documents and settings\Ben\Start Menu\Programs\Startup\DeskPins.lnk backup=c:\windows\pss\DeskPins.lnkStartup [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized "kdx"=c:\program files\Kontiki\KHost.exe -all "PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "MMTray"=c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe "Ad-Watch"=c:\program files\Lavasoft\Ad-Aware\AAWTray.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Xfire\\xfire.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"= "c:\\Documents and Settings\\Ben\\Application Data\\Microsoft\\Internet Explorer\\Quick Launch\\slsk.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "28960:UDP"= 28960:UDP:cod2 "8888:TCP"= 8888:TCP:utor "8888:UDP"= 8888:UDP:utor2 R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [21/01/2009 15:59 64160] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [02/06/2008 20:48 335752] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [01/09/2008 13:33 298776] R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\atl01_xp.sys [01/06/2008 15:06 38656] R3 DAdderFltr;DeathAdder Mouse;c:\windows\system32\drivers\dadder.sys [01/06/2008 15:53 10880] S2 pgsql-8.3;PostgreSQL Database Server 8.3;c:\program files\PostgreSQL\8.3\bin\pg_ctl.exe [19/09/2008 03:03 65536] S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18/01/2009 22:34 1029456] S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [24/01/2009 06:01 83880] S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [24/01/2009 06:03 15016] S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [24/01/2009 06:03 110632] S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [24/01/2009 06:05 104616] S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [24/01/2009 06:06 25512] S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [24/01/2009 06:04 100648] S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [24/01/2009 06:06 110120] S3 SWUSBFLT;Microsoft SideWinder VIA Filter Driver;c:\windows\system32\drivers\SWUSBFLT.SYS [28/06/2009 19:34 3968] . Contents of the 'Scheduled Tasks' folder 2009-07-08 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 14:07] 2009-07-11 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-13 19:14] 2009-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1220945662-682003330-1003Core.job - c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-10 17:23] 2009-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-1220945662-682003330-1003UA.job - c:\documents and settings\Ben\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-10 17:23] . . ------- Supplementary Scan ------- . uSearchURL,(Default) = hxxp://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/http://uk.search.yahoo.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\zx281x56.default\ FF - component: c:\documents and settings\Ben\Application Data\Mozilla\Firefox\Profiles\zx281x56.default\extensions\speedtest@gotomyhelp.com\components\NetDiag.dll FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews..wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-11 14:44 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008] "GameDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\games" "ShortlistDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\shortlists" "ScreenshotsDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008" "SaveDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2008\\" "HistoryDir"="e:\\Untagged\\New Folder\\FM Genie Scout 2008\\History Points" "LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2008\\data\\updates\\update-802\\db\\802\\lang_db.dat" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "SkinID"=dword:00000001 "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "WindowState"=dword:00000000 "Currency"=dword:00000056 "WindowHeight"=dword:0000026d "WindowWidth"=dword:000003fc "WindowLeft"=dword:0000014a "WindowTop"=dword:000000d7 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008\Columns\Clubs] "Position0"=dword:00000000 "Visible0"=dword:00000001 "Width0"=dword:0000007d "Position1"=dword:00000001 "Visible1"=dword:00000001 "Width1"=dword:00000064 "Position2"=dword:00000002 "Visible2"=dword:00000001 "Width2"=dword:00000064 "Position3"=dword:00000003 "Visible3"=dword:00000001 "Width3"=dword:00000032 "Position4"=dword:00000004 "Visible4"=dword:00000001 "Width4"=dword:00000032 "Position5"=dword:00000005 "Visible5"=dword:00000001 "Width5"=dword:00000050 "Position6"=dword:00000006 "Visible6"=dword:00000001 "Width6"=dword:00000050 "Position7"=dword:00000007 "Visible7"=dword:00000001 "Width7"=dword:00000050 "Position8"=dword:00000008 "Visible8"=dword:00000000 "Width8"=dword:00000050 "Position9"=dword:00000009 "Visible9"=dword:00000000 "Width9"=dword:0000002d "Position10"=dword:0000000a "Visible10"=dword:00000000 "Width10"=dword:0000001e "Position11"=dword:0000000b "Visible11"=dword:00000000 "Width11"=dword:0000001e "Position12"=dword:0000000c "Visible12"=dword:00000000 "Width12"=dword:0000001e "Position13"=dword:0000000d "Visible13"=dword:00000001 "Width13"=dword:0000003c "Position14"=dword:0000000e "Visible14"=dword:00000000 "Width14"=dword:00000032 "Position15"=dword:0000000f "Visible15"=dword:00000000 "Width15"=dword:00000032 "Position16"=dword:00000010 "Visible16"=dword:00000000 "Width16"=dword:00000032 "Position17"=dword:00000011 "Visible17"=dword:00000001 "Width17"=dword:00000050 "Position18"=dword:00000012 "Visible18"=dword:00000001 "Width18"=dword:00000050 "Position19"=dword:00000013 "Visible19"=dword:00000000 "Width19"=dword:00000050 [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008\Columns\Players] "Position0"=dword:00000000 "Visible0"=dword:00000001 "Width0"=dword:0000007d "Position1"=dword:00000001 "Visible1"=dword:00000001 "Width1"=dword:0000008f "Position2"=dword:00000002 "Visible2"=dword:00000001 "Width2"=dword:00000064 "Position3"=dword:00000003 "Visible3"=dword:00000001 "Width3"=dword:00000037 "Position4"=dword:00000008 "Visible4"=dword:00000001 "Width4"=dword:00000023 "Position5"=dword:00000009 "Visible5"=dword:00000001 "Width5"=dword:00000028 "Position6"=dword:0000000a "Visible6"=dword:00000001 "Width6"=dword:00000028 "Position7"=dword:0000000c "Visible7"=dword:00000001 "Width7"=dword:0000004b "Position8"=dword:0000000d "Visible8"=dword:00000001 "Width8"=dword:0000004b "Position9"=dword:0000000e "Visible9"=dword:00000001 "Width9"=dword:00000050 "Position10"=dword:00000010 "Visible10"=dword:00000000 "Width10"=dword:00000050 "Position11"=dword:00000011 "Visible11"=dword:00000000 "Width11"=dword:0000004b "Position12"=dword:00000012 "Visible12"=dword:00000000 "Width12"=dword:0000002d "Position13"=dword:00000013 "Visible13"=dword:00000000 "Width13"=dword:0000003c "Position14"=dword:00000014 "Visible14"=dword:00000000 "Width14"=dword:0000004b "Position15"=dword:00000015 "Visible15"=dword:00000000 "Width15"=dword:00000064 "Position16"=dword:00000016 "Visible16"=dword:00000000 "Width16"=dword:00000064 "Position17"=dword:00000017 "Visible17"=dword:00000000 "Width17"=dword:0000004b "Position18"=dword:00000018 "Visible18"=dword:00000000 "Width18"=dword:00000064 "Position19"=dword:00000019 "Visible19"=dword:00000000 "Width19"=dword:0000003c "Position20"=dword:0000001a "Visible20"=dword:00000000 "Width20"=dword:0000004b "Position21"=dword:0000001b "Visible21"=dword:00000000 "Width21"=dword:00000050 "Position22"=dword:0000001c "Visible22"=dword:00000000 "Width22"=dword:00000073 "Position23"=dword:0000001d "Visible23"=dword:00000000 "Width23"=dword:00000050 "Position24"=dword:0000001e "Visible24"=dword:00000000 "Width24"=dword:0000005a "Position25"=dword:0000001f "Visible25"=dword:00000000 "Width25"=dword:0000006e "Position26"=dword:00000020 "Visible26"=dword:00000000 "Width26"=dword:00000064 "Position27"=dword:00000021 "Visible27"=dword:00000000 "Width27"=dword:00000087 "Position28"=dword:00000022 "Visible28"=dword:00000000 "Width28"=dword:00000064 "Position29"=dword:00000023 "Visible29"=dword:00000000 "Width29"=dword:00000064 "Position30"=dword:00000024 "Visible30"=dword:00000000 "Width30"=dword:00000046 "Position31"=dword:00000025 "Visible31"=dword:00000000 "Width31"=dword:0000004b "Position32"=dword:00000026 "Visible32"=dword:00000000 "Width32"=dword:00000046 "Position33"=dword:00000027 "Visible33"=dword:00000000 "Width33"=dword:0000004b "Position34"=dword:00000028 "Visible34"=dword:00000000 "Width34"=dword:0000003c "Position35"=dword:0000002a "Visible35"=dword:00000000 "Width35"=dword:00000064 "Position36"=dword:0000002e "Visible36"=dword:00000000 "Width36"=dword:00000073 "Position37"=dword:00000030 "Visible37"=dword:00000000 "Width37"=dword:0000005f "Position38"=dword:00000033 "Visible38"=dword:00000000 "Width38"=dword:00000091 "Position39"=dword:00000035 "Visible39"=dword:00000000 "Width39"=dword:0000003c "Position40"=dword:0000002c "Visible40"=dword:00000000 "Width40"=dword:0000005a "Position41"=dword:00000036 "Visible41"=dword:00000000 "Width41"=dword:00000041 "Position42"=dword:00000029 "Visible42"=dword:00000000 "Width42"=dword:00000050 "Position43"=dword:0000002b "Visible43"=dword:00000000 "Width43"=dword:00000055 "Position44"=dword:0000002d "Visible44"=dword:00000000 "Width44"=dword:0000005f "Position45"=dword:00000037 "Visible45"=dword:00000000 "Width45"=dword:00000050 "Position46"=dword:00000038 "Visible46"=dword:00000000 "Width46"=dword:0000004b "Position47"=dword:00000039 "Visible47"=dword:00000000 "Width47"=dword:0000004b "Position48"=dword:0000003a "Visible48"=dword:00000000 "Width48"=dword:00000046 "Position49"=dword:0000003b "Visible49"=dword:00000000 "Width49"=dword:00000032 "Position50"=dword:0000003c "Visible50"=dword:00000000 "Width50"=dword:0000003c "Position51"=dword:0000003d "Visible51"=dword:00000000 "Width51"=dword:0000004b "Position52"=dword:0000003e "Visible52"=dword:00000000 "Width52"=dword:0000003c "Position53"=dword:0000003f "Visible53"=dword:00000000 "Width53"=dword:00000037 "Position54"=dword:00000040 "Visible54"=dword:00000000 "Width54"=dword:00000069 "Position55"=dword:00000041 "Visible55"=dword:00000000 "Width55"=dword:0000005a "Position56"=dword:00000044 "Visible56"=dword:00000000 "Width56"=dword:0000004b "Position57"=dword:00000045 "Visible57"=dword:00000000 "Width57"=dword:0000004b "Position58"=dword:00000046 "Visible58"=dword:00000000 "Width58"=dword:00000037 "Position59"=dword:00000047 "Visible59"=dword:00000000 "Width59"=dword:0000003c "Position60"=dword:00000048 "Visible60"=dword:00000000 "Width60"=dword:0000003c "Position61"=dword:00000049 "Visible61"=dword:00000000 "Width61"=dword:00000041 "Position62"=dword:0000004a "Visible62"=dword:00000000 "Width62"=dword:00000055 "Position63"=dword:0000004b "Visible63"=dword:00000000 "Width63"=dword:0000003c "Position64"=dword:0000004c "Visible64"=dword:00000000 "Width64"=dword:0000003c "Position65"=dword:0000004d "Visible65"=dword:00000000 "Width65"=dword:0000004b "Position66"=dword:0000004e "Visible66"=dword:00000000 "Width66"=dword:0000003c "Position67"=dword:0000004f "Visible67"=dword:00000000 "Width67"=dword:00000046 "Position68"=dword:00000050 "Visible68"=dword:00000000 "Width68"=dword:00000028 "Position69"=dword:00000051 "Visible69"=dword:00000000 "Width69"=dword:00000041 "Position70"=dword:00000052 "Visible70"=dword:00000000 "Width70"=dword:0000003c "Position71"=dword:00000053 "Visible71"=dword:00000000 "Width71"=dword:00000069 "Position72"=dword:00000054 "Visible72"=dword:00000000 "Width72"=dword:00000041 "Position73"=dword:00000055 "Visible73"=dword:00000000 "Width73"=dword:0000005f "Position74"=dword:00000056 "Visible74"=dword:00000000 "Width74"=dword:0000003c "Position75"=dword:00000057 "Visible75"=dword:00000000 "Width75"=dword:00000037 "Position76"=dword:00000058 "Visible76"=dword:00000000 "Width76"=dword:0000004b "Position77"=dword:00000059 "Visible77"=dword:00000000 "Width77"=dword:00000050 "Position78"=dword:0000005a "Visible78"=dword:00000000 "Width78"=dword:00000037 "Position79"=dword:0000005b "Visible79"=dword:00000000 "Width79"=dword:00000037 "Position80"=dword:0000005c "Visible80"=dword:00000000 "Width80"=dword:0000005a "Position81"=dword:0000005d "Visible81"=dword:00000000 "Width81"=dword:0000004b "Position82"=dword:0000005e "Visible82"=dword:00000000 "Width82"=dword:00000055 "Position83"=dword:0000005f "Visible83"=dword:00000000 "Width83"=dword:0000002d "Position84"=dword:00000060 "Visible84"=dword:00000000 "Width84"=dword:00000037 "Position85"=dword:00000061 "Visible85"=dword:00000000 "Width85"=dword:0000003c "Position86"=dword:00000062 "Visible86"=dword:00000000 "Width86"=dword:00000046 "Position87"=dword:00000063 "Visible87"=dword:00000000 "Width87"=dword:0000003c "Position88"=dword:00000064 "Visible88"=dword:00000000 "Width88"=dword:0000005a "Position89"=dword:00000065 "Visible89"=dword:00000000 "Width89"=dword:0000003c "Position90"=dword:00000066 "Visible90"=dword:00000000 "Width90"=dword:00000050 "Position91"=dword:00000067 "Visible91"=dword:00000000 "Width91"=dword:00000046 "Position92"=dword:00000068 "Visible92"=dword:00000000 "Width92"=dword:0000005a "Position93"=dword:00000069 "Visible93"=dword:00000000 "Width93"=dword:00000037 "Position94"=dword:0000006a "Visible94"=dword:00000000 "Width94"=dword:0000003c "Position95"=dword:0000006b "Visible95"=dword:00000000 "Width95"=dword:0000003c "Position96"=dword:0000006c "Visible96"=dword:00000000 "Width96"=dword:00000046 "Position97"=dword:0000006d "Visible97"=dword:00000000 "Width97"=dword:00000046 "Position98"=dword:0000006e "Visible98"=dword:00000000 "Width98"=dword:00000055 "Position99"=dword:0000006f "Visible99"=dword:00000000 "Width99"=dword:00000073 "Position100"=dword:00000042 "Visible100"=dword:00000000 "Width100"=dword:00000041 "Position101"=dword:00000070 "Visible101"=dword:00000000 "Width101"=dword:0000003c "Position102"=dword:00000071 "Visible102"=dword:00000000 "Width102"=dword:0000003c "Position103"=dword:00000072 "Visible103"=dword:00000000 "Width103"=dword:00000046 "Position104"=dword:00000073 "Visible104"=dword:00000000 "Width104"=dword:0000003c "Position105"=dword:00000074 "Visible105"=dword:00000000 "Width105"=dword:00000041 "Position106"=dword:0000000f "Visible106"=dword:00000001 "Width106"=dword:00000050 "Position107"=dword:0000000b "Visible107"=dword:00000001 "Width107"=dword:00000028 "Position108"=dword:00000043 "Visible108"=dword:00000000 "Width108"=dword:00000050 "Position109"=dword:0000002f "Visible109"=dword:00000000 "Width109"=dword:00000050 "Position110"=dword:00000031 "Visible110"=dword:00000000 "Width110"=dword:00000055 "Position111"=dword:00000032 "Visible111"=dword:00000000 "Width111"=dword:00000082 "Position112"=dword:00000034 "Visible112"=dword:00000000 "Width112"=dword:00000087 "Position113"=dword:00000075 "Visible113"=dword:00000000 "Width113"=dword:00000050 "Position114"=dword:00000076 "Visible114"=dword:00000000 "Width114"=dword:00000050 "Position115"=dword:00000077 "Visible115"=dword:00000000 "Width115"=dword:00000050 "Position116"=dword:00000078 "Visible116"=dword:00000000 "Width116"=dword:00000050 "Position117"=dword:00000079 "Visible117"=dword:00000000 "Width117"=dword:00000050 "Position118"=dword:0000007a "Visible118"=dword:00000000 "Width118"=dword:00000050 "Position119"=dword:0000007b "Visible119"=dword:00000000 "Width119"=dword:00000050 "Position120"=dword:0000007c "Visible120"=dword:00000000 "Width120"=dword:00000050 "Position121"=dword:0000007d "Visible121"=dword:00000000 "Width121"=dword:00000050 "Position122"=dword:0000007e "Visible122"=dword:00000000 "Width122"=dword:00000050 "Position123"=dword:0000007f "Visible123"=dword:00000000 "Width123"=dword:00000050 "Position124"=dword:00000080 "Visible124"=dword:00000000 "Width124"=dword:00000050 "Position125"=dword:00000081 "Visible125"=dword:00000000 "Width125"=dword:00000050 "Position126"=dword:00000082 "Visible126"=dword:00000000 "Width126"=dword:00000050 "Position127"=dword:00000083 "Visible127"=dword:00000000 "Width127"=dword:00000050 "Position128"=dword:00000084 "Visible128"=dword:00000000 "Width128"=dword:00000050 "Position129"=dword:00000085 "Visible129"=dword:00000000 "Width129"=dword:00000050 "Position130"=dword:00000086 "Visible130"=dword:00000000 "Width130"=dword:00000050 "Position131"=dword:00000087 "Visible131"=dword:00000000 "Width131"=dword:00000050 "Position132"=dword:00000088 "Visible132"=dword:00000000 "Width132"=dword:00000050 "Position133"=dword:00000089 "Visible133"=dword:00000000 "Width133"=dword:00000050 "Position134"=dword:0000008a "Visible134"=dword:00000000 "Width134"=dword:00000050 "Position135"=dword:0000008b "Visible135"=dword:00000000 "Width135"=dword:00000050 "Position136"=dword:0000008c "Visible136"=dword:00000000 "Width136"=dword:00000050 "Position137"=dword:0000008d "Visible137"=dword:00000000 "Width137"=dword:00000050 "Position138"=dword:0000008e "Visible138"=dword:00000000 "Width138"=dword:00000050 "Position139"=dword:0000008f "Visible139"=dword:00000000 "Width139"=dword:00000050 "Position140"=dword:00000090 "Visible140"=dword:00000000 "Width140"=dword:00000050 "Position141"=dword:00000091 "Visible141"=dword:00000000 "Width141"=dword:00000050 "Position142"=dword:00000092 "Visible142"=dword:00000000 "Width142"=dword:00000050 "Position143"=dword:00000093 "Visible143"=dword:00000000 "Width143"=dword:00000050 "Position144"=dword:00000094 "Visible144"=dword:00000000 "Width144"=dword:00000050 "Position145"=dword:00000095 "Visible145"=dword:00000000 "Width145"=dword:00000050 "Position146"=dword:00000004 "Visible146"=dword:00000000 "Width146"=dword:00000037 "Position147"=dword:00000005 "Visible147"=dword:00000000 "Width147"=dword:00000028 "Position148"=dword:00000006 "Visible148"=dword:00000000 "Width148"=dword:00000037 "Position149"=dword:00000007 "Visible149"=dword:00000001 "Width149"=dword:00000028 [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008\Columns\Staff] "Position0"=dword:00000000 "Visible0"=dword:00000001 "Width0"=dword:0000007d "Position1"=dword:00000001 "Visible1"=dword:00000001 "Width1"=dword:00000064 "Position2"=dword:00000002 "Visible2"=dword:00000001 "Width2"=dword:00000064 "Position3"=dword:00000003 "Visible3"=dword:00000001 "Width3"=dword:00000069 "Position4"=dword:00000005 "Visible4"=dword:00000001 "Width4"=dword:00000028 "Position5"=dword:00000006 "Visible5"=dword:00000001 "Width5"=dword:00000028 "Position6"=dword:00000004 "Visible6"=dword:00000001 "Width6"=dword:00000028 "Position7"=dword:00000007 "Visible7"=dword:00000001 "Width7"=dword:00000050 "Position8"=dword:00000008 "Visible8"=dword:00000000 "Width8"=dword:00000050 "Position9"=dword:00000009 "Visible9"=dword:00000000 "Width9"=dword:0000004b "Position10"=dword:0000000a "Visible10"=dword:00000000 "Width10"=dword:0000002d "Position11"=dword:0000000b "Visible11"=dword:00000000 "Width11"=dword:0000003c "Position12"=dword:0000000c "Visible12"=dword:00000000 "Width12"=dword:0000004b "Position13"=dword:0000000d "Visible13"=dword:00000000 "Width13"=dword:00000064 "Position14"=dword:0000000e "Visible14"=dword:00000000 "Width14"=dword:00000064 "Position15"=dword:0000000f "Visible15"=dword:00000000 "Width15"=dword:0000004b "Position16"=dword:00000010 "Visible16"=dword:00000000 "Width16"=dword:00000064 "Position17"=dword:00000011 "Visible17"=dword:00000000 "Width17"=dword:0000003c "Position18"=dword:00000012 "Visible18"=dword:00000000 "Width18"=dword:0000004b "Position19"=dword:00000013 "Visible19"=dword:00000000 "Width19"=dword:00000050 "Position20"=dword:00000014 "Visible20"=dword:00000000 "Width20"=dword:00000046 "Position21"=dword:00000015 "Visible21"=dword:00000000 "Width21"=dword:0000004b "Position22"=dword:00000016 "Visible22"=dword:00000000 "Width22"=dword:00000046 "Position23"=dword:00000017 "Visible23"=dword:00000000 "Width23"=dword:00000046 "Position24"=dword:00000018 "Visible24"=dword:00000000 "Width24"=dword:0000003c "Position25"=dword:00000019 "Visible25"=dword:00000000 "Width25"=dword:00000041 "Position26"=dword:0000001a "Visible26"=dword:00000000 "Width26"=dword:0000003c "Position27"=dword:0000001b "Visible27"=dword:00000000 "Width27"=dword:00000055 "Position28"=dword:0000001c "Visible28"=dword:00000000 "Width28"=dword:00000069 "Position29"=dword:0000001d "Visible29"=dword:00000000 "Width29"=dword:0000006e "Position30"=dword:0000001e "Visible30"=dword:00000000 "Width30"=dword:00000064 "Position31"=dword:0000001f "Visible31"=dword:00000000 "Width31"=dword:00000078 "Position32"=dword:00000020 "Visible32"=dword:00000000 "Width32"=dword:00000064 "Position33"=dword:00000021 "Visible33"=dword:00000000 "Width33"=dword:00000087 "Position34"=dword:00000022 "Visible34"=dword:00000000 "Width34"=dword:00000069 "Position35"=dword:00000023 "Visible35"=dword:00000000 "Width35"=dword:0000006e "Position36"=dword:00000024 "Visible36"=dword:00000000 "Width36"=dword:00000073 "Position37"=dword:00000025 "Visible37"=dword:00000000 "Width37"=dword:0000004b "Position38"=dword:00000026 "Visible38"=dword:00000000 "Width38"=dword:0000002d "Position39"=dword:00000027 "Visible39"=dword:00000000 "Width39"=dword:00000055 "Position40"=dword:00000028 "Visible40"=dword:00000000 "Width40"=dword:00000046 "Position41"=dword:00000029 "Visible41"=dword:00000000 "Width41"=dword:0000004b "Position42"=dword:0000002a "Visible42"=dword:00000000 "Width42"=dword:0000003c "Position43"=dword:0000002b "Visible43"=dword:00000000 "Width43"=dword:00000046 "Position44"=dword:0000002c "Visible44"=dword:00000000 "Width44"=dword:00000073 "Position45"=dword:0000002d "Visible45"=dword:00000000 "Width45"=dword:0000004b "Position46"=dword:0000002e "Visible46"=dword:00000000 "Width46"=dword:00000073 "Position47"=dword:0000002f "Visible47"=dword:00000000 "Width47"=dword:0000007d "Position48"=dword:00000030 "Visible48"=dword:00000000 "Width48"=dword:0000006e "Position49"=dword:00000031 "Visible49"=dword:00000000 "Width49"=dword:00000037 "Position50"=dword:00000032 "Visible50"=dword:00000000 "Width50"=dword:00000064 "Position51"=dword:00000033 "Visible51"=dword:00000000 "Width51"=dword:00000037 "Position52"=dword:00000034 "Visible52"=dword:00000000 "Width52"=dword:0000004b "Position53"=dword:00000035 "Visible53"=dword:00000000 "Width53"=dword:00000046 "Position54"=dword:00000036 "Visible54"=dword:00000000 "Width54"=dword:00000037 "Position55"=dword:00000037 "Visible55"=dword:00000000 "Width55"=dword:0000003c "Position56"=dword:00000038 "Visible56"=dword:00000000 "Width56"=dword:00000055 "Position57"=dword:00000039 "Visible57"=dword:00000000 "Width57"=dword:0000003c "Position58"=dword:0000003a "Visible58"=dword:00000000 "Width58"=dword:0000003c "Position59"=dword:0000003b "Visible59"=dword:00000000 "Width59"=dword:00000055 "Position60"=dword:0000003c "Visible60"=dword:00000000 "Width60"=dword:00000046 "Position61"=dword:0000003d "Visible61"=dword:00000000 "Width61"=dword:0000004b "Position62"=dword:0000003e "Visible62"=dword:00000000 "Width62"=dword:00000055 "Position63"=dword:0000003f "Visible63"=dword:00000000 "Width63"=dword:0000005a "Position64"=dword:00000040 "Visible64"=dword:00000000 "Width64"=dword:0000006e "Position65"=dword:00000041 "Visible65"=dword:00000000 "Width65"=dword:00000050 "Position66"=dword:00000042 "Visible66"=dword:00000000 "Width66"=dword:00000032 "Position67"=dword:00000043 "Visible67"=dword:00000000 "Width67"=dword:00000064 "Position68"=dword:00000044 "Visible68"=dword:00000000 "Width68"=dword:0000004b "Position69"=dword:00000045 "Visible69"=dword:00000000 "Width69"=dword:0000002d "Position70"=dword:00000046 "Visible70"=dword:00000000 "Width70"=dword:0000004b "Position71"=dword:00000047 "Visible71"=dword:00000000 "Width71"=dword:0000005a "Position72"=dword:00000048 "Visible72"=dword:00000000 "Width72"=dword:0000005a "Position73"=dword:00000049 "Visible73"=dword:00000000 "Width73"=dword:00000050 "Position74"=dword:0000004a "Visible74"=dword:00000000 "Width74"=dword:0000004b "Position75"=dword:0000004b "Visible75"=dword:00000000 "Width75"=dword:00000050 "Position76"=dword:0000004c "Visible76"=dword:00000000 "Width76"=dword:0000005a "Position77"=dword:0000004d "Visible77"=dword:00000000 "Width77"=dword:00000041 "Position78"=dword:0000004e "Visible78"=dword:00000000 "Width78"=dword:00000041 "Position79"=dword:0000004f "Visible79"=dword:00000000 "Width79"=dword:00000041 "Position80"=dword:00000050 "Visible80"=dword:00000000 "Width80"=dword:00000041 "Position81"=dword:00000051 "Visible81"=dword:00000000 "Width81"=dword:00000041 "Position82"=dword:00000052 "Visible82"=dword:00000000 "Width82"=dword:00000041 "Position83"=dword:00000053 "Visible83"=dword:00000000 "Width83"=dword:00000041 "Position84"=dword:00000054 "Visible84"=dword:00000000 "Width84"=dword:00000041 "Position85"=dword:00000055 "Visible85"=dword:00000000 "Width85"=dword:00000041 "Position86"=dword:00000056 "Visible86"=dword:00000000 "Width86"=dword:00000050 [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2008\Rating Coefficients] "GKWeightCoef"=dword:00000064 "GKCurrentAbilityCoef"=dword:00000000 "GKCornersCoef"=dword:00000000 "GKCrossingCoef"=dword:00000000 "GKDribblingCoef"=dword:00000000 "GKFinishingCoef"=dword:00000000 "GKFirstTouchCoef"=dword:00000000 "GKFreeKicksCoef"=dword:00000000 "GKHeadingCoef"=dword:00000000 "GKLongShotsCoef"=dword:00000000 "GKLongThrowsCoef"=dword:00000000 "GKMarkingCoef"=dword:00000000 "GKPassingCoef"=dword:00000000 "GKPenaltiesCoef"=dword:00000000 "GKTacklingCoef"=dword:00000005 "GKTechniqueCoef"=dword:00000000 "GKLeftFootCoef"=dword:00000000 "GKRightFootCoef"=dword:00000000 "GKAggressionCoef"=dword:0000000a "GKAnticipationCoef"=dword:00000005 "GKBraveryCoef"=dword:00000014 "GKComposureCoef"=dword:00000014 "GKConcentrationCoef"=dword:0000000a "GKConsistencyCoef"=dword:0000000a "GKCreativityCoef"=dword:00000000 "GKDecisionsCoef"=dword:00000014 "GKDeterminationCoef"=dword:0000000a "GKDirtinessCoef"=dword:fffffffb "GKFlairCoef"=dword:00000000 "GKImportantMatchesCoef"=dword:0000000a "GKInfluenceCoef"=dword:0000000a "GKOffTheBallCoef"=dword:00000000 "GKPositioningCoef"=dword:00000050 "GKTeamworkCoef"=dword:00000005 "GKWorkRateCoef"=dword:00000000 "GKAccelerationCoef"=dword:00000005 "GKAgilityCoef"=dword:0000000a "GKBalanceCoef"=dword:0000000a "GKInjuryPronenessCoef"=dword:fffffffb "GKJumpingCoef"=dword:00000050 "GKNaturalFitnessCoef"=dword:00000005 "GKPaceCoef"=dword:00000000 "GKStaminaCoef"=dword:00000000 "GKStrengthCoef"=dword:0000000a "GKVersatilityCoef"=dword:00000000 "GKAerialAbilityCoef"=dword:00000032 "GKCommandOfAreaCoef"=dword:00000014 "GKCommunicationCoef"=dword:00000032 "GKEccentricityCoef"=dword:ffffffec "GKHandlingCoef"=dword:00000064 "GKKickingCoef"=dword:0000000a "GKOneOnOnesCoef"=dword:00000032 "GKReflexesCoef"=dword:00000064 "GKRushingOutCoef"=dword:00000014 "GKTendencyToPunchCoef"=dword:fffffff6 "GKThrowingCoef"=dword:0000000a "GKAdaptabilityCoef"=dword:00000005 "GKAmbitionCoef"=dword:0000000a "GKControversyCoef"=dword:fffffffb "GKLoyalityCoef"=dword:00000005 "GKPressureCoef"=dword:00000005 "GKProfessionalismCoef"=dword:00000005 "GKSportsmanshipCoef"=dword:00000005 "GKTemperamentCoef"=dword:00000005 "SWWeightCoef"=dword:00000066 "SWCurrentAbilityCoef"=dword:00000000 "SWCornersCoef"=dword:00000000 "SWCrossingCoef"=dword:00000000 "SWDribblingCoef"=dword:00000000 "SWFinishingCoef"=dword:00000000 "SWFirstTouchCoef"=dword:00000014 "SWFreeKicksCoef"=dword:0000000a "SWHeadingCoef"=dword:00000064 "SWLongShotsCoef"=dword:0000000a "SWLongThrowsCoef"=dword:00000000 "SWMarkingCoef"=dword:00000064 "SWPassingCoef"=dword:0000000a "SWPenaltiesCoef"=dword:00000005 "SWTacklingCoef"=dword:00000064 "SWTechniqueCoef"=dword:0000000a "SWLeftFootCoef"=dword:00000005 "SWRightFootCoef"=dword:00000005 "SWAggressionCoef"=dword:00000014 "SWAnticipationCoef"=dword:00000014 "SWBraveryCoef"=dword:00000028 "SWComposureCoef"=dword:00000028 "SWConcentrationCoef"=dword:0000003c "SWConsistencyCoef"=dword:0000000a "SWCreativityCoef"=dword:0000000a "SWDecisionsCoef"=dword:00000014 "SWDeterminationCoef"=dword:0000000a "SWDirtinessCoef"=dword:ffffffe7 "SWFlairCoef"=dword:00000000 "SWImportantMatchesCoef"=dword:0000000a "SWInfluenceCoef"=dword:0000000a "SWOffTheBallCoef"=dword:0000000a "SWPositioningCoef"=dword:00000064 "SWTeamworkCoef"=dword:00000028 "SWWorkRateCoef"=dword:00000014 "SWAccelerationCoef"=dword:0000001e "SWAgilityCoef"=dword:0000000a "SWBalanceCoef"=dword:00000014 "SWInjuryPronenessCoef"=dword:fffffffb "SWJumpingCoef"=dword:00000064 "SWNaturalFitnessCoef"=dword:00000005 "SWPaceCoef"=dword:00000014 "SWStaminaCoef"=dword:0000000a "SWStrengthCoef"=dword:00000050 "SWVersatilityCoef"=dword:00000005 "SWAerialAbilityCoef"=dword:00000000 "SWCommandOfAreaCoef"=dword:00000000 "SWCommunicationCoef"=dword:00000000 "SWEccentricityCoef"=dword:00000000 "SWHandlingCoef"=dword:00000000 "SWKickingCoef"=dword:00000000 "SWOneOnOnesCoef"=dword:00000005 "SWReflexesCoef"=dword:00000005 "SWRushingOutCoef"=dword:00000000 "SWTendencyToPunchCoef"=dword:00000000 "SWThrowingCoef"=dword:00000000 "SWAdaptabilityCoef"=dword:00000005 "SWAmbitionCoef"=dword:0000000a "SWControversyCoef"=dword:fffffffb "SWLoyalityCoef"=dword:00000005 "SWPressureCoef"=dword:00000005 "SWProfessionalismCoef"=dword:00000005 "SWSportsmanshipCoef"=dword:00000005 "SWTemperamentCoef"=dword:00000005 "CBWeightCoef"=dword:00000064 "CBCurrentAbilityCoef"=dword:00000000 "CBCornersCoef"=dword:00000000 "CBCrossingCoef"=dword:00000000 "CBDribblingCoef"=dword:00000000 "CBFinishingCoef"=dword:00000000 "CBFirstTouchCoef"=dword:00000014 "CBFreeKicksCoef"=dword:0000000a "CBHeadingCoef"=dword:00000064 "CBLongShotsCoef"=dword:0000000a "CBLongThrowsCoef"=dword:00000000 "CBMarkingCoef"=dword:00000050 "CBPassingCoef"=dword:00000014 "CBPenaltiesCoef"=dword:00000005 "CBTacklingCoef"=dword:00000064 "CBTechniqueCoef"=dword:0000000a "CBLeftFootCoef"=dword:00000005 "CBRightFootCoef"=dword:00000005 "CBAggressionCoef"=dword:00000014 "CBAnticipationCoef"=dword:00000014 "CBBraveryCoef"=dword:00000028 "CBComposureCoef"=dword:00000014 "CBConcentrationCoef"=dword:00000028 "CBConsistencyCoef"=dword:0000000a "CBCreativityCoef"=dword:0000000a "CBDecisionsCoef"=dword:00000014 "CBDeterminationCoef"=dword:0000000a "CBDirtinessCoef"=dword:ffffffec "CBFlairCoef"=dword:00000000 "CBImportantMatchesCoef"=dword:0000000a "CBInfluenceCoef"=dword:0000000a "CBOffTheBallCoef"=dword:0000000a "CBPositioningCoef"=dword:00000050 "CBTeamworkCoef"=dword:00000028 "CBWorkRateCoef"=dword:00000014 "CBAccelerationCoef"=dword:00000028 "CBAgilityCoef"=dword:0000000a "CBBalanceCoef"=dword:00000014 "CBInjuryPronenessCoef"=dword:fffffffb "CBJumpingCoef"=dword:00000064 "CBNaturalFitnessCoef"=dword:00000005 "CBPaceCoef"=dword:0000001e "CBStaminaCoef"=dword:0000000a "CBStrengthCoef"=dword:0000003c "CBVersatilityCoef"=dword:00000005 "CBAerialAbilityCoef"=dword:00000000 "CBCommandOfAreaCoef"=dword:00000000 "CBCommunicationCoef"=dword:00000000 "CBEccentricityCoef"=dword:00000000 "CBHandlingCoef"=dword:00000000 "CBKickingCoef"=dword:00000000 "CBOneOnOnesCoef"=dword:00000005 "CBReflexesCoef"=dword:00000005 "CBRushingOutCoef"=dword:00000000 "CBTendencyToPunchCoef"=dword:00000000 "CBThrowingCoef"=dword:00000000 "CBAdaptabilityCoef"=dword:00000005 "CBAmbitionCoef"=dword:0000000a "CBControversyCoef"=dword:fffffffb "CBLoyalityCoef"=dword:00000005 "CBPressureCoef"=dword:00000005 "CBProfessionalismCoef"=dword:00000005 "CBSportsmanshipCoef"=dword:00000005 "CBTemperamentCoef"=dword:00000005 "FBWeightCoef"=dword:00000069 "FBCurrentAbilityCoef"=dword:00000000 "FBCornersCoef"=dword:0000000a "FBCrossingCoef"=dword:0000001e "FBDribblingCoef"=dword:00000014 "FBFinishingCoef"=dword:00000000 "FBFirstTouchCoef"=dword:00000014 "FBFreeKicksCoef"=dword:0000000a "FBHeadingCoef"=dword:0000003c "FBLongShotsCoef"=dword:0000000a "FBLongThrowsCoef"=dword:0000000a "FBMarkingCoef"=dword:0000003c "FBPassingCoef"=dword:0000001e "FBPenaltiesCoef"=dword:00000005 "FBTacklingCoef"=dword:00000064 "FBTechniqueCoef"=dword:00000014 "FBLeftFootCoef"=dword:00000005 "FBRightFootCoef"=dword:00000005 "FBAggressionCoef"=dword:0000000f "FBAnticipationCoef"=dword:00000050 "FBBraveryCoef"=dword:00000014 "FBComposureCoef"=dword:0000000a "FBConcentrationCoef"=dword:0000001e "FBConsistencyCoef"=dword:0000000a "FBCreativityCoef"=dword:0000000a "FBDecisionsCoef"=dword:00000014 "FBDeterminationCoef"=dword:0000000a "FBDirtinessCoef"=dword:fffffff6 "FBFlairCoef"=dword:00000005 "FBImportantMatchesCoef"=dword:0000000a "FBInfluenceCoef"=dword:0000000a "FBOffTheBallCoef"=dword:00000014 "FBPositioningCoef"=dword:00000064 "FBTeamworkCoef"=dword:00000014 "FBWorkRateCoef"=dword:00000014 "FBAccelerationCoef"=dword:0000003c "FBAgilityCoef"=dword:0000000a "FBBalanceCoef"=dword:00000014 "FBInjuryPronenessCoef"=dword:fffffffb "FBJumpingCoef"=dword:0000003c "FBNaturalFitnessCoef"=dword:00000005 "FBPaceCoef"=dword:00000050 "FBStaminaCoef"=dword:0000003c "FBStrengthCoef"=dword:00000028 "FBVersatilityCoef"=dword:00000005 "FBAerialAbilityCoef"=dword:00000000 "FBCommandOfAreaCoef"=dword:00000000 "FBCommunicationCoef"=dword:00000000 "FBEccentricityCoef"=dword:00000000 "FBHandlingCoef"=dword:00000000 "FBKickingCoef"=dword:00000000 "FBOneOnOnesCoef"=dword:00000005 "FBReflexesCoef"=dword:00000005 "FBRushingOutCoef"=dword:00000000 "FBTendencyToPunchCoef"=dword:00000000 "FBThrowingCoef"=dword:00000000 "FBAdaptabilityCoef"=dword:00000005 "FBAmbitionCoef"=dword:0000000a "FBControversyCoef"=dword:fffffffb "FBLoyalityCoef"=dword:00000005 "FBPressureCoef"=dword:00000005 "FBProfessionalismCoef"=dword:00000005 "FBSportsmanshipCoef"=dword:00000005 "FBTemperamentCoef"=dword:00000005 "WBWeightCoef"=dword:0000006c "WBCurrentAbilityCoef"=dword:00000000 "WBCornersCoef"=dword:0000000a "WBCrossingCoef"=dword:0000003c "WBDribblingCoef"=dword:00000028 "WBFinishingCoef"=dword:0000000a "WBFirstTouchCoef"=dword:00000014 "WBFreeKicksCoef"=dword:0000000a "WBHeadingCoef"=dword:00000028 "WBLongShotsCoef"=dword:00000014 "WBLongThrowsCoef"=dword:0000000a "WBMarkingCoef"=dword:0000003c "WBPassingCoef"=dword:00000028 "WBPenaltiesCoef"=dword:00000005 "WBTacklingCoef"=dword:00000064 "WBTechniqueCoef"=dword:00000028 "WBLeftFootCoef"=dword:00000005 "WBRightFootCoef"=dword:00000005 "WBAggressionCoef"=dword:0000000a "WBAnticipationCoef"=dword:00000050 "WBBraveryCoef"=dword:0000000a "WBComposureCoef"=dword:0000000a "WBConcentrationCoef"=dword:00000014 "WBConsistencyCoef"=dword:0000000a "WBCreativityCoef"=dword:00000014 "WBDecisionsCoef"=dword:00000014 "WBDeterminationCoef"=dword:0000000a "WBDirtinessCoef"=dword:fffffff6 "WBFlairCoef"=dword:0000000a "WBImportantMatchesCoef"=dword:0000000a "WBInfluenceCoef"=dword:0000000a "WBOffTheBallCoef"=dword:00000014 "WBPositioningCoef"=dword:00000064 "WBTeamworkCoef"=dword:00000014 "WBWorkRateCoef"=dword:00000028 "WBAccelerationCoef"=dword:00000050 "WBAgilityCoef"=dword:0000000a "WBBalanceCoef"=dword:00000014 "WBInjuryPronenessCoef"=dword:fffffffb "WBJumpingCoef"=dword:00000014 "WBNaturalFitnessCoef"=dword:00000005 "WBPaceCoef"=dword:00000064 "WBStaminaCoef"=dword:00000050 "WBStrengthCoef"=dword:00000028 "WBVersatilityCoef"=dword:00000005 "WBAerialAbilityCoef"=dword:00000000 "WBCommandOfAreaCoef"=dword:00000000 "WBCommunicationCoef"=dword:00000000 "WBEccentricityCoef"=dword:00000000 "WBHandlingCoef"=dword:00000000 "WBKickingCoef"=dword:00000000 "WBOneOnOnesCoef"=dword:00000005 "WBReflexesCoef"=dword:00000005 "WBRushingOutCoef"=dword:00000000 "WBTendencyToPunchCoef"=dword:00000000 "WBThrowingCoef"=dword:00000000 "WBAdaptabilityCoef"=dword:00000005 "WBAmbitionCoef"=dword:0000000a "WBControversyCoef"=dword:fffffffb "WBLoyalityCoef"=dword:00000005 "WBPressureCoef"=dword:00000005 "WBProfessionalismCoef"=dword:00000005 "WBSportsmanshipCoef"=dword:00000005 "WBTemperamentCoef"=dword:00000005 "DMWeightCoef"=dword:00000067 "DMCurrentAbilityCoef"=dword:00000000 "DMCornersCoef"=dword:0000000a "DMCrossingCoef"=dword:0000001e "DMDribblingCoef"=dword:00000014 "DMFinishingCoef"=dword:0000000a "DMFirstTouchCoef"=dword:0000001e "DMFreeKicksCoef"=dword:0000000a "DMHeadingCoef"=dword:00000028 "DMLongShotsCoef"=dword:00000014 "DMLongThrowsCoef"=dword:00000005 "DMMarkingCoef"=dword:0000003c "DMPassingCoef"=dword:00000028 "DMPenaltiesCoef"=dword:00000005 "DMTacklingCoef"=dword:00000064 "DMTechniqueCoef"=dword:0000001e "DMLeftFootCoef"=dword:00000005 "DMRightFootCoef"=dword:00000005 "DMAggressionCoef"=dword:00000028 "DMAnticipationCoef"=dword:00000028 "DMBraveryCoef"=dword:00000014 "DMComposureCoef"=dword:0000000a "DMConcentrationCoef"=dword:00000014 "DMConsistencyCoef"=dword:0000000a "DMCreativityCoef"=dword:00000014 "DMDecisionsCoef"=dword:00000014 "DMDeterminationCoef"=dword:0000000a "DMDirtinessCoef"=dword:fffffff6 "DMFlairCoef"=dword:0000000a "DMImportantMatchesCoef"=dword:0000000a "DMInfluenceCoef"=dword:0000000a "DMOffTheBallCoef"=dword:0000001e "DMPositioningCoef"=dword:00000050 "DMTeamworkCoef"=dword:00000028 "DMWorkRateCoef"=dword:00000050 "DMAccelerationCoef"=dword:00000028 "DMAgilityCoef"=dword:0000000a "DMBalanceCoef"=dword:0000000a "DMInjuryPronenessCoef"=dword:fffffffb "DMJumpingCoef"=dword:00000028 "DMNaturalFitnessCoef"=dword:00000005 "DMPaceCoef"=dword:00000028 "DMStaminaCoef"=dword:0000003c "DMStrengthCoef"=dword:00000028 "DMVersatilityCoef"=dword:00000005 "DMAerialAbilityCoef"=dword:00000000 "DMCommandOfAreaCoef"=dword:00000000 "DMCommunicationCoef"=dword:00000000 "DMEccentricityCoef"=dword:00000000 "DMHandlingCoef"=dword:00000000 "DMKickingCoef"=dword:00000000 "DMOneOnOnesCoef"=dword:00000005 "DMReflexesCoef"=dword:00000005 "DMRushingOutCoef"=dword:00000000 "DMTendencyToPunchCoef"=dword:00000000 "DMThrowingCoef"=dword:00000000 "DMAdaptabilityCoef"=dword:00000005 "DMAmbitionCoef"=dword:0000000a "DMControversyCoef"=dword:fffffffb "DMLoyalityCoef"=dword:00000005 "DMPressureCoef"=dword:00000005 "DMProfessionalismCoef"=dword:00000005 "DMSportsmanshipCoef"=dword:00000005 "DMTemperamentCoef"=dword:00000005 "MWeightCoef"=dword:00000068 "MCurrentAbilityCoef"=dword:00000000 "MCornersCoef"=dword:0000000a "MCrossingCoef"=dword:00000028 "MDribblingCoef"=dword:00000032 "MFinishingCoef"=dword:00000014 "MFirstTouchCoef"=dword:0000001e "MFreeKicksCoef"=dword:0000000a "MHeadingCoef"=dword:0000001e "MLongShotsCoef"=dword:00000014 "MLongThrowsCoef"=dword:00000005 "MMarkingCoef"=dword:00000028 "MPassingCoef"=dword:00000046 "MPenaltiesCoef"=dword:00000005 "MTacklingCoef"=dword:0000003c "MTechniqueCoef"=dword:00000032 "MLeftFootCoef"=dword:00000005 "MRightFootCoef"=dword:00000005 "MAggressionCoef"=dword:0000001e "MAnticipationCoef"=dword:00000028 "MBraveryCoef"=dword:0000000a "MComposureCoef"=dword:0000000a "MConcentrationCoef"=dword:0000000a "MConsistencyCoef"=dword:0000000a "MCreativityCoef"=dword:0000003c "MDecisionsCoef"=dword:0000001e "MDeterminationCoef"=dword:0000000a "MDirtinessCoef"=dword:fffffffb "MFlairCoef"=dword:0000000a "MImportantMatchesCoef"=dword:0000000a "MInfluenceCoef"=dword:0000000a "MOffTheBallCoef"=dword:00000028 "MPositioningCoef"=dword:00000028 "MTeamworkCoef"=dword:00000032 "MWorkRateCoef"=dword:00000032 "MAccelerationCoef"=dword:00000032 "MAgilityCoef"=dword:0000000a "MBalanceCoef"=dword:0000000a "MInjuryPronenessCoef"=dword:fffffffb "MJumpingCoef"=dword:00000028 "MNaturalFitnessCoef"=dword:00000005 "MPaceCoef"=dword:00000028 "MStaminaCoef"=dword:0000003c "MStrengthCoef"=dword:0000001e "MVersatilityCoef"=dword:00000005 "MAerialAbilityCoef"=dword:00000000 "MCommandOfAreaCoef"=dword:00000000 "MCommunicationCoef"=dword:00000000 "MEccentricityCoef"=dword:00000000 "MHandlingCoef"=dword:00000000 "MKickingCoef"=dword:00000000 "MOneOnOnesCoef"=dword:00000005 "MReflexesCoef"=dword:00000005 "MRushingOutCoef"=dword:00000000 "MTendencyToPunchCoef"=dword:00000000 "MThrowingCoef"=dword:00000000 "MAdaptabilityCoef"=dword:00000005 "MAmbitionCoef"=dword:0000000a "MControversyCoef"=dword:fffffffb "MLoyalityCoef"=dword:00000005 "MPressureCoef"=dword:00000005 "MProfessionalismCoef"=dword:00000005 "MSportsmanshipCoef"=dword:00000005 "MTemperamentCoef"=dword:00000005 "AMWeightCoef"=dword:00000068 "AMCurrentAbilityCoef"=dword:00000000 "AMCornersCoef"=dword:0000000a "AMCrossingCoef"=dword:0000003c "AMDribblingCoef"=dword:00000050 "AMFinishingCoef"=dword:00000028 "AMFirstTouchCoef"=dword:0000001e "AMFreeKicksCoef"=dword:0000000a "AMHeadingCoef"=dword:00000014 "AMLongShotsCoef"=dword:00000014 "AMLongThrowsCoef"=dword:00000005 "AMMarkingCoef"=dword:0000000a "AMPassingCoef"=dword:00000064 "AMPenaltiesCoef"=dword:00000005 "AMTacklingCoef"=dword:0000000a "AMTechniqueCoef"=dword:00000050 "AMLeftFootCoef"=dword:00000005 "AMRightFootCoef"=dword:00000005 "AMAggressionCoef"=dword:0000000a "AMAnticipationCoef"=dword:0000001e "AMBraveryCoef"=dword:0000000a "AMComposureCoef"=dword:0000000a "AMConcentrationCoef"=dword:0000000a "AMConsistencyCoef"=dword:0000000a "AMCreativityCoef"=dword:00000064 "AMDecisionsCoef"=dword:00000028 "AMDeterminationCoef"=dword:0000000a "AMDirtinessCoef"=dword:fffffffb "AMFlairCoef"=dword:00000014 "AMImportantMatchesCoef"=dword:0000000a "AMInfluenceCoef"=dword:0000000a "AMOffTheBallCoef"=dword:0000003c "AMPositioningCoef"=dword:00000014 "AMTeamworkCoef"=dword:0000003c "AMWorkRateCoef"=dword:00000014 "AMAccelerationCoef"=dword:0000003c "AMAgilityCoef"=dword:0000000a "AMBalanceCoef"=dword:0000000a "AMInjuryPronenessCoef"=dword:fffffffb "AMJumpingCoef"=dword:00000014 "AMNaturalFitnessCoef"=dword:00000005 "AMPaceCoef"=dword:0000003c "AMStaminaCoef"=dword:0000003c "AMStrengthCoef"=dword:00000014 "AMVersatilityCoef"=dword:00000005 "AMAerialAbilityCoef"=dword:00000000 "AMCommandOfAreaCoef"=dword:00000000 "AMCommunicationCoef"=dword:00000000 "AMEccentricityCoef"=dword:00000000 "AMHandlingCoef"=dword:00000000 "AMKickingCoef"=dword:00000000 "AMOneOnOnesCoef"=dword:00000005 "AMReflexesCoef"=dword:00000005 "AMRushingOutCoef"=dword:00000000 "AMTendencyToPunchCoef"=dword:00000000 "AMThrowingCoef"=dword:00000000 "AMAdaptabilityCoef"=dword:00000005 "AMAmbitionCoef"=dword:0000000a "AMControversyCoef"=dword:fffffffb "AMLoyalityCoef"=dword:00000005 "AMPressureCoef"=dword:00000005 "AMProfessionalismCoef"=dword:00000005 "AMSportsmanshipCoef"=dword:00000005 "AMTemperamentCoef"=dword:00000005 "WWeightCoef"=dword:00000069 "WCurrentAbilityCoef"=dword:00000000 "WCornersCoef"=dword:0000000a "WCrossingCoef"=dword:00000064 "WDribblingCoef"=dword:00000064 "WFinishingCoef"=dword:0000003c "WFirstTouchCoef"=dword:0000001e "WFreeKicksCoef"=dword:0000000a "WHeadingCoef"=dword:00000014 "WLongShotsCoef"=dword:00000014 "WLongThrowsCoef"=dword:00000005 "WMarkingCoef"=dword:0000000a "WPassingCoef"=dword:0000003c "WPenaltiesCoef"=dword:00000005 "WTacklingCoef"=dword:0000000a "WTechniqueCoef"=dword:00000050 "WLeftFootCoef"=dword:00000005 "WRightFootCoef"=dword:00000005 "WAggressionCoef"=dword:0000000a "WAnticipationCoef"=dword:00000014 "WBraveryCoef"=dword:0000000a "WComposureCoef"=dword:0000000a "WConcentrationCoef"=dword:0000000a "WConsistencyCoef"=dword:0000000a "WCreativityCoef"=dword:0000003c "WDecisionsCoef"=dword:00000014 "WDeterminationCoef"=dword:0000000a "WDirtinessCoef"=dword:fffffffb "WFlairCoef"=dword:0000000a "WImportantMatchesCoef"=dword:00000014 "WInfluenceCoef"=dword:0000000a "WOffTheBallCoef"=dword:0000003c "WPositioningCoef"=dword:00000014 "WTeamworkCoef"=dword:0000001e "WWorkRateCoef"=dword:0000001e "WAccelerationCoef"=dword:00000050 "WAgilityCoef"=dword:00000014 "WBalanceCoef"=dword:0000000a "WInjuryPronenessCoef"=dword:fffffffb "WJumpingCoef"=dword:00000014 "WNaturalFitnessCoef"=dword:00000005 "WPaceCoef"=dword:00000064 "WStaminaCoef"=dword:0000003c "WStrengthCoef"=dword:00000014 "WVersatilityCoef"=dword:00000005 "WAerialAbilityCoef"=dword:00000000 "WCommandOfAreaCoef"=dword:00000000 "WCommunicationCoef"=dword:00000000 "WEccentricityCoef"=dword:00000000 "WHandlingCoef"=dword:00000000 "WKickingCoef"=dword:00000000 "WOneOnOnesCoef"=dword:00000005 "WReflexesCoef"=dword:00000005 "WRushingOutCoef"=dword:00000000 "WTendencyToPunchCoef"=dword:00000000 "WThrowingCoef"=dword:00000000 "WAdaptabilityCoef"=dword:00000005 "WAmbitionCoef"=dword:0000000a "WControversyCoef"=dword:fffffffb "WLoyalityCoef"=dword:00000005 "WPressureCoef"=dword:00000005 "WProfessionalismCoef"=dword:00000005 "WSportsmanshipCoef"=dword:00000005 "WTemperamentCoef"=dword:00000005 "FSTWeightCoef"=dword:00000067 "FSTCurrentAbilityCoef"=dword:00000000 "FSTCornersCoef"=dword:0000000a "FSTCrossingCoef"=dword:0000000a "FSTDribblingCoef"=dword:00000050 "FSTFinishingCoef"=dword:00000064 "FSTFirstTouchCoef"=dword:00000028 "FSTFreeKicksCoef"=dword:0000000a "FSTHeadingCoef"=dword:00000028 "FSTLongShotsCoef"=dword:00000014 "FSTLongThrowsCoef"=dword:00000000 "FSTMarkingCoef"=dword:00000000 "FSTPassingCoef"=dword:00000028 "FSTPenaltiesCoef"=dword:00000005 "FSTTacklingCoef"=dword:00000000 "FSTTechniqueCoef"=dword:00000050 "FSTLeftFootCoef"=dword:00000005 "FSTRightFootCoef"=dword:00000005 "FSTAggressionCoef"=dword:0000000a "FSTAnticipationCoef"=dword:0000000a "FSTBraveryCoef"=dword:0000000a "FSTComposureCoef"=dword:0000000a "FSTConcentrationCoef"=dword:0000000a "FSTConsistencyCoef"=dword:0000000a "FSTCreativityCoef"=dword:00000028 "FSTDecisionsCoef"=dword:0000000a "FSTDeterminationCoef"=dword:0000000a "FSTDirtinessCoef"=dword:fffffffb "FSTFlairCoef"=dword:0000000a "FSTImportantMatchesCoef"=dword:0000000a "FSTInfluenceCoef"=dword:0000000a "FSTOffTheBallCoef"=dword:00000050 "FSTPositioningCoef"=dword:0000000a "FSTTeamworkCoef"=dword:0000000a "FSTWorkRateCoef"=dword:0000000a "FSTAccelerationCoef"=dword:00000064 "FSTAgilityCoef"=dword:00000028 "FSTBalanceCoef"=dword:0000000a "FSTInjuryPronenessCoef"=dword:fffffffb "FSTJumpingCoef"=dword:00000014 "FSTNaturalFitnessCoef"=dword:00000005 "FSTPaceCoef"=dword:00000064 "FSTStaminaCoef"=dword:00000028 "FSTStrengthCoef"=dword:00000014 "FSTVersatilityCoef"=dword:00000005 "FSTAerialAbilityCoef"=dword:00000000 "FSTCommandOfAreaCoef"=dword:00000000 "FSTCommunicationCoef"=dword:00000000 "FSTEccentricityCoef"=dword:00000000 "FSTHandlingCoef"=dword:00000000 "FSTKickingCoef"=dword:00000000 "FSTOneOnOnesCoef"=dword:00000005 "FSTReflexesCoef"=dword:00000005 "FSTRushingOutCoef"=dword:00000000 "FSTTendencyToPunchCoef"=dword:00000000 "FSTThrowingCoef"=dword:00000000 "FSTAdaptabilityCoef"=dword:00000005 "FSTAmbitionCoef"=dword:0000000a "FSTControversyCoef"=dword:fffffffb "FSTLoyalityCoef"=dword:00000005 "FSTPressureCoef"=dword:00000005 "FSTProfessionalismCoef"=dword:00000005 "FSTSportsmanshipCoef"=dword:00000005 "FSTTemperamentCoef"=dword:00000005 "TSTWeightCoef"=dword:00000067 "TSTCurrentAbilityCoef"=dword:00000000 "TSTCornersCoef"=dword:00000000 "TSTCrossingCoef"=dword:0000000a "TSTDribblingCoef"=dword:0000003c "TSTFinishingCoef"=dword:00000050 "TSTFirstTouchCoef"=dword:0000001e "TSTFreeKicksCoef"=dword:0000000a "TSTHeadingCoef"=dword:00000064 "TSTLongShotsCoef"=dword:00000014 "TSTLongThrowsCoef"=dword:00000000 "TSTMarkingCoef"=dword:00000000 "TSTPassingCoef"=dword:00000028 "TSTPenaltiesCoef"=dword:00000005 "TSTTacklingCoef"=dword:00000000 "TSTTechniqueCoef"=dword:00000028 "TSTLeftFootCoef"=dword:00000005 "TSTRightFootCoef"=dword:00000005 "TSTAggressionCoef"=dword:00000014 "TSTAnticipationCoef"=dword:0000000a "TSTBraveryCoef"=dword:00000014 "TSTComposureCoef"=dword:0000000a "TSTConcentrationCoef"=dword:0000000a "TSTConsistencyCoef"=dword:0000000a "TSTCreativityCoef"=dword:00000014 "TSTDecisionsCoef"=dword:0000000a "TSTDeterminationCoef"=dword:0000000a "TSTDirtinessCoef"=dword:fffffffb "TSTFlairCoef"=dword:0000000a "TSTImportantMatchesCoef"=dword:0000000a "TSTInfluenceCoef"=dword:0000000a "TSTOffTheBallCoef"=dword:00000050 "TSTPositioningCoef"=dword:00000014 "TSTTeamworkCoef"=dword:0000000a "TSTWorkRateCoef"=dword:0000000a "TSTAccelerationCoef"=dword:00000028 "TSTAgilityCoef"=dword:00000014 "TSTBalanceCoef"=dword:00000014 "TSTInjuryPronenessCoef"=dword:fffffffb "TSTJumpingCoef"=dword:00000064 "TSTNaturalFitnessCoef"=dword:00000005 "TSTPaceCoef"=dword:00000028 "TSTStaminaCoef"=dword:00000014 "TSTStrengthCoef"=dword:00000050 "TSTVersatilityCoef"=dword:00000005 "TSTAerialAbilityCoef"=dword:00000000 "TSTCommandOfAreaCoef"=dword:00000000 "TSTCommunicationCoef"=dword:00000000 "TSTEccentricityCoef"=dword:00000000 "TSTHandlingCoef"=dword:00000000 "TSTKickingCoef"=dword:00000000 "TSTOneOnOnesCoef"=dword:00000005 "TSTReflexesCoef"=dword:00000005 "TSTRushingOutCoef"=dword:00000000 "TSTTendencyToPunchCoef"=dword:00000000 "TSTThrowingCoef"=dword:00000000 "TSTAdaptabilityCoef"=dword:00000005 "TSTAmbitionCoef"=dword:0000000a "TSTControversyCoef"=dword:fffffffb "TSTLoyalityCoef"=dword:00000005 "TSTPressureCoef"=dword:00000005 "TSTProfessionalismCoef"=dword:00000005 "TSTSportsmanshipCoef"=dword:00000005 "TSTTemperamentCoef"=dword:00000005 [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\Genie"!\FM Genie Scout 2009 XE] "GameDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\games" "ShortlistDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\shortlists" "ScreenshotsDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009" "SaveDir"="c:\\Documents and Settings\\Ben\\My Documents\\Sports Interactive\\Football Manager 2009\\" "HistoryDir"="c:\\Documents and Settings\\Ben\\Desktop\\FM Genie Scout 2009 XE\\History Points" "LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-910\\db\\910\\lang_db.dat" "LastSaveGame"="" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "SkinName"="Champions League" "LastUpdateCheck"=dword:00000000 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000066 "UniqueID"="55-EA80-EF7F" "Currency"=dword:00000056 "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" [HKEY_USERS\S-1-5-21-57989841-1220945662-682003330-1003\Software\SecuROM\License information] "datasecu"=hex:cb,cb,1d,84,17,d3,49,00,8a,f2,73,e7,23,01,ba,23,ae,b3,64,04,52, d1,3e,47,d9,79,29,77,32,29,e7,9b,04,58,05,5f,2a,ef,f9,42,a6,e1,b0,11,31,b7,\ "rkeysecu"=hex:ee,b0,f8,e6,7e,82,3f,18,10,8c,1e,cb,48,39,5d,77 [HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG] "Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d, bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2444) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-07-11 14:45 ComboFix-quarantined-files.txt 2009-07-11 13:45 ComboFix2.txt 2009-07-11 11:25 Pre-Run: 46,410,969,088 bytes free Post-Run: 46,404,603,904 bytes free 1834 -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Saturday, July 11, 2009 Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Saturday, July 11, 2009 16:27:15 Records in database: 2460453 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ D:\ E:\ G:\ J:\ Scan statistics: Files scanned: 105752 Threat name: 1 Infected objects: 3 Suspicious objects: 0 Duration of the scan: 02:36:21 File name / Threat name / Threats count C:\Program Files\mIRC\backups\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.g 1 C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.g 1 C:\System Volume Information\_restore{3927DF9E-284E-49C0-8E2D-5072F317035A}\RP345\A0048719.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.g 1 The selected area was scanned.

07-11-2009, 04:56 PM	#6 (permalink)
jmw3 Analyst, Security Team Join Date: Jan 2009 Location: Western Australia Posts: 187 OS: Vista Home Premium SP2	Re: Downloader.Agent2.FGA in three separate locations. Hi Looks good. Update Adobe Reader Recently there have been vunerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version: Adobe Reader 9.1 You can download it from http://www.adobe.com/products/acrobat/readstep2.html If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed Uncheck the box which says Also Download Adobe Photoshop® Album Starter Edition. Adobe 9 is a large program and if you prefer a smaller program you can get Foxit 3 instead from http://www.foxitsoftware.com/pdf/rd_intro.php Clean Up Now we need to clear out the programs we've been using to clean up your computer, they are not suitable for general malware removal and could cause damage if used inappropriately. Remove ComboFix The following will implement some cleanup procedures as well as reset System Restore points: Click Start > Run then copy/paste the following bolded text into the Run box and click OK: ComboFix /u OTC Download OTC by Old Timer here & save it to your desktop. Double click on OTC.exe. Click on CleanUp!. You will receive a prompt that it needs to restart the computer to remove the files. Click Yes. It will restart your computer automatically. If it doesn't, please restart your computer manually. You can delete the following from your desktop: DDS.scr The Gmer zip file Any logs that may have been saved to your desktop All Clean Congratulations, good work, your system is now clean. Now that your system is safe we would like you to keep it that way. Take the time to follow these recommendations & it will greatly reduce the risk of further infections and greatly diminish the chances of you having to visit here again. Microsoft Windows Update Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office products loopholes and fix any bugs found. Install the updates immediately if they are found. To update Windows Go to Start > All Programs > Windows Update To update Office Open up any Office program. Go to Help > Check for Updates Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is totally free but for real-time protection you will have to pay a small one-time fee. You can download it here & find a tutorial here. SpywareBlaster Download and install Javacools SpywareBlaster from here SpywareBlaster adds a list of ActiveX controls, tracking cookies and sites which will be blocked in either Internet Explorer or Firefox browsers. You need to manually check for updates regularly. Download and Install a HOSTS File A HOSTS file is a big list of bad web sites. The list has a specific format, a specific name, (name is just HOSTS with no file extension), and a specific location. Your machine always looks at that file in that location before connecting to a web site to verify the address. So the HOSTS listing can be used to "short circuit" a request to a bad website by giving it the address of your own machine. Download BlueTack's HOSTS Manager here, using Internet Explorer (Firefox won't work): A short distance down the page in the centre, click on the Download button Agree to the license On the next page, to the right side of where it says Download Estimates, right click on the underlined word Hosts Manager choose Save Target As and download the installer Hosts20setup.exe to your desktop Double click the Installer on your desktop and let it Install the Hosts Manager After the installation is complete, click on the Hosts Manager icon on your desktop. (You can delete the other Hosts Switch icon from your desktop) When the Hosts Manager comes up, click the small down arrows on the right side of the bar labeled Options and Tools, Click Disable DNS Service. This is important In the Left Pane, click Download It will load 80,000 lines or more. When it finishes, also in the left pane, click Replace, and then click Save You can use this manager to handle your HOSTS file download, edits, and most any other HOSTS issue. If you have a separate party firewall or Winpatrol, you may have to give permissions at various times to Unlock the present default HOSTS file and install the new one. Web of Trust WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites: Green to go Yellow for caution Red to stop WOT has an addon available for both Firefox and Internet Explorer. Install WinPatrol Download it here You can find information about how WinPatrol works here Firewall As the term conveys, a firewall is an extra layer of security installed onto computers, which restricts access to systems from the outside world.[b] [color=blue][u]Firewalls protect against hackers and malicious intruders. Download a firewall a from one of these sources: 1)Webroot Desktop Firewall (Registration is needed to download the firewall) 2)PC Tools Firewall Plus 3)Netchina S3 2008 4)ZoneAlarm (uncheck ZoneAlarm Spy Blocker during installation if you choose this one) If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time. Read some information here on how to prevent Malware. Hopefully these steps will help keep your computer clean. Stand Up and Be Counted ---> Malware Complaints <--- where you can make difference! The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware. __________________ Member *Alliance of Security Analysis Professionals* UNITE

07-11-2009, 05:53 PM	#7 (permalink)
Benoso Registered User Join Date: Oct 2006 Posts: 18 OS: WinXP	Re: Downloader.Agent2.FGA in three separate locations. What about the three 'results' that the Kaspersky online scan found? Were they false positives?

07-11-2009, 06:17 PM	#8 (permalink)
jmw3 Analyst, Security Team Join Date: Jan 2009 Location: Western Australia Posts: 187 OS: Vista Home Premium SP2	Re: Downloader.Agent2.FGA in three separate locations. Hi mIRC is always flagged basically due to the way it works. It's nothing to worry about. As you can see it actually says: not-a-virus:Client-IRC.Win32.mIRC.g __________________ Member *Alliance of Security Analysis Professionals* UNITE

07-12-2009, 08:33 PM	#9 (permalink)
jmw3 Analyst, Security Team Join Date: Jan 2009 Location: Western Australia Posts: 187 OS: Vista Home Premium SP2	Re: Downloader.Agent2.FGA in three separate locations. Hello Benoso Since this issue appears resolved, this topic will now be closed. If you need continued support, please begin a new thread, and provide a link to this topic. This applies only to the original topic starter. Everyone else please begin a New Topic, after following the steps outlined here: NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help jmw3 __________________ Member *Alliance of Security Analysis Professionals* UNITE