Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Im A Cluebie And Need Help


  • Please log in to reply
13 replies to this topic

#1 strepo

strepo

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 07 December 2005 - 07:46 PM

Logfile of HijackThis v1.99.1
Scan saved at 7:44:11 PM, on 12/7/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\cmutil16.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
C:\Program Files\snss\snss.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\windows\rlvknlg.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\System32\qpr_si.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\PROGRA~1\COMMON~1\qofr\qofrm.exe
C:\WINDOWS\System32\qpr_si.exe
C:\PROGRA~1\COMMON~1\qofr\qofra.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\Program Files\Common Files\Windows\services32.exe
C:\WINDOWS\System32\_si_32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\taskmgr.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\88109510f75e415a8c4c84a0cddcf3e2.exe
C:\DOCUME~1\Owner\LOCALS~1\Temp\0a8ab20cc75441b398429416ce4ce15d.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Owner\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bleepingcomputer.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Program Files\SurfSideKick 3\SskBho.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {22D9AF48-0BC1-02CB-9DCF-9DE478EDF618} - C:\WINDOWS\dwrgowhq.dll (file missing)
O2 - BHO: CControl Object - {3643ABC2-21BF-46B9-B230-F247DB0C6FD6} - C:\Program Files\E2G\IeBHOs.dll
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3} - C:\WINDOWS\system32\9ufo.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O2 - BHO: Related Page - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Search - {3CB41EAE-D8F5-5899-C36B-A696D3DC6329} - C:\WINDOWS\dwrgowhq.dll (file missing)
O3 - Toolbar: (no name) - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - (no file)
O3 - Toolbar: (no name) - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [7a9fd805f5ec] C:\WINDOWS\System32\cmutil16.exe
O4 - HKLM\..\Run: [dRRD6Nf] C:\WINDOWS\fukycwb.exe
O4 - HKLM\..\Run: [2976] c:\windows\mrjj.exe
O4 - HKLM\..\Run: [noC=] C:\windows\mrjj.exe
O4 - HKLM\..\Run: [snss Launcher] "C:\Program Files\snss\snss.exe"
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [virD] C:\windows\mrjj.exe
O4 - HKLM\..\Run: [OSS] C:\windows\rlvknlg.exe -boot
O4 - HKLM\..\RunOnce: [ejeepv.exe] C:\WINDOWS\System32\ejeepv.exe /k
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [irassync] C:\WINDOWS\System32\irasyncd.exe
O4 - HKCU\..\Run: [services32] C:\Program Files\Common Files\Windows\mc-110-12-0000122.exe
O4 - HKCU\..\Run: [qofr] C:\PROGRA~1\COMMON~1\qofr\qofrm.exe
O4 - HKCU\..\Run: [qpr_si] C:\WINDOWS\System32\qpr_si.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Program Files\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\RunOnce: [ejeepv.exe] C:\WINDOWS\System32\ejeepv.exe /k
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: piqj.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O9 - Extra button: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O9 - Extra 'Tools' menuitem: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - AppInit_DLLs: repairs302972976.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

BC AdBot (Login to Remove)

 


#2 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 07 December 2005 - 08:14 PM

Add remove programs - remove surf side kick if present

Download the trial version of Ewido Security Suite http://www.ewido.net/en/download/ (W2K/XP Only)
· Install ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch ewido
· It will prompt you to update click the OK button and it will go to the main screen
· On the left side of the main screen click update
· Click on Start and let it update.
· DO NOT run a scan yet. You will do that later in safe mode.

Restart your computer into safe mode now. Perform the following steps in safe mode:

Run Ewido:
· Click on scanner
· Click Complete System Scan and the scan will begin.
· During the scan it will prompt you to clean files, click OK
· When the scan is finished, look at the bottom of the screen and click the Save report button.
· Save the report to your C: Drive
This will take some time to run!
Boot to normal mode
Post that log and a new HiJack log – If the Ewido log is too large attach it.

===============
UNtil I get approved to do the logs someone else will take you further
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#3 strepo

strepo
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 07 December 2005 - 10:39 PM

Logfile of HijackThis v1.99.1
Scan saved at 10:36:17 PM, on 12/7/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\snss\snss.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\windows\rlvknlg.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\Searchx.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bleepingcomputer.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {22D9AF48-0BC1-02CB-9DCF-9DE478EDF618} - C:\WINDOWS\dwrgowhq.dll (file missing)
O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3} - C:\WINDOWS\system32\9ufo.dll (file missing)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll (file missing)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Search - {3CB41EAE-D8F5-5899-C36B-A696D3DC6329} - C:\WINDOWS\dwrgowhq.dll (file missing)
O3 - Toolbar: (no name) - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [dRRD6Nf] C:\WINDOWS\fukycwb.exe
O4 - HKLM\..\Run: [noC=] C:\windows\mrjj.exe
O4 - HKLM\..\Run: [snss Launcher] "C:\Program Files\snss\snss.exe"
O4 - HKLM\..\Run: [OSS] C:\windows\rlvknlg.exe -boot
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [irassync] C:\WINDOWS\System32\irasyncd.exe
O4 - HKCU\..\Run: [services32] C:\Program Files\Common Files\Windows\mc-110-12-0000122.exe
O4 - HKCU\..\Run: [qofr] C:\PROGRA~1\COMMON~1\qofr\qofrm.exe
O4 - HKCU\..\Run: [qpr_si] C:\WINDOWS\System32\qpr_si.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O9 - Extra button: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O9 - Extra 'Tools' menuitem: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe



---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 10:24:38 PM, 12/7/2005
+ Report-Checksum: 3519228D

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control -> Spyware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control\CLSID -> Spyware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control\CurVer -> Spyware.E2G : Cleaned with backup
HKLM\SOFTWARE\Classes\IeBHOs.Control.1 -> Spyware.E2G : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} -> Spyware.Mirar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} -> Spyware.E2Give : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} -> Spyware.NetNucleus : Cleaned with backup
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\piqj.exe -> Downloader.Qoologic.ai : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@atdmt[1].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\LocalService\Cookies\system@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
C:\Program Files\180search Assistant -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\180search Assistant\180saau.dat -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\180search Assistant\180sa_gdf.dat -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\180search Assistant\180sa_hpk.dat -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\180search Assistant\180sa_kyf.dat -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\CMSystem\plugin.dll -> Spyware.CASClient : Cleaned with backup
C:\Program Files\Common Files\Download\mc-110-12-0000122.exe -> Spyware.Maxifiles : Cleaned with backup
C:\Program Files\Common Files\InetGet\freeprodtb.exe -> Spyware.Maxifiles : Cleaned with backup
C:\Program Files\Common Files\InetGet\mc-110-12-0000122.exe -> Spyware.Maxifiles : Cleaned with backup
C:\Program Files\Common Files\qofr\qofra.exe -> Downloader.TSUpdate.l : Cleaned with backup
C:\Program Files\Common Files\qofr\qofrd\qofrc.dll -> Downloader.Small : Cleaned with backup
C:\Program Files\Common Files\qofr\qofrm.exe -> Downloader.TSUpdate.n : Cleaned with backup
C:\Program Files\Common Files\qofr\qofrp.exe -> Downloader.TSUpdate.f : Cleaned with backup
C:\Program Files\Common Files\Verizon Online\SFP\vzbb.dll -> Spyware.MegaSearch : Cleaned with backup
C:\Program Files\Common Files\Windows\mc-110-12-0000122.exe -> Spyware.Maxifiles : Cleaned with backup
C:\Program Files\Common Files\Windows\services32.exe -> Spyware.Maxifiles : Cleaned with backup
C:\Program Files\E2G\IeBHOs.dll -> Spyware.E2Give : Cleaned with backup
C:\Program Files\Media Pass\MediaPassC.dll -> Spyware.WinAD : Cleaned with backup
C:\WINDOWS\6792.exe/mrjj.exe -> Trojan.LowZones.am : Cleaned with backup
C:\WINDOWS\bsx32 -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ABSPLAT.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ACCUQ.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3AMERS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ASKNOW2.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3CCB.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3CHRISMORT.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3CREDITCARD.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3DIRTYH.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ENDOMET.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3FREECS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3FREEXBOX.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3HAIRLOSS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3HYDRO.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3KAN12.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3KAN7.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3LEXREPAIR.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3MYDISH.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3MYINKS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3NETFLIX2.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3ODYSSEY.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3PARTYPOKER.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3PCHSWEEPS.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3SPORTSINT.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3SUPERIOR.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI3WEIGHTL.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASI4AFF.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASICLRE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASIEPRE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASIPP.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\ASIRCPRE.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\MYGEEK.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\bsx32\SPECAUTO.bsx -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\ClientAX.dll -> Spyware.180Solutions : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\mm83.ocx -> Downloader.VB.ov : Cleaned with backup
C:\WINDOWS\gxe.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\WINDOWS\iikeolkh.exe -> Spyware.BookedSpace : Cleaned with backup
C:\WINDOWS\mm83.ocx -> Downloader.VB.ov : Cleaned with backup
C:\WINDOWS\mrjj.exe -> Trojan.LowZones.am : Cleaned with backup
C:\WINDOWS\nem220.dll_tobedeleted -> Downloader.Dyfuca : Cleaned with backup
C:\WINDOWS\pf79.exe -> Downloader.Dyfuca.EI : Cleaned with backup
C:\WINDOWS\pi1_25.exe -> Downloader.Small.afq : Cleaned with backup
C:\WINDOWS\sgbujnfo.dll -> Adware.BookedSpace : Cleaned with backup
C:\WINDOWS\system32\9ufo.dll -> Trojan.Kolweb.f : Cleaned with backup
C:\WINDOWS\system32\bho.dll -> Spyware.HideOne : Cleaned with backup
C:\WINDOWS\system32\bitsprx3.exe -> Spyware.UrlSpy : Cleaned with backup
C:\WINDOWS\system32\ciodm548.exe -> Spyware.UrlSpy : Cleaned with backup
C:\WINDOWS\system32\cmutil16.exe -> Spyware.UrlSpy : Cleaned with backup
C:\WINDOWS\system32\dist001.exe -> Downloader.Agent.aaf : Cleaned with backup
C:\WINDOWS\system32\ejeepv.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\WINDOWS\system32\fran-hot.exe -> Dropper.Agent.abb : Cleaned with backup
C:\WINDOWS\system32\glkwe.dll -> Downloader.Qoologic.ai : Cleaned with backup
C:\WINDOWS\system32\gxe.sys -> Trojan.Kolweb.g : Cleaned with backup
C:\WINDOWS\system32\kcbdsjc.exe -> Downloader.Qoologic.ai : Cleaned with backup
C:\WINDOWS\system32\m7ou7t.exe -> Trojan.Kolweb.g : Cleaned with backup
C:\WINDOWS\system32\mc-110-12-0000122.exe -> Spyware.Maxifiles : Cleaned with backup
C:\WINDOWS\system32\msbe.dll_tobedeleted -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\msCMTsrvc.exe -> Downloader.Presario : Cleaned with backup
C:\WINDOWS\system32\MTE2ODM6ODoxNg.exe -> Spyware.ISearch : Cleaned with backup
C:\WINDOWS\system32\nsgF.dll_tobedeleted -> Spyware.HotSearchBar : Cleaned with backup
C:\WINDOWS\system32\nsr230.dll -> Adware.EZula : Cleaned with backup
C:\WINDOWS\system32\nvms.dll_tobedeleted -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\system32\qaunoia.dll -> Downloader.Qoologic.ai : Cleaned with backup
C:\WINDOWS\system32\qpr_si.exe -> Logger.VB.eh : Cleaned with backup
C:\WINDOWS\system32\qvyka.dat -> Downloader.Qoologic.ai : Cleaned with backup
C:\WINDOWS\system32\rk.bin -> Spyware.RK : Cleaned with backup
C:\WINDOWS\system32\trafficsector_b2search.exe -> Dropper.Agent.abb : Cleaned with backup
C:\WINDOWS\system32\vgactl.cpl -> Downloader.Qoologic.at : Cleaned with backup
C:\WINDOWS\system32\wuauclt.dll -> Downloader.Qoologic.at : Cleaned with backup
C:\WINDOWS\system32\ykocip.exe -> Downloader.Qoologic.ai : Cleaned with backup
C:\WINDOWS\system32\_si_32.dll -> Logger.Agent.gk : Cleaned with backup
C:\WINDOWS\system32\_si_32.exe -> Logger.Agent.gk : Cleaned with backup


::Report End

#4 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 07 December 2005 - 10:50 PM

Add remove programs – remove all occurrences of Viewpoint

Fix these with HJT – mark them, close IE, click fix checked

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\System32\Searchx.htm

R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file)

O2 - BHO: (no name) - {22D9AF48-0BC1-02CB-9DCF-9DE478EDF618} - C:\WINDOWS\dwrgowhq.dll (file missing)

O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll (file missing)

O2 - BHO: (no name) - {7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3} - C:\WINDOWS\system32\9ufo.dll (file missing)

O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)

O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll (file missing)

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)

O3 - Toolbar: Search - {3CB41EAE-D8F5-5899-C36B-A696D3DC6329} - C:\WINDOWS\dwrgowhq.dll (file missing)

O3 - Toolbar: (no name) - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O4 - HKLM\..\Run: [dRRD6Nf] C:\WINDOWS\fukycwb.exe

O4 - HKLM\..\Run: [noC=] C:\windows\mrjj.exe

O4 - HKLM\..\Run: [snss Launcher] "C:\Program Files\snss\snss.exe"

O4 - HKLM\..\Run: [OSS] C:\windows\rlvknlg.exe –boot

O4 - HKCU\..\Run: [irassync] C:\WINDOWS\System32\irasyncd.exe

O4 - HKCU\..\Run: [services32] C:\Program Files\Common Files\Windows\mc-110-12-0000122.exe

O4 - HKCU\..\Run: [qofr] C:\PROGRA~1\COMMON~1\qofr\qofrm.exe

O4 - HKCU\..\Run: [qpr_si] C:\WINDOWS\System32\qpr_si.exe

O9 - Extra button: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)

O9 - Extra 'Tools' menuitem: Freeprod Toolbar - {77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} - (no file)

O15 - Trusted Zone: *.media-motor.net

O15 - Trusted Zone: *.popuppers.com

O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)

O18 - Filter: text/html - (no CLSID) - (no file)

DL http://www.downloads.subratam.org/KillBox.zip

Restart your computer into safe mode now. (Tapping F8 at the first black screen) Perform the following steps in safe mode:

Double-click on Killbox.exe to run it. Now put a tick by Standard File Kill. In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time then click on the button that has the red circle with the X in the middle after you enter each file. It will ask for confimation to delete the file. Click Yes. Continue with that same procedure until you have copied and pasted all of these in the "Paste Full Path of File to Delete" box.

C:\WINDOWS\System32\Searchx.htm
C:\WINDOWS\fukycwb.exe
C:\windows\mrjj.exe
C:\WINDOWS\System32\irasyncd.exe
C:\Program Files\Common Files\Windows\mc-110-12-0000122.exe
C:\WINDOWS\System32\qpr_si.exe

Note: It is possible that Killbox will tell you that one or more files do not exist. If that happens, just continue on with all the files. Be sure you don't miss any.

Now paste these folders in and then make sure Deltree is checked before hitting the red x

C:\Program Files\Viewpoint
C:\Program Files\snss
C:\Program Files\Common Files\Windows
C:\Program Files\Common Files\qofr

START – RUN – type in %temp% OK - Edit – Select all – File – Delete
Delete everything in the C:\Windows\Temp folder or C:\WINNT\temp
Empty the recycle bin
Boot and post a new log from normal NOT safe mode

Please give feedback on what worked/didn’t work and the current status of your system
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#5 strepo

strepo
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 09 December 2005 - 03:35 PM

i preformed everything step by step. once i got to the killbox section only the first file was deleted, the rest were not found. computer still takes forever to load up to the main screen and i have gotten once popup since typing this message. but at least im not getting a popup every 30 seconds like i was the other day...

#6 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 09 December 2005 - 04:21 PM

Post a new log
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#7 strepo

strepo
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 09 December 2005 - 05:14 PM

Logfile of HijackThis v1.99.1
Scan saved at 5:11:46 PM, on 12/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spider.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

#8 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 09 December 2005 - 05:19 PM

Go to the link below and download the trial version of SpySweeper:

SpySweeper http://www.webroot.com/consumer/

* Click the Free Trial link under "SpySweeper" to download the program.
* Install it. Once the program is installed, it will open.
* It will prompt you to update to the latest definitions, click Yes.
* Once the definitions are installed, click Options on the left side.
* Click the Sweep Options tab.
* Under What to Sweep please put a check next to the following:
o Sweep Memory
o Sweep Registry
o Sweep Cookies
o Sweep All User Accounts
o Enable Direct Disk Sweeping
o Sweep Contents of Compressed Files
o Sweep for Rootkits

o Please UNCHECK Do not Sweep System Restore Folder.

* Click Sweep Now on the left side.
* Click the Start button.
* When it's done scanning, click the Next button.
* Make sure everything has a check next to it, then click the Next button.
* It will remove all of the items found.
* Click Session Log in the upper right corner, copy everything in that window.
* Click the Summary tab and click Finish.
* Paste the contents of the session log you copied into your next reply.
Also post a new Hijack This log.
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#9 strepo

strepo
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 09 December 2005 - 08:50 PM

********
5:35 PM: | Start of Session, Friday, December 09, 2005 |
5:35 PM: Spy Sweeper started
5:35 PM: Sweep initiated using definitions version 582
5:35 PM: Starting Memory Sweep
5:42 PM: Memory Sweep Complete, Elapsed Time: 00:06:53
5:42 PM: Starting Registry Sweep
5:42 PM: Found Adware: mirar webband
5:42 PM: HKU\.default\software\microsoft\internet explorer\toolbar\webbrowser\ || {9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (ID = 135063)
5:42 PM: Found Adware: surfsidekick
5:42 PM: HKLM\software\microsoft\internet explorer\urlsearchhooks\ || {02ee5b04-f144-47bb-83fb-a60bd91b74a9} (ID = 143400)
5:42 PM: Found Adware: winad
5:42 PM: HKCR\mediapassx.installer\ (3 subtraces) (ID = 147160)
5:42 PM: HKLM\software\classes\mediapassx.installer\ (3 subtraces) (ID = 147174)
5:42 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/mediapassx.dll\ (2 subtraces) (ID = 147192)
5:42 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\mediapassx.dll (ID = 147222)
5:42 PM: Found Adware: cas
5:42 PM: HKCR\main.mimefilter\ (5 subtraces) (ID = 498504)
5:42 PM: HKLM\software\classes\main.mimefilter\ (5 subtraces) (ID = 498516)
5:42 PM: HKCR\main.mimefilter\ (5 subtraces) (ID = 499294)
5:42 PM: HKLM\software\classes\main.mimefilter\ (5 subtraces) (ID = 499295)
5:42 PM: HKCR\main.mimefilter.1\ (3 subtraces) (ID = 609377)
5:42 PM: Found Adware: clkoptimizer
5:42 PM: HKLM\software\qstat\ (5 subtraces) (ID = 769771)
5:42 PM: Found Adware: ezula ilookup
5:42 PM: HKLM\software\microsoft\webext\ (3 subtraces) (ID = 828947)
5:42 PM: Found Adware: sidebysidesearch
5:42 PM: HKLM\software\snss\ || logurl (ID = 838721)
5:42 PM: HKLM\software\qstat\ || brr (ID = 877670)
5:42 PM: HKCR\appid\main.dll\ || appid (ID = 889946)
5:42 PM: HKLM\software\classes\appid\main.dll\ || appid (ID = 889947)
5:42 PM: Found Adware: command
5:42 PM: HKLM\system\currentcontrolset\services\cmdservice\ (15 subtraces) (ID = 958670)
5:42 PM: Found Adware: elitemediagroup-mediamotor
5:42 PM: HKLM\software\microsoft\windows\currentversion\shareddlls\ || c:\windows\downloaded program files\mm83.ocx (ID = 959929)
5:42 PM: Found Trojan Horse: trojan downloader popuppers
5:42 PM: HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/mm83.ocx\ (2 subtraces) (ID = 960758)
5:42 PM: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\0000\ (6 subtraces) (ID = 1016064)
5:42 PM: HKLM\system\currentcontrolset\enum\root\legacy_cmdservice\ (8 subtraces) (ID = 1016072)
5:42 PM: Found Adware: maxifiles
5:42 PM: HKCR\typelib\{5279231e-fabe-4abf-83a8-7c7e17e3ce1a}\ (9 subtraces) (ID = 1020940)
5:42 PM: HKLM\software\classes\typelib\{5279231e-fabe-4abf-83a8-7c7e17e3ce1a}\ (9 subtraces) (ID = 1021009)
5:42 PM: HKU\WRSS_Profile_S-1-5-21-1895707802-994332331-3850396460-500\software\microsoft\internet explorer\urlsearchhooks\ || {02ee5b04-f144-47bb-83fb-a60bd91b74a9} (ID = 143397)
5:42 PM: HKU\WRSS_Profile_S-1-5-21-1895707802-994332331-3850396460-500\software\microsoft\windows\currentversion\run\ || surfsidekick 3 (ID = 143403)
5:42 PM: Found Trojan Horse: trojan-downloader-moneymind
5:42 PM: HKU\WRSS_Profile_S-1-5-21-1895707802-994332331-3850396460-500\software\xjado\ (1 subtraces) (ID = 144725)
5:42 PM: HKU\WRSS_Profile_S-1-5-21-1895707802-994332331-3850396460-500\software\microsoft\windows\currentversion\run\ || atiupdate (ID = 594267)
5:42 PM: HKU\S-1-5-21-1895707802-994332331-3850396460-1003\software\microsoft\internet explorer\toolbar\webbrowser\ || {9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (ID = 135102)
5:42 PM: HKU\S-1-5-21-1895707802-994332331-3850396460-1003\software\xjado\ (1 subtraces) (ID = 144725)
5:42 PM: HKU\S-1-5-21-1895707802-994332331-3850396460-1003\software\director\ || baseurl (ID = 980277)
5:42 PM: HKU\S-1-5-21-1895707802-994332331-3850396460-1003\software\microsoft\internet explorer\extensions\cmdmapping\ || {77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f} (ID = 1021025)
5:42 PM: HKU\S-1-5-18\software\microsoft\internet explorer\toolbar\webbrowser\ || {9a9c9b68-f908-4aab-8d0c-10ea8997f37e} (ID = 135102)
5:42 PM: Found Adware: safesurf
5:42 PM: HKU\S-1-5-18\software\microsoft\windows\currentversion\run\ || irassync (ID = 966753)
5:42 PM: HKU\S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping\ || {77fbf9b8-1d37-4ff2-9ced-192d8e3aba6f} (ID = 1021025)
5:42 PM: Registry Sweep Complete, Elapsed Time:00:00:44
5:42 PM: Starting Cookie Sweep
5:43 PM: Found Spy Cookie: 2o7.net cookie
5:43 PM: owner@2o7[2].txt (ID = 1957)
5:43 PM: Found Spy Cookie: 888 cookie
5:43 PM: owner@888[2].txt (ID = 2019)
5:43 PM: Found Spy Cookie: websponsors cookie
5:43 PM: owner@a.websponsors[1].txt (ID = 3665)
5:43 PM: Found Spy Cookie: abcsearch cookie
5:43 PM: owner@abcsearch[2].txt (ID = 2033)
5:43 PM: Found Spy Cookie: about cookie
5:43 PM: owner@about[1].txt (ID = 2037)
5:43 PM: Found Spy Cookie: yieldmanager cookie
5:43 PM: owner@ad.yieldmanager[2].txt (ID = 3751)
5:43 PM: Found Spy Cookie: adecn cookie
5:43 PM: owner@adecn[1].txt (ID = 2063)
5:43 PM: Found Spy Cookie: adknowledge cookie
5:43 PM: owner@adknowledge[1].txt (ID = 2072)
5:43 PM: Found Spy Cookie: hbmediapro cookie
5:43 PM: owner@adopt.hbmediapro[2].txt (ID = 2768)
5:43 PM: Found Spy Cookie: specificclick.com cookie
5:43 PM: owner@adopt.specificclick[1].txt (ID = 3400)
5:43 PM: Found Spy Cookie: adprofile cookie
5:43 PM: owner@adprofile[2].txt (ID = 2084)
5:43 PM: Found Spy Cookie: adrevolver cookie
5:43 PM: owner@adrevolver[2].txt (ID = 2088)
5:43 PM: owner@adrevolver[3].txt (ID = 2088)
5:43 PM: Found Spy Cookie: addynamix cookie
5:43 PM: owner@ads.addynamix[2].txt (ID = 2062)
5:43 PM: Found Spy Cookie: cc214142 cookie
5:43 PM: owner@ads.cc214142[2].txt (ID = 2367)
5:43 PM: Found Spy Cookie: pointroll cookie
5:43 PM: owner@ads.pointroll[2].txt (ID = 3148)
5:43 PM: Found Spy Cookie: apmebf cookie
5:43 PM: owner@apmebf[1].txt (ID = 2229)
5:43 PM: Found Spy Cookie: falkag cookie
5:43 PM: owner@as-eu.falkag[1].txt (ID = 2650)
5:43 PM: owner@as-us.falkag[2].txt (ID = 2650)
5:43 PM: owner@as1.falkag[1].txt (ID = 2650)
5:43 PM: Found Spy Cookie: ask cookie
5:43 PM: owner@ask[1].txt (ID = 2245)
5:43 PM: Found Spy Cookie: belnk cookie
5:43 PM: owner@ath.belnk[2].txt (ID = 2293)
5:43 PM: Found Spy Cookie: atwola cookie
5:43 PM: owner@atwola[2].txt (ID = 2255)
5:43 PM: Found Spy Cookie: azjmp cookie
5:43 PM: owner@azjmp[1].txt (ID = 2270)
5:43 PM: Found Spy Cookie: banner cookie
5:43 PM: owner@banner[2].txt (ID = 2276)
5:43 PM: owner@belnk[1].txt (ID = 2292)
5:43 PM: Found Spy Cookie: bluestreak cookie
5:43 PM: owner@bluestreak[1].txt (ID = 2314)
5:43 PM: Found Spy Cookie: burstnet cookie
5:43 PM: owner@burstnet[2].txt (ID = 2336)
5:43 PM: Found Spy Cookie: enhance cookie
5:43 PM: owner@c.enhance[1].txt (ID = 2614)
5:43 PM: Found Spy Cookie: goclick cookie
5:43 PM: owner@c.goclick[1].txt (ID = 2733)
5:43 PM: Found Spy Cookie: gostats cookie
5:43 PM: owner@c2.gostats[2].txt (ID = 2748)
5:43 PM: Found Spy Cookie: zedo cookie
5:43 PM: owner@c5.zedo[1].txt (ID = 3763)
5:43 PM: Found Spy Cookie: casalemedia cookie
5:43 PM: owner@casalemedia[2].txt (ID = 2354)
5:43 PM: Found Spy Cookie: centrport net cookie
5:43 PM: owner@centrport[2].txt (ID = 2374)
5:43 PM: Found Spy Cookie: classmates cookie
5:43 PM: owner@classmates[1].txt (ID = 2384)
5:43 PM: Found Spy Cookie: clickbank cookie
5:43 PM: owner@clickbank[1].txt (ID = 2398)
5:43 PM: owner@cnn.122.2o7[1].txt (ID = 1958)
5:43 PM: Found Spy Cookie: overture cookie
5:43 PM: owner@data1.perf.overture[1].txt (ID = 3106)
5:43 PM: Found Spy Cookie: dealtime cookie
5:43 PM: owner@dealtime[1].txt (ID = 2505)
5:43 PM: Found Spy Cookie: directtrack cookie
5:43 PM: owner@directtrack[1].txt (ID = 2527)
5:43 PM: owner@dist.belnk[2].txt (ID = 2293)
5:43 PM: Found Spy Cookie: ru4 cookie
5:43 PM: owner@edge.ru4[1].txt (ID = 3269)
5:43 PM: Found Spy Cookie: exitexchange cookie
5:43 PM: owner@exitexchange[2].txt (ID = 2633)
5:43 PM: Found Spy Cookie: findwhat cookie
5:43 PM: owner@findwhat[1].txt (ID = 2674)
5:43 PM: Found Spy Cookie: clickandtrack cookie
5:43 PM: owner@hits.clickandtrack[1].txt (ID = 2397)
5:43 PM: Found Spy Cookie: hypertracker.com cookie
5:43 PM: owner@hypertracker[1].txt (ID = 2817)
5:43 PM: Found Spy Cookie: screensavers.com cookie
5:43 PM: owner@i.screensavers[2].txt (ID = 3298)
5:43 PM: Found Spy Cookie: spywarelabs install cookie
5:43 PM: owner@install.spywarelabs[1].txt (ID = 3421)
5:43 PM: Found Spy Cookie: kmpads cookie
5:43 PM: owner@kmpads[1].txt (ID = 2909)
5:43 PM: Found Spy Cookie: marketplaces cookie
5:43 PM: owner@Marketplaces[2].txt (ID = 2947)
5:43 PM: Found Spy Cookie: maxserving cookie
5:43 PM: owner@maxserving[2].txt (ID = 2966)
5:43 PM: owner@microsofteup.112.2o7[1].txt (ID = 1958)
5:43 PM: owner@msnportal.112.2o7[1].txt (ID = 1958)
5:43 PM: Found Spy Cookie: mygeek cookie
5:43 PM: owner@mygeek[1].txt (ID = 3041)
5:43 PM: Found Spy Cookie: nextag cookie
5:43 PM: owner@nextag[2].txt (ID = 5014)
5:43 PM: owner@overture[1].txt (ID = 3105)
5:43 PM: Found Spy Cookie: partypoker cookie
5:43 PM: owner@partypoker[1].txt (ID = 3111)
5:43 PM: Found Spy Cookie: paypopup cookie
5:43 PM: owner@paypopup[2].txt (ID = 3119)
5:43 PM: owner@perf.overture[1].txt (ID = 3106)
5:43 PM: Found Spy Cookie: qksrv cookie
5:43 PM: owner@qksrv[1].txt (ID = 3213)
5:43 PM: Found Spy Cookie: questionmarket cookie
5:43 PM: owner@questionmarket[1].txt (ID = 3217)
5:43 PM: Found Spy Cookie: realmedia cookie
5:43 PM: owner@realmedia[1].txt (ID = 3235)
5:43 PM: Found Spy Cookie: reunion cookie
5:43 PM: owner@reunion[2].txt (ID = 3255)
5:43 PM: owner@revenuegateway.directtrack[2].txt (ID = 2528)
5:43 PM: Found Spy Cookie: revenue.net cookie
5:43 PM: owner@revenue[2].txt (ID = 3257)
5:43 PM: Found Spy Cookie: rn11 cookie
5:43 PM: owner@rn11[2].txt (ID = 3261)
5:43 PM: Found Spy Cookie: adjuggler cookie
5:43 PM: owner@rotator.adjuggler[1].txt (ID = 2071)
5:43 PM: Found Spy Cookie: server.iad.liveperson cookie
5:43 PM: owner@server.iad.liveperson[2].txt (ID = 3341)
5:43 PM: Found Spy Cookie: serving-sys cookie
5:43 PM: owner@serving-sys[2].txt (ID = 3343)
5:43 PM: Found Spy Cookie: starware.com cookie
5:43 PM: owner@starware[2].txt (ID = 3441)
5:43 PM: owner@stat.dealtime[1].txt (ID = 2506)
5:43 PM: Found Spy Cookie: statcounter cookie
5:43 PM: owner@statcounter[2].txt (ID = 3447)
5:43 PM: Found Spy Cookie: reliablestats cookie
5:43 PM: owner@stats1.reliablestats[2].txt (ID = 3254)
5:43 PM: Found Spy Cookie: tradedoubler cookie
5:43 PM: owner@tradedoubler[2].txt (ID = 3575)
5:43 PM: Found Spy Cookie: trafficmp cookie
5:43 PM: owner@trafficmp[2].txt (ID = 3581)
5:43 PM: Found Spy Cookie: tribalfusion cookie
5:43 PM: owner@tribalfusion[2].txt (ID = 3589)
5:43 PM: Found Spy Cookie: videodome cookie
5:43 PM: owner@videodome[1].txt (ID = 3638)
5:43 PM: Found Spy Cookie: epilot cookie
5:43 PM: owner@www.epilot[2].txt (ID = 2622)
5:43 PM: owner@www.screensavers[2].txt (ID = 3298)
5:43 PM: Found Spy Cookie: stopzilla cookie
5:43 PM: owner@www.stopzilla[2].txt (ID = 3466)
5:43 PM: Found Spy Cookie: upspiral cookie
5:43 PM: owner@www.upspiral[1].txt (ID = 3615)
5:43 PM: owner@yieldmanager[1].txt (ID = 3749)
5:43 PM: Found Spy Cookie: adserver cookie
5:43 PM: owner@z1.adserver[1].txt (ID = 2142)
5:43 PM: owner@zedo[1].txt (ID = 3762)
5:43 PM: system@abcsearch[1].txt (ID = 2033)
5:43 PM: Cookie Sweep Complete, Elapsed Time: 00:00:06
5:43 PM: Starting File Sweep
5:43 PM: Found Trojan Horse: trojan downloader matcash
5:43 PM: c:\program files\common files\inetget (ID = -2147477182)
5:43 PM: director_install[1].exe (ID = 190798)
5:43 PM: a0007128.exe (ID = 185254)
5:43 PM: a0007229.exe (ID = 188700)
5:43 PM: a0008263.exe (ID = 184143)
5:43 PM: Found Adware: addestroyer
5:43 PM: a0007185.dll (ID = 49041)
5:43 PM: Found Adware: apropos
5:43 PM: atmtd.dll._ (ID = 166754)
5:43 PM: Found Adware: exact software
5:43 PM: a0003826.exe (ID = 109899)
5:43 PM: a0003769.exe (ID = 198168)
5:44 PM: a0007225.exe (ID = 184143)
5:44 PM: Found Adware: exact cashback/bargain buddy
5:44 PM: a0009620.exe (ID = 200336)
5:44 PM: s148.5.exe (ID = 188569)
5:44 PM: a0004098.exe (ID = 109899)
5:44 PM: a0007187.dll (ID = 49040)
5:44 PM: a0008338.exe (ID = 197716)
5:45 PM: Found Adware: ie driver
5:45 PM: a0007161.exe (ID = 166126)
5:45 PM: mfex-2.dat (ID = 109899)
5:45 PM: a0008328.ocx (ID = 188117)
5:45 PM: a0003789.exe (ID = 109899)
5:45 PM: a0009644.exe (ID = 93622)
5:46 PM: Found Adware: ist istbar
5:46 PM: a0007198.exe (ID = 64496)
5:46 PM: a0009621.exe (ID = 200337)
5:46 PM: a0008295.dll (ID = 188703)
5:46 PM: a0008293.exe (ID = 188704)
5:46 PM: Found Adware: marketscore
5:46 PM: a0003796.exe (ID = 159564)
5:46 PM: a0007184.dll (ID = 49042)
5:46 PM: Found Adware: visfx
5:46 PM: 99_app99.exe (ID = 164538)
5:46 PM: a0007188.dll (ID = 49037)
5:46 PM: a0004085.exe (ID = 109899)
5:47 PM: Found Adware: targetsaver
5:47 PM: a0008317.dll (ID = 195129)
5:47 PM: a0007230.exe (ID = 188704)
5:47 PM: a0009650.exe (ID = 133210)
5:47 PM: a0004101.exe (ID = 109899)
5:47 PM: a0005084.exe (ID = 109899)
5:47 PM: a0004102.vxd (ID = 109899)
5:47 PM: a0008316.exe (ID = 195128)
5:47 PM: Found Adware: internetoptimizer
5:47 PM: a0007148.exe (ID = 125346)
5:47 PM: Found Adware: exact navisearch
5:47 PM: a0007177.exe (ID = 50784)
5:47 PM: a0004100.srg (ID = 137145)
5:47 PM: a0008322.exe (ID = 184143)
5:47 PM: a0007172.exe (ID = 137145)
5:47 PM: Found Adware: 180search assistant/zango
5:47 PM: a0007186.exe (ID = 70475)
5:47 PM: a0008311.exe (ID = 188700)
5:47 PM: a0008266.exe (ID = 188700)
5:47 PM: a0008268.dll (ID = 188705)
5:48 PM: a0007178.exe (ID = 168446)
5:48 PM: a0007146.exe (ID = 125346)
5:48 PM: Found Adware: e2g
5:48 PM: a0008323.dll (ID = 59389)
5:48 PM: a0008355.dll (ID = 180542)
5:48 PM: a0008356.exe (ID = 188217)
5:48 PM: mfex-1.dat (ID = 137145)
5:48 PM: a0008352.cpl (ID = 189954)
5:49 PM: a0004083.exe (ID = 137145)
5:49 PM: a0007182.exe (ID = 185599)
5:49 PM: install[1].exe (ID = 64033)
5:49 PM: a0007191.exe (ID = 187013)
5:49 PM: a0006091.exe (ID = 188704)
5:50 PM: a0006090.exe (ID = 188700)
5:50 PM: a0006099.exe (ID = 137145)
5:50 PM: a0008298.exe (ID = 185254)
5:50 PM: a0008294.dll (ID = 188705)
5:50 PM: a0008349.dll (ID = 188705)
5:50 PM: a0008341.dll (ID = 188703)
5:50 PM: a0007168.exe (ID = 109899)
5:50 PM: a0008343.exe (ID = 188704)
5:50 PM: optimize[1].exe (ID = 125346)
5:50 PM: a0007232.dll (ID = 188703)
5:50 PM: 876029[1].exe (ID = 133208)
5:50 PM: a0007169.exe (ID = 109899)
5:51 PM: a0007163.dll (ID = 64043)
5:51 PM: a0007164.vxd (ID = 109899)
5:51 PM: a0007170.exe (ID = 109899)
5:51 PM: a0008314.exe (ID = 198662)
5:51 PM: a0007173.exe (ID = 93622)
5:51 PM: a0008297.exe (ID = 184143)
5:51 PM: a0008224.exe (ID = 185254)
5:51 PM: nem220[1].dll (ID = 64043)
5:51 PM: trafficsector_installerv5a.exe (ID = 198350)
5:51 PM: a0004106.exe (ID = 137145)
5:51 PM: a0009648.dll (ID = 159066)
5:51 PM: a0004081.exe (ID = 198397)
5:51 PM: Found Adware: exact bullseye
5:51 PM: a0007175.dll (ID = 163129)
5:51 PM: a0009646.dll (ID = 161775)
5:51 PM: a0008353.dll (ID = 188706)
5:51 PM: a0008350.exe (ID = 198418)
5:52 PM: a0008267.exe (ID = 188704)
5:52 PM: installer[1].exe (ID = 185986)
5:52 PM: a0004096.exe (ID = 137145)
5:52 PM: a0007205.dll (ID = 144945)
5:52 PM: a0008318.exe (ID = 195131)
5:52 PM: Found Adware: isearch toolbar
5:52 PM: a0008347.exe (ID = 145831)
5:52 PM: a0008281.dll (ID = 189)
5:52 PM: Found Trojan Horse: trojan-downloader-pacisoft
5:52 PM: a0007189.exe (ID = 161622)
5:53 PM: a0009645.ocx (ID = 186211)
5:54 PM: a0007192.exe (ID = 187011)
5:55 PM: a0007195.exe (ID = 115260)
5:56 PM: tsupdate2[1].ini (ID = 193498)
5:56 PM: a0008319.exe (ID = 195132)
5:56 PM: mediapassk[1].exe (ID = 90425)
5:56 PM: a0004097.exe (ID = 137145)
5:56 PM: a0008264.exe (ID = 185254)
5:56 PM: a0007226.exe (ID = 185254)
5:57 PM: biometricrules[2].xml (ID = 69188)
5:57 PM: Found Adware: bookedspace
5:57 PM: a0006118.lgf (ID = 164348)
5:57 PM: a0008354.exe (ID = 188700)
5:57 PM: a0007133.exe (ID = 164525)
5:58 PM: a0007207.dll (ID = 59389)
5:58 PM: m67m.inf (ID = 186017)
5:58 PM: mediapassc[1].dll (ID = 90419)
5:58 PM: mrj[1].exe (ID = 186213)
5:59 PM: package_nnstp5[1].exe (ID = 197925)
6:00 PM: a0007171.exe (ID = 137145)
6:00 PM: a0007176.dll (ID = 50797)
6:00 PM: a0007147.exe (ID = 194442)
6:00 PM: a0007165.srg (ID = 137145)
6:00 PM: a0007149.exe (ID = 133208)
6:00 PM: Found Trojan Horse: trojan-downloader-mainstreamdollars
6:00 PM: btnetinst[1].exe (ID = 197347)
6:00 PM: rmginst[1].exe (ID = 174241)
6:01 PM: pcs_0002.exe (ID = 161706)
6:01 PM: Found Adware: virtualbouncer
6:01 PM: a0007200.exe (ID = 164842)
6:01 PM: a0007199.exe (ID = 143842)
6:01 PM: a0006128.exe (ID = 185254)
6:01 PM: a0003770.srg (ID = 137145)
6:01 PM: istdownload[1].exe (ID = 199847)
6:01 PM: lca[1].chm (ID = 157527)
6:01 PM: a0007150.dll (ID = 70014)
6:01 PM: a0008292.exe (ID = 188700)
6:01 PM: a0006127.exe (ID = 184143)
6:01 PM: a0003824.exe (ID = 137145)
6:01 PM: a0003825.exe (ID = 137145)
6:01 PM: a0005082.exe (ID = 137145)
6:01 PM: a0004082.exe (ID = 188569)
6:02 PM: a0009642.exe (ID = 184681)
6:02 PM: a0005083.exe (ID = 137145)
6:02 PM: a0007206.dll (ID = 194443)
6:02 PM: unstall[1].exe (ID = 133210)
6:02 PM: d1[1].htm (ID = 188119)
6:02 PM: mediapass[1].exe (ID = 90416)
6:02 PM: a0007193.dll (ID = 187012)
6:02 PM: a0007194.dll (ID = 182549)
6:02 PM: istsvc[1].exe (ID = 185599)
6:02 PM: ossproxy.exe (ID = 69219)
6:02 PM: wingenerics.dll (ID = 50187)
6:02 PM: osmim.dll (ID = 158232)
6:02 PM: rk.bin (ID = 158631)
6:02 PM: Found Trojan Horse: trojan-downloader-psyme
6:02 PM: track2[1].chm (ID = 107496)
6:02 PM: pcs_0002[1].exe (ID = 161706)
6:02 PM: trk_0002[1].exe (ID = 179183)
6:02 PM: ptf_0002.exe (ID = 165955)
6:02 PM: ei[1].exe (ID = 59383)
6:02 PM: selassix.tmp (ID = 187011)
6:02 PM: a0007159.exe (ID = 197716)
6:02 PM: cas2setup[1].exe (ID = 197651)
6:02 PM: istrecover[1].exe (ID = 64496)
6:02 PM: a0008270.dll (ID = 188703)
6:02 PM: adsetup.silent.1.17[1].exe (ID = 180807)
6:02 PM: a0007157.exe (ID = 136067)
6:02 PM: package_nnstp5[1].exe (ID = 197926)
6:02 PM: kwrules[1].xml (ID = 69198)
6:02 PM: jewjoorn.yma (ID = 164348)
6:02 PM: pi1_25[1].exe (ID = 59402)
6:02 PM: a0003785.exe (ID = 137145)
6:02 PM: a0003786.exe (ID = 137145)
6:02 PM: a0008331.exe (ID = 59402)
6:02 PM: a0004104.exe (ID = 93622)
6:02 PM: Found Adware: ist yoursitebar
6:02 PM: ysb[1].dll (ID = 161559)
6:02 PM: a0006068.exe (ID = 185254)
6:02 PM: a0004099.exe (ID = 137145)
6:03 PM: a0009649.exe (ID = 193501)
6:03 PM: a0006133.exe (ID = 198418)
6:03 PM: a0004084.exe (ID = 137145)
6:03 PM: a0004046.exe (ID = 49029)
6:03 PM: a0003817.exe (ID = 82841)
6:03 PM: trafficsector_installerv5a.exe (ID = 198350)
6:03 PM: temp.fr81f2 (ID = 194443)
6:03 PM: a0008348.dll (ID = 180419)
6:03 PM: a0007231.dll (ID = 188705)
6:03 PM: a0007190.exe (ID = 188700)
6:03 PM: freeprodtb[1].exe (ID = 198662)
6:03 PM: a0008324.dll (ID = 90419)
6:03 PM: temp.fra96a (ID = 59389)
6:03 PM: a0006100.exe (ID = 184143)
6:03 PM: a0009647.exe (ID = 180410)
6:03 PM: a0009596.dll (ID = 198663)
6:03 PM: launcher[1].exe (ID = 184140)
6:03 PM: resca.tmp (ID = 147558)
6:03 PM: mm83[1].ocx (ID = 188117)
6:03 PM: a0008284.exe (ID = 198739)
6:03 PM: a0006067.exe (ID = 184143)
6:03 PM: a0008325.exe (ID = 186213)
6:03 PM: a0006092.dll (ID = 188705)
6:03 PM: a0008287.dll (ID = 198740)
6:03 PM: a0008223.exe (ID = 184143)
6:03 PM: a0007197.exe (ID = 144946)
6:03 PM: temp.frb9da (ID = 144945)
6:03 PM: a0008340.exe (ID = 180418)
6:03 PM: a0007183.dll (ID = 161559)
6:03 PM: a0008334.dll (ID = 166574)
6:03 PM: a0008321.exe (ID = 190798)
6:03 PM: btnetw3.exe (ID = 197346)
6:03 PM: a0007158.exe (ID = 197288)
6:03 PM: a0007174.exe (ID = 137145)
6:03 PM: Found Adware: begin2search
6:03 PM: a0007181.dll (ID = 51054)
6:03 PM: a0008312.dll (ID = 154758)
6:03 PM: nsl28e.dll (ID = 180772)
6:03 PM: rastmon.dll_tobedeleted (ID = 187012)
6:03 PM: aggdbwsff.kjc (ID = 164351)
6:03 PM: tsfjbzk.tbu (ID = 159047)
6:03 PM: bsqdglhf.pin (ID = 159045)
6:03 PM: kpbvewadum.hmy (ID = 159060)
6:03 PM: hkvqmfm.lte (ID = 158986)
6:03 PM: dlwzvxlyypa.lvr (ID = 164361)
6:03 PM: urxufyl.rsa (ID = 164410)
6:03 PM: zjshyoitj.fsw (ID = 159024)
6:03 PM: iqggsefkkjn.shd (ID = 159019)
6:03 PM: czixawd.ykn (ID = 159056)
6:03 PM: urioefbfzml.kqw (ID = 159014)
6:03 PM: eapxdduuf.tib (ID = 159058)
6:03 PM: sotlurufol.qux (ID = 164404)
6:03 PM: yaseasq.ikr (ID = 164372)
6:03 PM: wqzcprmn.etw (ID = 164377)
6:03 PM: usnjylhaug.pek (ID = 159028)
6:03 PM: dokyrgyxttf.kol (ID = 159061)
6:03 PM: qfsuerlf.tsc (ID = 164354)
6:03 PM: mxkodzwl.lzj (ID = 159012)
6:03 PM: ijfzacr.mjz (ID = 159025)
6:03 PM: idtiyowt.pvr (ID = 164373)
6:03 PM: utsxiodpyh.hjv (ID = 164390)
6:03 PM: bsclpnvvvci.aof (ID = 164416)
6:03 PM: akjvpagzwd.ptn (ID = 158998)
6:03 PM: crgywmimd.utf (ID = 164350)
6:03 PM: gwuzvooloh.vrg (ID = 159040)
6:03 PM: ewyhlanl.zic (ID = 164357)
6:03 PM: gqglnei.ywn (ID = 159013)
6:03 PM: idwxbxppwx.uex (ID = 159017)
6:03 PM: izopslb.ngw (ID = 159027)
6:03 PM: szuzkstf.gad (ID = 158991)
6:03 PM: gspnbxcf.ahx (ID = 164392)
6:03 PM: zwrbzhjarg.wzp (ID = 159005)
6:03 PM: propgppqrmm.jkw (ID = 159030)
6:03 PM: nypbxrbiu.fdj (ID = 159004)
6:03 PM: jjpuskihriq.ymz (ID = 159003)
6:03 PM: pwvbkidg.ieu (ID = 158995)
6:03 PM: tilrqqeaux.ocs (ID = 159020)
6:03 PM: azmmdxpiks.bth (ID = 159037)
6:03 PM: bglxbrok.vsd (ID = 159016)
6:03 PM: lzevxct.xxt (ID = 164403)
6:03 PM: xuxdsjigxtj.wro (ID = 164398)
6:03 PM: uraxdkl.xty (ID = 164380)
6:03 PM: pcpyliveypl.bnt (ID = 158988)
6:03 PM: inoyeyhoxg.cym (ID = 164342)
6:03 PM: zqxbmdoppo.eol (ID = 159026)
6:03 PM: tvvaivnf.dzo (ID = 164415)
6:03 PM: duswfcnsipv.tuc (ID = 159018)
6:03 PM: fzwmjkdgb.nly (ID = 158994)
6:03 PM: rtzavsoym.ozq (ID = 164408)
6:03 PM: vvlqdpngvd.jeo (ID = 159031)
6:03 PM: apebqom.dbm (ID = 159035)
6:03 PM: kzizuupb.ylc (ID = 158987)
6:03 PM: vwoomcni.kwd (ID = 159052)
6:03 PM: tuiiopvbs.bld (ID = 159038)
6:03 PM: uvmcjybsyli.xus (ID = 159001)
6:03 PM: shkkmkkbtss.zcc (ID = 159051)
6:03 PM: lwiswra.hoa (ID = 164367)
6:03 PM: autllojo.mtj (ID = 158990)
6:03 PM: hbfyygtfiz.xku (ID = 159029)
6:03 PM: zibqjwhlz.zjl (ID = 159010)
6:03 PM: bhirmxybwp.pyj (ID = 159015)
6:03 PM: fifezlb.ejh (ID = 159046)
6:03 PM: krsjduecr.nfd (ID = 159059)
6:03 PM: harfuelun.qce (ID = 159023)
6:03 PM: zbriuxedp.vyx (ID = 164344)
6:03 PM: vsgmxceiwm.uky (ID = 158997)
6:03 PM: a0008327.exe (ID = 51662)
6:03 PM: installerv5a.exe (ID = 188569)
6:03 PM: a0008351.exe (ID = 198397)
6:04 PM: a0006101.exe (ID = 185254)
6:04 PM: a0008313.exe (ID = 184140)
6:04 PM: a0008315.exe (ID = 190798)
6:04 PM: a0008345.exe (ID = 199080)
6:04 PM: a0007127.exe (ID = 184143)
6:04 PM: a0008329.exe (ID = 186212)
6:04 PM: ysb.dll (ID = 161559)
6:04 PM: autoit3.exe (ID = 185254)
6:04 PM: winnb57.dll (ID = 159067)
6:04 PM: 876056.exe (ID = 158984)
6:04 PM: atmtd.dll (ID = 166754)
6:06 PM: vocabulary (ID = 78283)
6:06 PM: class-barrel (ID = 78229)
6:06 PM: qofrl.exe (ID = 195130)
6:06 PM: data.~ (ID = 188119)
6:06 PM: packetqueuerules[1].xml (ID = 69221)
6:06 PM: a0003807.lnk (ID = 154586)
6:06 PM: nls[1].cfg (ID = 138305)
6:06 PM: ke.vbs (ID = 185675)
6:06 PM: postdatarules[2].xml (ID = 69222)
6:06 PM: wtd[5].htm (ID = 192512)
6:09 PM: Found System Monitor: potentially rootkit-masked files
6:09 PM: 000018be_43977623_00076417 (ID = 0)
6:09 PM: 000041bb_439758b6_00044aa2 (ID = 0)
6:09 PM: 00007a5a_43977a2b_0000f424 (ID = 0)
6:09 PM: 00004461_43965666_000a7d8c (ID = 0)
6:09 PM: 000063cb_43975b5f_00039387 (ID = 0)
6:09 PM: 00005f90_43975e2c_0006ea05 (ID = 0)
6:09 PM: 000054de_439779f1_00094c5f (ID = 0)
6:09 PM: 00004823_43978142_0009c671 (ID = 0)
6:09 PM: 000026a6_439769bb_00003d09 (ID = 0)
6:09 PM: 000075ef_439629a8_000cafab (ID = 0)
6:09 PM: 000001eb_439758d5_000e4e1c (ID = 0)
6:09 PM: 00004823_4399e220_00031975 (ID = 0)
6:09 PM: 00005878_43976356_000487ab (ID = 0)
6:09 PM: 0000409d_4394d139_0001e848 (ID = 0)
6:09 PM: 000072ae_4397aa53_0000b71b (ID = 0)
6:09 PM: 0000074d_43962839_00032643 (ID = 0)
6:09 PM: 00000f3e_43977c08_000c28cb (ID = 0)
6:09 PM: 00003d6c_439776f8_000f0537 (ID = 0)
6:09 PM: 00000bb3_439758d8_0007de29 (ID = 0)
6:09 PM: 00003699_4394d197_0001ab3f (ID = 0)
6:09 PM: 0000305e_439782a0_0001ab3f (ID = 0)
6:09 PM: 00006952_43977770_000501bd (ID = 0)
6:09 PM: 000072ae_4399ea23_000501bd (ID = 0)
6:09 PM: 0000797d_43975d29_0001e848 (ID = 0)
6:09 PM: 00007e87_43964cdd_000baeb9 (ID = 0)
6:09 PM: 0000390c_43975fb9_00057bcf (ID = 0)
6:09 PM: 000041bb_43964ca8_0002dc6c (ID = 0)
6:09 PM: 00001547_439779d7_00044aa2 (ID = 0)
6:09 PM: 00004823_4397759e_0001312d (ID = 0)
6:09 PM: 00000f3e_43975fde_0005f5e1 (ID = 0)
6:09 PM: 00002ea6_439758e3_0003567e (ID = 0)
6:09 PM: 000012db_439758e3_000aba95 (ID = 0)
6:09 PM: 0000153c_439758e3_000f0537 (ID = 0)
6:09 PM: 00000099_43976004_000c28cb (ID = 0)
6:09 PM: 0000390c_43975959_000cdfe6 (ID = 0)
6:09 PM: 00005f49_4397638e_00022551 (ID = 0)
6:09 PM: 000041bb_43979acd_0004c4b4 (ID = 0)
6:09 PM: 00001547_439782eb_000cdfe6 (ID = 0)
6:09 PM: 000026a6_43975b19_0005b8d8 (ID = 0)
6:09 PM: 000072ae_43977b7f_00044aa2 (ID = 0)
6:09 PM: 0000491c_43975a3a_000d59f8 (ID = 0)
6:09 PM: 00000099_43977c09_000e1113 (ID = 0)
6:09 PM: 00002ea6_439778f7_000ca2dd (ID = 0)
6:09 PM: 0000390c_4397826f_00016e36 (ID = 0)
6:09 PM: 0000440d_43977aa5_0006ea05 (ID = 0)
6:09 PM: 0000323b_43975bd0_00022551 (ID = 0)
6:09 PM: 00004027_43962c9a_0004d182 (ID = 0)
6:09 PM: 00000124_43976006_0000f424 (ID = 0)
6:09 PM: 00002cd6_4399e9c1_0006ea05 (ID = 0)
6:09 PM: 00004d06_43977ad0_00029f63 (ID = 0)
6:09 PM: 00003e12_43976366_00066ff3 (ID = 0)
6:09 PM: 0000428b_4397859d_000b71b0 (ID = 0)
6:09 PM: dns (ID = 0)
6:09 PM: 00001547_43975ab5_000a037a (ID = 0)
6:09 PM: 00001003_43965643_000d59f8 (ID = 0)
6:09 PM: 00001649_439627ff_000bbb87 (ID = 0)
6:09 PM: 00000124_439759da_00089544 (ID = 0)
6:09 PM: 000026e9_4397660e_00039387 (ID = 0)
6:09 PM: 0000305e_43976006_00089544 (ID = 0)
6:09 PM: 00006952_4399ea24_00057bcf (ID = 0)
6:09 PM: 0000767d_43975b31_000e1113 (ID = 0)
6:09 PM: 00006486_43965413_000af79e (ID = 0)
6:09 PM: 00005f32_43964d1d_0001ab3f (ID = 0)
6:09 PM: 000075ef_43964d8d_000b34a7 (ID = 0)
6:09 PM: 00005e14_43962913_0001b80d (ID = 0)
6:10 PM: 00004db7_43977ad0_00053ec6 (ID = 0)
6:10 PM: 00006b36_43976357_00039387 (ID = 0)
6:10 PM: 000039ce_43962b12_0007adee (ID = 0)
6:10 PM: 0000440d_439760f2_00044aa2 (ID = 0)
6:10 PM: 0000008e_43965694_0006ea05 (ID = 0)
6:10 PM: 00000bb3_4397ab10_0009c671 (ID = 0)
6:10 PM: 00001e1f_43962880_00063fb8 (ID = 0)
6:10 PM: 00005f90_43978207_000b71b0 (ID = 0)
6:10 PM: 00006952_43977b8b_000e8b25 (ID = 0)
6:10 PM: 0000260d_43975bd3_0002625a (ID = 0)
6:10 PM: 00006b36_43975ccc_0001e848 (ID = 0)
6:10 PM: 00001a49_43976367_0007de29 (ID = 0)
6:10 PM: 00005cfd_43975ccc_0008583b (ID = 0)
6:10 PM: 00006b89_43975bed_00081b32 (ID = 0)
6:10 PM: 00004080_43964d65_000e1113 (ID = 0)
6:10 PM: 00005005_43964e28_00029f63 (ID = 0)
6:10 PM: 00001ad4_43976a45_0006ea05 (ID = 0)
6:10 PM: 00003699_4397641b_0003567e (ID = 0)
6:10 PM: 00001a49_43975cd1_0001e848 (ID = 0)
6:10 PM: 00003d6c_43962701_00054b94 (ID = 0)
6:10 PM: 00005a9f_43964dab_0007270e (ID = 0)
6:10 PM: 00002e40_4394d107_000a7d8c (ID = 0)
6:10 PM: 00003d6c_4394b11c_000d9701 (ID = 0)
6:10 PM: 000029d8_43962c4f_0008df1b (ID = 0)
6:10 PM: 00003bf6_4397636a_0007de29 (ID = 0)
6:10 PM: 00000029_43977a54_000632ea (ID = 0)
6:10 PM: 00000120_4397633c_0001e848 (ID = 0)
6:10 PM: 0000187e_43976438_00081b32 (ID = 0)
6:10 PM: 0000074d_43975abe_000cdfe6 (ID = 0)
6:10 PM: 00005c67_43962980_00045770 (ID = 0)
6:10 PM: 00000c15_43962ac3_000733dc (ID = 0)
6:10 PM: 000066c4_4396291c_000a8a5a (ID = 0)
6:10 PM: 00000bdb_43975bf4_000dd40a (ID = 0)
6:10 PM: 000018be_43976597_00022551 (ID = 0)
6:10 PM: 000018be_43975dd2_00000000 (ID = 0)
6:10 PM: 00002e40_439763a8_0009c671 (ID = 0)
6:10 PM: 00003a9e_4397636c_0003567e (ID = 0)
6:10 PM: 00001238_43975b45_00089544 (ID = 0)
6:10 PM: 0000305e_43977c33_000501bd (ID = 0)
6:10 PM: 00004dc8_43975ac1_000e1113 (ID = 0)
6:10 PM: 00004823_4397a9d7_00039387 (ID = 0)
6:10 PM: 0000491c_43976126_0006acfc (ID = 0)
6:10 PM: 000012db_43975f8f_00039387 (ID = 0)
6:10 PM: 00005fa8_4396540a_000f0537 (ID = 0)
6:10 PM: 0000293b_439653d1_0008d24d (ID = 0)
6:10 PM: 000023c9_43976454_000e1113 (ID = 0)
6:10 PM: 00007a36_439656be_000ca2dd (ID = 0)
6:10 PM: 00003d6c_43975de5_000baeb9 (ID = 0)
6:10 PM: index (ID = 0)
6:10 PM: 00005f90_43979a49_0007a120 (ID = 0)
6:10 PM: 00000124_43977c2e_0008d24d (ID = 0)
6:10 PM: 00005d03_43977a1f_0007a120 (ID = 0)
6:10 PM: 0000759a_43975c21_000e4e1c (ID = 0)
6:10 PM: 000022ee_43975c23_0003567e (ID = 0)
6:10 PM: 0000366b_439763ad_0001e848 (ID = 0)
6:10 PM: 00002213_4397630f_000d59f8 (ID = 0)
6:10 PM: 00004e45_43975b67_00022551 (ID = 0)
6:10 PM: 00006899_4397643c_000bebc2 (ID = 0)
6:10 PM: 0000428b_43976197_00022551 (ID = 0)
6:10 PM: 00004823_43977b44_00044aa2 (ID = 0)
6:10 PM: 00006e5d_43976241_000c65d4 (ID = 0)
6:10 PM: 00005422_439763c4_0007de29 (ID = 0)
6:10 PM: 00004e45_43977004_0006ea05 (ID = 0)
6:10 PM: 00007f96_43975b60_000b71b0 (ID = 0)
6:10 PM: 000029d8_43964f72_000e8b25 (ID = 0)
6:10 PM: 00006952_4397aa75_0003d090 (ID = 0)
6:10 PM: 000012e1_43964d57_00031975 (ID = 0)
6:10 PM: 00004230_439763ae_00022551 (ID = 0)
6:10 PM: 0000440d_43977c36_000c28cb (ID = 0)
6:10 PM: 00001649_43977ba7_000a037a (ID = 0)
6:10 PM: 00000029_4399e25d_00016e36 (ID = 0)
6:10 PM: 00005e73_43962b6d_000a8a5a (ID = 0)
6:10 PM: 0000153c_43978245_0006acfc (ID = 0)
6:10 PM: 000066bb_43977a0d_000aba95 (ID = 0)
6:10 PM: 00002ea6_4397ab13_00094c5f (ID = 0)
6:10 PM: 00002cd6_439781ee_00040d99 (ID = 0)
6:10 PM: 00001ad4_43964cef_000af79e (ID = 0)
6:10 PM: 000022ee_43976345_00089544 (ID = 0)
6:10 PM: 0000282d_43962cbd_0008df1b (ID = 0)
6:10 PM: 0000138a_43962caf_000b7e7e (ID = 0)
6:10 PM: 000066bb_4394d09d_000baeb9 (ID = 0)
6:10 PM: 00004dc8_4397699c_0003567e (ID = 0)
6:10 PM: 00005d24_43962c09_00063fb8 (ID = 0)
6:10 PM: 00000bdb_4394d0ed_0000b71b (ID = 0)
6:10 PM: 0000491c_43977aa8_000a7d8c (ID = 0)
6:10 PM: 00003d6c_43978179_00000000 (ID = 0)
6:10 PM: 00002ea6_43978238_0007270e (ID = 0)
6:10 PM: 0000468c_439653df_0001312d (ID = 0)
6:10 PM: 0000721d_43965640_000c65d4 (ID = 0)
6:10 PM: 00003cd5_43976441_00039387 (ID = 0)
6:10 PM: 000063cb_43976274_0007270e (ID = 0)
6:10 PM: 00005f90_4397aa75_0008d24d (ID = 0)
6:10 PM: 00005af1_4397aaa7_000aba95 (ID = 0)
6:10 PM: 00007bb9_43976425_000d59f8 (ID = 0)
6:10 PM: 00004b40_43976349_00040d99 (ID = 0)
6:10 PM: 000026e9_43975f7a_000a4083 (ID = 0)
6:10 PM: 00001547_43976146_000c28cb (ID = 0)
6:10 PM: 00000120_439628e9_00026f28 (ID = 0)
6:10 PM: 00004db7_43977c88_00039387 (ID = 0)
6:10 PM: 000063cb_43962881_0003634c (ID = 0)
6:10 PM: 000069d0_43962cbd_000bbb87 (ID = 0)
6:10 PM: 00000fc9_43962a1c_000f1205 (ID = 0)
6:10 PM: 00006784_43977b48_000cdfe6 (ID = 0)
6:10 PM: 000063cb_43964cef_000e1113 (ID = 0)
6:10 PM: 00004d67_43964e7a_00003d09 (ID = 0)
6:10 PM: 00003b25_43977ae4_000e1113 (ID = 0)
6:10 PM: 000041bb_4399ea54_00040d99 (ID = 0)
6:10 PM: 000072ae_43975def_00039387 (ID = 0)
6:10 PM: 000026ca_43976415_000ec82e (ID = 0)
6:10 PM: 00001649_43979a55_00094c5f (ID = 0)
6:10 PM: 00006172_439629ee_0001f516 (ID = 0)
6:10 PM: 000041bb_4397820e_000e4e1c (ID = 0)
6:10 PM: 00007eb7_4394d123_00016e36 (ID = 0)
6:11 PM: 0000767d_439785b8_000bebc2 (ID = 0)
6:11 PM: 000026e9_4399ea56_000aba95 (ID = 0)
6:11 PM: 00000822_439763f0_000501bd (ID = 0)
6:11 PM: 000072ae_439765ac_000a037a (ID = 0)
6:11 PM: 00000029_43978125_00044aa2 (ID = 0)
6:11 PM: 00005991_439763f3_00016e36 (ID = 0)
6:11 PM: 0000153c_43975f90_00090f56 (ID = 0)
6:11 PM: 0000791b_4396565d_000c28cb (ID = 0)
6:11 PM: 000012e1_439763f5_0007de29 (ID = 0)
6:11 PM: data.bin (ID = 0)
6:11 PM: avtpmesh.exe (ID = 0)
6:11 PM: 000041bb_43977894_00057bcf (ID = 0)
6:11 PM: 00001643_43964ec9_000a7d8c (ID = 0)
6:11 PM: 00001366_4394d108_0002625a (ID = 0)
6:11 PM: 000073da_43962934_000cafab (ID = 0)
6:11 PM: 0000765f_43962a95_000bbb87 (ID = 0)
6:11 PM: 0000305e_4399eab4_000e4e1c (ID = 0)
6:11 PM: 00000ddc_4397638f_0000b71b (ID = 0)
6:11 PM: 00001643_43962c35_00045770 (ID = 0)
6:11 PM: 000041bb_4397aaea_00090f56 (ID = 0)
6:11 PM: 00000de5_43962c36_00026f28 (ID = 0)
6:11 PM: 00002059_43962a34_0007adee (ID = 0)
6:11 PM: 00006784_4397a9f6_0003d090 (ID = 0)
6:11 PM: 0000390c_43964cdd_000f0537 (ID = 0)
6:11 PM: 0000047e_43962989_000b4175 (ID = 0)
6:11 PM: 00004ae1_43977b52_000a4083 (ID = 0)
6:11 PM: 00003bf6_4396290c_0000c3e9 (ID = 0)
6:11 PM: 000012db_4397ab16_0000b71b (ID = 0)
6:11 PM: 000018be_439799eb_0001e848 (ID = 0)
6:11 PM: 00006df1_43979a6e_00029f63 (ID = 0)
6:11 PM: 00007eb7_439763c1_000e8b25 (ID = 0)
6:11 PM: 00000bb3_439778cd_000d1cef (ID = 0)
6:11 PM: 00001649_43979732_000d1cef (ID = 0)
6:11 PM: 000066bb_4397859a_00044aa2 (ID = 0)
6:11 PM: 00007f96_43962882_000ac763 (ID = 0)
6:11 PM: 00002cd6_4397aa51_000ca2dd (ID = 0)
6:11 PM: 00006443_439769a5_000487ab (ID = 0)
6:11 PM: 00001dcb_43965640_000e1113 (ID = 0)
6:11 PM: 00000029_43976496_000ca2dd (ID = 0)
6:11 PM: 00001649_4397aa7f_000d59f8 (ID = 0)
6:11 PM: 00004080_43976443_000b71b0 (ID = 0)
6:11 PM: 00002852_43964eb0_000bebc2 (ID = 0)
6:11 PM: 000033ea_4394d1e3_0007a120 (ID = 0)
6:11 PM: 0000428b_439769ac_00094c5f (ID = 0)
6:11 PM: 00005f90_4399ea28_000e1113 (ID = 0)
6:11 PM: 00003ef6_439763c6_00044aa2 (ID = 0)
6:11 PM: 0000121f_439763f6_00089544 (ID = 0)
6:11 PM: 00000120_4394d0ee_00098968 (ID = 0)
6:11 PM: 000039b3_439779f6_000a7d8c (ID = 0)
6:11 PM: 000023c9_4394d1e4_000e1113 (ID = 0)
6:11 PM: 000001eb_43977bd4_00094c5f (ID = 0)
6:11 PM: 00001547_43977c89_0001e848 (ID = 0)
6:11 PM: 0000153c_4397ab1a_0000b71b (ID = 0)
6:11 PM: 00003d6c_43979a11_0007a120 (ID = 0)
6:11 PM: 0000759a_439628ea_000770e5 (ID = 0)
6:11 PM: 000058b0_43964d5b_00053ec6 (ID = 0)
6:11 PM: 00007a54_43962d45_000ed4fc (ID = 0)
6:11 PM: 0000692c_4394d19f_0006acfc (ID = 0)
6:11 PM: 00001547_43977ad8_000cdfe6 (ID = 0)
6:11 PM: 00003cd6_43962980_000c3599 (ID = 0)
6:11 PM: 00006fc9_43962cd1_00041a67 (ID = 0)
6:11 PM: 0000797d_43964d22_00076417 (ID = 0)
6:11 PM: 00003d6c_439796b1_000aba95 (ID = 0)
6:11 PM: 00001649_4399ea29_00040d99 (ID = 0)
6:11 PM: 00002c3b_439763c3_0005f5e1 (ID = 0)
6:11 PM: 00005af1_4397660c_000baeb9 (ID = 0)
6:11 PM: 00002fe7_43962d47_0003a055 (ID = 0)
6:11 PM: 00004823_4399e284_00000000 (ID = 0)
6:11 PM: 000041bb_4397660d_000ec82e (ID = 0)
6:11 PM: 00003b97_43962c84_00049479 (ID = 0)
6:11 PM: 0000366b_4394d11a_000a7d8c (ID = 0)
6:11 PM: 00004823_4399e97c_00098968 (ID = 0)
6:11 PM: 00006df1_43962801_000a4d51 (ID = 0)
6:11 PM: 000018be_4397563f_00098968 (ID = 0)
6:11 PM: 00004e45_43964cf6_0003567e (ID = 0)
6:11 PM: 00006784_43975640_0005f5e1 (ID = 0)
6:11 PM: 00005772_43976429_000b34a7 (ID = 0)
6:11 PM: 00005f90_439777fa_000c65d4 (ID = 0)
6:11 PM: 00005fa4_43964dac_00040d99 (ID = 0)
6:11 PM: 000026a6_4394d0a9_0007de29 (ID = 0)
6:11 PM: 00000a28_43964f75_000dd40a (ID = 0)
6:11 PM: 00002d12_439784cc_000dd40a (ID = 0)
6:11 PM: 00001649_43977818_00044aa2 (ID = 0)
6:11 PM: 00000f3e_4397b1eb_00094c5f (ID = 0)
6:11 PM: 00002959_43962cb4_00026f28 (ID = 0)
6:11 PM: 0000440d_4396282e_000b046c (ID = 0)
6:11 PM: 0000323b_4396288b_000ac763 (ID = 0)
6:11 PM: 000054de_43977d78_0006ea05 (ID = 0)
6:11 PM: 00003f0b_439653e0_0005f5e1 (ID = 0)
6:11 PM: 0000074d_43977da0_00003d09 (ID = 0)
6:11 PM: 00004ae1_43975654_00007a12 (ID = 0)
6:11 PM: 00000e12_43962a20_00045770 (ID = 0)
6:11 PM: 0000486a_43962b64_000733dc (ID = 0)
6:11 PM: 00002725_43964eb1_0000b71b (ID = 0)
6:11 PM: 00007b44_43962a91_0006b9ca (ID = 0)
6:11 PM: 000001eb_4399ea5a_000d1cef (ID = 0)
6:11 PM: 00005ccd_43962d16_000d29bd (ID = 0)
6:11 PM: 000026e9_43979771_0008583b (ID = 0)
6:11 PM: 000072ae_439781f0_0008583b (ID = 0)
6:11 PM: 00000099_4397b26d_000e8b25 (ID = 0)
6:11 PM: 000001eb_43976612_0002dc6c (ID = 0)
6:12 PM: 000016c5_43962952_000086e0 (ID = 0)
6:12 PM: 00004e08_43962d1a_000ac763 (ID = 0)
6:12 PM: 00005f23_439654ab_00081b32 (ID = 0)
6:12 PM: 00007874_43964da7_000baeb9 (ID = 0)
6:12 PM: 00000ddc_43964d24_00022551 (ID = 0)
6:12 PM: 000056ae_43975bfc_00039387 (ID = 0)
6:12 PM: 00003d6c_43977b5b_000a037a (ID = 0)
6:12 PM: 00006e5d_43977ae7_00007a12 (ID = 0)
6:12 PM: 00000bb3_4399ea5f_0000b71b (ID = 0)
6:12 PM: 0000440d_43977947_000d9701 (ID = 0)
6:12 PM: 00005f90_439765b6_0008583b (ID = 0)
6:12 PM: 0000701f_43977a15_00076417 (ID = 0)
6:12 PM: 0000491c_43977c59_00029f63 (ID = 0)
6:12 PM: 00000029_4399e1ed_000a037a (ID = 0)
6:12 PM: 00004d06_43977c5a_0004c4b4 (ID = 0)
6:12 PM: 00004db7_439779ce_00022551 (ID = 0)
6:12 PM: 00001238_43976a0b_0007a120 (ID = 0)
6:12 PM: 00000029_4397a91c_000f0537 (ID = 0)
6:12 PM: 000012db_43964cdd_000501bd (ID = 0)
6:12 PM: 0000701f_4394d0ac_0006acfc (ID = 0)
6:12 PM: 00002cd6_43977b5c_000aba95 (ID = 0)
6:12 PM: 00005f90_4397587a_0003d090 (ID = 0)
6:12 PM: 00004d06_4397691b_0000b71b (ID = 0)
6:12 PM: 00005968_43964e7a_000d9701 (ID = 0)
6:12 PM: 000013d3_43962c48_00063fb8 (ID = 0)
6:12 PM: 00002350_43964d04_0003567e (ID = 0)
6:12 PM: 00003699_43964d5e_0008583b (ID = 0)
6:12 PM: 00004087_43962a89_00026f28 (ID = 0)
6:12 PM: 000049bb_43962bde_0008a212 (ID = 0)
6:12 PM: 00002059_43964dac_00076417 (ID = 0)
6:12 PM: 00005f90_43977ba6_00090f56 (ID = 0)
6:12 PM: 00001649_43977a83_0008583b (ID = 0)
6:12 PM: 00006df1_43977bc0_00029f63 (ID = 0)
6:12 PM: 00007ff5_4394d0e6_000e4e1c (ID = 0)
6:12 PM: 00006df1_439765b9_000cdfe6 (ID = 0)
6:12 PM: 00003459_43964fc4_00094c5f (ID = 0)
6:12 PM: 000078d4_43962d18_00086509 (ID = 0)
6:12 PM: 00005af1_43977bc0_000d59f8 (ID = 0)
6:12 PM: 000001eb_439778af_0005b8d8 (ID = 0)
6:12 PM: 00004ae1_43977a7d_000a037a (ID = 0)
6:12 PM: 00002cf7_43964e7f_00076417 (ID = 0)
6:12 PM: 000073d9_43964e78_000d59f8 (ID = 0)
6:12 PM: 00004e08_439653b2_0000f424 (ID = 0)
6:12 PM: 000026e9_4397821b_000a4083 (ID = 0)
6:12 PM: 0000314f_43964d24_000e4e1c (ID = 0)
6:12 PM: 00002ea6_4397661b_0005b8d8 (ID = 0)
6:12 PM: 00005af1_43979a7b_0007de29 (ID = 0)
6:12 PM: 00004cad_4397638f_00016e36 (ID = 0)
6:12 PM: 0000153c_4397661d_000487ab (ID = 0)
6:12 PM: 00004db7_43976920_00044aa2 (ID = 0)
6:12 PM: 00006df1_4397aa89_0008583b (ID = 0)
6:12 PM: intipr12.sys (ID = 0)
6:12 PM: 000016c5_4394d1c4_000cdfe6 (ID = 0)
6:12 PM: 00007f96_439762ca_000c65d4 (ID = 0)
6:12 PM: 00002d12_439779fc_000d59f8 (ID = 0)
6:12 PM: 000073da_43976400_0009c671 (ID = 0)
6:12 PM: 00005af1_4397975a_000ca2dd (ID = 0)
6:12 PM: 00006899_4396295a_000cafab (ID = 0)
6:12 PM: 00006952_439781ff_000cdfe6 (ID = 0)
6:12 PM: 0000305e_43977a9c_000a037a (ID = 0)
6:12 PM: 000023c9_43962972_0001b80d (ID = 0)
6:12 PM: 00007cfe_43964eb0_0007de29 (ID = 0)
6:12 PM: 00000822_43964d50_00057bcf (ID = 0)
6:12 PM: 00001d11_43962d23_000770e5 (ID = 0)
6:12 PM: 00000124_4397b279_000e8b25 (ID = 0)
6:12 PM: 00003b25_43976a0f_0006ea05 (ID = 0)
6:12 PM: 00004ae1_4397aa05_0001ab3f (ID = 0)
6:12 PM: 00005af1_4399ea50_0005f5e1 (ID = 0)
6:12 PM: 00006784_4399e9b3_00098968 (ID = 0)
6:12 PM: 00004ae1_43975ddc_0009c671 (ID = 0)
6:12 PM: 00007e87_4397ab1c_0006acfc (ID = 0)
6:12 PM: 00005753_4394d1e5_000d59f8 (ID = 0)
6:12 PM: 00000124_43964cdf_0001ab3f (ID = 0)
6:12 PM: 000020a8_4396574f_000a4083 (ID = 0)
6:12 PM: 000054d6_43962d27_0008df1b (ID = 0)
6:12 PM: 0000305e_43964cdf_0004c4b4 (ID = 0)
6:12 PM: 00004df2_439763a4_0007a120 (ID = 0)
6:12 PM: 00005876_43964e87_0000b71b (ID = 0)
6:12 PM: 00002ea6_4399ea63_0000f424 (ID = 0)
6:12 PM: 00004d06_43964ce0_00007a12 (ID = 0)
6:12 PM: 00006270_43962af8_0002ac31 (ID = 0)
6:12 PM: 00004db7_43964ce0_0006ea05 (ID = 0)
6:12 PM: 00003f0b_43962d2b_000cecb4 (ID = 0)
6:12 PM: 000039b3_43964ce2_00094c5f (ID = 0)
6:12 PM: 00002d12_43964ce3_00003d09 (ID = 0)
6:12 PM: 000009ce_43962c57_000a4d51 (ID = 0)
6:12 PM: 00004ae1_43978177_00076417 (ID = 0)
6:12 PM: 0000153c_43964cdd_00098968 (ID = 0)
6:12 PM: 00000a41_43965644_000c28cb (ID = 0)
6:12 PM: 00003f97_43962d31_0003a055 (ID = 0)
6:12 PM: 00006e89_4396561c_0005f5e1 (ID = 0)
6:12 PM: 0000578d_4396578a_000a7d8c (ID = 0)
6:12 PM: 0000658c_43962d31_000770e5 (ID = 0)
6:12 PM: 000018be_4397a9eb_0007270e (ID = 0)
6:12 PM: 000049bb_43964e94_00066ff3 (ID = 0)
6:12 PM: 00003765_4396564a_0005b8d8 (ID = 0)
6:12 PM: 000001eb_4397822d_00016e36 (ID = 0)
6:12 PM: 00005e14_43964d25_00007a12 (ID = 0)
6:12 PM: 000072ae_439627ec_0007eaf7 (ID = 0)
6:12 PM: 0000314f_43976391_00089544 (ID = 0)
6:12 PM: 00005e73_43964e74_00029f63 (ID = 0)
6:12 PM: 000033ea_43976447_000c65d4 (ID = 0)
6:12 PM: 00006df1_4399ea3b_00081b32 (ID = 0)
6:12 PM: 0000366b_43964d32_00039387 (ID = 0)
6:12 PM: 00006443_43977a0c_000aba95 (ID = 0)
6:12 PM: 000026e9_43977a8e_00003d09 (ID = 0)
6:12 PM: 00000607_43965645_00000000 (ID = 0)
6:12 PM: 0000441d_439653e7_000ca2dd (ID = 0)
6:13 PM: 0000441d_43962d34_00091c24 (ID = 0)
6:13 PM: 0000260d_43976327_000632ea (ID = 0)
6:13 PM: 00004e45_439762cc_00076417 (ID = 0)
6:13 PM: 00005422_4396292a_00049479 (ID = 0)
6:13 PM: 00004db7_4399eabd_00044aa2 (ID = 0)
6:13 PM: 00004eae_43964ea4_00044aa2 (ID = 0)
6:13 PM: 00005e9d_439629ec_000b4175 (ID = 0)
6:13 PM: 0000260d_4396288c_000602af (ID = 0)
6:13 PM: 0000767d_43976a01_0002625a (ID = 0)
6:13 PM: 000013e9_4394d1dc_000501bd (ID = 0)
6:13 PM: 0000440d_4399eaba_0001312d (ID = 0)
6:13 PM: 000026a6_439785a6_000a037a (ID = 0)
6:13 PM: 00004cad_4394d101_000dd40a (ID = 0)
6:13 PM: 0000701f_43964ceb_000baeb9 (ID = 0)
6:13 PM: 00000588_43964ea6_000baeb9 (ID = 0)
6:13 PM: 00007a61_439653b4_000a4083 (ID = 0)
6:13 PM: 00001cdf_439655a7_0007a120 (ID = 0)
6:13 PM: 00000bb3_43977a8e_000d9701 (ID = 0)
6:13 PM: 00006ad6_43964d81_0006acfc (ID = 0)
6:13 PM: 0000182f_43964e79_00031975 (ID = 0)
6:13 PM: 00005579_43964ead_0008d24d (ID = 0)
6:13 PM: 00007bb9_4394d19b_00044aa2 (ID = 0)
6:13 PM: 000058c5_43965667_0001ab3f (ID = 0)
6:13 PM: 00003b25_43964cee_00022551 (ID = 0)
6:13 PM: 0000470e_43964e74_00090f56 (ID = 0)
6:13 PM: 00000029_439799b4_0008d24d (ID = 0)
6:13 PM: 00000f3e_43977912_0006ea05 (ID = 0)
6:13 PM: 00006048_43964db5_00094c5f (ID = 0)
6:13 PM: 000058b0_4397640d_000c28cb (ID = 0)
6:13 PM: 0000169a_43962d47_0001f516 (ID = 0)
6:13 PM: 00006479_439653b0_0002625a (ID = 0)
6:13 PM: 00000029_43977b25_00016e36 (ID = 0)
6:13 PM: 0000491c_439782aa_00057bcf (ID = 0)
6:13 PM: 00000bb3_43978232_00098968 (ID = 0)
6:13 PM: 00000728_43962d4c_000de0d8 (ID = 0)
6:13 PM: 00005f90_439627fb_00050e8b (ID = 0)
6:13 PM: 0000153c_4399ea6d_000e1113 (ID = 0)
6:13 PM: 0000305e_4396282a_00017b04 (ID = 0)
6:13 PM: 000001eb_4397ab0c_000b34a7 (ID = 0)
6:13 PM: 00004ae1_439765a4_00007a12 (ID = 0)
6:13 PM: 00005dd5_43964daa_0003567e (ID = 0)
6:13 PM: 00004dc8_43977da2_0003567e (ID = 0)
6:13 PM: 00006443_4396284b_0002e93a (ID = 0)
6:13 PM: 00006d4e_43962d5b_000cecb4 (ID = 0)
6:13 PM: 00003ef6_4396292a_0008a212 (ID = 0)
6:13 PM: 00000ddc_43962910_000a1048 (ID = 0)
6:13 PM: 00005d03_439785a9_000ec82e (ID = 0)
6:13 PM: 000022cd_439629e9_000c72a2 (ID = 0)
6:13 PM: 00007e87_4399ea73_000a7d8c (ID = 0)
6:13 PM: 0000390c_4397b1c3_00031975 (ID = 0)
6:13 PM: 00001316_43962bd2_000c72a2 (ID = 0)
6:13 PM: 000054dc_4396298f_000733dc (ID = 0)
6:13 PM: msveacct.exe (ID = 0)
6:13 PM: 00002f14_4394d1f8_0006acfc (ID = 0)
6:13 PM: 00000a4a_43962b90_0001b80d (ID = 0)
6:13 PM: subaclen.exe (ID = 0)
6:13 PM: 00004a80_4394d19f_000cdfe6 (ID = 0)
6:13 PM: 000026e9_43977bd0_00089544 (ID = 0)
6:13 PM: 00004d06_4399eaba_000a4083 (ID = 0)
6:13 PM: 0000390c_4399ea7e_0000f424 (ID = 0)
6:13 PM: 00004df2_4394d104_000632ea (ID = 0)
6:13 PM: 00000099_43964cde_0006ea05 (ID = 0)
6:13 PM: 000000c1_439653ef_0006ea05 (ID = 0)
6:13 PM: 00006ad6_4394d1fb_00053ec6 (ID = 0)
6:13 PM: 00005e76_43962cbd_000733dc (ID = 0)
6:13 PM: 00001a49_4394d0fb_000dd40a (ID = 0)
6:13 PM: 000026a6_43977a13_000c65d4 (ID = 0)
6:13 PM: ace.dll (ID = 0)
6:13 PM: 00005a9b_439653ef_000c65d4 (ID = 0)
6:13 PM: 000018be_4399e9b0_000c28cb (ID = 0)
6:13 PM: 000026e9_439758be_000c65d4 (ID = 0)
6:13 PM: 000073d9_43962b71_00063fb8 (ID = 0)
6:13 PM: 00004b40_4394d0ef_000c65d4 (ID = 0)
6:13 PM: 00004823_4394b08a_00029f63 (ID = 0)
6:13 PM: 00000029_43975dce_000a037a (ID = 0)
6:13 PM: 00003bf6_43975d02_000ec82e (ID = 0)
6:13 PM: 00005af1_43975884_00053ec6 (ID = 0)
6:13 PM: 00003d6c_4399e9c0_000b71b0 (ID = 0)
6:13 PM: 00004ae1_4399e9bf_000b71b0 (ID = 0)
6:13 PM: 000012db_4399ea65_0002dc6c (ID = 0)
6:13 PM: 00000f3e_4399ea8c_00044aa2 (ID = 0)
6:13 PM: 00000099_4399eab4_00003d09 (ID = 0)
6:13 PM: 00000124_4399eab4_0002dc6c (ID = 0)
6:13 PM: 00001547_4399eabf_000aba95 (ID = 0)
6:13 PM: 0000491c_4399eaba_00057bcf (ID = 0)
6:13 PM: 000054de_4399eb95_000dd40a (ID = 0)
6:13 PM: 00000029_439774e3_00057bcf (ID = 0)
6:13 PM: 00000099_439759ce_00090f56 (ID = 0)
6:13 PM: 0000422d_4394d3af_00029f63 (ID = 0)
6:13 PM: 0000440d_439759fe_000632ea (ID = 0)
6:13 PM: 00004d06_43975a3e_0007270e (ID = 0)
6:13 PM: 000054de_43975ab8_000bebc2 (ID = 0)
6:13 PM: 000039b3_43975abd_00098968 (ID = 0)
6:13 PM: 00002d12_43975abe_00090f56 (ID = 0)
6:13 PM: 00006443_43975ac2_0006acfc (ID = 0)
6:13 PM: 000066bb_43975ac2_000e8b25 (ID = 0)
6:13 PM: 00000732_43975bfc_000a037a (ID = 0)
6:13 PM: 0000428b_43975ac9_000bebc2 (ID = 0)
6:13 PM: 0000701f_43975b1c_0007270e (ID = 0)
6:13 PM: 00005d03_43975b23_000a037a (ID = 0)
6:13 PM: 00004509_43975b44_0007de29 (ID = 0)
6:13 PM: 00006bfc_43975b60_0006ea05 (ID = 0)
6:13 PM: 00007a5a_43975b2f_0001312d (ID = 0)
6:13 PM: 00003b25_43975b47_000baeb9 (ID = 0)
6:13 PM: 00001e1f_43975b4a_000bebc2 (ID = 0)
6:13 PM: 00006e5d_43975b50_000487ab (ID = 0)
6:13 PM: 00001ad4_43975b56_000d1cef (ID = 0)
6:13 PM: 00007ff5_43975b66_0007270e (ID = 0)
6:14 PM: 00002213_43975bd0_000d9701 (ID = 0)
6:14 PM: 00002350_43975c23_00016e36 (ID = 0)
6:14 PM: 0000030a_43975bef_00090f56 (ID = 0)
6:14 PM: 0000301c_43975bf4_000b71b0 (ID = 0)
6:14 PM: 00000120_43975bfc_000a4083 (ID = 0)
6:14 PM: 00006443_43977da2_0008d24d (ID = 0)
6:14 PM: 00004823_43975dd1_0005f5e1 (ID = 0)
6:14 PM: 00004b40_43975c7c_00090f56 (ID = 0)
6:14 PM: 00003a9e_43975d06_000632ea (ID = 0)
6:14 PM: 00003e12_43975ccd_00098968 (ID = 0)
6:14 PM: 00005f32_43975cf1_0008d24d (ID = 0)
6:14 PM: 00006784_43975dd5_00098968 (ID = 0)
6:14 PM: 00006784_43977691_000b34a7 (ID = 0)
6:14 PM: 00004ae1_43977694_0006acfc (ID = 0)
6:14 PM: 00002cd6_4397776f_0006acfc (ID = 0)
6:14 PM: 0000701f_439785a7_000b71b0 (ID = 0)
6:14 PM: 00002cd6_43975ded_00003d09 (ID = 0)
6:14 PM: 00006952_43975df2_00003d09 (ID = 0)
6:14 PM: 00006df1_43975f71_00003d09 (ID = 0)
6:14 PM: 00005af1_43975f73_000d9701 (ID = 0)
6:14 PM: 000041bb_43975f75_000f0537 (ID = 0)
6:14 PM: 000001eb_43975f7a_000ec82e (ID = 0)
6:14 PM: 00000bb3_43975f7d_000ec82e (ID = 0)
6:14 PM: 00002ea6_43975f8e_000e1113 (ID = 0)
6:14 PM: 000072ae_4397776f_000d59f8 (ID = 0)
6:14 PM: 00007e87_43975fb9_00016e36 (ID = 0)
6:14 PM: 00005d03_439761fd_00029f63 (ID = 0)
6:14 PM: 00004d06_43976144_0002dc6c (ID = 0)
6:14 PM: 00003b25_43976215_000a4083 (ID = 0)
6:14 PM: 00001e1f_43976215_000aba95 (ID = 0)
6:14 PM: 00007ff5_439762cb_00098968 (ID = 0)
6:14 PM: 0000323b_439762cd_000b34a7 (ID = 0)
6:14 PM: 0000301c_4397632f_0009c671 (ID = 0)
6:14 PM: 00000bdb_43976330_0003d090 (ID = 0)
6:14 PM: 0000030a_43976329_0004c4b4 (ID = 0)
6:14 PM: 00000732_43976337_00039387 (ID = 0)
6:14 PM: 0000759a_4397633d_00040d99 (ID = 0)
6:14 PM: 00002350_43976344_000cdfe6 (ID = 0)
6:14 PM: 00005f32_43976367_000d9701 (ID = 0)
6:14 PM: 0000797d_4397636d_000a037a (ID = 0)
6:14 PM: 00005e14_43976394_00098968 (ID = 0)
6:14 PM: 00001366_439763a8_000baeb9 (ID = 0)
6:14 PM: 00006032_439763c2_00044aa2 (ID = 0)
6:14 PM: 00001cd0_439763aa_0007270e (ID = 0)
6:14 PM: 000066c4_439763ad_0007270e (ID = 0)
6:14 PM: 0000409d_439763f4_0005f5e1 (ID = 0)
6:14 PM: 0000798b_439763f5_000e8b25 (ID = 0)
6:14 PM: 00000902_4397641d_00040d99 (ID = 0)
6:14 PM: 00007049_43976432_000aba95 (ID = 0)
6:14 PM: 00005db2_43976443_000e8b25 (ID = 0)
6:14 PM: 000048cc_43976457_0001312d (ID = 0)
6:14 PM: 00004823_43976497_0003567e (ID = 0)
6:14 PM: 00003e12_4394d0fa_00081b32 (ID = 0)
6:14 PM: 000026ca_43964d5c_000e1113 (ID = 0)
6:14 PM: 00006784_4397659a_000b71b0 (ID = 0)
6:14 PM: 00004346_439656bb_00057bcf (ID = 0)
6:14 PM: 00007871_43965904_00029f63 (ID = 0)
6:14 PM: 0000305e_43976870_0005f5e1 (ID = 0)
6:14 PM: 0000440d_43976878_000632ea (ID = 0)
6:14 PM: 0000491c_439768e9_00053ec6 (ID = 0)
6:14 PM: 00001547_4397692b_000b71b0 (ID = 0)
6:14 PM: 0000701f_439769d4_000dd40a (ID = 0)
6:14 PM: 00005d03_439769d9_000cdfe6 (ID = 0)
6:14 PM: 000063cb_43976cee_000dd40a (ID = 0)
6:14 PM: 00006bfc_43976d73_00076417 (ID = 0)
6:14 PM: 00007f96_43976daf_000e8b25 (ID = 0)
6:14 PM: 00007ff5_43976ded_0007de29 (ID = 0)
6:14 PM: 00004d54_43962b07_00041a67 (ID = 0)
6:14 PM: 00006bfc_43962882_0004d182 (ID = 0)
6:14 PM: 00007f61_43964e19_000a037a (ID = 0)
6:14 PM: 000039b3_43977d86_00089544 (ID = 0)
6:14 PM: 00005c67_4394d1e7_00039387 (ID = 0)
6:14 PM: 000022ee_43964d04_000aba95 (ID = 0)
6:14 PM: 00004dc8_43977ae2_0006ea05 (ID = 0)
6:14 PM: 00004509_43964ced_000487ab (ID = 0)
6:14 PM: 0000030a_43964cfe_0008d24d (ID = 0)
6:14 PM: 00001cd0_4394d117_000a4083 (ID = 0)
6:14 PM: 00000099_43977913_00000000 (ID = 0)
6:14 PM: 000012db_43978239_000632ea (ID = 0)
6:14 PM: 000013e9_4396295c_00026f28 (ID = 0)
6:14 PM: ai_09-12-2005.log (ID = 0)
6:14 PM: 00005f1e_43964da7_0009c671 (ID = 0)
6:14 PM: 00004b40_43964d09_0009c671 (ID = 0)
6:14 PM: 00004d06_439779cc_000d1cef (ID = 0)
6:14 PM: 00004dc8_43977a08_00031975 (ID = 0)
6:14 PM: 000041bb_43979769_00081b32 (ID = 0)
6:14 PM: 00001649_4394b1f0_00003d09 (ID = 0)
6:14 PM: 000063cb_4394d0e5_0009c671 (ID = 0)
6:14 PM: 00006bfc_4394d0e5_000d9701 (ID = 0)
6:14 PM: 00002ea6_4394b82b_0001ab3f (ID = 0)
6:14 PM: 00002cd6_4394b123_0007de29 (ID = 0)
6:14 PM: 00006952_4394b1da_0007a120 (ID = 0)
6:14 PM: 00000099_4394bf8f_000baeb9 (ID = 0)
6:14 PM: 000001eb_4394b4a4_000d1cef (ID = 0)
6:15 PM: 000012db_4394b82f_0004c4b4 (ID = 0)
6:15 PM: 0000390c_4394bc09_00090f56 (ID = 0)
6:15 PM: 00004ae1_4394b0b7_00057bcf (ID = 0)
6:15 PM: 00006df1_4394b1fe_00044aa2 (ID = 0)
6:15 PM: 000018be_4394b0b4_000c28cb (ID = 0)
6:15 PM: 000072ae_4394b126_0006ea05 (ID = 0)
6:15 PM: 00007a5a_4394d0ce_000a037a (ID = 0)
6:15 PM: 00006784_4394b0b6_0000f424 (ID = 0)
6:15 PM: 000041bb_4394b276_00000000 (ID = 0)
6:15 PM: ai_05-12-2005.log (ID = 0)
6:15 PM: 00006784_43978176_000d9701 (ID = 0)
6:15 PM: 00002cd6_43978179_000c28cb (ID = 0)
6:15 PM: 00000bb3_4394b4a7_000c28cb (ID = 0)
6:15 PM: 0000491c_4394ce74_0001ab3f (ID = 0)
6:15 PM: 00005af1_4394b1fe_0007a120 (ID = 0)
6:15 PM: 000026e9_4394b27d_0007270e (ID = 0)
6:15 PM: 00000f3e_4394bc0c_0007270e (ID = 0)
6:15 PM: 0000153c_4394b831_000ec82e (ID = 0)
6:15 PM: 00007e87_4394b985_00066ff3 (ID = 0)
6:15 PM: 00005d03_4394d0cd_0009c671 (ID = 0)
6:15 PM: 00000124_4394bf93_00003d09 (ID = 0)
6:15 PM: 0000440d_4394c795_00066ff3 (ID = 0)
6:15 PM: 0000305e_4394c08d_00066ff3 (ID = 0)
6:15 PM: 00004d06_4394ce74_00090f56 (ID = 0)
6:15 PM: 00004db7_4394ce9d_0006acfc (ID = 0)
6:15 PM: 00006952_43977a82_000632ea (ID = 0)
6:15 PM: 0000390c_43977a92_0001312d (ID = 0)
6:15 PM: 00006df1_43977a85_00066ff3 (ID = 0)
6:15 PM: 00004509_43977ae4_000baeb9 (ID = 0)
6:15 PM: 0000767d_4394d0cf_0000b71b (ID = 0)
6:15 PM: 0000139d_4394d19c_000501bd (ID = 0)
6:15 PM: 00004509_4394d0dc_0003d090 (ID = 0)
6:15 PM: 00004080_4394d1e0_0000b71b (ID = 0)
6:15 PM: 0000301c_4394d0ec_000e1113 (ID = 0)
6:15 PM: 00002350_4394d0ef_000487ab (ID = 0)
6:15 PM: 00006443_43964ce6_000bebc2 (ID = 0)
6:15 PM: 00006b89_4394d0eb_00016e36 (ID = 0)
6:15 PM: 00005cfd_4394d0f3_000e8b25 (ID = 0)
6:15 PM: 000026ca_4394d143_0003567e (ID = 0)
6:15 PM: 000022ee_4394d0ef_0007a120 (ID = 0)
6:15 PM: 00005878_4394d0f0_0000f424 (ID = 0)
6:15 PM: 00005f32_4394d0fc_0006ea05 (ID = 0)
6:15 PM: 00003bf6_4394d0fc_000c28cb (ID = 0)
6:15 PM: 00003a9e_4394d0fd_0004c4b4 (ID = 0)
6:15 PM: 0000797d_4394d0ff_00053ec6 (ID = 0)
6:15 PM: 00000ddc_4394d101_000baeb9 (ID = 0)
6:15 PM: 0000314f_4394d102_00040d99 (ID = 0)
6:15 PM: 00004944_4394d106_00000000 (ID = 0)
6:15 PM: 00002ea6_43977a91_00094c5f (ID = 0)
6:15 PM: 000012db_43977a91_000d1cef (ID = 0)
6:15 PM: 0000153c_43977a91_000dd40a (ID = 0)
6:15 PM: 00007e87_43977a91_000f0537 (ID = 0)
6:15 PM: 00000f3e_43977a92_0002625a (ID = 0)
6:15 PM: 00000099_43977a92_00031975 (ID = 0)
6:15 PM: 00000124_43977a92_00039387 (ID = 0)
6:15 PM: 00005422_4394d128_000e4e1c (ID = 0)
6:15 PM: 0000187e_4394d1c3_0006acfc (ID = 0)
6:15 PM: 000049f7_43962a63_0006b9ca (ID = 0)
6:15 PM: 000039b3_43977add_00040d99 (ID = 0)
6:15 PM: 00002d12_43977ae1_00003d09 (ID = 0)
6:15 PM: 0000074d_43977ae1_00094c5f (ID = 0)
6:15 PM: 00007049_4394d19c_000cdfe6 (ID = 0)
6:15 PM: 00000902_4394d199_000a7d8c (ID = 0)
6:15 PM: 00005772_4394d19b_000a7d8c (ID = 0)
6:15 PM: 00006899_4394d1d9_00098968 (ID = 0)
6:15 PM: 00003cd5_4394d1db_0001ab3f (ID = 0)
6:15 PM: 00005064_43962b05_00082800 (ID = 0)
6:15 PM: 0000701f_43977ae3_0003d090 (ID = 0)
6:15 PM: 00005d03_43977ae3_00057bcf (ID = 0)
6:15 PM: 00007a5a_43977ae3_00081b32 (ID = 0)
6:15 PM: 0000767d_43977ae3_000e1113 (ID = 0)
6:15 PM: 00001238_43977ae4_000ca2dd (ID = 0)
6:15 PM: 00006784_43962699_000b4175 (ID = 0)
6:15 PM: 00004823_43978192_0008d24d (ID = 0)
6:15 PM: 00001e1f_43977ae6_0005b8d8 (ID = 0)
6:15 PM: 00000bb3_43977bd4_000a037a (ID = 0)
6:15 PM: 00002ea6_43977bd4_000e8b25 (ID = 0)
6:15 PM: 000012db_43977bd5_00003d09 (ID = 0)
6:15 PM: 00007e87_43977bd7_00016e36 (ID = 0)
6:15 PM: 0000153c_43977bd6_0001312d (ID = 0)
6:15 PM: 0000390c_43977bd7_00031975 (ID = 0)
6:15 PM: 000066bb_43977da2_000a4083 (ID = 0)
6:15 PM: 000018be_43978193_00066ff3 (ID = 0)
6:15 PM: 000060bf_4394d1e6_000e4e1c (ID = 0)
6:15 PM: 00001649_43978207_000d59f8 (ID = 0)
6:15 PM: 00006df1_43978208_0002dc6c (ID = 0)
6:15 PM: 00000124_4397829b_000bebc2 (ID = 0)
6:15 PM: 00000099_43978298_000a4083 (ID = 0)
6:15 PM: 00007e87_43978245_000ca2dd (ID = 0)
6:15 PM: 00000f3e_4397826f_0008583b (ID = 0)
6:15 PM: 0000440d_439782a0_000aba95 (ID = 0)
6:15 PM: 00004db7_439782eb_000bebc2 (ID = 0)
6:15 PM: 00004d06_439782ab_0002dc6c (ID = 0)
6:15 PM: 00003cd6_4394d1f7_00040d99 (ID = 0)
6:15 PM: 00007049_43964d61_000d1cef (ID = 0)
6:15 PM: 00005579_43962c0d_0003a055 (ID = 0)
6:15 PM: 00001a49_43962900_000602af (ID = 0)
6:15 PM: 00004dc8_4396283d_0000c3e9 (ID = 0)
6:15 PM: 0000456d_4396561e_0007a120 (ID = 0)
6:15 PM: 000073da_43964d5a_0006ea05 (ID = 0)
6:15 PM: 0000759a_43964d03_00076417 (ID = 0)
6:15 PM: 00007a5a_439785aa_000b34a7 (ID = 0)
6:16 PM: 00005064_43964e41_0007a120 (ID = 0)
6:16 PM: 0000074d_43964ce5_00066ff3 (ID = 0)
6:16 PM: 0000409d_43964d55_0007a120 (ID = 0)
6:16 PM: 00004509_439785ba_0001e848 (ID = 0)
6:16 PM: 000072ae_43979a3f_00066ff3 (ID = 0)
6:16 PM: 00000029_439795a4_000b71b0 (ID = 0)
6:16 PM: 00004823_43979607_0005f5e1 (ID = 0)
6:16 PM: 000018be_4397960b_00029f63 (ID = 0)
6:16 PM: 00000124_43962825_000b7e7e (ID = 0)
6:16 PM: 00001547_43964ce0_000b34a7 (ID = 0)
6:16 PM: 00002b00_43962a9d_000d29bd (ID = 0)
6:16 PM: 00007f61_43962aa1_0001b80d (ID = 0)
6:16 PM: 00000c7b_43962aa9_0005c5a6 (ID = 0)
6:16 PM: 00006732_43962a3b_000f1205 (ID = 0)
6:16 PM: 0000470e_43962b6f_000770e5 (ID = 0)
6:16 PM: 0000513e_43962b1e_000770e5 (ID = 0)
6:16 PM: 00003807_43962ac5_000ac763 (ID = 0)
6:16 PM: 000001eb_4397980a_0001e848 (ID = 0)
6:16 PM: ai_06-12-2005.log (ID = 0)
6:16 PM: 00000029_43962675_000cafab (ID = 0)
6:16 PM: 00006952_439627ed_0006f6d3 (ID = 0)
6:16 PM: 00004823_4396268c_00045770 (ID = 0)
6:16 PM: 00004ae1_43962699_000d66c6 (ID = 0)
6:16 PM: 000018be_43962692_0008a212 (ID = 0)
6:16 PM: 00002cd6_43979a21_0007de29 (ID = 0)
6:16 PM: 00005af1_4396280a_000a8a5a (ID = 0)
6:16 PM: 000041bb_4396280a_000cecb4 (ID = 0)
6:16 PM: 0000390c_43962823_0003634c (ID = 0)
6:16 PM: 00000384_43962a00_000e97f3 (ID = 0)
6:16 PM: 00007282_43964e2d_0005b8d8 (ID = 0)
6:16 PM: 00004d06_4396282e_000de0d8 (ID = 0)
6:16 PM: 00001547_4396282f_00050e8b (ID = 0)
6:16 PM: 000039b3_43962833_00026f28 (ID = 0)
6:16 PM: 000066bb_4396286

#10 strepo

strepo
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 09 December 2005 - 08:52 PM

6:17 PM: 00003960_43962c81_0003dd5e (ID = 0)
6:17 PM: 00006479_43962d19_000ac763 (ID = 0)
6:17 PM: 00001049_43962d18_00099636 (ID = 0)
6:17 PM: 0000086a_43962d18_000b4175 (ID = 0)
6:17 PM: 00007a61_43962d1b_000da3cf (ID = 0)
6:17 PM: 00002a38_43962d4b_0008df1b (ID = 0)
6:17 PM: 00000d6a_43962d1f_000733dc (ID = 0)
6:17 PM: 00000ea9_43962d27_000da3cf (ID = 0)
6:17 PM: 0000412f_43962d33_00045770 (ID = 0)
6:17 PM: 000030f1_43962d33_000cecb4 (ID = 0)
6:17 PM: 00005815_43962d33_000e97f3 (ID = 0)
6:17 PM: 00004d9a_43962d39_000a4d51 (ID = 0)
6:17 PM: 00000ce1_43962d3c_000a1048 (ID = 0)
6:17 PM: 00005fa8_43962d40_000cecb4 (ID = 0)
6:17 PM: 000051d1_43962d54_0004d182 (ID = 0)
6:17 PM: 000050bf_43962d46_00099636 (ID = 0)
6:17 PM: 000010d9_43962d47_000602af (ID = 0)
6:17 PM: 00004e55_43962d49_0007eaf7 (ID = 0)
6:17 PM: 00000390_43962d4a_0007eaf7 (ID = 0)
6:17 PM: 000010d9_43962d56_000a4d51 (ID = 0)
6:17 PM: 00006c6c_43962d56_000bbb87 (ID = 0)
6:17 PM: 00006ea1_43962d59_000ac763 (ID = 0)
6:17 PM: 00004c66_43962d5a_000e1de1 (ID = 0)
6:17 PM: 00005c5e_43962d5b_000733dc (ID = 0)
6:17 PM: 000001e1_43962d5c_0002321f (ID = 0)
6:17 PM: 00001030_43962d5c_0003a055 (ID = 0)
6:17 PM: 00001bd9_43962d64_000c72a2 (ID = 0)
6:17 PM: 00004823_439799b5_00066ff3 (ID = 0)
6:17 PM: 00004ae1_43964c83_000d1cef (ID = 0)
6:17 PM: 00004325_439653b0_0005b8d8 (ID = 0)
6:17 PM: 00001649_43964c99_0007a120 (ID = 0)
6:17 PM: 00000c7b_43964e27_000c28cb (ID = 0)
6:17 PM: 000007cf_43964db0_000632ea (ID = 0)
6:17 PM: 0000251f_43964e2d_0008583b (ID = 0)
6:17 PM: 00000f3e_43964cde_000501bd (ID = 0)
6:17 PM: 0000440d_43964cdf_0005f5e1 (ID = 0)
6:17 PM: 0000491c_43964cdf_00094c5f (ID = 0)
6:17 PM: 00004944_43964d28_0005f5e1 (ID = 0)
6:17 PM: 000054de_43964ce1_000c65d4 (ID = 0)
6:17 PM: 00005d03_43964ceb_000d1cef (ID = 0)
6:17 PM: 00001238_43964ced_00057bcf (ID = 0)
6:17 PM: 0000428b_43964ce9_00016e36 (ID = 0)
6:17 PM: 00002e40_43964d2a_000dd40a (ID = 0)
6:18 PM: 00001366_43964d2e_0001ab3f (ID = 0)
6:18 PM: 00007a5a_43964cec_00003d09 (ID = 0)
6:18 PM: 0000767d_43964cec_000af79e (ID = 0)
6:18 PM: 00001e1f_43964cee_00098968 (ID = 0)
6:18 PM: 00004df2_43964d26_00003d09 (ID = 0)
6:18 PM: 00006bfc_43964cf0_0003d090 (ID = 0)
6:18 PM: 00005cfd_43964d1c_00044aa2 (ID = 0)
6:18 PM: 00007f96_43964cf2_00089544 (ID = 0)
6:18 PM: 00007ff5_43964cf4_0001ab3f (ID = 0)
6:18 PM: 0000323b_43964cf9_0001ab3f (ID = 0)
6:18 PM: 00002213_43964cf9_00094c5f (ID = 0)
6:18 PM: 0000260d_43964cfa_0006ea05 (ID = 0)
6:18 PM: 00006b89_43964cfd_0003567e (ID = 0)
6:18 PM: 000056ae_43964d00_000b34a7 (ID = 0)
6:18 PM: 00005878_43964d0b_0007a120 (ID = 0)
6:18 PM: 00006899_43964d64_00076417 (ID = 0)
6:18 PM: 00001a49_43964d1c_000cdfe6 (ID = 0)
6:18 PM: 00003a9e_43964d1e_00057bcf (ID = 0)
6:18 PM: 00003bf6_43964d1e_00016e36 (ID = 0)
6:18 PM: 00005f49_43964d22_00094c5f (ID = 0)
6:18 PM: 00004cad_43964d24_00076417 (ID = 0)
6:18 PM: 00001cd0_43964d31_000af79e (ID = 0)
6:18 PM: 00005422_43964d4d_00081b32 (ID = 0)
6:18 PM: 00007983_43964d8c_0000b71b (ID = 0)
6:18 PM: 000066c4_43964d33_000d1cef (ID = 0)
6:18 PM: 00004230_43964d34_00000000 (ID = 0)
6:18 PM: 00007eb7_43964d3f_00029f63 (ID = 0)
6:18 PM: 00006032_43964d3f_000dd40a (ID = 0)
6:18 PM: 00002c3b_43964d42_0000f424 (ID = 0)
6:18 PM: 000015a1_43964d48_000d9701 (ID = 0)
6:18 PM: 00003ef6_43964d4f_000ec82e (ID = 0)
6:18 PM: 0000187e_43964d62_000f0537 (ID = 0)
6:18 PM: 000048cc_43964d6a_000af79e (ID = 0)
6:18 PM: 0000139d_43964d60_000d59f8 (ID = 0)
6:18 PM: 00004a80_43964d62_000d9701 (ID = 0)
6:18 PM: 000016c5_43964d63_00057bcf (ID = 0)
6:18 PM: 000037e5_43964dbf_00007a12 (ID = 0)
6:18 PM: 000013e9_43964d65_000a037a (ID = 0)
6:18 PM: 00005db2_43964d66_000d9701 (ID = 0)
6:18 PM: 00000677_43964d9f_000ca2dd (ID = 0)
6:18 PM: 000023c9_43964d69_00029f63 (ID = 0)
6:18 PM: 00005753_43964d6b_00007a12 (ID = 0)
6:18 PM: 000060bf_43964d6b_0007de29 (ID = 0)
6:18 PM: 00005c67_43964d6c_00081b32 (ID = 0)
6:18 PM: 00003cd6_43964d6e_000f0537 (ID = 0)
6:18 PM: 00002f14_43964d78_00066ff3 (ID = 0)
6:18 PM: 0000422d_43964d85_000632ea (ID = 0)
6:18 PM: 0000047e_43964d83_000af79e (ID = 0)
6:18 PM: 0000368e_43964d88_00016e36 (ID = 0)
6:18 PM: 00003c61_43964d8e_0005f5e1 (ID = 0)
6:18 PM: 00004cd4_43964dac_0001e848 (ID = 0)
6:18 PM: 00003a61_43964d93_000c65d4 (ID = 0)
6:18 PM: 0000261e_43964d98_00081b32 (ID = 0)
6:18 PM: 00007b44_43964dc3_0004c4b4 (ID = 0)
6:18 PM: 000018d7_43964da1_0003567e (ID = 0)
6:18 PM: 000032e6_43964d9a_000a7d8c (ID = 0)
6:18 PM: 0000401d_43964d9a_000f0537 (ID = 0)
6:18 PM: 000071f0_43964d9b_00029f63 (ID = 0)
6:18 PM: 00004087_43964dc3_00044aa2 (ID = 0)
6:18 PM: 00007f4f_43964d9c_0001e848 (ID = 0)
6:18 PM: 0000494a_43964d9e_0001e848 (ID = 0)
6:18 PM: 00002b0c_43964da8_0005b8d8 (ID = 0)
6:18 PM: 000049f7_43964dbf_00098968 (ID = 0)
6:18 PM: 0000542c_43964da2_000af79e (ID = 0)
6:18 PM: 00006ad4_43964daa_00044aa2 (ID = 0)
6:18 PM: 000046cf_43964db3_000632ea (ID = 0)
6:18 PM: 00007014_439653c6_000632ea (ID = 0)
6:18 PM: 000011f4_43964da9_00022551 (ID = 0)
6:18 PM: 00006784_439799eb_0007de29 (ID = 0)
6:18 PM: 00004ae1_439799eb_000ca2dd (ID = 0)
6:18 PM: 0000127e_43964dad_000af79e (ID = 0)
6:18 PM: 00000035_43964daf_000b34a7 (ID = 0)
6:18 PM: 00006732_43964db1_00053ec6 (ID = 0)
6:18 PM: 0000458f_43964db9_0006acfc (ID = 0)
6:18 PM: 0000442b_43964dc0_0004c4b4 (ID = 0)
6:18 PM: 00001af4_43964db2_000501bd (ID = 0)
6:18 PM: 00001481_43964dc2_00016e36 (ID = 0)
6:18 PM: 00003a2d_43964db5_0001312d (ID = 0)
6:18 PM: 000057d3_43964db7_00022551 (ID = 0)
6:18 PM: 00003a8d_43964e1a_000e1113 (ID = 0)
6:18 PM: 00005078_43964dc1_0001ab3f (ID = 0)
6:18 PM: 0000765f_43964dc4_0006acfc (ID = 0)
6:18 PM: 00001850_43964dc4_000a037a (ID = 0)
6:18 PM: 00002b00_43964dc5_000baeb9 (ID = 0)
6:18 PM: 00007fbe_43964e27_00039387 (ID = 0)
6:18 PM: 00000c15_43964e28_000d59f8 (ID = 0)
6:18 PM: 0000773b_43964e2b_000aba95 (ID = 0)
6:18 PM: 00003492_43964e34_0001312d (ID = 0)
6:18 PM: 00005c46_43964e69_0005b8d8 (ID = 0)
6:18 PM: 00006d69_43964e67_000bebc2 (ID = 0)
6:18 PM: 00001796_43964e72_000dd40a (ID = 0)
6:18 PM: 00001f16_43964e79_0001ab3f (ID = 0)
6:18 PM: 00004f68_43964e86_00022551 (ID = 0)
6:18 PM: 000074ad_43964ea0_000c65d4 (ID = 0)
6:18 PM: 000013d3_43964f71_00000000 (ID = 0)
6:18 PM: 000069d0_43965375_0003567e (ID = 0)
6:18 PM: 000053b1_439653c8_00003d09 (ID = 0)
6:18 PM: 00000ea9_439653df_000f0537 (ID = 0)
6:18 PM: 00003f97_439653e1_000f0537 (ID = 0)
6:18 PM: 0000412f_439653e2_0002625a (ID = 0)
6:18 PM: 000030f1_439653e2_00044aa2 (ID = 0)
6:18 PM: 00004d9a_439653eb_00000000 (ID = 0)
6:18 PM: 00003295_439653eb_0001e848 (ID = 0)
6:18 PM: 000006e3_43965625_000d1cef (ID = 0)
6:18 PM: 00000ce1_439653f4_000f0537 (ID = 0)
6:18 PM: 00004fc0_439653f5_0001312d (ID = 0)
6:18 PM: 00003ee9_43965400_0003567e (ID = 0)
6:18 PM: 000030a7_43965411_000d1cef (ID = 0)
6:18 PM: 00007e0e_43965620_000b71b0 (ID = 0)
6:18 PM: 00000784_43965645_00057bcf (ID = 0)
6:18 PM: 00004328_43965629_000baeb9 (ID = 0)
6:18 PM: 00002120_4396563c_00000000 (ID = 0)
6:19 PM: 000012c2_43965641_00094c5f (ID = 0)
6:19 PM: 00007514_43965646_000e8b25 (ID = 0)
6:19 PM: 00003305_4396564a_0001ab3f (ID = 0)
6:19 PM: 00006b28_43965666_0007a120 (ID = 0)
6:19 PM: 00006bc9_43965666_000d59f8 (ID = 0)
6:19 PM: 0000212c_43965679_0005f5e1 (ID = 0)
6:19 PM: 00003308_439656dc_00089544 (ID = 0)
6:19 PM: 00001edc_439656e2_000cdfe6 (ID = 0)
6:19 PM: 000000eb_4396582b_0009c671 (ID = 0)
6:19 PM: 00004af3_4396574c_000a037a (ID = 0)
6:19 PM: 000078fe_439657a7_00000000 (ID = 0)
6:19 PM: 000037be_439657a8_000bebc2 (ID = 0)
6:19 PM: 000071f2_439657e4_00039387 (ID = 0)
6:19 PM: 00000029_43975632_0001e848 (ID = 0)
6:19 PM: ai_07-12-2005.log (ID = 0)
6:19 PM: 00002cd6_439756de_00039387 (ID = 0)
6:19 PM: 00004823_43975632_0003d090 (ID = 0)
6:19 PM: 00003d6c_43975675_00090f56 (ID = 0)
6:19 PM: 00003d6c_4397aa44_000d9701 (ID = 0)
6:19 PM: ai_08-12-2005.log (ID = 0)
6:22 PM: File Sweep Complete, Elapsed Time: 00:39:41
6:22 PM: Full Sweep has completed. Elapsed time 00:47:31
6:22 PM: Traces Found: 1559
6:26 PM: Removal process initiated
6:26 PM: Quarantining All Traces: 180search assistant/zango
6:26 PM: Quarantining All Traces: clkoptimizer
6:26 PM: Quarantining All Traces: ie driver
6:26 PM: Quarantining All Traces: ist istbar
6:26 PM: Quarantining All Traces: potentially rootkit-masked files
7:11 PM: potentially rootkit-masked files is in use. It will be removed on reboot.
7:11 PM: 000018be_43977623_00076417 is in use. It will be removed on reboot.
7:11 PM: 000041bb_439758b6_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00007a5a_43977a2b_0000f424 is in use. It will be removed on reboot.
7:11 PM: 00004461_43965666_000a7d8c is in use. It will be removed on reboot.
7:11 PM: 000063cb_43975b5f_00039387 is in use. It will be removed on reboot.
7:11 PM: 00005f90_43975e2c_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 000054de_439779f1_00094c5f is in use. It will be removed on reboot.
7:11 PM: 00004823_43978142_0009c671 is in use. It will be removed on reboot.
7:11 PM: 000026a6_439769bb_00003d09 is in use. It will be removed on reboot.
7:11 PM: 000075ef_439629a8_000cafab is in use. It will be removed on reboot.
7:11 PM: 000001eb_439758d5_000e4e1c is in use. It will be removed on reboot.
7:11 PM: 00004823_4399e220_00031975 is in use. It will be removed on reboot.
7:11 PM: 00005878_43976356_000487ab is in use. It will be removed on reboot.
7:11 PM: 0000409d_4394d139_0001e848 is in use. It will be removed on reboot.
7:11 PM: 000072ae_4397aa53_0000b71b is in use. It will be removed on reboot.
7:11 PM: 0000074d_43962839_00032643 is in use. It will be removed on reboot.
7:11 PM: 00000f3e_43977c08_000c28cb is in use. It will be removed on reboot.
7:11 PM: 00003d6c_439776f8_000f0537 is in use. It will be removed on reboot.
7:11 PM: 00000bb3_439758d8_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00003699_4394d197_0001ab3f is in use. It will be removed on reboot.
7:11 PM: 0000305e_439782a0_0001ab3f is in use. It will be removed on reboot.
7:11 PM: 00006952_43977770_000501bd is in use. It will be removed on reboot.
7:11 PM: 000072ae_4399ea23_000501bd is in use. It will be removed on reboot.
7:11 PM: 0000797d_43975d29_0001e848 is in use. It will be removed on reboot.
7:11 PM: 00007e87_43964cdd_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 0000390c_43975fb9_00057bcf is in use. It will be removed on reboot.
7:11 PM: 000041bb_43964ca8_0002dc6c is in use. It will be removed on reboot.
7:11 PM: 00001547_439779d7_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00004823_4397759e_0001312d is in use. It will be removed on reboot.
7:11 PM: 00000f3e_43975fde_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 00002ea6_439758e3_0003567e is in use. It will be removed on reboot.
7:11 PM: 000012db_439758e3_000aba95 is in use. It will be removed on reboot.
7:11 PM: 0000153c_439758e3_000f0537 is in use. It will be removed on reboot.
7:11 PM: 00000099_43976004_000c28cb is in use. It will be removed on reboot.
7:11 PM: 0000390c_43975959_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 00005f49_4397638e_00022551 is in use. It will be removed on reboot.
7:11 PM: 000041bb_43979acd_0004c4b4 is in use. It will be removed on reboot.
7:11 PM: 00001547_439782eb_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 000026a6_43975b19_0005b8d8 is in use. It will be removed on reboot.
7:11 PM: 000072ae_43977b7f_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 0000491c_43975a3a_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 00000099_43977c09_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00002ea6_439778f7_000ca2dd is in use. It will be removed on reboot.
7:11 PM: 0000390c_4397826f_00016e36 is in use. It will be removed on reboot.
7:11 PM: 0000440d_43977aa5_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 0000323b_43975bd0_00022551 is in use. It will be removed on reboot.
7:11 PM: 00004027_43962c9a_0004d182 is in use. It will be removed on reboot.
7:11 PM: 00000124_43976006_0000f424 is in use. It will be removed on reboot.
7:11 PM: 00002cd6_4399e9c1_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00004d06_43977ad0_00029f63 is in use. It will be removed on reboot.
7:11 PM: 00003e12_43976366_00066ff3 is in use. It will be removed on reboot.
7:11 PM: 0000428b_4397859d_000b71b0 is in use. It will be removed on reboot.
7:11 PM: dns is in use. It will be removed on reboot.
7:11 PM: 00001547_43975ab5_000a037a is in use. It will be removed on reboot.
7:11 PM: 00001003_43965643_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 00001649_439627ff_000bbb87 is in use. It will be removed on reboot.
7:11 PM: 00000124_439759da_00089544 is in use. It will be removed on reboot.
7:11 PM: 000026e9_4397660e_00039387 is in use. It will be removed on reboot.
7:11 PM: 0000305e_43976006_00089544 is in use. It will be removed on reboot.
7:11 PM: 00006952_4399ea24_00057bcf is in use. It will be removed on reboot.
7:11 PM: 0000767d_43975b31_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00006486_43965413_000af79e is in use. It will be removed on reboot.
7:11 PM: 00005f32_43964d1d_0001ab3f is in use. It will be removed on reboot.
7:11 PM: 000075ef_43964d8d_000b34a7 is in use. It will be removed on reboot.
7:11 PM: 00005e14_43962913_0001b80d is in use. It will be removed on reboot.
7:11 PM: 00004db7_43977ad0_00053ec6 is in use. It will be removed on reboot.
7:11 PM: 00006b36_43976357_00039387 is in use. It will be removed on reboot.
7:11 PM: 000039ce_43962b12_0007adee is in use. It will be removed on reboot.
7:11 PM: 0000440d_439760f2_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 0000008e_43965694_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00000bb3_4397ab10_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00001e1f_43962880_00063fb8 is in use. It will be removed on reboot.
7:11 PM: 00005f90_43978207_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 00006952_43977b8b_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 0000260d_43975bd3_0002625a is in use. It will be removed on reboot.
7:11 PM: 00006b36_43975ccc_0001e848 is in use. It will be removed on reboot.
7:11 PM: 00001a49_43976367_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00005cfd_43975ccc_0008583b is in use. It will be removed on reboot.
7:11 PM: 00006b89_43975bed_00081b32 is in use. It will be removed on reboot.
7:11 PM: 00004080_43964d65_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00005005_43964e28_00029f63 is in use. It will be removed on reboot.
7:11 PM: 00001ad4_43976a45_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00003699_4397641b_0003567e is in use. It will be removed on reboot.
7:11 PM: 00001a49_43975cd1_0001e848 is in use. It will be removed on reboot.
7:11 PM: 00003d6c_43962701_00054b94 is in use. It will be removed on reboot.
7:11 PM: 00005a9f_43964dab_0007270e is in use. It will be removed on reboot.
7:11 PM: 00002e40_4394d107_000a7d8c is in use. It will be removed on reboot.
7:11 PM: 00003d6c_4394b11c_000d9701 is in use. It will be removed on reboot.
7:11 PM: 000029d8_43962c4f_0008df1b is in use. It will be removed on reboot.
7:11 PM: 00003bf6_4397636a_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00000029_43977a54_000632ea is in use. It will be removed on reboot.
7:11 PM: 00000120_4397633c_0001e848 is in use. It will be removed on reboot.
7:11 PM: 0000187e_43976438_00081b32 is in use. It will be removed on reboot.
7:11 PM: 0000074d_43975abe_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 00005c67_43962980_00045770 is in use. It will be removed on reboot.
7:11 PM: 00000c15_43962ac3_000733dc is in use. It will be removed on reboot.
7:11 PM: 000066c4_4396291c_000a8a5a is in use. It will be removed on reboot.
7:11 PM: 00000bdb_43975bf4_000dd40a is in use. It will be removed on reboot.
7:11 PM: 000018be_43976597_00022551 is in use. It will be removed on reboot.
7:11 PM: 000018be_43975dd2_00000000 is in use. It will be removed on reboot.
7:11 PM: 00002e40_439763a8_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00003a9e_4397636c_0003567e is in use. It will be removed on reboot.
7:11 PM: 00001238_43975b45_00089544 is in use. It will be removed on reboot.
7:11 PM: 0000305e_43977c33_000501bd is in use. It will be removed on reboot.
7:11 PM: 00004dc8_43975ac1_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00004823_4397a9d7_00039387 is in use. It will be removed on reboot.
7:11 PM: 0000491c_43976126_0006acfc is in use. It will be removed on reboot.
7:11 PM: 000012db_43975f8f_00039387 is in use. It will be removed on reboot.
7:11 PM: 00005fa8_4396540a_000f0537 is in use. It will be removed on reboot.
7:11 PM: 0000293b_439653d1_0008d24d is in use. It will be removed on reboot.
7:11 PM: 000023c9_43976454_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00007a36_439656be_000ca2dd is in use. It will be removed on reboot.
7:11 PM: 00003d6c_43975de5_000baeb9 is in use. It will be removed on reboot.
7:11 PM: index is in use. It will be removed on reboot.
7:11 PM: 00005f90_43979a49_0007a120 is in use. It will be removed on reboot.
7:11 PM: 00000124_43977c2e_0008d24d is in use. It will be removed on reboot.
7:11 PM: 00005d03_43977a1f_0007a120 is in use. It will be removed on reboot.
7:11 PM: 0000759a_43975c21_000e4e1c is in use. It will be removed on reboot.
7:11 PM: 000022ee_43975c23_0003567e is in use. It will be removed on reboot.
7:11 PM: 0000366b_439763ad_0001e848 is in use. It will be removed on reboot.
7:11 PM: 00002213_4397630f_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 00004e45_43975b67_00022551 is in use. It will be removed on reboot.
7:11 PM: 00006899_4397643c_000bebc2 is in use. It will be removed on reboot.
7:11 PM: 0000428b_43976197_00022551 is in use. It will be removed on reboot.
7:11 PM: 00004823_43977b44_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00006e5d_43976241_000c65d4 is in use. It will be removed on reboot.
7:11 PM: 00005422_439763c4_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00004e45_43977004_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00007f96_43975b60_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 000029d8_43964f72_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 00006952_4397aa75_0003d090 is in use. It will be removed on reboot.
7:11 PM: 000012e1_43964d57_00031975 is in use. It will be removed on reboot.
7:11 PM: 00004230_439763ae_00022551 is in use. It will be removed on reboot.
7:11 PM: 0000440d_43977c36_000c28cb is in use. It will be removed on reboot.
7:11 PM: 00001649_43977ba7_000a037a is in use. It will be removed on reboot.
7:11 PM: 00000029_4399e25d_00016e36 is in use. It will be removed on reboot.
7:11 PM: 00005e73_43962b6d_000a8a5a is in use. It will be removed on reboot.
7:11 PM: 0000153c_43978245_0006acfc is in use. It will be removed on reboot.
7:11 PM: 000066bb_43977a0d_000aba95 is in use. It will be removed on reboot.
7:11 PM: 00002ea6_4397ab13_00094c5f is in use. It will be removed on reboot.
7:11 PM: 00002cd6_439781ee_00040d99 is in use. It will be removed on reboot.
7:11 PM: 00001ad4_43964cef_000af79e is in use. It will be removed on reboot.
7:11 PM: 000022ee_43976345_00089544 is in use. It will be removed on reboot.
7:11 PM: 0000282d_43962cbd_0008df1b is in use. It will be removed on reboot.
7:11 PM: 0000138a_43962caf_000b7e7e is in use. It will be removed on reboot.
7:11 PM: 000066bb_4394d09d_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 00004dc8_4397699c_0003567e is in use. It will be removed on reboot.
7:11 PM: 00005d24_43962c09_00063fb8 is in use. It will be removed on reboot.
7:11 PM: 00000bdb_4394d0ed_0000b71b is in use. It will be removed on reboot.
7:11 PM: 0000491c_43977aa8_000a7d8c is in use. It will be removed on reboot.
7:11 PM: 00003d6c_43978179_00000000 is in use. It will be removed on reboot.
7:11 PM: 00002ea6_43978238_0007270e is in use. It will be removed on reboot.
7:11 PM: 0000468c_439653df_0001312d is in use. It will be removed on reboot.
7:11 PM: 0000721d_43965640_000c65d4 is in use. It will be removed on reboot.
7:11 PM: 00003cd5_43976441_00039387 is in use. It will be removed on reboot.
7:11 PM: 000063cb_43976274_0007270e is in use. It will be removed on reboot.
7:11 PM: 00005f90_4397aa75_0008d24d is in use. It will be removed on reboot.
7:11 PM: 00005af1_4397aaa7_000aba95 is in use. It will be removed on reboot.
7:11 PM: 00007bb9_43976425_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 00004b40_43976349_00040d99 is in use. It will be removed on reboot.
7:11 PM: 000026e9_43975f7a_000a4083 is in use. It will be removed on reboot.
7:11 PM: 00001547_43976146_000c28cb is in use. It will be removed on reboot.
7:11 PM: 00000120_439628e9_00026f28 is in use. It will be removed on reboot.
7:11 PM: 00004db7_43977c88_00039387 is in use. It will be removed on reboot.
7:11 PM: 000063cb_43962881_0003634c is in use. It will be removed on reboot.
7:11 PM: 000069d0_43962cbd_000bbb87 is in use. It will be removed on reboot.
7:11 PM: 00000fc9_43962a1c_000f1205 is in use. It will be removed on reboot.
7:11 PM: 00006784_43977b48_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 000063cb_43964cef_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00004d67_43964e7a_00003d09 is in use. It will be removed on reboot.
7:11 PM: 00003b25_43977ae4_000e1113 is in use. It will be removed on reboot.
7:11 PM: 000041bb_4399ea54_00040d99 is in use. It will be removed on reboot.
7:11 PM: 000072ae_43975def_00039387 is in use. It will be removed on reboot.
7:11 PM: 000026ca_43976415_000ec82e is in use. It will be removed on reboot.
7:11 PM: 00001649_43979a55_00094c5f is in use. It will be removed on reboot.
7:11 PM: 00006172_439629ee_0001f516 is in use. It will be removed on reboot.
7:11 PM: 000041bb_4397820e_000e4e1c is in use. It will be removed on reboot.
7:11 PM: 00007eb7_4394d123_00016e36 is in use. It will be removed on reboot.
7:11 PM: 0000767d_439785b8_000bebc2 is in use. It will be removed on reboot.
7:11 PM: 000026e9_4399ea56_000aba95 is in use. It will be removed on reboot.
7:11 PM: 00000822_439763f0_000501bd is in use. It will be removed on reboot.
7:11 PM: 000072ae_439765ac_000a037a is in use. It will be removed on reboot.
7:11 PM: 00000029_43978125_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00005991_439763f3_00016e36 is in use. It will be removed on reboot.
7:11 PM: 0000153c_43975f90_00090f56 is in use. It will be removed on reboot.
7:11 PM: 0000791b_4396565d_000c28cb is in use. It will be removed on reboot.
7:11 PM: 000012e1_439763f5_0007de29 is in use. It will be removed on reboot.
7:11 PM: data.bin is in use. It will be removed on reboot.
7:11 PM: avtpmesh.exe is in use. It will be removed on reboot.
7:11 PM: 000041bb_43977894_00057bcf is in use. It will be removed on reboot.
7:11 PM: 00001643_43964ec9_000a7d8c is in use. It will be removed on reboot.
7:11 PM: 00001366_4394d108_0002625a is in use. It will be removed on reboot.
7:11 PM: 000073da_43962934_000cafab is in use. It will be removed on reboot.
7:11 PM: 0000765f_43962a95_000bbb87 is in use. It will be removed on reboot.
7:11 PM: 0000305e_4399eab4_000e4e1c is in use. It will be removed on reboot.
7:11 PM: 00000ddc_4397638f_0000b71b is in use. It will be removed on reboot.
7:11 PM: 00001643_43962c35_00045770 is in use. It will be removed on reboot.
7:11 PM: 000041bb_4397aaea_00090f56 is in use. It will be removed on reboot.
7:11 PM: 00000de5_43962c36_00026f28 is in use. It will be removed on reboot.
7:11 PM: 00002059_43962a34_0007adee is in use. It will be removed on reboot.
7:11 PM: 00006784_4397a9f6_0003d090 is in use. It will be removed on reboot.
7:11 PM: 0000390c_43964cdd_000f0537 is in use. It will be removed on reboot.
7:11 PM: 0000047e_43962989_000b4175 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_43977b52_000a4083 is in use. It will be removed on reboot.
7:11 PM: 00003bf6_4396290c_0000c3e9 is in use. It will be removed on reboot.
7:11 PM: 000012db_4397ab16_0000b71b is in use. It will be removed on reboot.
7:11 PM: 000018be_439799eb_0001e848 is in use. It will be removed on reboot.
7:11 PM: 00006df1_43979a6e_00029f63 is in use. It will be removed on reboot.
7:11 PM: 00007eb7_439763c1_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 00000bb3_439778cd_000d1cef is in use. It will be removed on reboot.
7:11 PM: 00001649_43979732_000d1cef is in use. It will be removed on reboot.
7:11 PM: 000066bb_4397859a_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00007f96_43962882_000ac763 is in use. It will be removed on reboot.
7:11 PM: 00002cd6_4397aa51_000ca2dd is in use. It will be removed on reboot.
7:11 PM: 00006443_439769a5_000487ab is in use. It will be removed on reboot.
7:11 PM: 00001dcb_43965640_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00000029_43976496_000ca2dd is in use. It will be removed on reboot.
7:11 PM: 00001649_4397aa7f_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 00004080_43976443_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 00002852_43964eb0_000bebc2 is in use. It will be removed on reboot.
7:11 PM: 000033ea_4394d1e3_0007a120 is in use. It will be removed on reboot.
7:11 PM: 0000428b_439769ac_00094c5f is in use. It will be removed on reboot.
7:11 PM: 00005f90_4399ea28_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00003ef6_439763c6_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 0000121f_439763f6_00089544 is in use. It will be removed on reboot.
7:11 PM: 00000120_4394d0ee_00098968 is in use. It will be removed on reboot.
7:11 PM: 000039b3_439779f6_000a7d8c is in use. It will be removed on reboot.
7:11 PM: 000023c9_4394d1e4_000e1113 is in use. It will be removed on reboot.
7:11 PM: 000001eb_43977bd4_00094c5f is in use. It will be removed on reboot.
7:11 PM: 00001547_43977c89_0001e848 is in use. It will be removed on reboot.
7:11 PM: 0000153c_4397ab1a_0000b71b is in use. It will be removed on reboot.
7:11 PM: 00003d6c_43979a11_0007a120 is in use. It will be removed on reboot.
7:11 PM: 0000759a_439628ea_000770e5 is in use. It will be removed on reboot.
7:11 PM: 000058b0_43964d5b_00053ec6 is in use. It will be removed on reboot.
7:11 PM: 00007a54_43962d45_000ed4fc is in use. It will be removed on reboot.
7:11 PM: 0000692c_4394d19f_0006acfc is in use. It will be removed on reboot.
7:11 PM: 00001547_43977ad8_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 00003cd6_43962980_000c3599 is in use. It will be removed on reboot.
7:11 PM: 00006fc9_43962cd1_00041a67 is in use. It will be removed on reboot.
7:11 PM: 0000797d_43964d22_00076417 is in use. It will be removed on reboot.
7:11 PM: 00003d6c_439796b1_000aba95 is in use. It will be removed on reboot.
7:11 PM: 00001649_4399ea29_00040d99 is in use. It will be removed on reboot.
7:11 PM: 00002c3b_439763c3_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 00005af1_4397660c_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 00002fe7_43962d47_0003a055 is in use. It will be removed on reboot.
7:11 PM: 00004823_4399e284_00000000 is in use. It will be removed on reboot.
7:11 PM: 000041bb_4397660d_000ec82e is in use. It will be removed on reboot.
7:11 PM: 00003b97_43962c84_00049479 is in use. It will be removed on reboot.
7:11 PM: 0000366b_4394d11a_000a7d8c is in use. It will be removed on reboot.
7:11 PM: 00004823_4399e97c_00098968 is in use. It will be removed on reboot.
7:11 PM: 00006df1_43962801_000a4d51 is in use. It will be removed on reboot.
7:11 PM: 000018be_4397563f_00098968 is in use. It will be removed on reboot.
7:11 PM: 00004e45_43964cf6_0003567e is in use. It will be removed on reboot.
7:11 PM: 00006784_43975640_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 00005772_43976429_000b34a7 is in use. It will be removed on reboot.
7:11 PM: 00005f90_439777fa_000c65d4 is in use. It will be removed on reboot.
7:11 PM: 00005fa4_43964dac_00040d99 is in use. It will be removed on reboot.
7:11 PM: 000026a6_4394d0a9_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00000a28_43964f75_000dd40a is in use. It will be removed on reboot.
7:11 PM: 00002d12_439784cc_000dd40a is in use. It will be removed on reboot.
7:11 PM: 00001649_43977818_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00000f3e_4397b1eb_00094c5f is in use. It will be removed on reboot.
7:11 PM: 00002959_43962cb4_00026f28 is in use. It will be removed on reboot.
7:11 PM: 0000440d_4396282e_000b046c is in use. It will be removed on reboot.
7:11 PM: 0000323b_4396288b_000ac763 is in use. It will be removed on reboot.
7:11 PM: 000054de_43977d78_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00003f0b_439653e0_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 0000074d_43977da0_00003d09 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_43975654_00007a12 is in use. It will be removed on reboot.
7:11 PM: 00000e12_43962a20_00045770 is in use. It will be removed on reboot.
7:11 PM: 0000486a_43962b64_000733dc is in use. It will be removed on reboot.
7:11 PM: 00002725_43964eb1_0000b71b is in use. It will be removed on reboot.
7:11 PM: 00007b44_43962a91_0006b9ca is in use. It will be removed on reboot.
7:11 PM: 000001eb_4399ea5a_000d1cef is in use. It will be removed on reboot.
7:11 PM: 00005ccd_43962d16_000d29bd is in use. It will be removed on reboot.
7:11 PM: 000026e9_43979771_0008583b is in use. It will be removed on reboot.
7:11 PM: 000072ae_439781f0_0008583b is in use. It will be removed on reboot.
7:11 PM: 00000099_4397b26d_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 000001eb_43976612_0002dc6c is in use. It will be removed on reboot.
7:11 PM: 000016c5_43962952_000086e0 is in use. It will be removed on reboot.
7:11 PM: 00004e08_43962d1a_000ac763 is in use. It will be removed on reboot.
7:11 PM: 00005f23_439654ab_00081b32 is in use. It will be removed on reboot.
7:11 PM: 00007874_43964da7_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 00000ddc_43964d24_00022551 is in use. It will be removed on reboot.
7:11 PM: 000056ae_43975bfc_00039387 is in use. It will be removed on reboot.
7:11 PM: 00003d6c_43977b5b_000a037a is in use. It will be removed on reboot.
7:11 PM: 00006e5d_43977ae7_00007a12 is in use. It will be removed on reboot.
7:11 PM: 00000bb3_4399ea5f_0000b71b is in use. It will be removed on reboot.
7:11 PM: 0000440d_43977947_000d9701 is in use. It will be removed on reboot.
7:11 PM: 00005f90_439765b6_0008583b is in use. It will be removed on reboot.
7:11 PM: 0000701f_43977a15_00076417 is in use. It will be removed on reboot.
7:11 PM: 0000491c_43977c59_00029f63 is in use. It will be removed on reboot.
7:11 PM: 00000029_4399e1ed_000a037a is in use. It will be removed on reboot.
7:11 PM: 00004d06_43977c5a_0004c4b4 is in use. It will be removed on reboot.
7:11 PM: 00004db7_439779ce_00022551 is in use. It will be removed on reboot.
7:11 PM: 00001238_43976a0b_0007a120 is in use. It will be removed on reboot.
7:11 PM: 00000029_4397a91c_000f0537 is in use. It will be removed on reboot.
7:11 PM: 000012db_43964cdd_000501bd is in use. It will be removed on reboot.
7:11 PM: 0000701f_4394d0ac_0006acfc is in use. It will be removed on reboot.
7:11 PM: 00002cd6_43977b5c_000aba95 is in use. It will be removed on reboot.
7:11 PM: 00005f90_4397587a_0003d090 is in use. It will be removed on reboot.
7:11 PM: 00004d06_4397691b_0000b71b is in use. It will be removed on reboot.
7:11 PM: 00005968_43964e7a_000d9701 is in use. It will be removed on reboot.
7:11 PM: 000013d3_43962c48_00063fb8 is in use. It will be removed on reboot.
7:11 PM: 00002350_43964d04_0003567e is in use. It will be removed on reboot.
7:11 PM: 00003699_43964d5e_0008583b is in use. It will be removed on reboot.
7:11 PM: 00004087_43962a89_00026f28 is in use. It will be removed on reboot.
7:11 PM: 000049bb_43962bde_0008a212 is in use. It will be removed on reboot.
7:11 PM: 00002059_43964dac_00076417 is in use. It will be removed on reboot.
7:11 PM: 00005f90_43977ba6_00090f56 is in use. It will be removed on reboot.
7:11 PM: 00001649_43977a83_0008583b is in use. It will be removed on reboot.
7:11 PM: 00006df1_43977bc0_00029f63 is in use. It will be removed on reboot.
7:11 PM: 00007ff5_4394d0e6_000e4e1c is in use. It will be removed on reboot.
7:11 PM: 00006df1_439765b9_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 00003459_43964fc4_00094c5f is in use. It will be removed on reboot.
7:11 PM: 000078d4_43962d18_00086509 is in use. It will be removed on reboot.
7:11 PM: 00005af1_43977bc0_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 000001eb_439778af_0005b8d8 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_43977a7d_000a037a is in use. It will be removed on reboot.
7:11 PM: 00002cf7_43964e7f_00076417 is in use. It will be removed on reboot.
7:11 PM: 000073d9_43964e78_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 00004e08_439653b2_0000f424 is in use. It will be removed on reboot.
7:11 PM: 000026e9_4397821b_000a4083 is in use. It will be removed on reboot.
7:11 PM: 0000314f_43964d24_000e4e1c is in use. It will be removed on reboot.
7:11 PM: 00002ea6_4397661b_0005b8d8 is in use. It will be removed on reboot.
7:11 PM: 00005af1_43979a7b_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00004cad_4397638f_00016e36 is in use. It will be removed on reboot.
7:11 PM: 0000153c_4397661d_000487ab is in use. It will be removed on reboot.
7:11 PM: 00004db7_43976920_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00006df1_4397aa89_0008583b is in use. It will be removed on reboot.
7:11 PM: intipr12.sys is in use. It will be removed on reboot.
7:11 PM: 000016c5_4394d1c4_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 00007f96_439762ca_000c65d4 is in use. It will be removed on reboot.
7:11 PM: 00002d12_439779fc_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 000073da_43976400_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00005af1_4397975a_000ca2dd is in use. It will be removed on reboot.
7:11 PM: 00006899_4396295a_000cafab is in use. It will be removed on reboot.
7:11 PM: 00006952_439781ff_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 0000305e_43977a9c_000a037a is in use. It will be removed on reboot.
7:11 PM: 000023c9_43962972_0001b80d is in use. It will be removed on reboot.
7:11 PM: 00007cfe_43964eb0_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00000822_43964d50_00057bcf is in use. It will be removed on reboot.
7:11 PM: 00001d11_43962d23_000770e5 is in use. It will be removed on reboot.
7:11 PM: 00000124_4397b279_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 00003b25_43976a0f_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_4397aa05_0001ab3f is in use. It will be removed on reboot.
7:11 PM: 00005af1_4399ea50_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 00006784_4399e9b3_00098968 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_43975ddc_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00007e87_4397ab1c_0006acfc is in use. It will be removed on reboot.
7:11 PM: 00005753_4394d1e5_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 00000124_43964cdf_0001ab3f is in use. It will be removed on reboot.
7:11 PM: 000020a8_4396574f_000a4083 is in use. It will be removed on reboot.
7:11 PM: 000054d6_43962d27_0008df1b is in use. It will be removed on reboot.
7:11 PM: 0000305e_43964cdf_0004c4b4 is in use. It will be removed on reboot.
7:11 PM: 00004df2_439763a4_0007a120 is in use. It will be removed on reboot.
7:11 PM: 00005876_43964e87_0000b71b is in use. It will be removed on reboot.
7:11 PM: 00002ea6_4399ea63_0000f424 is in use. It will be removed on reboot.
7:11 PM: 00004d06_43964ce0_00007a12 is in use. It will be removed on reboot.
7:11 PM: 00006270_43962af8_0002ac31 is in use. It will be removed on reboot.
7:11 PM: 00004db7_43964ce0_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00003f0b_43962d2b_000cecb4 is in use. It will be removed on reboot.
7:11 PM: 000039b3_43964ce2_00094c5f is in use. It will be removed on reboot.
7:11 PM: 00002d12_43964ce3_00003d09 is in use. It will be removed on reboot.
7:11 PM: 000009ce_43962c57_000a4d51 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_43978177_00076417 is in use. It will be removed on reboot.
7:11 PM: 0000153c_43964cdd_00098968 is in use. It will be removed on reboot.
7:11 PM: 00000a41_43965644_000c28cb is in use. It will be removed on reboot.
7:11 PM: 00003f97_43962d31_0003a055 is in use. It will be removed on reboot.
7:11 PM: 00006e89_4396561c_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 0000578d_4396578a_000a7d8c is in use. It will be removed on reboot.
7:11 PM: 0000658c_43962d31_000770e5 is in use. It will be removed on reboot.
7:11 PM: 000018be_4397a9eb_0007270e is in use. It will be removed on reboot.
7:11 PM: 000049bb_43964e94_00066ff3 is in use. It will be removed on reboot.
7:11 PM: 00003765_4396564a_0005b8d8 is in use. It will be removed on reboot.
7:11 PM: 000001eb_4397822d_00016e36 is in use. It will be removed on reboot.
7:11 PM: 00005e14_43964d25_00007a12 is in use. It will be removed on reboot.
7:11 PM: 000072ae_439627ec_0007eaf7 is in use. It will be removed on reboot.
7:11 PM: 0000314f_43976391_00089544 is in use. It will be removed on reboot.
7:11 PM: 00005e73_43964e74_00029f63 is in use. It will be removed on reboot.
7:11 PM: 000033ea_43976447_000c65d4 is in use. It will be removed on reboot.
7:11 PM: 00006df1_4399ea3b_00081b32 is in use. It will be removed on reboot.
7:11 PM: 0000366b_43964d32_00039387 is in use. It will be removed on reboot.
7:11 PM: 00006443_43977a0c_000aba95 is in use. It will be removed on reboot.
7:11 PM: 000026e9_43977a8e_00003d09 is in use. It will be removed on reboot.
7:11 PM: 00000607_43965645_00000000 is in use. It will be removed on reboot.
7:11 PM: 0000441d_439653e7_000ca2dd is in use. It will be removed on reboot.
7:11 PM: 0000441d_43962d34_00091c24 is in use. It will be removed on reboot.
7:11 PM: 0000260d_43976327_000632ea is in use. It will be removed on reboot.
7:11 PM: 00004e45_439762cc_00076417 is in use. It will be removed on reboot.
7:11 PM: 00005422_4396292a_00049479 is in use. It will be removed on reboot.
7:11 PM: 00004db7_4399eabd_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00004eae_43964ea4_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00005e9d_439629ec_000b4175 is in use. It will be removed on reboot.
7:11 PM: 0000260d_4396288c_000602af is in use. It will be removed on reboot.
7:11 PM: 0000767d_43976a01_0002625a is in use. It will be removed on reboot.
7:11 PM: 000013e9_4394d1dc_000501bd is in use. It will be removed on reboot.
7:11 PM: 0000440d_4399eaba_0001312d is in use. It will be removed on reboot.
7:11 PM: 000026a6_439785a6_000a037a is in use. It will be removed on reboot.
7:11 PM: 00004cad_4394d101_000dd40a is in use. It will be removed on reboot.
7:11 PM: 0000701f_43964ceb_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 00000588_43964ea6_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 00007a61_439653b4_000a4083 is in use. It will be removed on reboot.
7:11 PM: 00001cdf_439655a7_0007a120 is in use. It will be removed on reboot.
7:11 PM: 00000bb3_43977a8e_000d9701 is in use. It will be removed on reboot.
7:11 PM: 00006ad6_43964d81_0006acfc is in use. It will be removed on reboot.
7:11 PM: 0000182f_43964e79_00031975 is in use. It will be removed on reboot.
7:11 PM: 00005579_43964ead_0008d24d is in use. It will be removed on reboot.
7:11 PM: 00007bb9_4394d19b_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 000058c5_43965667_0001ab3f is in use. It will be removed on reboot.
7:11 PM: 00003b25_43964cee_00022551 is in use. It will be removed on reboot.
7:11 PM: 0000470e_43964e74_00090f56 is in use. It will be removed on reboot.
7:11 PM: 00000029_439799b4_0008d24d is in use. It will be removed on reboot.
7:11 PM: 00000f3e_43977912_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00006048_43964db5_00094c5f is in use. It will be removed on reboot.
7:11 PM: 000058b0_4397640d_000c28cb is in use. It will be removed on reboot.
7:11 PM: 0000169a_43962d47_0001f516 is in use. It will be removed on reboot.
7:11 PM: 00006479_439653b0_0002625a is in use. It will be removed on reboot.
7:11 PM: 00000029_43977b25_00016e36 is in use. It will be removed on reboot.
7:11 PM: 0000491c_439782aa_00057bcf is in use. It will be removed on reboot.
7:11 PM: 00000bb3_43978232_00098968 is in use. It will be removed on reboot.
7:11 PM: 00000728_43962d4c_000de0d8 is in use. It will be removed on reboot.
7:11 PM: 00005f90_439627fb_00050e8b is in use. It will be removed on reboot.
7:11 PM: 0000153c_4399ea6d_000e1113 is in use. It will be removed on reboot.
7:11 PM: 0000305e_4396282a_00017b04 is in use. It will be removed on reboot.
7:11 PM: 000001eb_4397ab0c_000b34a7 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_439765a4_00007a12 is in use. It will be removed on reboot.
7:11 PM: 00005dd5_43964daa_0003567e is in use. It will be removed on reboot.
7:11 PM: 00004dc8_43977da2_0003567e is in use. It will be removed on reboot.
7:11 PM: 00006443_4396284b_0002e93a is in use. It will be removed on reboot.
7:11 PM: 00006d4e_43962d5b_000cecb4 is in use. It will be removed on reboot.
7:11 PM: 00003ef6_4396292a_0008a212 is in use. It will be removed on reboot.
7:11 PM: 00000ddc_43962910_000a1048 is in use. It will be removed on reboot.
7:11 PM: 00005d03_439785a9_000ec82e is in use. It will be removed on reboot.
7:11 PM: 000022cd_439629e9_000c72a2 is in use. It will be removed on reboot.
7:11 PM: 00007e87_4399ea73_000a7d8c is in use. It will be removed on reboot.
7:11 PM: 0000390c_4397b1c3_00031975 is in use. It will be removed on reboot.
7:11 PM: 00001316_43962bd2_000c72a2 is in use. It will be removed on reboot.
7:11 PM: 000054dc_4396298f_000733dc is in use. It will be removed on reboot.
7:11 PM: msveacct.exe is in use. It will be removed on reboot.
7:11 PM: 00002f14_4394d1f8_0006acfc is in use. It will be removed on reboot.
7:11 PM: 00000a4a_43962b90_0001b80d is in use. It will be removed on reboot.
7:11 PM: subaclen.exe is in use. It will be removed on reboot.
7:11 PM: 00004a80_4394d19f_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 000026e9_43977bd0_00089544 is in use. It will be removed on reboot.
7:11 PM: 00004d06_4399eaba_000a4083 is in use. It will be removed on reboot.
7:11 PM: 0000390c_4399ea7e_0000f424 is in use. It will be removed on reboot.
7:11 PM: 00004df2_4394d104_000632ea is in use. It will be removed on reboot.
7:11 PM: 00000099_43964cde_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 000000c1_439653ef_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00006ad6_4394d1fb_00053ec6 is in use. It will be removed on reboot.
7:11 PM: 00005e76_43962cbd_000733dc is in use. It will be removed on reboot.
7:11 PM: 00001a49_4394d0fb_000dd40a is in use. It will be removed on reboot.
7:11 PM: 000026a6_43977a13_000c65d4 is in use. It will be removed on reboot.
7:11 PM: ace.dll is in use. It will be removed on reboot.
7:11 PM: 00005a9b_439653ef_000c65d4 is in use. It will be removed on reboot.
7:11 PM: 000018be_4399e9b0_000c28cb is in use. It will be removed on reboot.
7:11 PM: 000026e9_439758be_000c65d4 is in use. It will be removed on reboot.
7:11 PM: 000073d9_43962b71_00063fb8 is in use. It will be removed on reboot.
7:11 PM: 00004b40_4394d0ef_000c65d4 is in use. It will be removed on reboot.
7:11 PM: 00004823_4394b08a_00029f63 is in use. It will be removed on reboot.
7:11 PM: 00000029_43975dce_000a037a is in use. It will be removed on reboot.
7:11 PM: 00003bf6_43975d02_000ec82e is in use. It will be removed on reboot.
7:11 PM: 00005af1_43975884_00053ec6 is in use. It will be removed on reboot.
7:11 PM: 00003d6c_4399e9c0_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_4399e9bf_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 000012db_4399ea65_0002dc6c is in use. It will be removed on reboot.
7:11 PM: 00000f3e_4399ea8c_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00000099_4399eab4_00003d09 is in use. It will be removed on reboot.
7:11 PM: 00000124_4399eab4_0002dc6c is in use. It will be removed on reboot.
7:11 PM: 00001547_4399eabf_000aba95 is in use. It will be removed on reboot.
7:11 PM: 0000491c_4399eaba_00057bcf is in use. It will be removed on reboot.
7:11 PM: 000054de_4399eb95_000dd40a is in use. It will be removed on reboot.
7:11 PM: 00000029_439774e3_00057bcf is in use. It will be removed on reboot.
7:11 PM: 00000099_439759ce_00090f56 is in use. It will be removed on reboot.
7:11 PM: 0000422d_4394d3af_00029f63 is in use. It will be removed on reboot.
7:11 PM: 0000440d_439759fe_000632ea is in use. It will be removed on reboot.
7:11 PM: 00004d06_43975a3e_0007270e is in use. It will be removed on reboot.
7:11 PM: 000054de_43975ab8_000bebc2 is in use. It will be removed on reboot.
7:11 PM: 000039b3_43975abd_00098968 is in use. It will be removed on reboot.
7:11 PM: 00002d12_43975abe_00090f56 is in use. It will be removed on reboot.
7:11 PM: 00006443_43975ac2_0006acfc is in use. It will be removed on reboot.
7:11 PM: 000066bb_43975ac2_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 00000732_43975bfc_000a037a is in use. It will be removed on reboot.
7:11 PM: 0000428b_43975ac9_000bebc2 is in use. It will be removed on reboot.
7:11 PM: 0000701f_43975b1c_0007270e is in use. It will be removed on reboot.
7:11 PM: 00005d03_43975b23_000a037a is in use. It will be removed on reboot.
7:11 PM: 00004509_43975b44_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00006bfc_43975b60_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00007a5a_43975b2f_0001312d is in use. It will be removed on reboot.
7:11 PM: 00003b25_43975b47_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 00001e1f_43975b4a_000bebc2 is in use. It will be removed on reboot.
7:11 PM: 00006e5d_43975b50_000487ab is in use. It will be removed on reboot.
7:11 PM: 00001ad4_43975b56_000d1cef is in use. It will be removed on reboot.
7:11 PM: 00007ff5_43975b66_0007270e is in use. It will be removed on reboot.
7:11 PM: 00002213_43975bd0_000d9701 is in use. It will be removed on reboot.
7:11 PM: 00002350_43975c23_00016e36 is in use. It will be removed on reboot.
7:11 PM: 0000030a_43975bef_00090f56 is in use. It will be removed on reboot.
7:11 PM: 0000301c_43975bf4_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 00000120_43975bfc_000a4083 is in use. It will be removed on reboot.
7:11 PM: 00006443_43977da2_0008d24d is in use. It will be removed on reboot.
7:11 PM: 00004823_43975dd1_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 00004b40_43975c7c_00090f56 is in use. It will be removed on reboot.
7:11 PM: 00003a9e_43975d06_000632ea is in use. It will be removed on reboot.
7:11 PM: 00003e12_43975ccd_00098968 is in use. It will be removed on reboot.
7:11 PM: 00005f32_43975cf1_0008d24d is in use. It will be removed on reboot.
7:11 PM: 00006784_43975dd5_00098968 is in use. It will be removed on reboot.
7:11 PM: 00006784_43977691_000b34a7 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_43977694_0006acfc is in use. It will be removed on reboot.
7:11 PM: 00002cd6_4397776f_0006acfc is in use. It will be removed on reboot.
7:11 PM: 0000701f_439785a7_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 00002cd6_43975ded_00003d09 is in use. It will be removed on reboot.
7:11 PM: 00006952_43975df2_00003d09 is in use. It will be removed on reboot.
7:11 PM: 00006df1_43975f71_00003d09 is in use. It will be removed on reboot.
7:11 PM: 00005af1_43975f73_000d9701 is in use. It will be removed on reboot.
7:11 PM: 000041bb_43975f75_000f0537 is in use. It will be removed on reboot.
7:11 PM: 000001eb_43975f7a_000ec82e is in use. It will be removed on reboot.
7:11 PM: 00000bb3_43975f7d_000ec82e is in use. It will be removed on reboot.
7:11 PM: 00002ea6_43975f8e_000e1113 is in use. It will be removed on reboot.
7:11 PM: 000072ae_4397776f_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 00007e87_43975fb9_00016e36 is in use. It will be removed on reboot.
7:11 PM: 00005d03_439761fd_00029f63 is in use. It will be removed on reboot.
7:11 PM: 00004d06_43976144_0002dc6c is in use. It will be removed on reboot.
7:11 PM: 00003b25_43976215_000a4083 is in use. It will be removed on reboot.
7:11 PM: 00001e1f_43976215_000aba95 is in use. It will be removed on reboot.
7:11 PM: 00007ff5_439762cb_00098968 is in use. It will be removed on reboot.
7:11 PM: 0000323b_439762cd_000b34a7 is in use. It will be removed on reboot.
7:11 PM: 0000301c_4397632f_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00000bdb_43976330_0003d090 is in use. It will be removed on reboot.
7:11 PM: 0000030a_43976329_0004c4b4 is in use. It will be removed on reboot.
7:11 PM: 00000732_43976337_00039387 is in use. It will be removed on reboot.
7:11 PM: 0000759a_4397633d_00040d99 is in use. It will be removed on reboot.
7:11 PM: 00002350_43976344_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 00005f32_43976367_000d9701 is in use. It will be removed on reboot.
7:11 PM: 0000797d_4397636d_000a037a is in use. It will be removed on reboot.
7:11 PM: 00005e14_43976394_00098968 is in use. It will be removed on reboot.
7:11 PM: 00001366_439763a8_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 00006032_439763c2_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00001cd0_439763aa_0007270e is in use. It will be removed on reboot.
7:11 PM: 000066c4_439763ad_0007270e is in use. It will be removed on reboot.
7:11 PM: 0000409d_439763f4_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 0000798b_439763f5_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 00000902_4397641d_00040d99 is in use. It will be removed on reboot.
7:11 PM: 00007049_43976432_000aba95 is in use. It will be removed on reboot.
7:11 PM: 00005db2_43976443_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 000048cc_43976457_0001312d is in use. It will be removed on reboot.
7:11 PM: 00004823_43976497_0003567e is in use. It will be removed on reboot.
7:11 PM: 00003e12_4394d0fa_00081b32 is in use. It will be removed on reboot.
7:11 PM: 000026ca_43964d5c_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00006784_4397659a_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 00004346_439656bb_00057bcf is in use. It will be removed on reboot.
7:11 PM: 00007871_43965904_00029f63 is in use. It will be removed on reboot.
7:11 PM: 0000305e_43976870_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 0000440d_43976878_000632ea is in use. It will be removed on reboot.
7:11 PM: 0000491c_439768e9_00053ec6 is in use. It will be removed on reboot.
7:11 PM: 00001547_4397692b_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 0000701f_439769d4_000dd40a is in use. It will be removed on reboot.
7:11 PM: 00005d03_439769d9_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 000063cb_43976cee_000dd40a is in use. It will be removed on reboot.
7:11 PM: 00006bfc_43976d73_00076417 is in use. It will be removed on reboot.
7:11 PM: 00007f96_43976daf_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 00007ff5_43976ded_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00004d54_43962b07_00041a67 is in use. It will be removed on reboot.
7:11 PM: 00006bfc_43962882_0004d182 is in use. It will be removed on reboot.
7:11 PM: 00007f61_43964e19_000a037a is in use. It will be removed on reboot.
7:11 PM: 000039b3_43977d86_00089544 is in use. It will be removed on reboot.
7:11 PM: 00005c67_4394d1e7_00039387 is in use. It will be removed on reboot.
7:11 PM: 000022ee_43964d04_000aba95 is in use. It will be removed on reboot.
7:11 PM: 00004dc8_43977ae2_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00004509_43964ced_000487ab is in use. It will be removed on reboot.
7:11 PM: 0000030a_43964cfe_0008d24d is in use. It will be removed on reboot.
7:11 PM: 00001cd0_4394d117_000a4083 is in use. It will be removed on reboot.
7:11 PM: 00000099_43977913_00000000 is in use. It will be removed on reboot.
7:11 PM: 000012db_43978239_000632ea is in use. It will be removed on reboot.
7:11 PM: 000013e9_4396295c_00026f28 is in use. It will be removed on reboot.
7:11 PM: ai_09-12-2005.log is in use. It will be removed on reboot.
7:11 PM: 00005f1e_43964da7_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00004b40_43964d09_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00004d06_439779cc_000d1cef is in use. It will be removed on reboot.
7:11 PM: 00004dc8_43977a08_00031975 is in use. It will be removed on reboot.
7:11 PM: 000041bb_43979769_00081b32 is in use. It will be removed on reboot.
7:11 PM: 00001649_4394b1f0_00003d09 is in use. It will be removed on reboot.
7:11 PM: 000063cb_4394d0e5_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00006bfc_4394d0e5_000d9701 is in use. It will be removed on reboot.
7:11 PM: 00002ea6_4394b82b_0001ab3f is in use. It will be removed on reboot.
7:11 PM: 00002cd6_4394b123_0007de29 is in use. It will be removed on reboot.
7:11 PM: 00006952_4394b1da_0007a120 is in use. It will be removed on reboot.
7:11 PM: 00000099_4394bf8f_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 000001eb_4394b4a4_000d1cef is in use. It will be removed on reboot.
7:11 PM: 000012db_4394b82f_0004c4b4 is in use. It will be removed on reboot.
7:11 PM: 0000390c_4394bc09_00090f56 is in use. It will be removed on reboot.
7:11 PM: 00004ae1_4394b0b7_00057bcf is in use. It will be removed on reboot.
7:11 PM: 00006df1_4394b1fe_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 000018be_4394b0b4_000c28cb is in use. It will be removed on reboot.
7:11 PM: 000072ae_4394b126_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00007a5a_4394d0ce_000a037a is in use. It will be removed on reboot.
7:11 PM: 00006784_4394b0b6_0000f424 is in use. It will be removed on reboot.
7:11 PM: 000041bb_4394b276_00000000 is in use. It will be removed on reboot.
7:11 PM: ai_05-12-2005.log is in use. It will be removed on reboot.
7:11 PM: 00006784_43978176_000d9701 is in use. It will be removed on reboot.
7:11 PM: 00002cd6_43978179_000c28cb is in use. It will be removed on reboot.
7:11 PM: 00000bb3_4394b4a7_000c28cb is in use. It will be removed on reboot.
7:11 PM: 0000491c_4394ce74_0001ab3f is in use. It will be removed on reboot.
7:11 PM: 00005af1_4394b1fe_0007a120 is in use. It will be removed on reboot.
7:11 PM: 000026e9_4394b27d_0007270e is in use. It will be removed on reboot.
7:11 PM: 00000f3e_4394bc0c_0007270e is in use. It will be removed on reboot.
7:11 PM: 0000153c_4394b831_000ec82e is in use. It will be removed on reboot.
7:11 PM: 00007e87_4394b985_00066ff3 is in use. It will be removed on reboot.
7:11 PM: 00005d03_4394d0cd_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00000124_4394bf93_00003d09 is in use. It will be removed on reboot.
7:11 PM: 0000440d_4394c795_00066ff3 is in use. It will be removed on reboot.
7:11 PM: 0000305e_4394c08d_00066ff3 is in use. It will be removed on reboot.
7:11 PM: 00004d06_4394ce74_00090f56 is in use. It will be removed on reboot.
7:11 PM: 00004db7_4394ce9d_0006acfc is in use. It will be removed on reboot.
7:11 PM: 00006952_43977a82_000632ea is in use. It will be removed on reboot.
7:11 PM: 0000390c_43977a92_0001312d is in use. It will be removed on reboot.
7:11 PM: 00006df1_43977a85_00066ff3 is in use. It will be removed on reboot.
7:11 PM: 00004509_43977ae4_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 0000767d_4394d0cf_0000b71b is in use. It will be removed on reboot.
7:11 PM: 0000139d_4394d19c_000501bd is in use. It will be removed on reboot.
7:11 PM: 00004509_4394d0dc_0003d090 is in use. It will be removed on reboot.
7:11 PM: 00004080_4394d1e0_0000b71b is in use. It will be removed on reboot.
7:11 PM: 0000301c_4394d0ec_000e1113 is in use. It will be removed on reboot.
7:11 PM: 00002350_4394d0ef_000487ab is in use. It will be removed on reboot.
7:11 PM: 00006443_43964ce6_000bebc2 is in use. It will be removed on reboot.
7:11 PM: 00006b89_4394d0eb_00016e36 is in use. It will be removed on reboot.
7:11 PM: 00005cfd_4394d0f3_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 000026ca_4394d143_0003567e is in use. It will be removed on reboot.
7:11 PM: 000022ee_4394d0ef_0007a120 is in use. It will be removed on reboot.
7:11 PM: 00005878_4394d0f0_0000f424 is in use. It will be removed on reboot.
7:11 PM: 00005f32_4394d0fc_0006ea05 is in use. It will be removed on reboot.
7:11 PM: 00003bf6_4394d0fc_000c28cb is in use. It will be removed on reboot.
7:11 PM: 00003a9e_4394d0fd_0004c4b4 is in use. It will be removed on reboot.
7:11 PM: 0000797d_4394d0ff_00053ec6 is in use. It will be removed on reboot.
7:11 PM: 00000ddc_4394d101_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 0000314f_4394d102_00040d99 is in use. It will be removed on reboot.
7:11 PM: 00004944_4394d106_00000000 is in use. It will be removed on reboot.
7:11 PM: 00002ea6_43977a91_00094c5f is in use. It will be removed on reboot.
7:11 PM: 000012db_43977a91_000d1cef is in use. It will be removed on reboot.
7:11 PM: 0000153c_43977a91_000dd40a is in use. It will be removed on reboot.
7:11 PM: 00007e87_43977a91_000f0537 is in use. It will be removed on reboot.
7:11 PM: 00000f3e_43977a92_0002625a is in use. It will be removed on reboot.
7:11 PM: 00000099_43977a92_00031975 is in use. It will be removed on reboot.
7:11 PM: 00000124_43977a92_00039387 is in use. It will be removed on reboot.

#11 strepo

strepo
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 09 December 2005 - 08:54 PM

7:11 PM: 00000ea9_439653df_000f0537 is in use. It will be removed on reboot.
7:11 PM: 00003f97_439653e1_000f0537 is in use. It will be removed on reboot.
7:11 PM: 0000412f_439653e2_0002625a is in use. It will be removed on reboot.
7:11 PM: 000030f1_439653e2_00044aa2 is in use. It will be removed on reboot.
7:11 PM: 00004d9a_439653eb_00000000 is in use. It will be removed on reboot.
7:11 PM: 00003295_439653eb_0001e848 is in use. It will be removed on reboot.
7:11 PM: 000006e3_43965625_000d1cef is in use. It will be removed on reboot.
7:11 PM: 00000ce1_439653f4_000f0537 is in use. It will be removed on reboot.
7:11 PM: 00004fc0_439653f5_0001312d is in use. It will be removed on reboot.
7:11 PM: 00003ee9_43965400_0003567e is in use. It will be removed on reboot.
7:11 PM: 000030a7_43965411_000d1cef is in use. It will be removed on reboot.
7:11 PM: 00007e0e_43965620_000b71b0 is in use. It will be removed on reboot.
7:11 PM: 00000784_43965645_00057bcf is in use. It will be removed on reboot.
7:11 PM: 00004328_43965629_000baeb9 is in use. It will be removed on reboot.
7:11 PM: 00002120_4396563c_00000000 is in use. It will be removed on reboot.
7:11 PM: 000012c2_43965641_00094c5f is in use. It will be removed on reboot.
7:11 PM: 00007514_43965646_000e8b25 is in use. It will be removed on reboot.
7:11 PM: 00003305_4396564a_0001ab3f is in use. It will be removed on reboot.
7:11 PM: 00006b28_43965666_0007a120 is in use. It will be removed on reboot.
7:11 PM: 00006bc9_43965666_000d59f8 is in use. It will be removed on reboot.
7:11 PM: 0000212c_43965679_0005f5e1 is in use. It will be removed on reboot.
7:11 PM: 00003308_439656dc_00089544 is in use. It will be removed on reboot.
7:11 PM: 00001edc_439656e2_000cdfe6 is in use. It will be removed on reboot.
7:11 PM: 000000eb_4396582b_0009c671 is in use. It will be removed on reboot.
7:11 PM: 00004af3_4396574c_000a037a is in use. It will be removed on reboot.
7:11 PM: 000078fe_439657a7_00000000 is in use. It will be removed on reboot.
7:11 PM: 000037be_439657a8_000bebc2 is in use. It will be removed on reboot.
7:11 PM: 000071f2_439657e4_00039387 is in use. It will be removed on reboot.
7:11 PM: 00000029_43975632_0001e848 is in use. It will be removed on reboot.
7:11 PM: ai_07-12-2005.log is in use. It will be removed on reboot.
7:11 PM: 00002cd6_439756de_00039387 is in use. It will be removed on reboot.
7:11 PM: 00004823_43975632_0003d090 is in use. It will be removed on reboot.
7:11 PM: 00003d6c_43975675_00090f56 is in use. It will be removed on reboot.
7:11 PM: 00003d6c_4397aa44_000d9701 is in use. It will be removed on reboot.
7:11 PM: ai_08-12-2005.log is in use. It will be removed on reboot.
7:11 PM: Quarantining All Traces: trojan downloader matcash
7:11 PM: Quarantining All Traces: trojan-downloader-moneymind
7:11 PM: Quarantining All Traces: visfx
7:11 PM: Quarantining All Traces: apropos
7:11 PM: apropos is in use. It will be removed on reboot.
7:11 PM: wingenerics.dll is in use. It will be removed on reboot.
7:11 PM: Quarantining All Traces: begin2search
7:11 PM: Quarantining All Traces: cas
7:11 PM: Quarantining All Traces: internetoptimizer
7:11 PM: Quarantining All Traces: isearch toolbar
7:11 PM: Quarantining All Traces: marketscore
7:12 PM: Quarantining All Traces: maxifiles
7:12 PM: Quarantining All Traces: sidebysidesearch
7:12 PM: Quarantining All Traces: surfsidekick
7:12 PM: Quarantining All Traces: trojan downloader popuppers
7:12 PM: Quarantining All Traces: trojan-downloader-mainstreamdollars
7:12 PM: Quarantining All Traces: trojan-downloader-pacisoft
7:12 PM: Quarantining All Traces: trojan-downloader-psyme
7:12 PM: Quarantining All Traces: addestroyer
7:12 PM: Quarantining All Traces: bookedspace
7:12 PM: Quarantining All Traces: command
7:12 PM: Quarantining All Traces: e2g
7:12 PM: Quarantining All Traces: elitemediagroup-mediamotor
7:12 PM: Quarantining All Traces: exact bullseye
7:12 PM: Quarantining All Traces: exact cashback/bargain buddy
7:12 PM: Quarantining All Traces: exact navisearch
7:12 PM: Quarantining All Traces: exact software
7:12 PM: Quarantining All Traces: ezula ilookup
7:12 PM: Quarantining All Traces: ist yoursitebar
7:12 PM: Quarantining All Traces: mirar webband
7:12 PM: Quarantining All Traces: safesurf
7:13 PM: Quarantining All Traces: targetsaver
7:13 PM: Quarantining All Traces: virtualbouncer
7:13 PM: Quarantining All Traces: winad
7:13 PM: Quarantining All Traces: 2o7.net cookie
7:13 PM: Quarantining All Traces: 888 cookie
7:13 PM: Quarantining All Traces: abcsearch cookie
7:13 PM: Quarantining All Traces: about cookie
7:13 PM: Quarantining All Traces: addynamix cookie
7:13 PM: Quarantining All Traces: adecn cookie
7:13 PM: Quarantining All Traces: adjuggler cookie
7:13 PM: Quarantining All Traces: adknowledge cookie
7:13 PM: Quarantining All Traces: adprofile cookie
7:13 PM: Quarantining All Traces: adrevolver cookie
7:13 PM: Quarantining All Traces: adserver cookie
7:13 PM: Quarantining All Traces: apmebf cookie
7:13 PM: Quarantining All Traces: ask cookie
7:13 PM: Quarantining All Traces: atwola cookie
7:13 PM: Quarantining All Traces: azjmp cookie
7:13 PM: Quarantining All Traces: banner cookie
7:13 PM: Quarantining All Traces: belnk cookie
7:13 PM: Quarantining All Traces: bluestreak cookie
7:13 PM: Quarantining All Traces: burstnet cookie
7:13 PM: Quarantining All Traces: casalemedia cookie
7:13 PM: Quarantining All Traces: cc214142 cookie
7:13 PM: Quarantining All Traces: centrport net cookie
7:13 PM: Quarantining All Traces: classmates cookie
7:13 PM: Quarantining All Traces: clickandtrack cookie
7:13 PM: Quarantining All Traces: clickbank cookie
7:13 PM: Quarantining All Traces: dealtime cookie
7:13 PM: Quarantining All Traces: directtrack cookie
7:13 PM: Quarantining All Traces: enhance cookie
7:13 PM: Quarantining All Traces: epilot cookie
7:13 PM: Quarantining All Traces: exitexchange cookie
7:13 PM: Quarantining All Traces: falkag cookie
7:13 PM: Quarantining All Traces: findwhat cookie
7:13 PM: Quarantining All Traces: goclick cookie
7:13 PM: Quarantining All Traces: gostats cookie
7:13 PM: Quarantining All Traces: hbmediapro cookie
7:13 PM: Quarantining All Traces: hypertracker.com cookie
7:13 PM: Quarantining All Traces: kmpads cookie
7:13 PM: Quarantining All Traces: marketplaces cookie
7:13 PM: Quarantining All Traces: maxserving cookie
7:13 PM: Quarantining All Traces: mygeek cookie
7:13 PM: Quarantining All Traces: nextag cookie
7:13 PM: Quarantining All Traces: overture cookie
7:13 PM: Quarantining All Traces: partypoker cookie
7:13 PM: Quarantining All Traces: paypopup cookie
7:13 PM: Quarantining All Traces: pointroll cookie
7:13 PM: Quarantining All Traces: qksrv cookie
7:13 PM: Quarantining All Traces: questionmarket cookie
7:13 PM: Quarantining All Traces: realmedia cookie
7:13 PM: Quarantining All Traces: reliablestats cookie
7:13 PM: Quarantining All Traces: reunion cookie
7:13 PM: Quarantining All Traces: revenue.net cookie
7:13 PM: Quarantining All Traces: rn11 cookie
7:13 PM: Quarantining All Traces: ru4 cookie
7:13 PM: Quarantining All Traces: screensavers.com cookie
7:13 PM: Quarantining All Traces: server.iad.liveperson cookie
7:13 PM: Quarantining All Traces: serving-sys cookie
7:13 PM: Quarantining All Traces: specificclick.com cookie
7:13 PM: Quarantining All Traces: spywarelabs install cookie
7:13 PM: Quarantining All Traces: starware.com cookie
7:13 PM: Quarantining All Traces: statcounter cookie
7:13 PM: Quarantining All Traces: stopzilla cookie
7:13 PM: Quarantining All Traces: tradedoubler cookie
7:13 PM: Quarantining All Traces: trafficmp cookie
7:13 PM: Quarantining All Traces: tribalfusion cookie
7:13 PM: Quarantining All Traces: upspiral cookie
7:13 PM: Quarantining All Traces: videodome cookie
7:13 PM: Quarantining All Traces: websponsors cookie
7:13 PM: Quarantining All Traces: yieldmanager cookie
7:13 PM: Quarantining All Traces: zedo cookie
8:30 PM: Preparing to restart your computer. Please wait...
8:30 PM: Removal process completed. Elapsed time 02:04:28
********
5:32 PM: | Start of Session, Friday, December 09, 2005 |
5:32 PM: Spy Sweeper started
5:32 PM: Messenger service has been disabled.
5:33 PM: Your spyware definitions have been updated.
5:35 PM: | End of Session, Friday, December 09, 2005 |


Logfile of HijackThis v1.99.1
Scan saved at 8:51:01 PM, on 12/9/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Verizon Online\bin\mpbtn.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe




i hope i got all of it..........

#12 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 10 December 2005 - 11:25 AM

You can fix this

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

Turn off restore points, boot, turn them back on – here’s how

XP
http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam


How are things - the log looks good
"Nothing could be finer than to be in South Carolina ............"

Member ASAP

#13 strepo

strepo
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 10 December 2005 - 01:16 PM

no more pop-ups, but my system still takes forever to load up,

Logfile of HijackThis v1.99.1
Scan saved at 1:12:52 PM, on 12/10/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\VERITAS Software\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\AOL\1131822634\ee\AOLServiceHost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...er=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-qus7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://qus7.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qus7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [BlockTracker] c:\hp\bin\BlockTracker.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\VERITAS Software\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1131822634\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Verizon Online Support Center.lnk = C:\Program Files\Verizon Online\bin\matcli.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing)
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

#14 MFDnSC

MFDnSC

    Ret. Director I/T


  • Members
  • 4,310 posts
  • OFFLINE
  •  
  • Local time:07:44 PM

Posted 10 December 2005 - 01:50 PM

Google search on the exe's in the O4 entries and see which one are not required

An example is

http://www.liutilities.com/products/wintas...rary/realsched/

Disable the entries in the startup tab of msconfig (START RUN MSCONFGI)
"Nothing could be finer than to be in South Carolina ............"

Member ASAP




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users